Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-1779

Port configured but not protocol results in no error in eBPF flow filtering

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • netobserv-1.7
    • netobserv-1.6, netobserv-1.6.1
    • eBPF
    • False
    • None
    • False
    • Hide
      Previously, eBPF flow filter on port(s) without specifying a protocol were ignored.
      Now, you can set eBPF flow filters independently on ports and / or protocols.
      Show
      Previously, eBPF flow filter on port(s) without specifying a protocol were ignored. Now, you can set eBPF flow filters independently on ports and / or protocols.
    • NetObserv - Sprint 258, NetObserv - Sprint 259
    • Moderate

      Configure eBPF flow filter as follows:

        agent:
    ebpf:
      flowFilter:
        enable: true
        action: Accept
        cidr: 0.0.0.0/0
        ports: 443

      Because 'protocol' is missing and is required, it does no eBPF filtering.  The user is left confused as to why filtering isn't happening.  Instead, it should report this error instead of accepting the configuration.

            [NETOBSERV-1779] Port configured but not protocol results in no error in eBPF flow filtering

            Errata Tool added a comment -

            Since the problem described in this issue should be resolved in a recent advisory, it has been closed.

            For information on the advisory (Important: Network Observability 1.7.0 for OpenShift), and where to find the updated files, follow the link below.

            If the solution does not work for you, open a new bug report.
            https://access.redhat.com/errata/RHSA-2024:8014

            Errata Tool added a comment - Since the problem described in this issue should be resolved in a recent advisory, it has been closed. For information on the advisory (Important: Network Observability 1.7.0 for OpenShift), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2024:8014

            GitLab CEE Bot added a comment -

            CPaaS Service Account mentioned this issue in merge request !565 of netobserv-midstream / Network Observability Operator Midstream on branch network-observability-1.7.0-rhel-9_upstream_b565d342cb6542939c616b3c624b9c82:

            Updated 3 upstream sources

            GitLab CEE Bot added a comment - CPaaS Service Account mentioned this issue in merge request !565 of netobserv-midstream / Network Observability Operator Midstream on branch network-observability-1.7.0-rhel-9_ upstream _b565d342cb6542939c616b3c624b9c82 : Updated 3 upstream sources

            Amogh Rameshappa Devapura added a comment -

            Ran the automated regression test and it passed. Works as expected!

            Amogh Rameshappa Devapura added a comment - Ran the automated regression test and it passed. Works as expected!

            Julien Pinsonneau added a comment -

            fix need to be done on the operator side (API)

            Julien Pinsonneau added a comment - fix need to be done on the operator side (API)

              jpinsonn@redhat.com Julien Pinsonneau
              stlee@redhat.com Steven Lee
              Amogh Rameshappa Devapura Amogh Rameshappa Devapura
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: