Skip to content

Commit

Permalink
Small fixes in example tracing policies
Browse files Browse the repository at this point in the history 
Signed-off-by: Anastasios Papagiannis <[email protected]>
  • Loading branch information
@tpapagian
tpapagian committed Sep 13, 2023
1 parent 5473ea1 commit f058d55
Show file tree
Hide file tree
Showing 8 changed files with 24 additions and 18 deletions.
1 change: 1 addition & 0 deletions examples/tracingpolicy/cves/cve-2023-2640-overlayfs-ubuntu.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ spec:
- index: 0
type: "string"
returnArg:
index: 0
type: "int"
selectors:
- matchNamespaces:
Expand Down
2 changes: 1 addition & 1 deletion examples/tracingpolicy/datagram-with-selectors.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,4 @@ spec:
- "IPPROTO_UDP"
matchActions:
- action: Post
rateLimit: 5
rateLimit: "5"
5 changes: 3 additions & 2 deletions examples/tracingpolicy/datagram-with-sock-tracking.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,15 @@ spec:
type: int
label: "family"
returnArg:
index: 0
type: sock
returnArgAction: TrackSock
selectors:
- matchArgs:
- index: 1
operator: "Equal"
values:
- 2
- "2"
- call: "__sk_free"
syscall: false
args:
Expand Down Expand Up @@ -51,4 +52,4 @@ spec:
- "IPPROTO_UDP"
matchActions:
- action: Post
rateLimit: 5
rateLimit: "5"
9 changes: 5 additions & 4 deletions examples/tracingpolicy/datagram_518.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,16 @@ spec:
- index: 1
type: int
returnArg:
index: 0
type: sock
returnArgAction: TrackSock
selectors:
- matchArgs:
- index: 1
operator: "Equal"
values:
- 2
- 10
- "2"
- "10"
- call: "__sk_free"
syscall: false
args:
Expand All @@ -43,8 +44,8 @@ spec:
- index: 0
operator: "Family"
values:
- 2
- 10
- "2"
- "10"
- matchActions:
- action: UntrackSock
- call: "sk_filter_trim_cap"
Expand Down
2 changes: 1 addition & 1 deletion examples/tracingpolicy/dns-only-specified-servers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ spec:
- index: 2
operator: "DPort"
values:
- 53
- "53"
- index: 2
operator: "NotDAddr"
values:
Expand Down
9 changes: 5 additions & 4 deletions examples/tracingpolicy/openat_write.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ spec:
- index: 2
type: "int"
returnArg:
index: 0
type: int
selectors:
- matchArgs:
Expand All @@ -25,11 +26,11 @@ spec:
- index: 2
operator: "Mask"
values:
- 0x40 # CREATE
- 0x1 # WRONLY
- 0x2 # RDWR
- "64" # CREATE (0x40)
- "1" # WRONLY (0x01)
- "2" # RDWR (0x02)
matchReturnArgs:
- index: 0
operator: "GT"
values:
- 0
- "0"
2 changes: 1 addition & 1 deletion examples/tracingpolicy/sys_write_sigkill.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,4 +72,4 @@ spec:
values:
- "/tmp/passwd"
matchActions:
- action: SigKill
- action: Sigkill
12 changes: 7 additions & 5 deletions examples/tracingpolicy/tcp-accept.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,17 @@ spec:
args:
- index: 1
type: int
label: "family"
label: "Family"
returnArg:
index: 0
type: sock
returnArgAction: TrackSock
selectors:
- matchArgs:
- index: 1
operator: "Equal"
values:
- 2
- "2"
- call: "__sk_free"
syscall: false
args:
Expand All @@ -28,7 +29,7 @@ spec:
selectors:
- matchArgs:
- index: 0
operator: "family"
operator: "Family"
values:
- "AF_INET"
- matchActions:
Expand All @@ -45,13 +46,13 @@ spec:
selectors:
- matchArgs:
- index: 0
operator: "state"
operator: "State"
values:
- "TCP_SYN_RECV"
- index: 1
operator: "Equal"
values:
- 1
- "1"
- call: "tcp_close"
syscall: false
args:
Expand All @@ -70,6 +71,7 @@ spec:
- index: 0
type: "sock"
returnArg:
index: 0
type: sock
returnArgAction: TrackSock

0 comments on commit f058d55

Please sign in to comment.