Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

767 sg nacl fields print order #856

Merged
merged 21 commits into from
Sep 9, 2024
Merged

767 sg nacl fields print order #856

merged 21 commits into from
Sep 9, 2024

Conversation

ShiriMoran
Copy link
Contributor

No description provided.

@ShiriMoran ShiriMoran linked an issue Sep 5, 2024 that may be closed by this pull request
Change the order in which the fields of a NACL/SG rule are printed #767
Closed
@ShiriMoran ShiriMoran requested a review from zivnevo September 5, 2024 07:38
@ShiriMoran ShiriMoran requested a review from zivnevo September 5, 2024 12:32
zivnevo
zivnevo reviewed Sep 5, 2024
View reviewed changes
pkg/awsvpc/nacl_analysis.go
@@ -72,7 +72,7 @@ func (na *AWSNACLAnalyzer) GetNACLRule(index int) (ruleStr string, ruleRes *comm
minPort,
maxPort,
)
connStr = fmt.Sprintf("protocol: %s, dstPorts: %d-%d", protocol, minPort, maxPort)
portsStr = fmt.Sprintf(", dstPorts: %d-%d", minPort, maxPort)
case protocolICMP:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we OK with ICMP? I didn't see an example output

Copy link
Contributor Author

@ShiriMoran ShiriMoran Sep 5, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Indeed, there is no such example; moreover, I did not find an example that enables only icmp in the inputs file. Perhaps such an example should be added; does not seem related to this PR.
  2. Looking at the code - indeed it seems that the extra ICMP parms are ignored in the returned string; they were ignored from the beginning, nothing new to this PR.
  3. Moreover, looking at the code I do not understand why the printing function of conns was not used in the first place for the returned ruleStr.

Not sure whether to fix it here or open a new issue and ask Ola what she had in mind. See also next comment

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed; At the moment we do not have an example of an icmp rule in aws

We do have an example in IBM (acl5) that is not yet used in explain tests; I'll add a test

Copy link
Contributor Author

@ShiriMoran ShiriMoran Sep 9, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

acl5 does not have any instances

Need to add examples of NACL rules with reference to ICMP type and code in both IBM and AWS
#860

pkg/ibmvpc/nacl_analysis.go Show resolved Hide resolved
@ShiriMoran ShiriMoran requested a review from zivnevo September 8, 2024 14:25
zivnevo
zivnevo requested changes Sep 9, 2024
View reviewed changes
pkg/ibmvpc/nacl_analysis.go Outdated Show resolved Hide resolved
pkg/awsvpc/nacl_analysis.go Outdated Show resolved Hide resolved
@ShiriMoran ShiriMoran mentioned this pull request Sep 9, 2024
Open
@ShiriMoran ShiriMoran merged commit f3845fb into main Sep 9, 2024
4 checks passed
@ShiriMoran ShiriMoran deleted the 767_sg_nacl_fields_print_order branch September 9, 2024 09:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zivnevo zivnevo zivnevo approved these changes

Assignees
No one assigned
Labels
size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Change the order in which the fields of a NACL/SG rule are printed
2 participants
@ShiriMoran @zivnevo