juggy1233/COMP4990-task7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Made requested changes

Browse Source
This commit is contained in:
comp4990
2023-02-19 18:44:31 -05:00
parent c3e4c03dec
commit d8eff8ed6a
1 changed files with 69 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
mkconfig.c
View File

@@ -34,10 +34,10 @@ void checkArgs(char *sourceaddr, int *sourcetype, char *destaddr,
findAddressType(destaddr, desttype); findAddressType(destaddr, desttype);
} }
void writeFile(char *outputfilename, char *sourceaddr, int sourcetype, void writeFile(char *outputfilename, char *policy_type, char *sourceaddr, int sourcetype,
int sourceport, char *destaddr, int desttype, int destport, char *destaddr, int desttype, int port,
char *protocol) { char *protocol) {
const char *yaml_template = const char *ingress_yaml_template =
"apiVersion: networking.k8s.io/v1\n" "apiVersion: networking.k8s.io/v1\n"
"kind: NetworkPolicy\n" "kind: NetworkPolicy\n"
"metadata:\n" "metadata:\n"
@@ -46,17 +46,41 @@ void writeFile(char *outputfilename, char *sourceaddr, int sourcetype,
"spec:\n" "spec:\n"
" podSelector:\n" " podSelector:\n"
" matchLabels:\n" " matchLabels:\n"
" run: nginx\n" " run: %s\n" //destination
" policyTypes:\n"
" - Ingress\n"
" ingress:\n" " ingress:\n"
" - from:\n%s" " - from:\n%s" //source
" ports:\n"
" - protocol: %s\n"
" port: %d\n"
" egress:\n"
" - to:\n%s"
" ports:\n" " ports:\n"
" - protocol: %s\n" " - protocol: %s\n"
" port: %d\n"; " port: %d\n";
const char *egress_yaml_template =
"apiVersion: networking.k8s.io/v1\n"
"kind: NetworkPolicy\n"
"metadata:\n"
" name: test-network-policy\n"
" namespace: policy-demo\n"
"spec:\n"
" podSelector:\n"
" matchLabels:\n"
" run: %s\n" //source
" policyTypes:\n"
" - Egress\n"
" egress:\n"
" - to:\n%s" //destination
" ports:\n"
" - protocol: %s\n"
" port: %d\n"
" - to:\n" // WE MUST ALLOW ACCESS TO KUBERNETES DNS SERVER, OTHERWISE POD NAMES WILL NOT RESOLVE TO THEIR IP
" - ipBlock:\n"
" cidr: 0.0.0.0/0\n"
" ports:\n"
" - protocol: UDP\n"
" port: 53\n"
" - protocol: TCP\n"
" port: 53\n";
const char *ip_template = const char *ip_template =
" - ipBlock:\n" " - ipBlock:\n"
" cidr: %s\n"; " cidr: %s\n";
@@ -65,17 +89,25 @@ void writeFile(char *outputfilename, char *sourceaddr, int sourcetype,
" matchLabels:\n" " matchLabels:\n"
" run: %s\n"; " run: %s\n";
const char *ingress_template = const char *source_template =
sourcetype == SELECTOR_TYPE_IP ? ip_template : pod_template; sourcetype == SELECTOR_TYPE_IP ? ip_template : pod_template;
const char *egress_template = const char *destination_template =
desttype == SELECTOR_TYPE_IP ? ip_template : pod_template; desttype == SELECTOR_TYPE_IP ? ip_template : pod_template;
char outputBuf[2000], ingress_template_filled[1000],
egress_template_filled[1000];
sprintf(ingress_template_filled, ingress_template, sourceaddr); char outputBuf[2000], source_template_filled[1000],
sprintf(egress_template_filled, egress_template, destaddr); destination_template_filled[1000];
sprintf(outputBuf, yaml_template, ingress_template_filled, protocol,
sourceport, egress_template_filled, protocol, destport); sprintf(source_template_filled, source_template, sourceaddr);
sprintf(destination_template_filled, destination_template, destaddr);
if(strcmp(policy_type, "egress") == 0){
sprintf(outputBuf, egress_yaml_template, sourceaddr,
destination_template_filled, protocol, port);
}
else if(strcmp(policy_type, "ingress") == 0){
sprintf(outputBuf, ingress_yaml_template,
destaddr, source_template_filled, protocol, port);
}
// puts("----------------------"); // puts("----------------------");
// printf("%s\n", ingress_template_filled); // printf("%s\n", ingress_template_filled);
@@ -91,21 +123,21 @@ void writeFile(char *outputfilename, char *sourceaddr, int sourcetype,
fclose(outputFile); fclose(outputFile);
} }
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) { //source, destination, port, protocal and policy
if (argc < 6) { if (argc < 5) {
fprintf(stderr, fprintf(stderr,
"Usage:\t %s sourceip sourceport desinationip " "Usage:\t %s policytype sourceip destinationip port "
"destinationport protocol [-o outputfile]\n", "protocol [-o outputfile]\n",
argv[0]); argv[0]);
fprintf(stderr, fprintf(stderr,
"\tor %s sourcepod sourceport desinationpod " "\tor %s policytype sourcepod destinationpod port "
"destinationport protocol [-o outputfile]\n", "protocol [-o outputfile]\n",
argv[0]); argv[0]);
fprintf(stderr, fprintf(stderr,
"\nExample:\t%s nginx 80 access 5978 TCP " "\nExample:\t%s ingress access nginx 80 TCP "
"-o test.yaml\n", "-o test.yaml\n",
argv[0]); argv[0]);
fprintf(stderr, "\t\t%s nginx 80 access 5978 TCP\n", argv[0]); fprintf(stderr, "\t\t%s egress nginx access 5978 TCP\n", argv[0]);
return EX_USAGE; return EX_USAGE;
} }
@@ -122,27 +154,25 @@ int main(int argc, char *argv[]) {
if (strlen(output) == 0) { if (strlen(output) == 0) {
strcpy(output, "ingress-egress-nginx.yaml"); strcpy(output, "ingress-egress-nginx.yaml");
} }
char *policy_type = argv[optind];
char *sourceaddr = argv[optind]; char *sourceaddr = argv[optind + 1];
int sourceport;
sscanf(argv[optind + 1], "%d", &sourceport);
char *destaddr = argv[optind + 2]; char *destaddr = argv[optind + 2];
int destport; int port;
sscanf(argv[optind + 3], "%d", &destport); sscanf(argv[optind + 3], "%d", &port);
char *protocol = argv[optind + 4]; char *protocol = argv[optind + 4];
int sourcetype, desttype; int sourcetype, desttype;
checkArgs(sourceaddr, &sourcetype, destaddr, &desttype); checkArgs(sourceaddr, &sourcetype, destaddr, &desttype);
writeFile(output, sourceaddr, sourcetype, sourceport, destaddr, writeFile(output, policy_type, sourceaddr, sourcetype, destaddr,
desttype, destport, protocol); desttype, port, protocol);
// char cmd[100]; char cmd[100];
// sprintf(cmd, "kubectl apply -f ./%s", output); sprintf(cmd, "kubectl apply -f ./%s", output);
//
// printf("%s\n", cmd); printf("%s\n", cmd);
// system(cmd); system(cmd);
return 0; return 0;
} }