Add PortMapping to TapConfig for port number based dissector prioritization (#1700)

2025-04-27 19:47:31 +00:00 · 2025-01-25 23:10:53 +03:00 · 2025-01-25 23:10:53 +03:00 · f2e60cdee1
commit f2e60cdee1
parent 67aa1dac39
5 changed files with 37 additions and 3 deletions
--- a/config/configStruct.go
+++ b/config/configStruct.go
@ -115,6 +115,14 @@ func CreateDefaultConfig() ConfigStruct {
 				"radius",
 				"diameter",
 			},
+			PortMapping: configStructs.PortMapping{
+				HTTP:     []uint16{80, 443, 8080},
+				AMQP:     []uint16{5671, 5672},
+				KAFKA:    []uint16{9092},
+				REDIS:    []uint16{6379},
+				LDAP:     []uint16{389},
+				DIAMETER: []uint16{3868},
+			},
 		},
 	}
 }
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@ -240,6 +240,15 @@ type PcapDumpConfig struct {
 	PcapTime         string `yaml:"time" json:"time" default:"time"`
 }

+type PortMapping struct {
+	HTTP     []uint16 `yaml:"http" json:"http"`
+	AMQP     []uint16 `yaml:"amqp" json:"amqp"`
+	KAFKA    []uint16 `yaml:"kafka" json:"kafka"`
+	REDIS    []uint16 `yaml:"redis" json:"redis"`
+	LDAP     []uint16 `yaml:"ldap" json:"ldap"`
+	DIAMETER []uint16 `yaml:"diameter" json:"diameter"`
+}
+
 type TapConfig struct {
 	Docker                       DockerConfig            `yaml:"docker" json:"docker"`
 	Proxy                        ProxyConfig             `yaml:"proxy" json:"proxy"`
@ -278,6 +287,7 @@ type TapConfig struct {
 	Capabilities                 CapabilitiesConfig      `yaml:"capabilities" json:"capabilities"`
 	GlobalFilter                 string                  `yaml:"globalFilter" json:"globalFilter" default:""`
 	EnabledDissectors            []string                `yaml:"enabledDissectors" json:"enabledDissectors"`
+	PortMapping                  PortMapping             `yaml:"portMapping" json:"portMapping"`
 	CustomMacros                 map[string]string       `yaml:"customMacros" json:"customMacros" default:"{\"https\":\"tls and (http or http2)\"}"`
 	Metrics                      MetricsConfig           `yaml:"metrics" json:"metrics"`
 	Pprof                        PprofConfig             `yaml:"pprof" json:"pprof"`
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@ -56,4 +56,5 @@ data:
    PCAP_DUMP_ENABLE: '{{ .Values.pcapdump.enabled }}'
    PCAP_TIME_INTERVAL: '{{ .Values.pcapdump.timeInterval }}'
    PCAP_MAX_TIME: '{{ .Values.pcapdump.maxTime }}'
-    PCAP_MAX_SIZE: '{{ .Values.pcapdump.maxSize }}'
+    PCAP_MAX_SIZE: '{{ .Values.pcapdump.maxSize }}'
+    PORT_MAPPING: '{{ toJson .Values.tap.portMapping }}'
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@ -164,6 +164,22 @@ tap:
  - ldap
  - radius
  - diameter
+  portMapping:
+    http:
+    - 80
+    - 443
+    - 8080
+    amqp:
+    - 5671
+    - 5672
+    kafka:
+    - 9092
+    redis:
+    - 6379
+    ldap:
+    - 389
+    diameter:
+    - 3868
  customMacros:
    https: tls and (http or http2)
  metrics:
--- a/manifests/complete.yaml
+++ b/manifests/complete.yaml
@ -263,6 +263,7 @@ data:
    PCAP_TIME_INTERVAL: '1m'
    PCAP_MAX_TIME: '1h'
    PCAP_MAX_SIZE: '500MB'
+    PORT_MAPPING: '{"amqp":[5671,5672],"diameter":[3868],"http":[80,443,8080],"kafka":[9092],"ldap":[389],"redis":[6379]}'
 ---
 # Source: kubeshark/templates/02-cluster-role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
@ -564,7 +565,6 @@ spec:
            - -servicemesh
            - -procfs
            - /hostproc
-            - -disable-ebpf
            - -resolution-strategy
            - 'auto'
            - -staletimeout
@ -651,7 +651,6 @@ spec:
            - ./tracer
            - -procfs
            - /hostproc
-            - -disable-ebpf
            - -disable-tls-log
            # - -loglevel
            # - 'warning'