Add PortMapping to TapConfig for port number based dissector prioritization (#1700)

config/configStruct.go

@@ -115,6 +115,14 @@ func CreateDefaultConfig() ConfigStruct {
 				"radius",
 				"diameter",
 			},
+			PortMapping: configStructs.PortMapping{
+				HTTP:     []uint16{80, 443, 8080},
+				AMQP:     []uint16{5671, 5672},
+				KAFKA:    []uint16{9092},
+				REDIS:    []uint16{6379},
+				LDAP:     []uint16{389},
+				DIAMETER: []uint16{3868},
+			},
 		},
 	}
 }

config/configStructs/tapConfig.go

@@ -240,6 +240,15 @@ type PcapDumpConfig struct {
 	PcapTime         string `yaml:"time" json:"time" default:"time"`
 }
 
+type PortMapping struct {
+	HTTP     []uint16 `yaml:"http" json:"http"`
+	AMQP     []uint16 `yaml:"amqp" json:"amqp"`
+	KAFKA    []uint16 `yaml:"kafka" json:"kafka"`
+	REDIS    []uint16 `yaml:"redis" json:"redis"`
+	LDAP     []uint16 `yaml:"ldap" json:"ldap"`
+	DIAMETER []uint16 `yaml:"diameter" json:"diameter"`
+}
+
 type TapConfig struct {
 	Docker                       DockerConfig            `yaml:"docker" json:"docker"`
 	Proxy                        ProxyConfig             `yaml:"proxy" json:"proxy"`
@@ -278,6 +287,7 @@ type TapConfig struct {
 	Capabilities                 CapabilitiesConfig      `yaml:"capabilities" json:"capabilities"`
 	GlobalFilter                 string                  `yaml:"globalFilter" json:"globalFilter" default:""`
 	EnabledDissectors            []string                `yaml:"enabledDissectors" json:"enabledDissectors"`
+	PortMapping                  PortMapping             `yaml:"portMapping" json:"portMapping"`
 	CustomMacros                 map[string]string       `yaml:"customMacros" json:"customMacros" default:"{\"https\":\"tls and (http or http2)\"}"`
 	Metrics                      MetricsConfig           `yaml:"metrics" json:"metrics"`
 	Pprof                        PprofConfig             `yaml:"pprof" json:"pprof"`

helm-chart/templates/12-config-map.yaml

@@ -57,3 +57,4 @@ data:
     PCAP_TIME_INTERVAL: '{{ .Values.pcapdump.timeInterval }}'
     PCAP_MAX_TIME: '{{ .Values.pcapdump.maxTime }}'
     PCAP_MAX_SIZE: '{{ .Values.pcapdump.maxSize }}'
+    PORT_MAPPING: '{{ toJson .Values.tap.portMapping }}'

helm-chart/values.yaml

@@ -164,6 +164,22 @@ tap:
   - ldap
   - radius
   - diameter
+  portMapping:
+    http:
+    - 80
+    - 443
+    - 8080
+    amqp:
+    - 5671
+    - 5672
+    kafka:
+    - 9092
+    redis:
+    - 6379
+    ldap:
+    - 389
+    diameter:
+    - 3868
   customMacros:
     https: tls and (http or http2)
   metrics:

manifests/complete.yaml

@@ -263,6 +263,7 @@ data:
     PCAP_TIME_INTERVAL: '1m'
     PCAP_MAX_TIME: '1h'
     PCAP_MAX_SIZE: '500MB'
+    PORT_MAPPING: '{"amqp":[5671,5672],"diameter":[3868],"http":[80,443,8080],"kafka":[9092],"ldap":[389],"redis":[6379]}'
 ---
 # Source: kubeshark/templates/02-cluster-role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
@@ -564,7 +565,6 @@ spec:
             - -servicemesh
             - -procfs
             - /hostproc
-            - -disable-ebpf
             - -resolution-strategy
             - 'auto'
             - -staletimeout
@@ -651,7 +651,6 @@ spec:
             - ./tracer
             - -procfs
             - /hostproc
-            - -disable-ebpf
             - -disable-tls-log
             # - -loglevel
             # - 'warning'