wrabcak
commented
5 years ago @janzarsky, Please review.
Thanks, Lukas.
Closed wrabcak closed 5 years ago
wrabcak
commented
5 years ago @janzarsky, Please review.
Thanks, Lukas.
janzarsky
commented
5 years ago Looks good to me. I will create a test for this.
wrabcak
commented
5 years ago Thanks for review and tests.
Resolves: #16
Previously, udica crashed when it tried to generate allow rule for some port which is inside some range. This commit fixing the issue.
e.g: podman run -p 8612 fedora bash | udica my_testcon Traceback (most recent call last): File "/usr/bin/udica", line 11, in load_entry_point('udica==0.1.4', 'console_scripts', 'udica')() File "/usr/lib/python3.7/site-packages/udica/main.py", line 107, in main create_policy(opts, container_caps, container_mounts, container_ports) File "/usr/lib/python3.7/site-packages/udica/policy.py", line 118, in create_policy policy.write(' (allow process ' + list_ports(item['hostPort']) + ' ( ' + perms.socket[item['protocol']] + ' ( name_bind ))) \n') TypeError: can only concatenate str (not "NoneType") to str
With this fix, udica will choose right port label also based on checking the corresponding protocol.