search

metal-stack / firewall-controller

A kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics
MIT License
47 stars 4 forks source link

rule counter names are a bit mangled #21

Closed majst01 closed 4 years ago

majst01 commented 4 years ago 
  stats:                                                                                                                                                                                                                                                                                  
    rules:                                                                                                                                                                                                                                                                                
      accept:                                                                                                                                                                                                                                                                             
        "accept established connections\0":                                                                                                                                                                                                                                               
          counter:                                                                                                                                                                                                                                                                        
            bytes: 0                                                                                                                                                                                                                                                                      
            packets: 0                                                                                                                                                                                                                                                                    
        "accept icmp\0":                                                                                                                                                                                                                                                                  
          counter:                                                                                                                                                                                                                                                                        
            bytes: 0
            packets: 0
        "accept traffic for k8s service firewall/s1\0":
          counter:
            bytes: 0
            packets: 0
        "accept traffic for np clusterwidenetworkpolicy-sample tcp\0": 
          counter:
            bytes: 0
            packets: 0
        "accept traffic for np clusterwidenetworkpolicy-sample udp\0": 
          counter:
            bytes: 0
            packets: 0
      drop:
        "drop packets with invalid ct state\0":
          counter:
            bytes: 0
            packets: 0

They seem to be "\0" terminated, this should be removed.