STRLCPY/ebpfguard

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

■ ■ ■ ■ ■ ■

ebpfguard/src/hooks/socket_bind.rs

		skipped 2 lines
3	3		programs::lsm::LsmLink,
4	4		};
5	5		use ebpfguard_common::{alerts as ebpf_alerts, policy as ebpf_policy};
	6	+
6	7		use tokio::sync::mpsc::Receiver;
7	8
8	9		use crate::{alerts, error::EbpfguardError, policy};
		skipped 54 lines

■ ■ ■ ■ ■ ■

ebpfguard-common/src/policy.rs

■ ■ ■ ■ ■ ■

examples/demo_socket_listen/src/main.rs

		skipped 13 lines
14	14		bpffs_path: PathBuf,
15	15		#[clap(long, default_value = "demo_socket_connect")]
16	16		bpffs_dir: PathBuf,
	17	+	#[clap(long)]
	18	+	deny: Vec<u16>,
17	19		}
18	20
19	21		#[tokio::main]
		skipped 26 lines
46	48		let policy = ebpfguard::policy::SocketBind {
47	49		subject: PolicySubject::All,
48	50		allow: ebpfguard::policy::Ports::All,
49		-	deny: ebpfguard::policy::Ports::Ports(vec![8000]),
	51	+	deny: ebpfguard::policy::Ports::Ports(opt.deny.clone()),
50	52		};
51	53		socket_bind
52	54		.add_policy(policy)
53	55		.await
54	56		.context("failed to install policy")?;
55	57
56		-	info!("Will block next 4 attempts to listen on a port 8000");
	58	+	info!(
	59	+	"Will block next 4 attempts to listen on a ports {:?}",
	60	+	opt.deny
	61	+	);
57	62
58	63		for i in 0..4 {
59	64		if let Some(alert) = rx.recv().await {
		skipped 13 lines