Commit 72a8817a authored by Simon Redman's avatar Simon Redman

Fix errors with SiLK configuration based on actually testing

parent 5d0e6c21
......@@ -40,7 +40,7 @@ description <str>: Some optional description of the sensor
"""
SILK_CONF_SENSOR_LINE_TEMPLATE="sensor {uuid} {name} \"{description}\""
FILE_PUSH_COMMAND_TEMPLATE= "sudo mkdir -p /data/ && sudo chown $USER /data && cat <<EOF >/data/{filename}\n{data}\nEOF"
FILE_PUSH_COMMAND_TEMPLATE= "sudo mkdir -p /{path}/ && sudo chown $USER /{path}/ && cat <<EOF >/{path}/{filename}\n{data}\nEOF"
SENSOR_CONF_PROBE_BLOCK_TEMPLATE="""probe {name} netflow-v9
listen-on-port {portnum}
......@@ -58,13 +58,14 @@ end group"""
This group block describes all IPv4 addresses
"""
SENSOR_CONF_GROUP_IPV4_BLOCK="""group ipv4
ipblocks 0.0.0.0/0
ipblocks 0.0.0.0/1
ipblocks 128.0.0.0/1
end group"""
SENSOR_CONF_SENSOR_BLOCK_TEMPLATE="""sensor {name}
netflow-v9-probes {name}
internal-ipblocks @expt-network
discard-when @ipv4 # Discard ALL IPv4 traffic
discard-when source-ipblocks @ipv4 # Discard ALL IPv4 traffic
external-ipblocks remainder
end sensor"""
......@@ -105,7 +106,7 @@ def _write_sensors_conf(session, sensor_lines: List[SensorLine], port_nums: List
sensors_conf = "\n\n".join(probes + groups + sensors)
command = FILE_PUSH_COMMAND_TEMPLATE.format(filename="sensors.conf", data=sensors_conf)
command = FILE_PUSH_COMMAND_TEMPLATE.format(filename="sensors.conf", path="/data/", data=sensors_conf)
ssh_helper.run_command_on_host(session, command)
......@@ -129,7 +130,7 @@ def _write_silk_conf(session, sensor_lines: List[SensorLine]) -> None:
sensor_names=sensor_names,
)
command = FILE_PUSH_COMMAND_TEMPLATE.format(filename="silk.conf", data=silk_conf)
command = FILE_PUSH_COMMAND_TEMPLATE.format(filename="silk.conf", path="/data/", data=silk_conf)
ssh_helper.run_command_on_host(session, command)
......@@ -172,7 +173,7 @@ def configure(netgraph: networkx.Graph, controller_node: str, border_routers: Li
MODIFIES netgraph to have the listening port information needed by ipt_NETFLOW_configurator
:param netgraph: networkx graph object representing the network
:param controller_node: Hostname of node which is running the SiLK collector
:param controller_node: Node which is running the SiLK collector as represented in the graph
:param border_routers: List of nodes to whom we are listening
:return: Output from the SSH commands
"""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment