Workflow Improvements (#69)

This PR attempts to run the XDP program for 10 seconds when running the `run.yml` workflow instead of printing the help menu.

Author: gamemann

.github/workflows/build.yml

@@ -1,18 +1,14 @@
 name: Build
 
 on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
-  workflow_call:
+  - push
 
 jobs:
   build:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
       with:
         submodules: recursive
     - name: Run apt update
@@ -34,7 +30,7 @@ jobs:
     - name: Install project
       run: sudo make install
     - name: Store build artifacts
-      uses: actions/upload-artifact@master
+      uses: actions/upload-artifact@v4
       with:
         name: build-output
-        path: build/loader/xdpfw
+        path: build/

.github/workflows/run.yml

@@ -1,22 +1,17 @@
 name: Run
 
 on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
+  workflow_run:
+    workflows: ["Build"]
+    types: [completed]
 
 jobs:
-  reuse_build:
-    uses: gamemann/XDP-Firewall/.github/workflows/build.yml@master
   run:
-    needs: reuse_build
     runs-on: ubuntu-latest
+
     steps:
     - name: Download artifact from Build workflow
-      uses: actions/download-artifact@master
-      with:
-        name: build-output
+      uses: actions/download-artifact@v4
     - name: Run apt update
       run: sudo apt update
     - name: Install LibConfig
@@ -25,7 +20,15 @@ jobs:
       run: sudo apt install libelf-dev
     - name: List files
       run: ls -la
+    - name: Create /etc/xdpfw directory.
+      run: sudo mkdir -p /etc/xdpfw
+    - name: Copy XDP program to /etc/xdpfw.
+      run: sudo cp -f ./build-output/xdp/xdp_prog.o /etc/xdpfw
     - name: Add execute permissions to executable file
-      run: sudo chmod +x ./xdpfw
-    - name: Run XDP FW with help menu
-      run: sudo ./xdpfw -h
+      run: sudo chmod +x ./build-output/loader/xdpfw
+    - name: Create basic config file.
+      run: echo 'verbose = 5; filters = ( { enabled = true; log = true; action = 0; tcp_enabled = true; tcp_dport = 22; } );' > ./basic.conf
+    - name: Retrieve default network interface
+      run: echo "INTERFACE=$(ip route | awk '/default/ {print $5}')" >> $GITHUB_ENV
+    - name: Run XDP FW for 10 seconds using basic config and default network interface.
+      run: sudo ./build-output/loader/xdpfw -c ./basic.conf -t 10 -i ${{ env.INTERFACE }}

src/loader/utils/config.c

@@ -273,6 +273,17 @@ int parse_cfg(config__t *cfg, const char* data, config_overrides_t* overrides)
             }
         }
     }
+    else if (overrides && overrides->interface)
+    {
+        if (cfg->interfaces[0])
+        {
+            free(cfg->interfaces[0]);
+            cfg->interfaces[0] = NULL;
+        }
+
+        cfg->interfaces[0] = strdup(overrides->interface);
+        cfg->interfaces_cnt = 1;
+    }
 
     // Pin BPF maps.
     int pin_maps;
@@ -1433,7 +1444,7 @@ void print_filter(filter_rule_cfg_t* filter, int idx)
 
     // ICMP Options.
     printf("\t\tICMP Options\n");
-    
+
     printf("\t\t\tICMP Enabled => %d\n", filter->icmp.enabled);
     printf("\t\t\tICMP Code => %d\n", filter->icmp.code);
     printf("\t\t\tICMP Type => %d\n", filter->icmp.type);