mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
63 lines
2.8 KiB
Plaintext
63 lines
2.8 KiB
Plaintext
:_mod-docs-content-type: REFERENCE
|
|
// Module included in the following assemblies:
|
|
//
|
|
// network_observability/observing-network-traffic.adoc
|
|
|
|
[id="network-observability-flowcollector-flowfilter-parameters_{context}"]
|
|
= Flow filter configuration parameters
|
|
|
|
The flow filter rules consist of required and optional parameters.
|
|
|
|
.Required configuration parameters
|
|
[cols="3a,8a",options="header"]
|
|
|===
|
|
|Parameter |Description
|
|
|
|
|`enable`
|
|
| Set `enable` to `true` to enable the eBPF flow filtering feature.
|
|
|
|
|`cidr`
|
|
| Provides the IP address and CIDR mask for the flow filter rule. Supports both IPv4 and IPv6 address format. If you want to match against any IP, you can use `0.0.0.0/0` for IPv4 or `::/0` for IPv6.
|
|
|
|
|`action`
|
|
| Describes the action that is taken for the flow filter rule. The possible values are `Accept` or `Reject`.
|
|
|
|
* For the `Accept` action matching rule, the flow data is cached in the eBPF table and updated with the global metric, `FlowFilterAcceptCounter`.
|
|
* For the `Reject` action matching rule, the flow data is dropped and not cached in the eBPF table. The flow data is updated with the global metric, `FlowFilterRejectCounter`.
|
|
* If the rule is not matched, the flow is cached in the eBPF table and updated with the global metric, `FlowFilterNoMatchCounter`.
|
|
|===
|
|
|
|
|
|
.Optional configuration parameters
|
|
[cols="3a,8a",options="header"]
|
|
|===
|
|
|Parameter |Description
|
|
|
|
|`direction`
|
|
| Defines the direction of the flow filter rule. Possible values are `Ingress` or `Egress`.
|
|
|
|
|`protocol`
|
|
| Defines the protocol of the flow filter rule. Possible values are `TCP`, `UDP`, `SCTP`, `ICMP`, and `ICMPv6`.
|
|
|
|
|`tcpFlags`
|
|
| Defines the TCP flags to filter flows. Possible values are `SYN`, `SYN-ACK`, `ACK`, `FIN`, `RST`, `PSH`, `URG`, `ECE`, `CWR`, `FIN-ACK`, and `RST-ACK`.
|
|
|
|
| `ports`
|
|
| Defines the ports to use for filtering flows. It can be used for either source or destination ports. To filter a single port, set a single port as an integer value. For example `ports: 80`. To filter a range of ports, use a "start-end" range in string format. For example `ports: "80-100"`
|
|
|
|
|`sourcePorts`
|
|
| Defines the source port to use for filtering flows. To filter a single port, set a single port as an integer value, for example `sourcePorts: 80`. To filter a range of ports, use a "start-end" range, string format, for example `sourcePorts: "80-100"`.
|
|
|
|
|
|
| `destPorts`
|
|
| DestPorts defines the destination ports to use for filtering flows. To filter a single port, set a single port as an integer value, for example `destPorts: 80`. To filter a range of ports, use a "start-end" range in string format, for example `destPorts: "80-100"`.
|
|
|
|
| `icmpType`
|
|
| Defines the ICMP type to use for filtering flows.
|
|
|
|
| `icmpCode`
|
|
| Defines the ICMP code to use for filtering flows.
|
|
|
|
| `peerIP`
|
|
| Defines the IP address to use for filtering flows, for example: `10.10.10.10`.
|
|
|=== |