From 8306fbd76261823e64062c1192565e5b7746c81b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20De=20Keersmaeker?=
 <francois.dekeersmaeker@uclouvain.be>
Date: Wed, 7 Aug 2024 16:10:17 +0200
Subject: [PATCH] Translator: NFQueue base ID is now optional (default: 0)

---
 .ci_scripts/firewall-test/translate_profiles.sh | 2 +-
 src/translator/translator.py                    | 4 ++--
 test/translator/translate.sh                    | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.ci_scripts/firewall-test/translate_profiles.sh b/.ci_scripts/firewall-test/translate_profiles.sh
index f7e34aa..1cd12fc 100755
--- a/.ci_scripts/firewall-test/translate_profiles.sh
+++ b/.ci_scripts/firewall-test/translate_profiles.sh
@@ -12,6 +12,6 @@ NFQ_BASE_ID=0
 for DEVICE in "$DEVICES_DIR"/*/; do
     # Call translator over device profile
     # Arguments $1 & $2 represent the verdict mode
-    python3 $TRANSLATOR_PATH "$DEVICE"profile.yaml $NFQ_BASE_ID $1 $2
+    python3 $TRANSLATOR_PATH "$DEVICE"profile.yaml -q $NFQ_BASE_ID $1 $2
     ((NFQ_BASE_ID=NFQ_BASE_ID+100))
 done
diff --git a/src/translator/translator.py b/src/translator/translator.py
index d64b1ff..4b580c8 100644
--- a/src/translator/translator.py
+++ b/src/translator/translator.py
@@ -160,7 +160,7 @@ if __name__ == "__main__":
     description = "Translate a device YAML profile to the corresponding pair of NFTables firewall script and NFQueue C source code."
     parser = argparse.ArgumentParser(description=description)
     parser.add_argument("profile", type=str, help="Path to the device YAML profile")
-    parser.add_argument("nfq_id_base", type=uint16, help="NFQueue start index for this profile's policies (must be an integer between 0 and 65535)")
+    parser.add_argument("-q", "--nfqueue", type=uint16, default=0, help="NFQueue start index for this profile's policies (must be an integer between 0 and 65535)")
     # Verdict modes
     parser.add_argument("-r", "--rate", type=int, help="Rate limit, in packets/second, to apply to matched traffic, instead of a binary verdict. Cannot be used with dropping probability.")
     parser.add_argument("-p", "--drop-proba", type=proba, help="Dropping probability to apply to matched traffic, instead of a binary verdict. Cannot be used with rate limiting.")
@@ -201,7 +201,7 @@ if __name__ == "__main__":
         device = profile["device-info"]
 
         # Base nfqueue id, will be incremented at each interaction
-        nfq_id = args.nfq_id_base
+        nfq_id = args.nfqueue
 
         # Global accumulators
         global_accs = {
diff --git a/test/translator/translate.sh b/test/translator/translate.sh
index d72d97a..afd4134 100755
--- a/test/translator/translate.sh
+++ b/test/translator/translate.sh
@@ -11,6 +11,6 @@ shopt -s nullglob
 # Loop over devices
 NFQ_BASE_ID=0
 for DEVICE in "$DEVICES_DIR"/*/; do
-    python3 "$TRANSLATOR_PATH" "$DEVICE"profile.yaml $NFQ_BASE_ID
+    python3 "$TRANSLATOR_PATH" "$DEVICE"profile.yaml -q $NFQ_BASE_ID
     ((NFQ_BASE_ID=NFQ_BASE_ID+100))
 done
-- 
GitLab