Add way to manage three scenearios to tagging

redBorder · Nov 11, 2024 · 9f3d8c6 · 9f3d8c6
1 parent 09cfaa0
commit 9f3d8c6
Showing 1 changed file with 4 additions and 8 deletions.
diff --git a/resources/templates/default/sflow_tagging.conf.erb b/resources/templates/default/sflow_tagging.conf.erb
@@ -1,11 +1,5 @@
 filter {
 
-  # Default direction
-  mutate {
-    add_field => {
-      "direction" => "upstream"
-    }
-  }
 
   if ![tag] or [tag] == 0 {
     <% @flow_nodes.select{|s| s[:ipaddress] and s["redborder"] and s["redborder"]["homenets"] and !s["redborder"]["blocked"]}.each do |flow_node| %>
@@ -19,9 +13,11 @@ filter {
                   if homenets.any? {|subnet| subnet.include?(event.get('ip_src')) } 
                     if homenets.any? {|subnet| subnet.include?(event.get('ip_dst')) }
                       event.set('direction', 'internal')
-                    else                   
-                      event.set('direction', 'downstream') 
+                    else
+                      event.set('direction', 'upstream')
                     end
+                  elsif homenets.any? {|subnet| subnet.include?(event.get('ip_dst')) }
+                    event.set('direction', 'downstream')
                   end
                  "
       }