Netpolicy logging should also log destination port

[jsalatiel]

Describe the problem/challenge you have
Log to /var/log/antrea/networkpolicy/np.log should contain destination port.
The current format for the logging looks like:

2022/01/03 12:47:48.092090 EgressDefaultRule AntreaClusterNetworkPolicy:**default-cluster-deny** Reject 170 SRC: 10.42.0.219 DEST: 192.0.73.2 60 TCP

Although useful, it would be a lot more useful if it contained the destination port, so it would help to debug.

Describe the solution you'd like
The destination port should also be logged

Anything else you would like to add?
I can't find any documentation about the meaning of that number after the policy and before the protocol. it would be nice to have that documented.

Eg: Reject 170 SRC: 10.42.0.219 DEST: 192.0.73.2 60 TCP

[antoninbas]

170 is an implementation detail (priority of the OVS flow which implements the policy)
60 is the packet length

I agree that we should add some more info to https://github.com/antrea-io/antrea/blob/main/docs/antrea-network-policy.md#audit-logging-for-antrea-native-policies. And including the source and destination ports sounds good to me. @qiyueyao could you take a look at this?

[jsalatiel]

HI @qiyueyao , this is probably low priority on your list, but will you be able to implement it?
I am having a hard time debugging network policies without the destination port on the logs.

Thanks!

[qiyueyao]

HI @qiyueyao , this is probably low priority on your list, but will you be able to implement it? I am having a hard time debugging network policies without the destination port on the logs.

Thanks!

Yes of course, didn't know it was a roadblock😔. PR targeted for 1.6 release.

[tnqn]

Closed by #3277