Sorting together explanations for specific ports and for all ports in…

… a protocol

pkg/netpol/internal/common/connectionset.go

@@ -480,7 +480,7 @@ type InSetAndRulesStr struct {
 	rulesString string
 }
 
-func portsStringWithExplanation(ports []PortRange, protocolString string) string {
+func portsStringWithExplanation(ports []PortRange, protocolString string) []string {
 	// for compact explanation: collect together ranges with the same 'inSet' and impying rules
 	portRangeClasses := map[InSetAndRulesStr]*interval.CanonicalSet{}
 	for i := range ports {
@@ -500,7 +500,7 @@ func portsStringWithExplanation(ports []PortRange, protocolString string) string
 		ind++
 	}
 	sort.Strings(portsStr)
-	return strings.Join(portsStr, NewLine)
+	return portsStr
 }
 
 func protocolAndPortsStr(protocol v1.Protocol, ports string) string {
@@ -537,7 +537,7 @@ func ExplanationFromConnProperties(allProtocolsAndPorts bool, commonImplyingRule
 				continue
 			}
 		}
-		connStrings = append(connStrings, portsStringWithExplanation(ports, string(protocol)))
+		connStrings = append(connStrings, portsStringWithExplanation(ports, string(protocol))...)
 	}
 	if len(wholeRangeProtocols) > 0 {
 		sort.Strings(wholeRangeProtocols)

test_outputs/connlist/anp_banp_blog_demo_2_explain_output.txt

@@ -32,6 +32,8 @@ ALLOWED TCP:[1234] due to the following policies//rules:
 
 ALLOWED TCP:[9001-65535] the system default (Allow all)
 
+ALLOWED {SCTP,UDP}:[ALL PORTS] the system default (Allow all)
+
 DENIED TCP:[1-1233,1235-8079,8081-9000] due to the following policies//rules:
 	EGRESS DIRECTION (ALLOWED) due to the system default (Allow all)
 	INGRESS DIRECTION (DENIED)
@@ -43,8 +45,6 @@ DENIED TCP:[8080] due to the following policies//rules:
 		1) [ANP] pass-monitoring//Ingress rule pass-ingress-from-monitoring (Pass)
 		2) [BANP] default//Ingress rule deny-ingress-from-all-namespaces (Deny)
 
-ALLOWED {SCTP,UDP}:[ALL PORTS] the system default (Allow all)
-
 ----------------------------------------------------------------------------------------------------------------------------------------------------------------
 CONNECTIONS BETWEEN monitoring/my-monitoring[Pod] => baz/my-baz[Pod]:
 

test_outputs/connlist/anp_test_10_explain_output.txt

@@ -29,13 +29,13 @@ CONNECTIONS BETWEEN network-policy-conformance-hufflepuff/cedric-diggory[Statefu
 
 ALLOWED UDP:[1-5352,5354-65535] the system default (Allow all)
 
+ALLOWED {SCTP,TCP}:[ALL PORTS] the system default (Allow all)
+
 DENIED UDP:[5353] due to the following policies//rules:
 	EGRESS DIRECTION (DENIED)
 		1) [ANP] egress-udp//Egress rule deny-to-slytherin-at-port-5353 (Deny)
 	INGRESS DIRECTION (ALLOWED) due to the system default (Allow all)
 
-ALLOWED {SCTP,TCP}:[ALL PORTS] the system default (Allow all)
-
 ----------------------------------------------------------------------------------------------------------------------------------------------------------------
 The following nodes are connected due to the system default or the assumed default for IPblock (Allow all):
 0.0.0.0-255.255.255.255 => network-policy-conformance-gryffindor/harry-potter[StatefulSet]