🔖 Bump the Helm chart version to 52.3.96

Changed two errors to warnings.
Add dns config (#1698 )
2026-02-19 04:20:01 +00:00 · 2025-01-24 11:42:47 -08:00 · 2025-01-24 09:59:43 -08:00 · 2025-01-24 09:14:08 -08:00 · 2025-01-22 15:57:46 -08:00 · 2025-01-22 12:50:17 -08:00
56 changed files with 2805 additions and 1088 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -14,6 +14,8 @@ jobs:
  release:
    name: Build and publish a new release
    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.version.outputs.tag }}
    steps:
      - name: Check out the repo
        uses: actions/checkout@v3
@@ -47,36 +49,19 @@ jobs:
          token: ${{ secrets.GITHUB_TOKEN }}
          artifacts: "bin/*"
          tag: ${{ steps.version.outputs.tag }}
-          prerelease: true
+          prerelease: false
          bodyFile: 'bin/README.md'

-      - name: Checkout
-        uses: actions/checkout@v4
+  brew:
+    name: Publish a new Homebrew formulae
+    needs: [release]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Bump core homebrew formula
+        uses: mislav/bump-homebrew-formula-action@v3
        with:
-          fetch-depth: 0
-          repository: kubeshark/homebrew-kubeshark
-          ssh-key: ${{ secrets.HOMEBREW_SSH_KEY }}
-          path: homebrew-kubeshark
-
-      - name: Generate Homebrew formulae
-        shell: bash
-        run: |
-          export FULL_VERSION=${{ steps.version.outputs.tag }}
-          export CLEAN_VERSION=$(echo $FULL_VERSION | sed 's/^v//')
-          export DARWIN_AMD64_SHA256=$(shasum -a 256 bin/kubeshark_darwin_amd64 | awk '{print $1}')
-          export DARWIN_ARM64_SHA256=$(shasum -a 256 bin/kubeshark_darwin_arm64 | awk '{print $1}')
-          export LINUX_AMD64_SHA256=$(shasum -a 256 bin/kubeshark_linux_amd64 | awk '{print $1}')
-          export LINUX_ARM64_SHA256=$(shasum -a 256 bin/kubeshark_linux_arm64 | awk '{print $1}')
-          envsubst < .github/static/kubeshark.rb.tmpl > homebrew-kubeshark/kubeshark.rb
-
-          cat homebrew-kubeshark/kubeshark.rb
-
-      - name: Commit and push Homebrew formulae
-        working-directory: homebrew-kubeshark
-        run: |
-          git config --global user.email "bot@kubeshark.io"
-          git config --global user.name "Kubeshark Bot"
-          git add kubeshark.rb
-          git commit -m "Release ${{ steps.version.outputs.tag }}"
-          git push
-  
+          # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula:
+          formula-name: kubeshark
+          push-to: kubeshark/homebrew-core
+        env:
+          COMMITTER_TOKEN: ${{ secrets.COMMITTER_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@@ -63,4 +63,4 @@ bin
 scripts/

 # CWD config YAML
-kubeshark.yaml
+kubeshark.yaml
--- a/86
+++ b/86
@@ -14,7 +14,7 @@ export VER?=0.0.0
 help: ## Print this help message.
 	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)

-build-debug:  ## Build for debuging.
+build-debug:  ## Build for debugging.
 	export CGO_ENABLED=1
 	export GCLFAGS='-gcflags="all=-N -l"'
 	${MAKE} build-base
@@ -49,6 +49,12 @@ build-brew: ## Build binary for brew/core CI
 					-X 'github.com/kubeshark/kubeshark/misc.Ver=$(VER)'" \
 					-o kubeshark kubeshark.go

+build-windows-amd64:
+	$(MAKE) build GOOS=windows GOARCH=amd64 && \
+	mv ./bin/kubeshark_windows_amd64 ./bin/kubeshark.exe && \
+	rm bin/kubeshark_windows_amd64.sha256 && \
+	cd bin && shasum -a 256 kubeshark.exe > kubeshark.exe.sha256
+
 build-all: ## Build for all supported platforms.
 	export CGO_ENABLED=0
 	echo "Compiling for every OS and Platform" && \
@@ -57,8 +63,7 @@ build-all: ## Build for all supported platforms.
 	$(MAKE) build GOOS=linux GOARCH=arm64 && \
 	$(MAKE) build GOOS=darwin GOARCH=amd64 && \
 	$(MAKE) build GOOS=darwin GOARCH=arm64 && \
-	$(MAKE) build GOOS=windows GOARCH=amd64 && \
-	mv ./bin/kubeshark_windows_amd64 ./bin/kubeshark.exe && \
+	$(MAKE) build-windows-amd64 && \
 	echo "---------" && \
 	find ./bin -ls

@@ -79,21 +84,40 @@ kubectl-view-kubeshark-resources: ## This command outputs all Kubernetes resourc
 	./kubectl.sh view-kubeshark-resources

 generate-helm-values: ## Generate the Helm values from config.yaml
-	./bin/kubeshark__ config > ./helm-chart/values.yaml && sed -i 's/^license:.*/license: ""/' helm-chart/values.yaml
+	mv ~/.kubeshark/config.yaml ~/.kubeshark/config.yaml.old; bin/kubeshark__ config>helm-chart/values.yaml;mv ~/.kubeshark/config.yaml.old ~/.kubeshark/config.yaml
+	sed -i 's/^license:.*/license: ""/' helm-chart/values.yaml && sed -i '1i # find a detailed description here: https://github.com/kubeshark/kubeshark/blob/master/helm-chart/README.md' helm-chart/values.yaml 

 generate-manifests: ## Generate the manifests from the Helm chart using default configuration
 	helm template kubeshark -n default ./helm-chart > ./manifests/complete.yaml

-logs-worker:
+logs-sniffer:
 	export LOGS_POD_PREFIX=kubeshark-worker-
+	export LOGS_CONTAINER='-c sniffer'
 	export LOGS_FOLLOW=
 	${MAKE} logs

-logs-worker-follow:
+logs-sniffer-follow:
 	export LOGS_POD_PREFIX=kubeshark-worker-
+	export LOGS_CONTAINER='-c sniffer'
 	export LOGS_FOLLOW=--follow
 	${MAKE} logs

+logs-tracer:
+	export LOGS_POD_PREFIX=kubeshark-worker-
+	export LOGS_CONTAINER='-c tracer'
+	export LOGS_FOLLOW=
+	${MAKE} logs
+
+logs-tracer-follow:
+	export LOGS_POD_PREFIX=kubeshark-worker-
+	export LOGS_CONTAINER='-c tracer'
+	export LOGS_FOLLOW=--follow
+	${MAKE} logs
+
+logs-worker: logs-sniffer
+
+logs-worker-follow: logs-sniffer-follow
+
 logs-hub:
 	export LOGS_POD_PREFIX=kubeshark-hub
 	export LOGS_FOLLOW=
@@ -115,7 +139,7 @@ logs-front-follow:
 	${MAKE} logs

 logs:
-	kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW)
+	kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_CONTAINER) $(LOGS_FOLLOW)

 ssh-node:
 	kubectl ssh node $$(kubectl get nodes | awk 'END {print $$1}')
@@ -136,22 +160,13 @@ exec:
 	kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') -- /bin/sh

 helm-install:
-	cd helm-chart && helm install kubeshark . && cd ..
-
-helm-install-canary:
-	cd helm-chart && helm install kubeshark . --set tap.docker.tag=canary && cd ..
-
-helm-install-dev:
-	cd helm-chart && helm install kubeshark . --set tap.docker.tag=dev && cd ..
+	cd helm-chart && helm install kubeshark . --set tap.docker.tag=$(TAG) && cd ..

 helm-install-debug:
-	cd helm-chart && helm install kubeshark . --set tap.debug=true && cd ..
+	cd helm-chart && helm install kubeshark . --set tap.docker.tag=$(TAG) --set tap.debug=true && cd ..

-helm-install-debug-canary:
-	cd helm-chart && helm install kubeshark . --set tap.debug=true --set tap.docker.tag=canary && cd ..
-
-helm-install-debug-dev:
-	cd helm-chart && helm install kubeshark . --set tap.debug=true --set tap.docker.tag=dev && cd ..
+helm-install-profile:
+	cd helm-chart && helm install kubeshark . --set tap.docker.tag=$(TAG) --set tap.pprof.enabled=true && cd ..

 helm-uninstall:
 	helm uninstall kubeshark
@@ -159,16 +174,39 @@ helm-uninstall:
 proxy:
 	kubeshark proxy

-port-forward-worker:
-	kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) 30001:30001
+port-forward:
+	kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(POD_PREFIX)/' | awk 'END {print $$1}') $(SRC_PORT):$(DST_PORT)

 release:
 	@cd ../worker && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
+	@cd ../tracer && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
 	@cd ../hub && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
 	@cd ../front && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
-	@cd ../kubeshark && sed -i 's/^version:.*/version: "$(VERSION)"/' helm-chart/Chart.yaml && make && make generate-helm-values && make generate-manifests
+	@cd ../kubeshark && git checkout master && git pull && sed -i 's/^version:.*/version: "$(VERSION)"/' helm-chart/Chart.yaml && make && make generate-helm-values && make generate-manifests
 	@git add -A . && git commit -m ":bookmark: Bump the Helm chart version to $(VERSION)" && git push
-	@git tag v$(VERSION) && git push origin --tags
+	@git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
 	@cd helm-chart && cp -r . ../../kubeshark.github.io/charts/chart
 	@cd ../../kubeshark.github.io/ && git add -A . && git commit -m ":sparkles: Update the Helm chart" && git push
 	@cd ../kubeshark
+
+soft-release:
+	@cd ../worker && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
+	@cd ../tracer && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
+	@cd ../hub && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
+	@cd ../front && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
+	@cd ../kubeshark && git checkout master && git pull && sed -i 's/^version:.*/version: "$(VERSION)"/' helm-chart/Chart.yaml && make && make generate-helm-values && make generate-manifests
+	@git add -A . && git commit -m ":bookmark: Bump the Helm chart version to $(VERSION)" && git push
+	# @git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
+	# @cd helm-chart && cp -r . ../../kubeshark.github.io/charts/chart
+	# @cd ../../kubeshark.github.io/ && git add -A . && git commit -m ":sparkles: Update the Helm chart" && git push
+	# @cd ../kubeshark
+
+branch:
+	@cd ../worker && git checkout master && git pull && git checkout -b $(name); git push --set-upstream origin $(name)
+	@cd ../hub && git checkout master && git pull && git checkout -b $(name); git push --set-upstream origin $(name)
+	@cd ../front && git checkout master && git pull && git checkout -b $(name); git push --set-upstream origin $(name)
+
+switch-to-branch:
+	@cd ../worker && git checkout $(name)
+	@cd ../hub && git checkout $(name)
+	@cd ../front && git checkout $(name)
--- a/README.md
+++ b/README.md
@@ -22,10 +22,8 @@

 <p align="center">
  <b>
-	  NEW: 
-	  <a href="https://github.com/kubeshark/kubeshark/releases/latest">Version 52.1.50</a> 
-	  now available, featuring enhanced 
-	  <a href="https://docs.kubeshark.co/en/half_connections">Network Error Detection & Analysis</a>.
+	  Want to see Kubeshark in action,  right now? Visit this
+	  <a href="https://demo.kubeshark.co/">live demo deployment</a> of Kubeshark.
  </b>
 </p>

@@ -51,18 +49,21 @@ Running any of the :point_up: above commands will open the [Web UI](https://docs

 ### Homebrew

-[Homebrew](https://brew.sh/) :beer: users can add Kubeshark formulae with:
-
-```shell
-brew tap kubeshark/kubeshark
-```
-
-and install Kubeshark CLI with:
+[Homebrew](https://brew.sh/) :beer: users install Kubeshark CLI with:

 ```shell
 brew install kubeshark
 ```

+### Helm
+
+Add the helm repository and install the chart:
+
+```shell
+helm repo add kubeshark https://helm.kubeshark.co
+‍helm install kubeshark kubeshark/kubeshark
+```
+
 ## Building From Source

 Clone this repository and run `make` command to build it. After the build is complete, the executable can be found at `./bin/kubeshark__`.
--- a/RELEASE.md.TEMPLATE
+++ b/RELEASE.md.TEMPLATE
@@ -1,5 +1,5 @@
 # Kubeshark release _VER_
-Kubeshark CHANGELOG is now part of [Kubeshark wiki](https://github.com/kubeshark/kubeshark/wiki/CHANGELOG)
+Release notes coming soon ..

 ## Download Kubeshark for your platform

--- a/cmd/common.go
+++ b/cmd/common.go
@@ -22,7 +22,7 @@ func startProxyReportErrorIfAny(kubernetesProvider *kubernetes.Provider, ctx con
 	if err != nil {
 		log.Error().
 			Err(errormessage.FormatError(err)).
-			Msg(fmt.Sprintf("Error occured while running K8s proxy. Try setting different port using --%s", proxyPortLabel))
+			Msg(fmt.Sprintf("Error occurred while running K8s proxy. Try setting different port using --%s", proxyPortLabel))
 		return
 	}

@@ -42,7 +42,7 @@ func startProxyReportErrorIfAny(kubernetesProvider *kubernetes.Provider, ctx con
 			log.Error().
 				Str("pod-regex", podRegex.String()).
 				Err(errormessage.FormatError(err)).
-				Msg(fmt.Sprintf("Error occured while running port forward. Try setting different port using --%s", proxyPortLabel))
+				Msg(fmt.Sprintf("Error occurred while running port forward. Try setting different port using --%s", proxyPortLabel))
 			return
 		}

@@ -111,7 +111,7 @@ func dumpLogsIfNeeded(ctx context.Context, kubernetesProvider *kubernetes.Provid
 	}
 	dotDir := misc.GetDotFolderPath()
 	filePath := path.Join(dotDir, fmt.Sprintf("%s_logs_%s.zip", misc.Program, time.Now().Format("2006_01_02__15_04_05")))
-	if err := fsUtils.DumpLogs(ctx, kubernetesProvider, filePath); err != nil {
+	if err := fsUtils.DumpLogs(ctx, kubernetesProvider, filePath, config.Config.Logs.Grep); err != nil {
 		log.Error().Err(err).Msg("Failed to dump logs.")
 	}
 }
--- a/cmd/console.go
+++ b/cmd/console.go
@@ -41,68 +41,75 @@ func init() {
 	consoleCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
 }

-func runConsole() {
+func runConsoleWithoutProxy() {
+	log.Info().Msg("Starting scripting console ...")
+	time.Sleep(5 * time.Second)
 	hubUrl := kubernetes.GetHubUrl()
-	response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl))
-	if err != nil || response.StatusCode != 200 {
-		log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy..."))
-		runProxy(false, true)
-	}
-
-	interrupt := make(chan os.Signal, 1)
-	signal.Notify(interrupt, os.Interrupt)
-
-	log.Info().Str("host", config.Config.Tap.Proxy.Host).Str("url", hubUrl).Msg("Connecting to:")
-	u := url.URL{
-		Scheme: "ws",
-		Host:   fmt.Sprintf("%s:%d/api", config.Config.Tap.Proxy.Host, config.Config.Tap.Proxy.Front.Port),
-		Path:   "/scripts/logs",
-	}
-	headers := http.Header{}
-	headers.Set("License-Key", config.Config.License)
-
-	c, _, err := websocket.DefaultDialer.Dial(u.String(), headers)
-	if err != nil {
-		log.Error().Err(err).Send()
-		return
-	}
-	defer c.Close()
-
-	done := make(chan struct{})
-
-	go func() {
-		defer close(done)
-		for {
-			_, message, err := c.ReadMessage()
-			if err != nil {
-				log.Error().Err(err).Send()
-				return
-			}
-
-			msg := string(message)
-			if strings.Contains(msg, ":ERROR]") {
-				msg = fmt.Sprintf(utils.Red, msg)
-				fmt.Fprintln(os.Stderr, msg)
-			} else {
-				fmt.Fprintln(os.Stdout, msg)
-			}
-		}
-	}()
-
-	ticker := time.NewTicker(time.Second)
-	defer ticker.Stop()
-
 	for {
+
+		// Attempt to connect to the Hub every second
+		response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl))
+		if err != nil || response.StatusCode != 200 {
+			log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub."))
+			time.Sleep(5 * time.Second)
+			continue
+		}
+
+		interrupt := make(chan os.Signal, 1)
+		signal.Notify(interrupt, os.Interrupt)
+
+		log.Info().Str("host", config.Config.Tap.Proxy.Host).Str("url", hubUrl).Msg("Connecting to:")
+		u := url.URL{
+			Scheme: "ws",
+			Host:   fmt.Sprintf("%s:%d", config.Config.Tap.Proxy.Host, config.Config.Tap.Proxy.Front.Port),
+			Path:   "/api/scripts/logs",
+		}
+		headers := http.Header{}
+		headers.Set(utils.X_KUBESHARK_CAPTURE_HEADER_KEY, utils.X_KUBESHARK_CAPTURE_HEADER_IGNORE_VALUE)
+		headers.Set("License-Key", config.Config.License)
+
+		c, _, err := websocket.DefaultDialer.Dial(u.String(), headers)
+		if err != nil {
+			log.Error().Err(err).Msg("Websocket dial error, retrying in 5 seconds...")
+			time.Sleep(5 * time.Second) // Delay before retrying
+			continue
+		}
+		defer c.Close()
+
+		done := make(chan struct{})
+
+		go func() {
+			defer close(done)
+			for {
+				_, message, err := c.ReadMessage()
+				if err != nil {
+					log.Error().Err(err).Msg("Error reading websocket message, reconnecting...")
+					break // Break to reconnect
+				}
+
+				msg := string(message)
+				if strings.Contains(msg, ":ERROR]") {
+					msg = fmt.Sprintf(utils.Red, msg)
+					fmt.Fprintln(os.Stderr, msg)
+				} else {
+					fmt.Fprintln(os.Stdout, msg)
+				}
+			}
+		}()
+
+		ticker := time.NewTicker(time.Second)
+		defer ticker.Stop()
+
 		select {
 		case <-done:
-			return
+			log.Warn().Msg(fmt.Sprintf(utils.Yellow, "Connection closed, reconnecting..."))
+			time.Sleep(5 * time.Second) // Delay before reconnecting
+			continue                    // Reconnect after error
 		case <-interrupt:
-			log.Warn().Msg(fmt.Sprintf(utils.Yellow, "Received interrupt, exiting..."))
-
 			err := c.WriteMessage(websocket.CloseMessage, websocket.FormatCloseMessage(websocket.CloseNormalClosure, ""))
 			if err != nil {
 				log.Error().Err(err).Send()
-				return
+				continue
 			}

 			select {
@@ -113,3 +120,37 @@ func runConsole() {
 		}
 	}
 }
+
+func runConsole() {
+	go runConsoleWithoutProxy()
+
+	// Create interrupt channel and setup signal handling once
+	interrupt := make(chan os.Signal, 1)
+	signal.Notify(interrupt, os.Interrupt)
+	done := make(chan struct{})
+
+	ticker := time.NewTicker(5 * time.Second)
+	defer ticker.Stop()
+
+	for {
+		select {
+		case <-interrupt:
+			// Handle interrupt and exit gracefully
+			log.Warn().Msg(fmt.Sprintf(utils.Yellow, "Received interrupt, exiting..."))
+			select {
+			case <-done:
+			case <-time.After(time.Second):
+			}
+			return
+
+		case <-ticker.C:
+			// Attempt to connect to the Hub every second
+			hubUrl := kubernetes.GetHubUrl()
+			response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl))
+			if err != nil || response.StatusCode != 200 {
+				log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy..."))
+				runProxy(false, true)
+			}
+		}
+	}
+}
--- a/cmd/export.go
+++ b/cmd/export.go
@@ -1,62 +0,0 @@
-package cmd
-
-import (
-	"fmt"
-	"net/http"
-	"os"
-	"path/filepath"
-	"time"
-
-	"github.com/creasty/defaults"
-	"github.com/kubeshark/kubeshark/config/configStructs"
-	"github.com/kubeshark/kubeshark/internal/connect"
-	"github.com/kubeshark/kubeshark/kubernetes"
-	"github.com/kubeshark/kubeshark/utils"
-	"github.com/rs/zerolog/log"
-	"github.com/spf13/cobra"
-)
-
-var exportCmd = &cobra.Command{
-	Use:   "export",
-	Short: "Exports the captured traffic into a TAR file that contains PCAP files",
-	RunE: func(cmd *cobra.Command, args []string) error {
-		runExport()
-		return nil
-	},
-}
-
-func init() {
-	rootCmd.AddCommand(exportCmd)
-
-	defaultTapConfig := configStructs.TapConfig{}
-	if err := defaults.Set(&defaultTapConfig); err != nil {
-		log.Debug().Err(err).Send()
-	}
-
-	exportCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the Kubeshark")
-	exportCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Kubeshark")
-	exportCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
-}
-
-func runExport() {
-	hubUrl := kubernetes.GetHubUrl()
-	response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl))
-	if err != nil || response.StatusCode != 200 {
-		log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy..."))
-		runProxy(false, true)
-	}
-
-	dstPath, err := filepath.Abs(fmt.Sprintf("./%d.tar.gz", time.Now().Unix()))
-	if err != nil {
-		panic(err)
-	}
-
-	out, err := os.Create(dstPath)
-	if err != nil {
-		panic(err)
-	}
-	defer out.Close()
-
-	connector := connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout)
-	connector.PostPcapsMerge(out)
-}
--- a/cmd/logs.go
+++ b/cmd/logs.go
@@ -30,7 +30,7 @@ var logsCmd = &cobra.Command{

 		log.Debug().Str("logs-path", config.Config.Logs.FilePath()).Msg("Using this logs path...")

-		if dumpLogsErr := fsUtils.DumpLogs(ctx, kubernetesProvider, config.Config.Logs.FilePath()); dumpLogsErr != nil {
+		if dumpLogsErr := fsUtils.DumpLogs(ctx, kubernetesProvider, config.Config.Logs.FilePath(), config.Config.Logs.Grep); dumpLogsErr != nil {
 			log.Error().Err(dumpLogsErr).Msg("Failed to dump logs.")
 		}

@@ -47,4 +47,5 @@ func init() {
 	}

 	logsCmd.Flags().StringP(configStructs.FileLogsName, "f", defaultLogsConfig.FileStr, fmt.Sprintf("Path for zip file (default current <pwd>\\%s_logs.zip)", misc.Program))
+	logsCmd.Flags().StringP(configStructs.GrepLogsName, "g", defaultLogsConfig.Grep, "Regexp to do grepping on the logs")
 }
--- a/cmd/pcapDump.go
+++ b/cmd/pcapDump.go
@@ -0,0 +1,84 @@
+package cmd
+
+import (
+	"errors"
+	"path/filepath"
+	"time"
+
+	"github.com/creasty/defaults"
+	"github.com/kubeshark/kubeshark/config/configStructs"
+	"github.com/rs/zerolog/log"
+	"github.com/spf13/cobra"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/tools/clientcmd"
+	"k8s.io/client-go/util/homedir"
+)
+
+// pcapDumpCmd represents the consolidated pcapdump command
+var pcapDumpCmd = &cobra.Command{
+	Use:   "pcapdump",
+	Short: "Store all captured traffic (including decrypted TLS) in a PCAP file.",
+	RunE: func(cmd *cobra.Command, args []string) error {
+		// Retrieve the kubeconfig path from the flag
+		kubeconfig, _ := cmd.Flags().GetString(configStructs.PcapKubeconfig)
+
+		// If kubeconfig is not provided, use the default location
+		if kubeconfig == "" {
+			if home := homedir.HomeDir(); home != "" {
+				kubeconfig = filepath.Join(home, ".kube", "config")
+			} else {
+				return errors.New("kubeconfig flag not provided and no home directory available for default config location")
+			}
+		}
+
+		// Use the current context in kubeconfig
+		config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
+		if err != nil {
+			log.Error().Err(err).Msg("Error building kubeconfig")
+			return err
+		}
+
+		clientset, err := kubernetes.NewForConfig(config)
+		if err != nil {
+			log.Error().Err(err).Msg("Error creating Kubernetes client")
+			return err
+		}
+
+		// Parse the `--time` flag
+		timeIntervalStr, _ := cmd.Flags().GetString("time")
+		var cutoffTime *time.Time // Use a pointer to distinguish between provided and not provided
+		if timeIntervalStr != "" {
+			duration, err := time.ParseDuration(timeIntervalStr)
+			if err != nil {
+				log.Error().Err(err).Msg("Invalid time interval")
+				return err
+			}
+			tempCutoffTime := time.Now().Add(-duration)
+			cutoffTime = &tempCutoffTime
+		}
+
+		// Handle copy operation if the copy string is provided
+		destDir, _ := cmd.Flags().GetString(configStructs.PcapDest)
+		log.Info().Msg("Copying PCAP files")
+		err = copyPcapFiles(clientset, config, destDir, cutoffTime)
+		if err != nil {
+			log.Error().Err(err).Msg("Error copying PCAP files")
+			return err
+		}
+
+		return nil
+	},
+}
+
+func init() {
+	rootCmd.AddCommand(pcapDumpCmd)
+
+	defaultPcapDumpConfig := configStructs.PcapDumpConfig{}
+	if err := defaults.Set(&defaultPcapDumpConfig); err != nil {
+		log.Debug().Err(err).Send()
+	}
+
+	pcapDumpCmd.Flags().String(configStructs.PcapTime, "", "Time interval (e.g., 10m, 1h) in the past for which the pcaps are copied")
+	pcapDumpCmd.Flags().String(configStructs.PcapDest, "", "Local destination path for copied PCAP files (can not be used together with --enabled)")
+	pcapDumpCmd.Flags().String(configStructs.PcapKubeconfig, "", "Path for kubeconfig (if not provided the default location will be checked)")
+}
--- a/cmd/pcapDumpRunner.go
+++ b/cmd/pcapDumpRunner.go
@@ -0,0 +1,346 @@
+package cmd
+
+import (
+	"bufio"
+	"bytes"
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/kubeshark/gopacket/pcapgo"
+	"github.com/rs/zerolog/log"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes"
+	clientk8s "k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/remotecommand"
+)
+
+const (
+	label  = "app.kubeshark.co/app=worker"
+	srcDir = "pcapdump"
+)
+
+// NamespaceFiles represents the namespace and the files found in that namespace.
+type NamespaceFiles struct {
+	Namespace string   // The namespace in which the files were found
+	SrcDir    string   // The source directory from which the files were listed
+	Files     []string // List of files found in the namespace
+}
+
+// listWorkerPods fetches all worker pods from multiple namespaces
+func listWorkerPods(ctx context.Context, clientset *clientk8s.Clientset, namespaces []string) ([]corev1.Pod, error) {
+	var allPods []corev1.Pod
+	labelSelector := label
+
+	for _, namespace := range namespaces {
+		// List all pods matching the label in the current namespace
+		pods, err := clientset.CoreV1().Pods(namespace).List(ctx, metav1.ListOptions{
+			LabelSelector: labelSelector,
+		})
+		if err != nil {
+			return nil, fmt.Errorf("failed to list worker pods in namespace %s: %w", namespace, err)
+		}
+
+		// Accumulate the pods
+		allPods = append(allPods, pods.Items...)
+	}
+
+	return allPods, nil
+}
+
+// listFilesInPodDir lists all files in the specified directory inside the pod across multiple namespaces
+func listFilesInPodDir(ctx context.Context, clientset *clientk8s.Clientset, config *rest.Config, podName string, namespaces []string, cutoffTime *time.Time) ([]NamespaceFiles, error) {
+	var namespaceFilesList []NamespaceFiles
+
+	for _, namespace := range namespaces {
+		// Attempt to get the pod in the current namespace
+		pod, err := clientset.CoreV1().Pods(namespace).Get(ctx, podName, metav1.GetOptions{})
+		if err != nil {
+			continue
+		}
+
+		nodeName := pod.Spec.NodeName
+		srcFilePath := filepath.Join("data", nodeName, srcDir)
+
+		cmd := []string{"ls", srcFilePath}
+		req := clientset.CoreV1().RESTClient().Post().
+			Resource("pods").
+			Name(podName).
+			Namespace(namespace).
+			SubResource("exec").
+			Param("container", "sniffer").
+			Param("stdout", "true").
+			Param("stderr", "true").
+			Param("command", cmd[0]).
+			Param("command", cmd[1])
+
+		exec, err := remotecommand.NewSPDYExecutor(config, "POST", req.URL())
+		if err != nil {
+			log.Error().Err(err).Msgf("failed to initialize executor for pod %s in namespace %s", podName, namespace)
+			continue
+		}
+
+		var stdoutBuf bytes.Buffer
+		var stderrBuf bytes.Buffer
+
+		// Execute the command to list files
+		err = exec.StreamWithContext(ctx, remotecommand.StreamOptions{
+			Stdout: &stdoutBuf,
+			Stderr: &stderrBuf,
+		})
+		if err != nil {
+			log.Error().Err(err).Msgf("error listing files in pod %s in namespace %s: %s", podName, namespace, stderrBuf.String())
+			continue
+		}
+
+		// Split the output (file names) into a list
+		files := strings.Split(strings.TrimSpace(stdoutBuf.String()), "\n")
+		if len(files) == 0 {
+			log.Info().Msgf("No files found in directory %s in pod %s", srcFilePath, podName)
+			continue
+		}
+
+		var filteredFiles []string
+
+		// Filter files based on cutoff time if provided
+		for _, file := range files {
+			if cutoffTime != nil {
+				parts := strings.Split(file, "-")
+				if len(parts) < 2 {
+					log.Warn().Msgf("Skipping file with invalid format: %s", file)
+					continue
+				}
+
+				timestampStr := parts[len(parts)-2] + parts[len(parts)-1][:6] // Extract YYYYMMDDHHMMSS
+				fileTime, err := time.Parse("20060102150405", timestampStr)
+				if err != nil {
+					log.Warn().Err(err).Msgf("Skipping file with unparsable timestamp: %s", file)
+					continue
+				}
+
+				if fileTime.Before(*cutoffTime) {
+					continue
+				}
+			}
+			// Add file to filtered list
+			filteredFiles = append(filteredFiles, file)
+		}
+
+		if len(filteredFiles) > 0 {
+			namespaceFilesList = append(namespaceFilesList, NamespaceFiles{
+				Namespace: namespace,
+				SrcDir:    srcDir,
+				Files:     filteredFiles,
+			})
+		}
+	}
+
+	if len(namespaceFilesList) == 0 {
+		return nil, fmt.Errorf("no files found in pod %s across the provided namespaces", podName)
+	}
+
+	return namespaceFilesList, nil
+}
+
+// copyFileFromPod copies a single file from a pod to a local destination
+func copyFileFromPod(ctx context.Context, clientset *kubernetes.Clientset, config *rest.Config, podName, namespace, srcDir, srcFile, destFile string) error {
+	// Get the pod to retrieve its node name
+	pod, err := clientset.CoreV1().Pods(namespace).Get(ctx, podName, metav1.GetOptions{})
+	if err != nil {
+		return fmt.Errorf("failed to get pod %s in namespace %s: %w", podName, namespace, err)
+	}
+
+	// Construct the complete path using /data, the node name, srcDir, and srcFile
+	nodeName := pod.Spec.NodeName
+	srcFilePath := filepath.Join("data", nodeName, srcDir, srcFile)
+
+	// Execute the `cat` command to read the file at the srcFilePath
+	cmd := []string{"cat", srcFilePath}
+	req := clientset.CoreV1().RESTClient().Post().
+		Resource("pods").
+		Name(podName).
+		Namespace(namespace).
+		SubResource("exec").
+		Param("container", "sniffer").
+		Param("stdout", "true").
+		Param("stderr", "true").
+		Param("command", cmd[0]).
+		Param("command", cmd[1])
+
+	exec, err := remotecommand.NewSPDYExecutor(config, "POST", req.URL())
+	if err != nil {
+		return fmt.Errorf("failed to initialize executor for pod %s in namespace %s: %w", podName, namespace, err)
+	}
+
+	// Create the local file to write the content to
+	outFile, err := os.Create(destFile)
+	if err != nil {
+		return fmt.Errorf("failed to create destination file: %w", err)
+	}
+	defer outFile.Close()
+
+	// Capture stderr for error logging
+	var stderrBuf bytes.Buffer
+
+	// Stream the file content from the pod to the local file
+	err = exec.StreamWithContext(ctx, remotecommand.StreamOptions{
+		Stdout: outFile,
+		Stderr: &stderrBuf,
+	})
+	if err != nil {
+		return fmt.Errorf("error copying file from pod %s in namespace %s: %s", podName, namespace, stderrBuf.String())
+	}
+
+	return nil
+}
+
+func mergePCAPs(outputFile string, inputFiles []string) error {
+	// Create the output file
+	f, err := os.Create(outputFile)
+	if err != nil {
+		return fmt.Errorf("failed to create output file: %w", err)
+	}
+	defer f.Close()
+
+	bufWriter := bufio.NewWriter(f)
+	defer bufWriter.Flush()
+
+	// Create the PCAP writer
+	writer := pcapgo.NewWriter(bufWriter)
+	err = writer.WriteFileHeader(65536, 1)
+	if err != nil {
+		return fmt.Errorf("failed to write PCAP file header: %w", err)
+	}
+
+	for _, inputFile := range inputFiles {
+		// Open the input file
+		file, err := os.Open(inputFile)
+		if err != nil {
+			log.Error().Err(err).Msgf("Failed to open %v", inputFile)
+			continue
+		}
+		defer file.Close()
+
+		// Create the PCAP reader for the input file
+		reader, err := pcapgo.NewReader(file)
+		if err != nil {
+			log.Error().Err(err).Msgf("Failed to create pcapng reader for %v", file.Name())
+			continue
+		}
+
+		for {
+			// Read packet data
+			data, ci, err := reader.ReadPacketData()
+			if err != nil {
+				if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) {
+					break
+				}
+				log.Error().Err(err).Msgf("Error reading packet from file %s", inputFile)
+				break
+			}
+
+			// Write the packet to the output file
+			err = writer.WritePacket(ci, data)
+			if err != nil {
+				log.Error().Err(err).Msgf("Error writing packet to output file")
+				break
+			}
+		}
+	}
+
+	return nil
+}
+
+// copyPcapFiles function for copying the PCAP files from the worker pods
+func copyPcapFiles(clientset *kubernetes.Clientset, config *rest.Config, destDir string, cutoffTime *time.Time) error {
+	namespaceList, err := clientset.CoreV1().Namespaces().List(context.TODO(), metav1.ListOptions{})
+	if err != nil {
+		log.Error().Err(err).Msg("Error listing namespaces")
+		return err
+	}
+
+	var targetNamespaces []string
+	for _, ns := range namespaceList.Items {
+		targetNamespaces = append(targetNamespaces, ns.Name)
+	}
+
+	// List worker pods
+	workerPods, err := listWorkerPods(context.Background(), clientset, targetNamespaces)
+	if err != nil {
+		log.Warn().Err(err).Msg("Error listing worker pods")
+		return err
+	}
+	var currentFiles []string
+
+	// Iterate over each pod to get the PCAP directory from config and copy files
+	for _, pod := range workerPods {
+		// Get the list of NamespaceFiles (files per namespace) and their source directories
+		namespaceFiles, err := listFilesInPodDir(context.Background(), clientset, config, pod.Name, targetNamespaces, cutoffTime)
+		if err != nil {
+			log.Warn().Err(err).Send()
+			continue
+		}
+
+		// Copy each file from the pod to the local destination for each namespace
+		for _, nsFiles := range namespaceFiles {
+			for _, file := range nsFiles.Files {
+				destFile := filepath.Join(destDir, file)
+
+				// Pass the correct namespace and related details to the function
+				err = copyFileFromPod(context.Background(), clientset, config, pod.Name, nsFiles.Namespace, nsFiles.SrcDir, file, destFile)
+				if err != nil {
+					log.Error().Err(err).Msgf("Error copying file from pod %s in namespace %s", pod.Name, nsFiles.Namespace)
+				} else {
+					log.Info().Msgf("Copied %s from %s to %s", file, pod.Name, destFile)
+				}
+
+				currentFiles = append(currentFiles, destFile)
+			}
+		}
+	}
+
+	if len(currentFiles) == 0 {
+		log.Error().Msgf("No files to merge")
+		return nil
+		// continue
+	}
+
+	// Generate a temporary filename based on the first file
+	tempMergedFile := currentFiles[0] + "_temp"
+
+	// Merge the PCAPs into the temporary file
+	err = mergePCAPs(tempMergedFile, currentFiles)
+	if err != nil {
+		log.Error().Err(err).Msgf("Error merging files")
+		return err
+		// continue
+	}
+
+	// Remove the original files after merging
+	for _, file := range currentFiles {
+		err := os.Remove(file)
+		if err != nil {
+			log.Error().Err(err).Msgf("Error removing file %s", file)
+		}
+	}
+
+	// Rename the temp file to the final name (removing "_temp")
+	finalMergedFile := strings.TrimSuffix(tempMergedFile, "_temp")
+	err = os.Rename(tempMergedFile, finalMergedFile)
+	if err != nil {
+		log.Error().Err(err).Msgf("Error renaming merged file %s", tempMergedFile)
+		// continue
+		return err
+	}
+
+	log.Info().Msgf("Merged file created: %s", finalMergedFile)
+
+	return nil
+}
--- a/cmd/pprof.go
+++ b/cmd/pprof.go
@@ -0,0 +1,32 @@
+package cmd
+
+import (
+	"github.com/creasty/defaults"
+	"github.com/kubeshark/kubeshark/config/configStructs"
+	"github.com/rs/zerolog/log"
+	"github.com/spf13/cobra"
+)
+
+var pprofCmd = &cobra.Command{
+	Use:   "pprof",
+	Short: "Select a Kubeshark container and open the pprof web UI in the browser",
+	RunE: func(cmd *cobra.Command, args []string) error {
+		runPprof()
+		return nil
+	},
+}
+
+func init() {
+	rootCmd.AddCommand(pprofCmd)
+
+	defaultTapConfig := configStructs.TapConfig{}
+	if err := defaults.Set(&defaultTapConfig); err != nil {
+		log.Debug().Err(err).Send()
+	}
+
+	pprofCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the proxy/port-forward")
+	pprofCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the proxy/port-forward")
+	pprofCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
+	pprofCmd.Flags().Uint16(configStructs.PprofPortLabel, defaultTapConfig.Pprof.Port, "Provide a custom port for the pprof server")
+	pprofCmd.Flags().String(configStructs.PprofViewLabel, defaultTapConfig.Pprof.View, "Change the default view of the pprof web interface")
+}
--- a/cmd/pprofRunner.go
+++ b/cmd/pprofRunner.go
@@ -0,0 +1,176 @@
+package cmd
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/go-cmd/cmd"
+	"github.com/kubeshark/kubeshark/config"
+	"github.com/kubeshark/kubeshark/kubernetes"
+	"github.com/kubeshark/kubeshark/utils"
+	"github.com/rivo/tview"
+	"github.com/rs/zerolog/log"
+	v1 "k8s.io/api/core/v1"
+)
+
+func runPprof() {
+	runProxy(false, true)
+
+	provider, err := getKubernetesProviderForCli(false, false)
+	if err != nil {
+		return
+	}
+
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	hubPods, err := provider.ListPodsByAppLabel(ctx, config.Config.Tap.Release.Namespace, map[string]string{kubernetes.AppLabelKey: "hub"})
+	if err != nil {
+		log.Error().
+			Err(err).
+			Msg("Failed to list hub pods!")
+		cancel()
+		return
+	}
+
+	workerPods, err := provider.ListPodsByAppLabel(ctx, config.Config.Tap.Release.Namespace, map[string]string{kubernetes.AppLabelKey: "worker"})
+	if err != nil {
+		log.Error().
+			Err(err).
+			Msg("Failed to list worker pods!")
+		cancel()
+		return
+	}
+
+	fullscreen := true
+
+	app := tview.NewApplication()
+	list := tview.NewList()
+
+	var currentCmd *cmd.Cmd
+
+	i := 48
+	for _, pod := range hubPods {
+		for _, container := range pod.Spec.Containers {
+			log.Info().Str("pod", pod.Name).Str("container", container.Name).Send()
+			homeUrl := fmt.Sprintf("%s/debug/pprof/", kubernetes.GetHubUrl())
+			modal := buildNewModal(
+				pod,
+				container,
+				homeUrl,
+				app,
+				list,
+				fullscreen,
+				currentCmd,
+			)
+			list.AddItem(fmt.Sprintf("pod: %s container: %s", pod.Name, container.Name), pod.Spec.NodeName, rune(i), func() {
+				app.SetRoot(modal, fullscreen)
+			})
+			i++
+		}
+	}
+
+	for _, pod := range workerPods {
+		for _, container := range pod.Spec.Containers {
+			log.Info().Str("pod", pod.Name).Str("container", container.Name).Send()
+			homeUrl := fmt.Sprintf("%s/pprof/%s/%s/", kubernetes.GetHubUrl(), pod.Status.HostIP, container.Name)
+			modal := buildNewModal(
+				pod,
+				container,
+				homeUrl,
+				app,
+				list,
+				fullscreen,
+				currentCmd,
+			)
+			list.AddItem(fmt.Sprintf("pod: %s container: %s", pod.Name, container.Name), pod.Spec.NodeName, rune(i), func() {
+				app.SetRoot(modal, fullscreen)
+			})
+			i++
+		}
+	}
+
+	list.AddItem("Quit", "Press to exit", 'q', func() {
+		if currentCmd != nil {
+			err = currentCmd.Stop()
+			if err != nil {
+				log.Error().Err(err).Str("name", currentCmd.Name).Msg("Failed to stop process!")
+			}
+		}
+		app.Stop()
+	})
+
+	if err := app.SetRoot(list, fullscreen).EnableMouse(true).Run(); err != nil {
+		panic(err)
+	}
+}
+
+func buildNewModal(
+	pod v1.Pod,
+	container v1.Container,
+	homeUrl string,
+	app *tview.Application,
+	list *tview.List,
+	fullscreen bool,
+	currentCmd *cmd.Cmd,
+) *tview.Modal {
+	return tview.NewModal().
+		SetText(fmt.Sprintf("pod: %s container: %s", pod.Name, container.Name)).
+		AddButtons([]string{
+			"Open Debug Home Page",
+			"Profile: CPU",
+			"Profile: Memory",
+			"Profile: Goroutine",
+			"Cancel",
+		}).
+		SetDoneFunc(func(buttonIndex int, buttonLabel string) {
+			var err error
+			port := fmt.Sprintf(":%d", config.Config.Tap.Pprof.Port)
+			view := fmt.Sprintf("http://localhost%s/ui/%s", port, config.Config.Tap.Pprof.View)
+
+			switch buttonLabel {
+			case "Open Debug Home Page":
+				utils.OpenBrowser(homeUrl)
+			case "Profile: CPU":
+				if currentCmd != nil {
+					err = currentCmd.Stop()
+					if err != nil {
+						log.Error().Err(err).Str("name", currentCmd.Name).Msg("Failed to stop process!")
+					}
+				}
+				currentCmd = cmd.NewCmd("go", "tool", "pprof", "-http", port, "-no_browser", fmt.Sprintf("%sprofile", homeUrl))
+				currentCmd.Start()
+				utils.OpenBrowser(view)
+			case "Profile: Memory":
+				if currentCmd != nil {
+					err = currentCmd.Stop()
+					if err != nil {
+						log.Error().Err(err).Str("name", currentCmd.Name).Msg("Failed to stop process!")
+					}
+				}
+				currentCmd = cmd.NewCmd("go", "tool", "pprof", "-http", port, "-no_browser", fmt.Sprintf("%sheap", homeUrl))
+				currentCmd.Start()
+				utils.OpenBrowser(view)
+			case "Profile: Goroutine":
+				if currentCmd != nil {
+					err = currentCmd.Stop()
+					if err != nil {
+						log.Error().Err(err).Str("name", currentCmd.Name).Msg("Failed to stop process!")
+					}
+				}
+				currentCmd = cmd.NewCmd("go", "tool", "pprof", "-http", port, "-no_browser", fmt.Sprintf("%sgoroutine", homeUrl))
+				currentCmd.Start()
+				utils.OpenBrowser(view)
+			case "Cancel":
+				if currentCmd != nil {
+					err = currentCmd.Stop()
+					if err != nil {
+						log.Error().Err(err).Str("name", currentCmd.Name).Msg("Failed to stop process!")
+					}
+				}
+				fallthrough
+			default:
+				app.SetRoot(list, fullscreen)
+			}
+		})
+}
--- a/cmd/pro.go
+++ b/cmd/pro.go
@@ -1,138 +0,0 @@
-package cmd
-
-import (
-	"fmt"
-	"io"
-	"net/http"
-	"os"
-	"time"
-
-	"github.com/creasty/defaults"
-	"github.com/gin-gonic/gin"
-	"github.com/kubeshark/kubeshark/config"
-	"github.com/kubeshark/kubeshark/config/configStructs"
-	"github.com/kubeshark/kubeshark/internal/connect"
-	"github.com/kubeshark/kubeshark/kubernetes"
-	"github.com/kubeshark/kubeshark/utils"
-	"github.com/rs/zerolog/log"
-	"github.com/spf13/cobra"
-)
-
-var proCmd = &cobra.Command{
-	Use:   "pro",
-	Short: "Acquire a Pro license",
-	RunE: func(cmd *cobra.Command, args []string) error {
-		acquireLicense()
-		return nil
-	},
-}
-
-const (
-	PRO_URL  = "https://console.kubeshark.co/cli"
-	PRO_PORT = 5252
-)
-
-func init() {
-	rootCmd.AddCommand(proCmd)
-
-	defaultTapConfig := configStructs.TapConfig{}
-	if err := defaults.Set(&defaultTapConfig); err != nil {
-		log.Debug().Err(err).Send()
-	}
-
-	proCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the Kubeshark")
-	proCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Kubeshark")
-	proCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
-}
-
-func acquireLicense() {
-	hubUrl := kubernetes.GetHubUrl()
-	response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl))
-	if err != nil || response.StatusCode != 200 {
-		log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy..."))
-		runProxy(false, true)
-	}
-
-	connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout)
-
-	log.Info().Str("url", PRO_URL).Msg("Opening in the browser:")
-	utils.OpenBrowser(PRO_URL)
-
-	runLicenseRecieverServer()
-}
-
-func updateLicense(licenseKey string) {
-	log.Info().Str("key", licenseKey).Msg("Received license:")
-
-	config.Config.License = licenseKey
-	err := config.WriteConfig(&config.Config)
-	if err != nil {
-		log.Error().Err(err).Send()
-	}
-
-	kubernetesProvider, err := getKubernetesProviderForCli(false, false)
-	if err != nil {
-		log.Error().Err(err).Send()
-		return
-	}
-	updated, err := kubernetes.SetSecret(kubernetesProvider, kubernetes.SECRET_LICENSE, config.Config.License)
-	if err != nil {
-		log.Error().Err(err).Send()
-	}
-
-	if updated {
-		log.Info().Msg("Updated the license, exiting...")
-	} else {
-		log.Info().Msg("Exiting...")
-	}
-
-	go func() {
-		time.Sleep(2 * time.Second)
-		os.Exit(0)
-	}()
-}
-
-func runLicenseRecieverServer() {
-	gin.SetMode(gin.ReleaseMode)
-	ginApp := gin.New()
-	ginApp.Use(func(c *gin.Context) {
-		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
-		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, x-session-token")
-		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE")
-		c.Writer.Header().Set("Access-Control-Expose-Headers", "Content-Disposition")
-
-		if c.Request.Method == "OPTIONS" {
-			c.AbortWithStatus(http.StatusNoContent)
-			return
-		}
-
-		c.Next()
-	})
-
-	ginApp.POST("/", func(c *gin.Context) {
-		data, err := io.ReadAll(c.Request.Body)
-		if err != nil {
-			log.Error().Err(err).Send()
-			c.AbortWithStatus(http.StatusBadRequest)
-			return
-		}
-
-		licenseKey := string(data)
-
-		updateLicense(licenseKey)
-	})
-
-	go func() {
-		if err := ginApp.Run(fmt.Sprintf(":%d", PRO_PORT)); err != nil {
-			log.Error().Err(err).Send()
-		}
-	}()
-
-	log.Info().Msg("Alternatively enter your license key:")
-
-	var licenseKey string
-	fmt.Scanf("%s", &licenseKey)
-
-	updateLicense(licenseKey)
-}
--- a/cmd/proxyRunner.go
+++ b/cmd/proxyRunner.go
@@ -92,10 +92,10 @@ func runProxy(block bool, noBrowser bool) {
 		establishedProxy = true
 		okToOpen("Kubeshark", frontUrl, noBrowser)
 	}
-
 	if establishedProxy && block {
 		utils.WaitForTermination(ctx, cancel)
 	}
+
 }

 func okToOpen(name string, url string, noBrowser bool) {
--- a/cmd/scripts.go
+++ b/cmd/scripts.go
@@ -2,24 +2,30 @@ package cmd

 import (
 	"context"
-	"fmt"
-	"net/http"
+	"encoding/json"
+	"errors"
+	"os"
+	"os/signal"
+	"strings"
+	"sync"
+	"time"

 	"github.com/creasty/defaults"
 	"github.com/fsnotify/fsnotify"
 	"github.com/kubeshark/kubeshark/config"
 	"github.com/kubeshark/kubeshark/config/configStructs"
-	"github.com/kubeshark/kubeshark/internal/connect"
 	"github.com/kubeshark/kubeshark/kubernetes"
 	"github.com/kubeshark/kubeshark/misc"
-	"github.com/kubeshark/kubeshark/utils"
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/cobra"
+	k8serrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/watch"
 )

 var scriptsCmd = &cobra.Command{
 	Use:   "scripts",
-	Short: "Watch the `scripting.source` directory for changes and update the scripts",
+	Short: "Watch the `scripting.source` and/or `scripting.sources` folders for changes and update the scripts",
 	RunE: func(cmd *cobra.Command, args []string) error {
 		runScripts()
 		return nil
@@ -40,24 +46,145 @@ func init() {
 }

 func runScripts() {
-	if config.Config.Scripting.Source == "" {
-		log.Error().Msg("`scripting.source` field is empty.")
+	if config.Config.Scripting.Source == "" && len(config.Config.Scripting.Sources) == 0 {
+		log.Error().Msg("Both `scripting.source` and `scripting.sources` fields are empty.")
 		return
 	}

-	hubUrl := kubernetes.GetHubUrl()
-	response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl))
-	if err != nil || response.StatusCode != 200 {
-		log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy..."))
-		runProxy(false, true)
+	kubernetesProvider, err := getKubernetesProviderForCli(false, false)
+	if err != nil {
+		log.Error().Err(err).Send()
+		return
 	}

-	connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout)
+	var wg sync.WaitGroup
+
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	signalChan := make(chan os.Signal, 1)
+	signal.Notify(signalChan, os.Interrupt)
+
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		watchConfigMap(ctx, kubernetesProvider)
+	}()
+
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		watchScripts(ctx, kubernetesProvider, true)
+	}()
+
+	go func() {
+		<-signalChan
+		log.Debug().Msg("Received interrupt, stopping watchers.")
+		cancel()
+	}()
+
+	wg.Wait()

-	watchScripts(true)
 }

-func watchScripts(block bool) {
+func createScript(provider *kubernetes.Provider, script misc.ConfigMapScript) (index int64, err error) {
+	const maxRetries = 5
+	var scripts map[int64]misc.ConfigMapScript
+
+	for i := 0; i < maxRetries; i++ {
+		scripts, err = kubernetes.ConfigGetScripts(provider)
+		if err != nil {
+			return
+		}
+		script.Active = kubernetes.IsActiveScript(provider, script.Title)
+		index = 0
+		if script.Title != "New Script" {
+			for i, v := range scripts {
+				if index <= i {
+					index = i + 1
+				}
+				if v.Title == script.Title {
+					index = int64(i)
+				}
+			}
+		}
+		scripts[index] = script
+
+		log.Info().Str("title", script.Title).Bool("Active", script.Active).Int64("Index", index).Msg("Creating script")
+		var data []byte
+		data, err = json.Marshal(scripts)
+		if err != nil {
+			return
+		}
+
+		_, err = kubernetes.SetConfig(provider, kubernetes.CONFIG_SCRIPTING_SCRIPTS, string(data))
+		if err == nil {
+			return index, nil
+		}
+
+		if k8serrors.IsConflict(err) {
+			log.Warn().Err(err).Msg("Conflict detected, retrying update...")
+			time.Sleep(500 * time.Millisecond)
+			continue
+		}
+
+		return 0, err
+	}
+
+	log.Error().Msg("Max retries reached for creating script due to conflicts.")
+	return 0, errors.New("max retries reached due to conflicts while creating script")
+}
+
+func updateScript(provider *kubernetes.Provider, index int64, script misc.ConfigMapScript) (err error) {
+	var scripts map[int64]misc.ConfigMapScript
+	scripts, err = kubernetes.ConfigGetScripts(provider)
+	if err != nil {
+		return
+	}
+	script.Active = kubernetes.IsActiveScript(provider, script.Title)
+	scripts[index] = script
+
+	var data []byte
+	data, err = json.Marshal(scripts)
+	if err != nil {
+		return
+	}
+
+	_, err = kubernetes.SetConfig(provider, kubernetes.CONFIG_SCRIPTING_SCRIPTS, string(data))
+	if err != nil {
+		return
+	}
+
+	return
+}
+
+func deleteScript(provider *kubernetes.Provider, index int64) (err error) {
+	var scripts map[int64]misc.ConfigMapScript
+	scripts, err = kubernetes.ConfigGetScripts(provider)
+	if err != nil {
+		return
+	}
+	err = kubernetes.DeleteActiveScriptByTitle(provider, scripts[index].Title)
+	if err != nil {
+		return
+	}
+	delete(scripts, index)
+
+	var data []byte
+	data, err = json.Marshal(scripts)
+	if err != nil {
+		return
+	}
+
+	_, err = kubernetes.SetConfig(provider, kubernetes.CONFIG_SCRIPTING_SCRIPTS, string(data))
+	if err != nil {
+		return
+	}
+
+	return
+}
+
+func watchScripts(ctx context.Context, provider *kubernetes.Provider, block bool) {
 	files := make(map[string]int64)

 	scripts, err := config.Config.Scripting.GetScripts()
@@ -67,10 +194,10 @@ func watchScripts(block bool) {
 	}

 	for _, script := range scripts {
-		index, err := connector.PostScript(script)
+		index, err := createScript(provider, script.ConfigMap())
 		if err != nil {
 			log.Error().Err(err).Send()
-			return
+			continue
 		}

 		files[script.Path] = index
@@ -85,11 +212,37 @@ func watchScripts(block bool) {
 		defer watcher.Close()
 	}

+	ctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
+	signalChan := make(chan os.Signal, 1)
+	signal.Notify(signalChan, os.Interrupt)
+
+	go func() {
+		<-signalChan
+		log.Debug().Msg("Received interrupt, stopping script watch.")
+		cancel()
+		watcher.Close()
+	}()
+
+	if err := watcher.Add(config.Config.Scripting.Source); err != nil {
+		log.Error().Err(err).Msg("Failed to add scripting source to watcher")
+		return
+	}
+
 	go func() {
 		for {
 			select {
+			case <-ctx.Done():
+				log.Debug().Msg("Script watcher exiting gracefully.")
+				return
+
 			// watch for events
 			case event := <-watcher.Events:
+				if !strings.HasSuffix(event.Name, "js") {
+					log.Info().Str("file", event.Name).Msg("Ignoring file")
+					continue
+				}
 				switch event.Op {
 				case fsnotify.Create:
 					script, err := misc.ReadScriptFile(event.Name)
@@ -98,7 +251,7 @@ func watchScripts(block bool) {
 						continue
 					}

-					index, err := connector.PostScript(script)
+					index, err := createScript(provider, script.ConfigMap())
 					if err != nil {
 						log.Error().Err(err).Send()
 						continue
@@ -114,7 +267,7 @@ func watchScripts(block bool) {
 						continue
 					}

-					err = connector.PutScript(script, index)
+					err = updateScript(provider, index, script.ConfigMap())
 					if err != nil {
 						log.Error().Err(err).Send()
 						continue
@@ -122,7 +275,7 @@ func watchScripts(block bool) {

 				case fsnotify.Rename:
 					index := files[event.Name]
-					err := connector.DeleteScript(index)
+					err := deleteScript(provider, index)
 					if err != nil {
 						log.Error().Err(err).Send()
 						continue
@@ -132,9 +285,12 @@ func watchScripts(block bool) {
 					// pass
 				}

-			// watch for errors
-			case err := <-watcher.Errors:
-				log.Error().Err(err).Send()
+			case err, ok := <-watcher.Errors:
+				if !ok {
+					log.Info().Msg("Watcher errors channel closed.")
+					return
+				}
+				log.Error().Err(err).Msg("Watcher error encountered")
 			}
 		}
 	}()
@@ -143,11 +299,79 @@ func watchScripts(block bool) {
 		log.Error().Err(err).Send()
 	}

-	log.Info().Str("directory", config.Config.Scripting.Source).Msg("Watching scripts against changes:")
+	for _, source := range config.Config.Scripting.Sources {
+		if err := watcher.Add(source); err != nil {
+			log.Error().Err(err).Send()
+		}
+	}
+
+	log.Info().Str("folder", config.Config.Scripting.Source).Interface("folders", config.Config.Scripting.Sources).Msg("Watching scripts against changes:")

 	if block {
-		ctx, cancel := context.WithCancel(context.Background())
-		defer cancel()
-		utils.WaitForTermination(ctx, cancel)
+		<-ctx.Done()
 	}
 }
+
+func watchConfigMap(ctx context.Context, provider *kubernetes.Provider) {
+	clientset := provider.GetClientSet()
+	configMapName := kubernetes.SELF_RESOURCES_PREFIX + kubernetes.SUFFIX_CONFIG_MAP
+
+	for {
+		select {
+		case <-ctx.Done():
+			log.Info().Msg("ConfigMap watcher exiting gracefully.")
+			return
+
+		default:
+			watcher, err := clientset.CoreV1().ConfigMaps(config.Config.Tap.Release.Namespace).Watch(context.TODO(), metav1.ListOptions{
+				FieldSelector: "metadata.name=" + configMapName,
+			})
+			if err != nil {
+				log.Warn().Err(err).Msg("ConfigMap not found, retrying in 5 seconds...")
+				time.Sleep(5 * time.Second)
+				continue
+			}
+
+			for event := range watcher.ResultChan() {
+				select {
+				case <-ctx.Done():
+					log.Info().Msg("ConfigMap watcher loop exiting gracefully.")
+					watcher.Stop()
+					return
+
+				default:
+					if event.Type == watch.Added {
+						log.Info().Msg("ConfigMap created or modified")
+						runScriptsSync(provider)
+					} else if event.Type == watch.Deleted {
+						log.Warn().Msg("ConfigMap deleted, waiting for recreation...")
+						watcher.Stop()
+						break
+					}
+				}
+			}
+
+			time.Sleep(5 * time.Second)
+		}
+	}
+}
+
+func runScriptsSync(provider *kubernetes.Provider) {
+	files := make(map[string]int64)
+
+	scripts, err := config.Config.Scripting.GetScripts()
+	if err != nil {
+		log.Error().Err(err).Send()
+		return
+	}
+
+	for _, script := range scripts {
+		index, err := createScript(provider, script.ConfigMap())
+		if err != nil {
+			log.Error().Err(err).Send()
+			continue
+		}
+		files[script.Path] = index
+	}
+	log.Info().Msg("Synchronized scripts with ConfigMap.")
+}
--- a/cmd/tap.go
+++ b/cmd/tap.go
@@ -48,6 +48,7 @@ func init() {
 	tapCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the proxy/port-forward")
 	tapCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the proxy/port-forward")
 	tapCmd.Flags().StringSliceP(configStructs.NamespacesLabel, "n", defaultTapConfig.Namespaces, "Namespaces selector")
+	tapCmd.Flags().StringSliceP(configStructs.ExcludedNamespacesLabel, "e", defaultTapConfig.ExcludedNamespaces, "Excluded namespaces")
 	tapCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
 	tapCmd.Flags().Bool(configStructs.PersistentStorageLabel, defaultTapConfig.PersistentStorage, "Enable persistent storage (PersistentVolumeClaim)")
 	tapCmd.Flags().Bool(configStructs.PersistentStorageStaticLabel, defaultTapConfig.PersistentStorageStatic, "Persistent storage static provision")
@@ -60,4 +61,5 @@ func init() {
 	tapCmd.Flags().Bool(configStructs.IgnoreTaintedLabel, defaultTapConfig.IgnoreTainted, "Ignore tainted pods while running Worker DaemonSet")
 	tapCmd.Flags().Bool(configStructs.IngressEnabledLabel, defaultTapConfig.Ingress.Enabled, "Enable Ingress")
 	tapCmd.Flags().Bool(configStructs.TelemetryEnabledLabel, defaultTapConfig.Telemetry.Enabled, "Enable/disable Telemetry")
+	tapCmd.Flags().Bool(configStructs.ResourceGuardEnabledLabel, defaultTapConfig.ResourceGuard.Enabled, "Enable/disable resource guard")
 }
--- a/cmd/tapRunner.go
+++ b/cmd/tapRunner.go
@@ -10,7 +10,6 @@ import (
 	"sync"
 	"time"

-	"github.com/kubeshark/kubeshark/internal/connect"
 	"github.com/kubeshark/kubeshark/kubernetes/helm"
 	"github.com/kubeshark/kubeshark/misc"
 	"github.com/kubeshark/kubeshark/utils"
@@ -32,7 +31,6 @@ type tapState struct {
 }

 var state tapState
-var connector *connect.Connector

 type Readiness struct {
 	Hub   bool
@@ -52,8 +50,6 @@ func tap() {
 		Str("limit", config.Config.Tap.StorageLimit).
 		Msg(fmt.Sprintf("%s will store the traffic up to a limit (per node). Oldest TCP/UDP streams will be removed once the limit is reached.", misc.Software))

-	connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout)
-
 	kubernetesProvider, err := getKubernetesProviderForCli(false, false)
 	if err != nil {
 		log.Error().Err(err).Send()
@@ -193,6 +189,7 @@ func watchHubPod(ctx context.Context, kubernetesProvider *kubernetes.Provider, c
 					ready.Lock()
 					ready.Hub = true
 					ready.Unlock()
+					log.Info().Str("pod", kubernetes.HubPodName).Msg("Ready.")
 				}

 				ready.Lock()
@@ -282,6 +279,7 @@ func watchFrontPod(ctx context.Context, kubernetesProvider *kubernetes.Provider,
 					ready.Lock()
 					ready.Front = true
 					ready.Unlock()
+					log.Info().Str("pod", kubernetes.FrontPodName).Msg("Ready.")
 				}

 				ready.Lock()
@@ -426,8 +424,13 @@ func postFrontStarted(ctx context.Context, kubernetesProvider *kubernetes.Provid
 		time.Sleep(100 * time.Millisecond)
 	}

-	if config.Config.Scripting.Source != "" && config.Config.Scripting.WatchScripts {
-		watchScripts(false)
+
+	if (config.Config.Scripting.Source != "" || len(config.Config.Scripting.Sources) > 0) && config.Config.Scripting.WatchScripts {
+		watchScripts(ctx, kubernetesProvider, false)
+	}
+
+	if config.Config.Scripting.Console {
+		go runConsoleWithoutProxy()
 	}
 }

@@ -435,6 +438,7 @@ func updateConfig(kubernetesProvider *kubernetes.Provider) {
 	_, _ = kubernetes.SetSecret(kubernetesProvider, kubernetes.SECRET_LICENSE, config.Config.License)
 	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_POD_REGEX, config.Config.Tap.PodRegexStr)
 	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_NAMESPACES, strings.Join(config.Config.Tap.Namespaces, ","))
+	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_EXCLUDED_NAMESPACES, strings.Join(config.Config.Tap.ExcludedNamespaces, ","))

 	data, err := json.Marshal(config.Config.Scripting.Env)
 	if err != nil {
--- a/config/config.go
+++ b/config/config.go
@@ -41,7 +41,7 @@ func InitConfig(cmd *cobra.Command) error {
 	var err error
 	DebugMode, err = cmd.Flags().GetBool(DebugFlag)
 	if err != nil {
-		log.Error().Err(err).Msg(fmt.Sprintf("Can't recieve '%s' flag", DebugFlag))
+		log.Error().Err(err).Msg(fmt.Sprintf("Can't receive '%s' flag", DebugFlag))
 	}

 	if DebugMode {
@@ -63,6 +63,9 @@ func InitConfig(cmd *cobra.Command) error {

 	Config = CreateDefaultConfig()
 	Config.Tap.Debug = DebugMode
+	if DebugMode {
+		Config.LogLevel = "debug"
+	}
 	cmdName = cmd.Name()
 	if utils.Contains([]string{
 		"clean",
@@ -70,6 +73,7 @@ func InitConfig(cmd *cobra.Command) error {
 		"pro",
 		"proxy",
 		"scripts",
+		"pprof",
 	}, cmdName) {
 		cmdName = "tap"
 	}
@@ -146,6 +150,7 @@ func loadConfigFile(config *ConfigStruct, silent bool) error {
 	} else {
 		ConfigFilePath = cwdConfig
 	}
+	defer reader.Close()

 	buf, err := io.ReadAll(reader)
 	if err != nil {
@@ -222,7 +227,7 @@ func mergeSetFlag(configElemValue reflect.Value, setValues []string) error {
 	}

 	if len(setErrors) > 0 {
-		return fmt.Errorf(strings.Join(setErrors, "\n"))
+		return errors.New(strings.Join(setErrors, "\n"))
 	}

 	return nil
--- a/config/configStruct.go
+++ b/config/configStruct.go
@@ -16,13 +16,37 @@ const (
 func CreateDefaultConfig() ConfigStruct {
 	return ConfigStruct{
 		Tap: configStructs.TapConfig{
-			NodeSelectorTerms: []v1.NodeSelectorTerm{
-				{
-					MatchExpressions: []v1.NodeSelectorRequirement{
-						{
-							Key:      "kubernetes.io/os",
-							Operator: v1.NodeSelectorOpIn,
-							Values:   []string{"linux"},
+			NodeSelectorTerms: configStructs.NodeSelectorTermsConfig{
+				Workers: []v1.NodeSelectorTerm{
+					{
+						MatchExpressions: []v1.NodeSelectorRequirement{
+							{
+								Key:      "kubernetes.io/os",
+								Operator: v1.NodeSelectorOpIn,
+								Values:   []string{"linux"},
+							},
+						},
+					},
+				},
+				Hub: []v1.NodeSelectorTerm{
+					{
+						MatchExpressions: []v1.NodeSelectorRequirement{
+							{
+								Key:      "kubernetes.io/os",
+								Operator: v1.NodeSelectorOpIn,
+								Values:   []string{"linux"},
+							},
+						},
+					},
+				},
+				Front: []v1.NodeSelectorTerm{
+					{
+						MatchExpressions: []v1.NodeSelectorRequirement{
+							{
+								Key:      "kubernetes.io/os",
+								Operator: v1.NodeSelectorOpIn,
+								Values:   []string{"linux"},
+							},
 						},
 					},
 				},
@@ -42,10 +66,6 @@ func CreateDefaultConfig() ConfigStruct {
 					// DAC_OVERRIDE is required to read /proc/PID/environ
 					"DAC_OVERRIDE",
 				},
-				KernelModule: []string{
-					// SYS_MODULE is required to install kernel modules
-					"SYS_MODULE",
-				},
 				EBPFCapture: []string{
 					// SYS_ADMIN is required to read /proc/PID/net/ns + to install eBPF programs (kernel < 5.8)
 					"SYS_ADMIN",
@@ -63,16 +83,38 @@ func CreateDefaultConfig() ConfigStruct {
 					RoleAttribute: "role",
 					Roles: map[string]configStructs.Role{
 						"admin": {
-							Filter:                "",
-							CanReplayTraffic:      true,
-							CanDownloadPCAP:       true,
-							CanUseScripting:       true,
-							CanUpdateTargetedPods: true,
-							ShowAdminConsoleLink:  true,
+							Filter:          "",
+							CanDownloadPCAP: true,
+							CanUseScripting: true,
+							ScriptingPermissions: configStructs.ScriptingPermissions{
+								CanSave:     true,
+								CanActivate: true,
+								CanDelete:   true,
+							},
+							CanUpdateTargetedPods:   true,
+							CanStopTrafficCapturing: true,
+							ShowAdminConsoleLink:    true,
 						},
 					},
 				},
 			},
+			EnabledDissectors: []string{
+				"amqp",
+				"dns",
+				"http",
+				"icmp",
+				"kafka",
+				"redis",
+				"sctp",
+				"syscall",
+				// "tcp",
+				// "udp",
+				"ws",
+				// "tlsx",
+				"ldap",
+				"radius",
+				"diameter",
+			},
 		},
 	}
 }
@@ -87,15 +129,21 @@ type ManifestsConfig struct {
 }

 type ConfigStruct struct {
-	Tap          configStructs.TapConfig       `yaml:"tap" json:"tap"`
-	Logs         configStructs.LogsConfig      `yaml:"logs" json:"logs"`
-	Config       configStructs.ConfigConfig    `yaml:"config,omitempty" json:"config,omitempty"`
-	Kube         KubeConfig                    `yaml:"kube" json:"kube"`
-	DumpLogs     bool                          `yaml:"dumpLogs" json:"dumpLogs" default:"false"`
-	HeadlessMode bool                          `yaml:"headless" json:"headless" default:"false"`
-	License      string                        `yaml:"license" json:"license" default:""`
-	Scripting    configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`
-	Manifests    ManifestsConfig               `yaml:"manifests,omitempty" json:"manifests,omitempty"`
+	Tap                  configStructs.TapConfig       `yaml:"tap" json:"tap"`
+	Logs                 configStructs.LogsConfig      `yaml:"logs" json:"logs"`
+	Config               configStructs.ConfigConfig    `yaml:"config,omitempty" json:"config,omitempty"`
+	PcapDump             configStructs.PcapDumpConfig  `yaml:"pcapdump" json:"pcapdump"`
+	Kube                 KubeConfig                    `yaml:"kube" json:"kube"`
+	DumpLogs             bool                          `yaml:"dumpLogs" json:"dumpLogs" default:"false"`
+	HeadlessMode         bool                          `yaml:"headless" json:"headless" default:"false"`
+	License              string                        `yaml:"license" json:"license" default:""`
+	CloudLicenseEnabled  bool                          `yaml:"cloudLicenseEnabled" json:"cloudLicenseEnabled" default:"true"`
+	SupportChatEnabled   bool                          `yaml:"supportChatEnabled" json:"supportChatEnabled" default:"true"`
+	InternetConnectivity bool                          `yaml:"internetConnectivity" json:"internetConnectivity" default:"true"`
+	Scripting            configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`
+	Manifests            ManifestsConfig               `yaml:"manifests,omitempty" json:"manifests,omitempty"`
+	Timezone             string                        `yaml:"timezone" json:"timezone"`
+	LogLevel             string                        `yaml:"logLevel" json:"logLevel" default:"warning"`
 }

 func (config *ConfigStruct) ImagePullPolicy() v1.PullPolicy {
--- a/config/configStructs/logsConfig.go
+++ b/config/configStructs/logsConfig.go
@@ -10,10 +10,12 @@ import (

 const (
 	FileLogsName = "file"
+	GrepLogsName = "grep"
 )

 type LogsConfig struct {
 	FileStr string `yaml:"file" json:"file"`
+	Grep    string `yaml:"grep" json:"grep"`
 }

 func (config *LogsConfig) Validate() error {
--- a/config/configStructs/scriptingConfig.go
+++ b/config/configStructs/scriptingConfig.go
@@ -1,9 +1,11 @@
 package configStructs

 import (
+	"fmt"
 	"io/fs"
 	"os"
 	"path/filepath"
+	"strings"

 	"github.com/kubeshark/kubeshark/misc"
 	"github.com/rs/zerolog/log"
@@ -12,35 +14,79 @@ import (
 type ScriptingConfig struct {
 	Env          map[string]interface{} `yaml:"env" json:"env" default:"{}"`
 	Source       string                 `yaml:"source" json:"source" default:""`
+	Sources      []string               `yaml:"sources" json:"sources" default:"[]"`
 	WatchScripts bool                   `yaml:"watchScripts" json:"watchScripts" default:"true"`
+	Active       []string               `yaml:"active" json:"active" default:"[]"`
+	Console      bool                   `yaml:"console" json:"console" default:"true"`
 }

 func (config *ScriptingConfig) GetScripts() (scripts []*misc.Script, err error) {
-	if config.Source == "" {
-		return
+	// Check if both Source and Sources are empty
+	if config.Source == "" && len(config.Sources) == 0 {
+		return nil, nil
 	}

-	var files []fs.DirEntry
-	files, err = os.ReadDir(config.Source)
-	if err != nil {
-		return
+	var allFiles []struct {
+		Source string
+		File   fs.DirEntry
 	}

-	for _, f := range files {
-		if f.IsDir() {
+	// Handle single Source directory
+	if config.Source != "" {
+		files, err := os.ReadDir(config.Source)
+		if err != nil {
+			return nil, fmt.Errorf("failed to read directory %s: %v", config.Source, err)
+		}
+		for _, file := range files {
+			allFiles = append(allFiles, struct {
+				Source string
+				File   fs.DirEntry
+			}{Source: config.Source, File: file})
+		}
+	}
+
+	// Handle multiple Sources directories
+	if len(config.Sources) > 0 {
+		for _, source := range config.Sources {
+			files, err := os.ReadDir(source)
+			if err != nil {
+				return nil, fmt.Errorf("failed to read directory %s: %v", source, err)
+			}
+			for _, file := range files {
+				allFiles = append(allFiles, struct {
+					Source string
+					File   fs.DirEntry
+				}{Source: source, File: file})
+			}
+		}
+	}
+
+	// Iterate over all collected files
+	for _, f := range allFiles {
+		if f.File.IsDir() {
 			continue
 		}

+		// Construct the full path based on the relevant source directory
+		path := filepath.Join(f.Source, f.File.Name())
+		if !strings.HasSuffix(f.File.Name(), ".js") { // Use file name suffix for skipping non-JS files
+			log.Info().Str("path", path).Msg("Skipping non-JS file")
+			continue
+		}
+
+		// Read the script file
 		var script *misc.Script
-		path := filepath.Join(config.Source, f.Name())
 		script, err = misc.ReadScriptFile(path)
 		if err != nil {
-			return
+			return nil, fmt.Errorf("failed to read script file %s: %v", path, err)
 		}
+
+		// Append the valid script to the scripts slice
 		scripts = append(scripts, script)

 		log.Debug().Str("path", path).Msg("Found script:")
 	}

-	return
+	// Return the collected scripts and nil error if successful
+	return scripts, nil
 }
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -17,6 +17,7 @@ const (
 	ProxyHubPortLabel            = "proxy-hub-port"
 	ProxyHostLabel               = "proxy-host"
 	NamespacesLabel              = "namespaces"
+	ExcludedNamespacesLabel      = "excludedNamespaces"
 	ReleaseNamespaceLabel        = "release-namespace"
 	PersistentStorageLabel       = "persistentStorage"
 	PersistentStorageStaticLabel = "persistentStorageStatic"
@@ -30,14 +31,29 @@ const (
 	IgnoreTaintedLabel           = "ignoreTainted"
 	IngressEnabledLabel          = "ingress-enabled"
 	TelemetryEnabledLabel        = "telemetry-enabled"
+	ResourceGuardEnabledLabel    = "resource-guard-enabled"
+	PprofPortLabel               = "pprof-port"
+	PprofViewLabel               = "pprof-view"
 	DebugLabel                   = "debug"
-	ContainerPort                = 80
-	ContainerPortStr             = "80"
+	ContainerPort                = 8080
+	ContainerPortStr             = "8080"
+	PcapDest                     = "dest"
+	PcapMaxSize                  = "maxSize"
+	PcapMaxTime                  = "maxTime"
+	PcapTimeInterval             = "timeInterval"
+	PcapKubeconfig               = "kubeconfig"
+	PcapDumpEnabled              = "enabled"
+	PcapTime                     = "time"
 )

-type ResourceLimits struct {
-	CPU    string `yaml:"cpu" json:"cpu" default:"750m"`
-	Memory string `yaml:"memory" json:"memory" default:"1Gi"`
+type ResourceLimitsHub struct {
+	CPU    string `yaml:"cpu" json:"cpu" default:"0"`
+	Memory string `yaml:"memory" json:"memory" default:"5Gi"`
+}
+
+type ResourceLimitsWorker struct {
+	CPU    string `yaml:"cpu" json:"cpu" default:"0"`
+	Memory string `yaml:"memory" json:"memory" default:"3Gi"`
 }

 type ResourceRequests struct {
@@ -45,13 +61,18 @@ type ResourceRequests struct {
 	Memory string `yaml:"memory" json:"memory" default:"50Mi"`
 }

-type ResourceRequirements struct {
-	Limits   ResourceLimits   `yaml:"limits" json:"limits"`
-	Requests ResourceRequests `yaml:"requests" json:"requests"`
+type ResourceRequirementsHub struct {
+	Limits   ResourceLimitsHub `yaml:"limits" json:"limits"`
+	Requests ResourceRequests  `yaml:"requests" json:"requests"`
+}
+
+type ResourceRequirementsWorker struct {
+	Limits   ResourceLimitsHub `yaml:"limits" json:"limits"`
+	Requests ResourceRequests  `yaml:"requests" json:"requests"`
 }

 type WorkerConfig struct {
-	SrvPort uint16 `yaml:"srvPort" json:"srvPort" default:"30001"`
+	SrvPort uint16 `yaml:"srvPort" json:"srvPort" default:"48999"`
 }

 type HubConfig struct {
@@ -69,26 +90,76 @@ type ProxyConfig struct {
 	Host   string       `yaml:"host" json:"host" default:"127.0.0.1"`
 }

+type OverrideImageConfig struct {
+	Worker string `yaml:"worker" json:"worker"`
+	Hub    string `yaml:"hub" json:"hub"`
+	Front  string `yaml:"front" json:"front"`
+}
+type OverrideTagConfig struct {
+	Worker string `yaml:"worker" json:"worker"`
+	Hub    string `yaml:"hub" json:"hub"`
+	Front  string `yaml:"front" json:"front"`
+}
+
 type DockerConfig struct {
-	Registry         string   `yaml:"registry" json:"registry" default:"docker.io/kubeshark"`
-	Tag              string   `yaml:"tag" json:"tag" default:""`
-	ImagePullPolicy  string   `yaml:"imagePullPolicy" json:"imagePullPolicy" default:"Always"`
-	ImagePullSecrets []string `yaml:"imagePullSecrets" json:"imagePullSecrets"`
+	Registry         string              `yaml:"registry" json:"registry" default:"docker.io/kubeshark"`
+	Tag              string              `yaml:"tag" json:"tag" default:""`
+	TagLocked        bool                `yaml:"tagLocked" json:"tagLocked" default:"true"`
+	ImagePullPolicy  string              `yaml:"imagePullPolicy" json:"imagePullPolicy" default:"Always"`
+	ImagePullSecrets []string            `yaml:"imagePullSecrets" json:"imagePullSecrets"`
+	OverrideImage    OverrideImageConfig `yaml:"overrideImage" json:"overrideImage"`
+	OverrideTag      OverrideTagConfig   `yaml:"overrideTag" json:"overrideTag"`
+}
+
+type DnsConfig struct {
+	Nameservers []string          `yaml:"nameservers" json:"nameservers" default:"[]"`
+	Searches    []string          `yaml:"searches" json:"searches" default:"[]"`
+	Options     []DnsConfigOption `yaml:"options" json:"options" default:"[]"`
+}
+
+type DnsConfigOption struct {
+	Name  string `yaml:"name" json:"name"`
+	Value string `yaml:"value" json:"value"`
 }

 type ResourcesConfig struct {
-	Hub     ResourceRequirements `yaml:"hub" json:"hub"`
-	Sniffer ResourceRequirements `yaml:"sniffer" json:"sniffer"`
-	Tracer  ResourceRequirements `yaml:"tracer" json:"tracer"`
+	Hub     ResourceRequirementsHub    `yaml:"hub" json:"hub"`
+	Sniffer ResourceRequirementsWorker `yaml:"sniffer" json:"sniffer"`
+	Tracer  ResourceRequirementsWorker `yaml:"tracer" json:"tracer"`
+}
+
+type ProbesConfig struct {
+	Hub     ProbeConfig `yaml:"hub" json:"hub"`
+	Sniffer ProbeConfig `yaml:"sniffer" json:"sniffer"`
+}
+
+type NodeSelectorTermsConfig struct {
+	Hub     []v1.NodeSelectorTerm `yaml:"hub" json:"hub" default:"[]"`
+	Workers []v1.NodeSelectorTerm `yaml:"workers" json:"workers" default:"[]"`
+	Front   []v1.NodeSelectorTerm `yaml:"front" json:"front" default:"[]"`
+}
+
+type ProbeConfig struct {
+	InitialDelaySeconds int `yaml:"initialDelaySeconds" json:"initialDelaySeconds" default:"15"`
+	PeriodSeconds       int `yaml:"periodSeconds" json:"periodSeconds" default:"10"`
+	SuccessThreshold    int `yaml:"successThreshold" json:"successThreshold" default:"1"`
+	FailureThreshold    int `yaml:"failureThreshold" json:"failureThreshold" default:"3"`
+}
+
+type ScriptingPermissions struct {
+	CanSave     bool `yaml:"canSave" json:"canSave" default:"true"`
+	CanActivate bool `yaml:"canActivate" json:"canActivate" default:"true"`
+	CanDelete   bool `yaml:"canDelete" json:"canDelete" default:"true"`
 }

 type Role struct {
-	Filter                string `yaml:"filter" json:"filter" default:""`
-	CanReplayTraffic      bool   `yaml:"canReplayTraffic" json:"canReplayTraffic" default:"false"`
-	CanDownloadPCAP       bool   `yaml:"canDownloadPCAP" json:"canDownloadPCAP" default:"false"`
-	CanUseScripting       bool   `yaml:"canUseScripting" json:"canUseScripting" default:"false"`
-	CanUpdateTargetedPods bool   `yaml:"canUpdateTargetedPods" json:"canUpdateTargetedPods" default:"false"`
-	ShowAdminConsoleLink  bool   `yaml:"showAdminConsoleLink" json:"showAdminConsoleLink" default:"false"`
+	Filter                  string               `yaml:"filter" json:"filter" default:""`
+	CanDownloadPCAP         bool                 `yaml:"canDownloadPCAP" json:"canDownloadPCAP" default:"false"`
+	CanUseScripting         bool                 `yaml:"canUseScripting" json:"canUseScripting" default:"false"`
+	ScriptingPermissions    ScriptingPermissions `yaml:"scriptingPermissions" json:"scriptingPermissions"`
+	CanUpdateTargetedPods   bool                 `yaml:"canUpdateTargetedPods" json:"canUpdateTargetedPods" default:"false"`
+	CanStopTrafficCapturing bool                 `yaml:"canStopTrafficCapturing" json:"canStopTrafficCapturing" default:"false"`
+	ShowAdminConsoleLink    bool                 `yaml:"showAdminConsoleLink" json:"showAdminConsoleLink" default:"false"`
 }

 type SamlConfig struct {
@@ -123,62 +194,94 @@ type TelemetryConfig struct {
 	Enabled bool `yaml:"enabled" json:"enabled" default:"true"`
 }

+type ResourceGuardConfig struct {
+	Enabled bool `yaml:"enabled" json:"enabled" default:"false"`
+}
+
+type SentryConfig struct {
+	Enabled     bool   `yaml:"enabled" json:"enabled" default:"false"`
+	Environment string `yaml:"environment" json:"environment" default:"production"`
+}
+
 type CapabilitiesConfig struct {
 	NetworkCapture     []string `yaml:"networkCapture" json:"networkCapture"  default:"[]"`
 	ServiceMeshCapture []string `yaml:"serviceMeshCapture" json:"serviceMeshCapture"  default:"[]"`
-	KernelModule       []string `yaml:"kernelModule" json:"kernelModule"  default:"[]"`
 	EBPFCapture        []string `yaml:"ebpfCapture" json:"ebpfCapture"  default:"[]"`
 }

-type KernelModuleConfig struct {
-	Enabled         bool   `yaml:"enabled" json:"enabled" default:"true"`
-	Image           string `yaml:"image" json:"image" default:"kubeshark/pf-ring-module:all"`
-	UnloadOnDestroy bool   `yaml:"unloadOnDestroy" json:"unloadOnDestroy" default:"false"`
-}
-
 type MetricsConfig struct {
 	Port uint16 `yaml:"port" json:"port" default:"49100"`
 }

+type PprofConfig struct {
+	Enabled bool   `yaml:"enabled" json:"enabled" default:"false"`
+	Port    uint16 `yaml:"port" json:"port" default:"8000"`
+	View    string `yaml:"view" json:"view" default:"flamegraph"`
+}
+
 type MiscConfig struct {
-	JsonTTL      string `yaml:"jsonTTL" json:"jsonTTL" default:"5m"`
-	PcapTTL      string `yaml:"pcapTTL" json:"pcapTTL" default:"10s"`
-	PcapErrorTTL string `yaml:"pcapErrorTTL" json:"pcapErrorTTL" default:"60s"`
+	JsonTTL                     string `yaml:"jsonTTL" json:"jsonTTL" default:"5m"`
+	PcapTTL                     string `yaml:"pcapTTL" json:"pcapTTL" default:"10s"`
+	PcapErrorTTL                string `yaml:"pcapErrorTTL" json:"pcapErrorTTL" default:"60s"`
+	TrafficSampleRate           int    `yaml:"trafficSampleRate" json:"trafficSampleRate" default:"100"`
+	TcpStreamChannelTimeoutMs   int    `yaml:"tcpStreamChannelTimeoutMs" json:"tcpStreamChannelTimeoutMs" default:"10000"`
+	TcpStreamChannelTimeoutShow bool   `yaml:"tcpStreamChannelTimeoutShow" json:"tcpStreamChannelTimeoutShow" default:"false"`
+	ResolutionStrategy          string `yaml:"resolutionStrategy" json:"resolutionStrategy" default:"auto"`
+	DuplicateTimeframe          string `yaml:"duplicateTimeframe" json:"duplicateTimeframe" default:"200ms"`
+	DetectDuplicates            bool   `yaml:"detectDuplicates" json:"detectDuplicates" default:"false"`
+	StaleTimeoutSeconds         int    `yaml:"staleTimeoutSeconds" json:"staleTimeoutSeconds" default:"30"`
+}
+
+type PcapDumpConfig struct {
+	PcapDumpEnabled  bool   `yaml:"enabled" json:"enabled" default:"true"`
+	PcapTimeInterval string `yaml:"timeInterval" json:"timeInterval" default:"1m"`
+	PcapMaxTime      string `yaml:"maxTime" json:"maxTime" default:"1h"`
+	PcapMaxSize      string `yaml:"maxSize" json:"maxSize" default:"500MB"`
+	PcapTime         string `yaml:"time" json:"time" default:"time"`
 }

 type TapConfig struct {
-	Docker                    DockerConfig          `yaml:"docker" json:"docker"`
-	Proxy                     ProxyConfig           `yaml:"proxy" json:"proxy"`
-	PodRegexStr               string                `yaml:"regex" json:"regex" default:".*"`
-	Namespaces                []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
-	Release                   ReleaseConfig         `yaml:"release" json:"release"`
-	PersistentStorage         bool                  `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
-	PersistentStorageStatic   bool                  `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
-	EfsFileSytemIdAndPath     string                `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
-	StorageLimit              string                `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
-	StorageClass              string                `yaml:"storageClass" json:"storageClass" default:"standard"`
-	DryRun                    bool                  `yaml:"dryRun" json:"dryRun" default:"false"`
-	Resources                 ResourcesConfig       `yaml:"resources" json:"resources"`
-	ServiceMesh               bool                  `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
-	Tls                       bool                  `yaml:"tls" json:"tls" default:"true"`
-	IgnoreTainted             bool                  `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
-	Labels                    map[string]string     `yaml:"labels" json:"labels" default:"{}"`
-	Annotations               map[string]string     `yaml:"annotations" json:"annotations" default:"{}"`
-	NodeSelectorTerms         []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
-	Auth                      AuthConfig            `yaml:"auth" json:"auth"`
-	Ingress                   IngressConfig         `yaml:"ingress" json:"ingress"`
-	IPv6                      bool                  `yaml:"ipv6" json:"ipv6" default:"true"`
-	Debug                     bool                  `yaml:"debug" json:"debug" default:"false"`
-	KernelModule              KernelModuleConfig    `yaml:"kernelModule" json:"kernelModule"`
-	Telemetry                 TelemetryConfig       `yaml:"telemetry" json:"telemetry"`
-	DefaultFilter             string                `yaml:"defaultFilter" json:"defaultFilter"`
-	ReplayDisabled            bool                  `yaml:"replayDisabled" json:"replayDisabled" default:"false"`
-	Capabilities              CapabilitiesConfig    `yaml:"capabilities" json:"capabilities"`
-	GlobalFilter              string                `yaml:"globalFilter" json:"globalFilter"`
-	Metrics                   MetricsConfig         `yaml:"metrics" json:"metrics"`
-	TrafficSampleRate         int                   `yaml:"trafficSampleRate" json:"trafficSampleRate" default:"100"`
-	TcpStreamChannelTimeoutMs int                   `yaml:"tcpStreamChannelTimeoutMs" json:"tcpStreamChannelTimeoutMs" default:"10000"`
-	Misc                      MiscConfig            `yaml:"misc" json:"misc"`
+	Docker                       DockerConfig            `yaml:"docker" json:"docker"`
+	Proxy                        ProxyConfig             `yaml:"proxy" json:"proxy"`
+	PodRegexStr                  string                  `yaml:"regex" json:"regex" default:".*"`
+	Namespaces                   []string                `yaml:"namespaces" json:"namespaces" default:"[]"`
+	ExcludedNamespaces           []string                `yaml:"excludedNamespaces" json:"excludedNamespaces" default:"[]"`
+	BpfOverride                  string                  `yaml:"bpfOverride" json:"bpfOverride" default:""`
+	Stopped                      bool                    `yaml:"stopped" json:"stopped" default:"false"`
+	Release                      ReleaseConfig           `yaml:"release" json:"release"`
+	PersistentStorage            bool                    `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
+	PersistentStorageStatic      bool                    `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
+	EfsFileSytemIdAndPath        string                  `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
+	StorageLimit                 string                  `yaml:"storageLimit" json:"storageLimit" default:"5000Mi"`
+	StorageClass                 string                  `yaml:"storageClass" json:"storageClass" default:"standard"`
+	DryRun                       bool                    `yaml:"dryRun" json:"dryRun" default:"false"`
+	DnsConfig                    DnsConfig               `yaml:"dns" json:"dns"`
+	Resources                    ResourcesConfig         `yaml:"resources" json:"resources"`
+	Probes                       ProbesConfig            `yaml:"probes" json:"probes"`
+	ServiceMesh                  bool                    `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
+	Tls                          bool                    `yaml:"tls" json:"tls" default:"true"`
+	DisableTlsLog                bool                    `yaml:"disableTlsLog" json:"disableTlsLog" default:"true"`
+	PacketCapture                string                  `yaml:"packetCapture" json:"packetCapture" default:"best"`
+	IgnoreTainted                bool                    `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
+	Labels                       map[string]string       `yaml:"labels" json:"labels" default:"{}"`
+	Annotations                  map[string]string       `yaml:"annotations" json:"annotations" default:"{}"`
+	NodeSelectorTerms            NodeSelectorTermsConfig `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"{}"`
+	Auth                         AuthConfig              `yaml:"auth" json:"auth"`
+	Ingress                      IngressConfig           `yaml:"ingress" json:"ingress"`
+	IPv6                         bool                    `yaml:"ipv6" json:"ipv6" default:"true"`
+	Debug                        bool                    `yaml:"debug" json:"debug" default:"false"`
+	Telemetry                    TelemetryConfig         `yaml:"telemetry" json:"telemetry"`
+	ResourceGuard                ResourceGuardConfig     `yaml:"resourceGuard" json:"resourceGuard"`
+	Sentry                       SentryConfig            `yaml:"sentry" json:"sentry"`
+	DefaultFilter                string                  `yaml:"defaultFilter" json:"defaultFilter" default:"!dns and !error"`
+	LiveConfigMapChangesDisabled bool                    `yaml:"liveConfigMapChangesDisabled" json:"liveConfigMapChangesDisabled" default:"false"`
+	Capabilities                 CapabilitiesConfig      `yaml:"capabilities" json:"capabilities"`
+	GlobalFilter                 string                  `yaml:"globalFilter" json:"globalFilter" default:""`
+	EnabledDissectors            []string                `yaml:"enabledDissectors" json:"enabledDissectors"`
+	CustomMacros                 map[string]string       `yaml:"customMacros" json:"customMacros" default:"{\"https\":\"tls and (http or http2)\"}"`
+	Metrics                      MetricsConfig           `yaml:"metrics" json:"metrics"`
+	Pprof                        PprofConfig             `yaml:"pprof" json:"pprof"`
+	Misc                         MiscConfig              `yaml:"misc" json:"misc"`
 }

 func (config *TapConfig) PodRegex() *regexp.Regexp {
--- a/errormessage/errormessage.go
+++ b/errormessage/errormessage.go
@@ -19,7 +19,7 @@ func FormatError(err error) error {
 	if k8serrors.IsForbidden(err) {
 		errorNew = fmt.Errorf("insufficient permissions: %w. "+
 			"supply the required permission or control %s's access to namespaces by setting %s "+
-			"in the config file or setting the targeted namespace with --%s %s=<NAMEPSACE>",
+			"in the config file or setting the targeted namespace with --%s %s=<NAMESPACE>",
 			err,
 			misc.Software,
 			configStructs.ReleaseNamespaceLabel,
--- a/go.mod
+++ b/go.mod
@@ -1,19 +1,22 @@
 module github.com/kubeshark/kubeshark

-go 1.20
+go 1.21.1

 require (
 	github.com/creasty/defaults v1.5.2
 	github.com/fsnotify/fsnotify v1.6.0
-	github.com/gin-gonic/gin v1.9.1
+	github.com/go-cmd/cmd v1.4.3
 	github.com/goccy/go-yaml v1.11.2
 	github.com/google/go-github/v37 v37.0.0
 	github.com/gorilla/websocket v1.4.2
+	github.com/kubeshark/gopacket v1.1.39
 	github.com/pkg/errors v0.9.1
+	github.com/rivo/tview v0.0.0-20240818110301-fd649dbf1223
 	github.com/robertkrimen/otto v0.2.1
 	github.com/rs/zerolog v1.28.0
 	github.com/spf13/cobra v1.7.0
 	github.com/spf13/pflag v1.0.5
+	github.com/tanqiangyes/grep-go v0.0.0-20220515134556-b36bff9c3d8e
 	helm.sh/helm/v3 v3.12.0
 	k8s.io/api v0.28.3
 	k8s.io/apimachinery v0.28.3
@@ -32,10 +35,8 @@ require (
 	github.com/Masterminds/squirrel v1.5.3 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/bytedance/sonic v1.9.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/chai2010/gettext-go v1.0.2 // indirect
-	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
 	github.com/containerd/containerd v1.7.0 // indirect
 	github.com/cyphar/filepath-securejoin v0.2.3 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
@@ -50,8 +51,8 @@ require (
 	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
 	github.com/fatih/color v1.13.0 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
-	github.com/gin-contrib/sse v0.1.0 // indirect
+	github.com/gdamore/encoding v1.0.0 // indirect
+	github.com/gdamore/tcell/v2 v2.7.1 // indirect
 	github.com/go-errors/errors v1.4.2 // indirect
 	github.com/go-gorp/gorp/v3 v3.0.5 // indirect
 	github.com/go-logr/logr v1.2.4 // indirect
@@ -59,11 +60,8 @@ require (
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/swag v0.22.3 // indirect
-	github.com/go-playground/locales v0.14.1 // indirect
-	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
-	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/btree v1.0.1 // indirect
@@ -85,16 +83,16 @@ require (
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/compress v1.16.0 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
+	github.com/kubeshark/tracerproto v1.0.0 // indirect
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
-	github.com/leodido/go-urn v1.2.4 // indirect
 	github.com/lib/pq v1.10.7 // indirect
 	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
-	github.com/mattn/go-runewidth v0.0.9 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
@@ -110,19 +108,18 @@ require (
 	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b // indirect
-	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/prometheus/client_golang v1.16.0 // indirect
 	github.com/prometheus/client_model v0.4.0 // indirect
 	github.com/prometheus/common v0.44.0 // indirect
 	github.com/prometheus/procfs v0.10.1 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/rubenv/sql-migrate v1.3.1 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/shopspring/decimal v1.3.1 // indirect
 	github.com/sirupsen/logrus v1.9.0 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
-	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
-	github.com/ugorji/go/codec v1.2.11 // indirect
+	github.com/stretchr/testify v1.8.3 // indirect
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
@@ -130,15 +127,14 @@ require (
 	go.opentelemetry.io/otel v1.14.0 // indirect
 	go.opentelemetry.io/otel/trace v1.14.0 // indirect
 	go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
-	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/crypto v0.14.0 // indirect
 	golang.org/x/mod v0.10.0 // indirect
 	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/oauth2 v0.8.0 // indirect
 	golang.org/x/sync v0.2.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/term v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
+	golang.org/x/sys v0.17.0 // indirect
+	golang.org/x/term v0.17.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
--- a/go.sum
+++ b/go.sum
@@ -46,6 +46,7 @@ github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak
 github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60=
+github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM=
 github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
 github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE=
 github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
@@ -59,9 +60,12 @@ github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBa
 github.com/Masterminds/squirrel v1.5.3 h1:YPpoceAcxuzIljlr5iWpNKaql7hLeG1KLSrhvdHpkZc=
 github.com/Masterminds/squirrel v1.5.3/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10=
 github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg=
+github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE=
 github.com/Microsoft/hcsshim v0.10.0-rc.7 h1:HBytQPxcv8Oy4244zbQbe6hnOnx544eL5QPUqhJldz8=
+github.com/Microsoft/hcsshim v0.10.0-rc.7/go.mod h1:ILuwjA+kNW+MrN/w5un7n3mTqkwsFu4Bp05/okFUZlE=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs=
+github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ=
 github.com/a8m/expect v1.0.0/go.mod h1:4IwSCMumY49ScypDnjNbYEjgVeqy1/U2cEs3Lat96eA=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
@@ -72,6 +76,7 @@ github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmV
 github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 h1:4daAzAu0S6Vi7/lbWECcX0j45yZReDZ56BQsrVBOEEY=
 github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
@@ -81,21 +86,19 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
 github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM=
 github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70=
+github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk=
 github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd h1:rFt+Y/IK1aEZkEHchZRSq9OQbsSzIT/OrI8YFFmRIng=
+github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8=
 github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b h1:otBG+dV+YK+Soembjv71DPz3uX/V/6MMlSyD9JBQ6kQ=
+github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50=
 github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 h1:nvj0OLI3YqYXer/kZD8Ri1aaunCxIEsOst1BVJswV0o=
-github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM=
-github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s=
-github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
+github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
 github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk=
 github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA=
-github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY=
-github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams=
-github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk=
 github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
 github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
 github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
@@ -104,9 +107,11 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX
 github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM=
+github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw=
 github.com/containerd/containerd v1.7.0 h1:G/ZQr3gMZs6ZT0qPUZ15znx5QSdQdASW11nXTLTM2Pg=
 github.com/containerd/containerd v1.7.0/go.mod h1:QfR7Efgb/6X2BDpTPJRvPTYDE9rsF0FsXX9J8sIs/sc=
 github.com/containerd/continuity v0.3.0 h1:nisirsYROK15TAMVukJOUyGJjz4BNQJBVsNvAXZJ/eg=
+github.com/containerd/continuity v0.3.0/go.mod h1:wJEAIwKOm/pBZuBd0JmeTvnLquTB1Ag8espWhkykbPM=
 github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
@@ -119,6 +124,7 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsr
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
+github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 github.com/creasty/defaults v1.5.2 h1:/VfB6uxpyp6h0fr7SPp7n8WJBoV8jfxQXPCnkVSjyls=
 github.com/creasty/defaults v1.5.2/go.mod h1:FPZ+Y0WNrbqOVw+c6av63eyHUAl6pMHZwqLPvXUZGfY=
 github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI=
@@ -130,6 +136,7 @@ github.com/denisenkom/go-mssqldb v0.9.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27N
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aBfCb7iqHmDEIp6fBvC/hQUddQfg+3qdYjwzaiP9Hnc=
+github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI=
 github.com/docker/cli v20.10.21+incompatible h1:qVkgyYUnOLQ98LtXBrwd/duVqPT2X4SHndOuGsfwyhU=
 github.com/docker/cli v20.10.21+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
@@ -141,11 +148,13 @@ github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNk
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8=
+github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
 github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8=
 github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw=
 github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
 github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
 github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arXfYcAtECDFgAgHklGI8CxgjHnXKJ4=
+github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE=
 github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ=
 github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
@@ -164,7 +173,9 @@ github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL
 github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
 github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
+github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI=
+github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4=
 github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE=
 github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
@@ -173,11 +184,13 @@ github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4
 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
 github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
 github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
+github.com/gdamore/encoding v1.0.0 h1:+7OoQ1Bc6eTm5niUzBa0Ctsh6JbMW6Ra+YNuAtDBdko=
+github.com/gdamore/encoding v1.0.0/go.mod h1:alR0ol34c49FCSBLjhosxzcPHQbf2trDkoo5dl+VrEg=
+github.com/gdamore/tcell/v2 v2.7.1 h1:TiCcmpWHiAU7F0rA2I3S2Y4mmLmO9KHxJ7E1QhYzQbc=
+github.com/gdamore/tcell/v2 v2.7.1/go.mod h1:dSXtXTSK0VsW1biw65DZLZ2NKr7j0qP/0J7ONmsraWg=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
-github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
-github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
-github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
+github.com/go-cmd/cmd v1.4.3 h1:6y3G+3UqPerXvPcXvj+5QNPHT02BUw7p6PsqRxLNA7Y=
+github.com/go-cmd/cmd v1.4.3/go.mod h1:u3hxg/ry+D5kwh8WvUkHLAMe2zQCaXd00t35WfQaOFk=
 github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=
 github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
@@ -201,7 +214,6 @@ github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2Kv
 github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
 github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
 github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
-github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
@@ -212,6 +224,9 @@ github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfC
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
+github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
+github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
+github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/gobuffalo/logger v1.0.6 h1:nnZNpxYo0zx+Aj9RfMPBm+x9zAU2OayFh/xrAWi34HU=
 github.com/gobuffalo/logger v1.0.6/go.mod h1:J31TBEHR1QLV2683OXTAItYIg8pv2JMHnF/quuAbMjs=
 github.com/gobuffalo/packd v1.0.1 h1:U2wXfRr4E9DH8IdsDLlRFwTZTK7hLfq9qT/QHXGVe/0=
@@ -220,8 +235,6 @@ github.com/gobuffalo/packr/v2 v2.8.3 h1:xE1yzvnO56cUC0sTpKR3DIbxZgB54AftTFMhB2XE
 github.com/gobuffalo/packr/v2 v2.8.3/go.mod h1:0SahksCVcx4IMnigTjiFuyldmTrdTctXsOdiU5KwbKc=
 github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
 github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
-github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
-github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/goccy/go-yaml v1.11.2 h1:joq77SxuyIs9zzxEjgyLBugMQ9NEgTWxXfz2wVqwAaQ=
 github.com/goccy/go-yaml v1.11.2/go.mod h1:wKnAMd44+9JAAnGQpWVEgBzGt3YuTaQ4uXoHvE4m7WU=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
@@ -237,6 +250,7 @@ github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4er
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
@@ -265,6 +279,7 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu
 github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
 github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k=
+github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4=
@@ -309,6 +324,7 @@ github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec=
+github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
@@ -320,6 +336,7 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4=
+github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q=
 github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
 github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
 github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
@@ -353,6 +370,7 @@ github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
+github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
 github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ=
@@ -392,9 +410,6 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.16.0 h1:iULayQNOReoYUe+1qtKOqw9CwJv3aNQu8ivo7lw1HU4=
 github.com/klauspost/compress v1.16.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
-github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
-github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk=
-github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kortschak/utter v1.0.1/go.mod h1:vSmSjbyrlKjjsL71193LmzBOKgwePk9DH6uFaWHIInc=
 github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
@@ -408,6 +423,10 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kubeshark/gopacket v1.1.39 h1:NNiMTPO8v2+5FVlJTulT0Z+O0TLEAzavJBto10AY7js=
+github.com/kubeshark/gopacket v1.1.39/go.mod h1:Qo8/i/tdT74CCT7/pjO0L55Pktv5dQfj7M/Arv8MKm8=
+github.com/kubeshark/tracerproto v1.0.0 h1:/euPX9KMrKDS92hSMrLuhncYAX22dYlsnM2aD4AYhhE=
+github.com/kubeshark/tracerproto v1.0.0/go.mod h1:+efDYkwXxwakmHRpxHVEekyXNtg/aFx0uSo/I0lGV9k=
 github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw=
 github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o=
 github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk=
@@ -419,6 +438,8 @@ github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw=
 github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0=
 github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE=
+github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
+github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
@@ -445,8 +466,9 @@ github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-oci8 v0.1.1/go.mod h1:wjDx6Xm9q7dFtHJvIlrI99JytznLw5wQ4R+9mNXJwGI=
-github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0=
 github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
+github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
+github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mattn/go-sqlite3 v1.14.15 h1:vfoHhTN1af61xCRSWzFIWzx2YskyMTwHLrExkBOjvxI=
 github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
@@ -455,6 +477,7 @@ github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zk
 github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
 github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
 github.com/miekg/dns v1.1.25 h1:dFwPR6SfLtrSwgDcIq2bcU/gVutB4sNApq2HBdqcakg=
+github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
 github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
 github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4=
 github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
@@ -478,6 +501,7 @@ github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQ
 github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8=
 github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c=
 github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78=
+github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI=
 github.com/moby/term v0.0.0-20221205130635-1aeaba878587 h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA=
 github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -501,7 +525,9 @@ github.com/nelsam/hel/v2 v2.3.3/go.mod h1:1ZTGfU2PFTOd5mx22i5O0Lc2GY933lQ2wb/ggy
 github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
 github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE=
+github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM=
 github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE=
+github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b h1:YWuSjZCQAPM8UUBLkYUk1e+rZcvWHJmFb6i6rM44Xs8=
@@ -509,11 +535,10 @@ github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b/go
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
-github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=
-github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
 github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
 github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI=
+github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -551,6 +576,12 @@ github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDa
 github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg=
 github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM=
 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
+github.com/rivo/tview v0.0.0-20240818110301-fd649dbf1223 h1:N+DggyldbUDqFlk0b8JeRjB9zGpmQ8wiKpq+VBbzRso=
+github.com/rivo/tview v0.0.0-20240818110301-fd649dbf1223/go.mod h1:02iFIz7K/A9jGCvrizLPvoqr4cEIx7q54RH5Qudkrss=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.3/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/robertkrimen/otto v0.2.1 h1:FVP0PJ0AHIjC+N4pKCG9yCDz6LHNPCwi/GKID5pGGF0=
 github.com/robertkrimen/otto v0.2.1/go.mod h1:UPwtJ1Xu7JrLcZjNWN8orJaM5n5YEtqL//farB5FlRY=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
@@ -560,6 +591,7 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE
 github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
+github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
 github.com/rs/zerolog v1.28.0 h1:MirSo27VyNi7RJYP3078AA1+Cyzd2GB66qy3aUHvsWY=
 github.com/rs/zerolog v1.28.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0=
@@ -571,6 +603,7 @@ github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD
 github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
 github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=
+github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
 github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8=
 github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
@@ -614,16 +647,16 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
+github.com/tanqiangyes/grep-go v0.0.0-20220515134556-b36bff9c3d8e h1:+qDZ81UqxfZsWK6Vq9wET3AsdQxHGbViYOqkNxZ9FnU=
+github.com/tanqiangyes/grep-go v0.0.0-20220515134556-b36bff9c3d8e/go.mod h1:ANZlXE3vfRYCYnkojePl2hJODYmOeCVD+XahuhDdTbI=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
-github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
-github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
-github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
+github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
+github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU=
+github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
 github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo=
 github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
@@ -643,8 +676,11 @@ github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1
 github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 h1:+lm10QQTNSBd8DVTNGHx7o/IKu9HYDvLMffDhbyLccI=
+github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs=
 github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50 h1:hlE8//ciYMztlGpl/VA+Zm1AcTPHYkHJPbHqE6WJUXE=
+github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA=
 github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f h1:ERexzlUfuTvpE74urLSbIQW0Z/6hF9t8U4NsJLaioAY=
+github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
 go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
@@ -657,6 +693,7 @@ go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
 go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
 go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
+go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
 go.opentelemetry.io/otel v1.14.0 h1:/79Huy8wbf5DnIPhemGB+zEPVwnN6fuQybr/SRXa6hM=
 go.opentelemetry.io/otel v1.14.0/go.mod h1:o4buv+dJzx8rohcUeRmWUZhqupFvzWis188WlggnNeU=
 go.opentelemetry.io/otel/trace v1.14.0 h1:wp2Mmvj41tDsyAJXiWDWpfNsOiIyd38fy85pyKcFq/M=
@@ -669,9 +706,6 @@ go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/
 go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
 go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo=
-golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
-golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
-golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -724,6 +758,7 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
 golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -770,6 +805,7 @@ golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qx
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -798,6 +834,7 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
 golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -813,6 +850,7 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -826,6 +864,7 @@ golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -855,7 +894,6 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -863,16 +901,18 @@ golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20221013171732-95e765b1cc43/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
-golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
 golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ=
-golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
-golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -884,8 +924,9 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
-golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -946,7 +987,9 @@ golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y=
+golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1089,6 +1132,7 @@ gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o=
+gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g=
 helm.sh/helm/v3 v3.12.0 h1:rOq2TPVzg5jt4q5ermAZGZFxNW2uQhKjRhBneAutMEM=
 helm.sh/helm/v3 v3.12.0/go.mod h1:8K/469yxjUMu6BaD2EagCitkPjELUL/l2AgCO142G94=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -1123,7 +1167,6 @@ k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt
 oras.land/oras-go v1.2.2 h1:0E9tOHUfrNH7TCDk5KU0jVBEzCqbfdyuVfGmJ7ZeRPE=
 oras.land/oras-go v1.2.2/go.mod h1:Apa81sKoZPpP7CDciE006tSZ0x3Q3+dOoBcMZ/aNxvw=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
-rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: kubeshark
-version: "52.1.61"
+version: "52.3.96"
 description: The API Traffic Analyzer for Kubernetes
 home: https://kubeshark.co
 keywords:
--- a/helm-chart/PF_RING.md
+++ b/helm-chart/PF_RING.md
@@ -1,152 +0,0 @@
-# PF_RING
-
-<!-- TOC -->
-
- [PF\_RING](#pf_ring)
-  - [Overview](#overview)
-  - [Loading PF\_RING module on Kubernetes nodes](#loading-pf_ring-module-on-kubernetes-nodes)
-    - [Pre-built kernel module exists and external egress allowed](#pre-built-kernel-module-exists-and-external-egress-allowed)
-    - [Pre-built kernel module doesn't exist or external egress isn't allowed](#pre-built-kernel-module-doesnt-exist-or-external-egress-isnt-allowed)
-  - [Appendix A: PF\_RING kernel module compilation](#appendix-a-pf_ring-kernel-module-compilation)
-    - [Automated complilation](#automated-complilation)
-    - [Manual compilation](#manual-compilation)
-
-<!-- /TOC -->
-
-## Overview
-
-PF_RING™ is an advanced Linux kernel module and user-space framework designed for high-speed packet processing. It offers a uniform API for packet processing applications, enabling efficient handling of large volumes of network data.
-
-For comprehensive information on PF_RING™, please visit the [User's Guide]((https://www.ntop.org/guides/pf_ring) and access detailed [API Documentation](http://www.ntop.org/guides/pf_ring_api/files.html).
-
-## Loading PF_RING module on Kubernetes nodes
-
-PF_RING kernel module loading is performed via of the `worker` component pod.
-The target container `tap.kernelModule.image` must contain `pf_ring.ko` file under path `/opt/lib/modules/<kernel version>/pf_ring.ko`.
-Kubeshark provides ready to use containers with kernel modules for the most popular kernel versions running in different managed clouds.
-
-Prior to deploying `kubeshark` with PF_RING enabled, it is essential to verify if a PF_RING kernel module is already built for your kernel version.
-Kubeshark provides additional CLI tool for this purpose - [pf-ring-compiler](https://github.com/kubeshark/pf-ring-compiler).
-
-Compatibility verification can be done by running:
-
-```bash
-pfring-compiler compatibility
-```
-
-This command checks for the availability of kernel modules for the kernel versions running across all nodes in the Kubernetes cluster.
-
-Example output for a compatible cluster:
-
-```bash
-Node                                          Kernel Version                 Supported
-ip-192-168-77-230.us-west-2.compute.internal  5.10.199-190.747.amzn2.x86_64  true
-ip-192-168-34-216.us-west-2.compute.internal  5.10.199-190.747.amzn2.x86_64  true
-
-Cluster is compatible
-```
-
-Another option to verify availability of kernel modules is just inspecting available kernel module versions via:
-
-```bash
-curl https://api.kubeshark.co/kernel-modules/meta/versions.jso
-```
-
-Based on Kubernetes cluster compatibility and external connection capabilities, user has two options:
-
-1. Use Kubeshark provided container `kubeshark/pf-ring-module`
-2. Build custom container with required kernel module version. 
-
-### Pre-built kernel module exists and external egress allowed
-
-In this case no additional configuration required.
-Kubeshark will load PF_RING kernel module from the default `kubeshark/pf-ring-module:all` container.
-
-### Pre-built kernel module doesn't exist or external egress isn't allowed
-
-In this case building custom Docker image is required.
-
-1. Compile PF_RING kernel module for target version
-
-Skip if you have `pf_ring.ko` for the target kernel version.
-Otherwise, follow [Appendix A](#appendix-a-pf_ring-kernel-module-compilation) for details.
-
-2. Build container
-
-The same build process Kubeshark has can be reused (follow [pfring-compilier](https://github.com/kubeshark/pf-ring-compiler/tree/main/modules) for details).
-
-3. Configure Helm values
-
-```yaml
-tap:
-  kernelModule:
-    image: <container from stage 2>
-```
-
-
-## Appendix A: PF_RING kernel module compilation
-
-PF_RING kernel module compilation can be completed automatically or manually.
-
-### Automated complilation
-
-In case your Kubernetes workers run supported Linux distribution, `kubeshark` CLI can be used to build PF_RING module:
-
-```bash
-pfring-compiler compile --target <distro>
-```
-
-This command requires:
-
- kubectl to be installed and configured with a proper context
- egress connection to Internet available
-
-This command:
-
-1. Runs Kubernetes job with build container
-2. Waits for job to be completed
-3. Downloads `pf-ring-<kernel version>.ko` file into the current folder.
-4. Cleans up created job.
-
-Currently supported distros:
-
- Ubuntu
- RHEL 9
- Amazon Linux 2
-
-### Manual compilation
-
-The process description is based on Ubuntu 22.04 distribution.
-
-1. Get terminal access to the node with target kernel version
-This can be done either via SSH directly to node or with debug container running on the target node:
-
-```bash
-kubectl debug node/<target node> -it --attach=true --image=ubuntu:22.04
-```
-
-2. Install build tools and kernel headers
-
-```bash
-apt update
-apt install -y gcc build-essential make git wget tar gzip
-apt install -y linux-headers-$(uname -r)
-```
-
-3. Download PF_RING source code
-
-```bash
-wget https://github.com/ntop/PF_RING/archive/refs/tags/8.4.0.tar.gz
-tar -xf 8.4.0.tar.gz
-cd PF_RING-8.4.0/kernel
-```
-
-4. Compile the kernel module
-
-```bash
-make KERNEL_SRC=/usr/src/linux-headers-$(uname -r)
-```
-
-5. Copy `pf_ring.ko` to the local file system.
-
-Use `scp` or `kubectl cp` depending on type of access(SSH or debug pod).
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -23,6 +23,14 @@ git clone git@github.com:kubeshark/kubeshark.git --depth 1
 cd kubeshark/helm-chart
 ```

+In case you want to clone a specific tag of the repo (e.g. `v52.3.59`):
+
+```shell
+git clone git@github.com:kubeshark/kubeshark.git --depth 1 --branch <tag>
+cd kubeshark/helm-chart
+```
+> See the list of available tags here: https://github.com/kubeshark/kubeshark/tags
+
 Render the templates

 ```shell
@@ -51,16 +59,9 @@ kubectl port-forward service/kubeshark-front 8899:80

 Visit [localhost:8899](http://localhost:8899)

+You can also use `kubeshark proxy` for a more stable port-forward connection.

-## Increase the Worker's Storage Limit
-
-For example, change from the default 500Mi to 5Gi:
-
-```shell
--set tap.storageLimit=5Gi
-```
-
-## Add a License
+## Add a License Key

 When it's necessary, you can use:

@@ -99,48 +100,86 @@ helm install kubeshark kubeshark/kubeshark \
  --set tap.ipv6=false
 ```

-## Metrics
+## Prometheus Metrics

 Please refer to [metrics](./metrics.md) documentation for details.

+## Override Tag, Tags, Images
+
+In addition to using a private registry, you can further override the images' tag, specific image tags and specific image names.
+
+Example for overriding image names:
+
+```yaml
+  docker:
+    overrideImage: 
+      worker: docker.io/kubeshark/worker:v52.3.87
+      front:  docker.io/kubeshark/front:v52.3.87
+      hub:    docker.io/kubeshark/hub:v52.3.87
+```
+
 ## Configuration

 | Parameter                                 | Description                                   | Default                                                 |
 |-------------------------------------------|-----------------------------------------------|---------------------------------------------------------|
-| `tap.docker.registry`                     | Docker registry to pull from                           | `docker.io/kubeshark`                                   |
-| `tap.docker.tag`                          | Tag of the Docker images                              | `latest`                                                |
+| `tap.docker.registry`                     | Docker registry to pull from                  | `docker.io/kubeshark`                                   |
+| `tap.docker.tag`                          | Tag of the Docker images                      | `latest`                                                |
+| `tap.docker.tagLocked`                    | Lock the Docker image tags to prevent automatic upgrades to the latest branch image version. | `true`   |
+| `tap.docker.tagLocked`                    | If `false` - use latest minor tag             | `true`                                                  |
 | `tap.docker.imagePullPolicy`              | Kubernetes image pull policy                  | `Always`                                                |
-| `tap.docker.imagePullSecrets`             | Kubernetes secrets to pull the images      | `[]`                                                    |
-| `tap.proxy.worker.srvPort`                | Worker server port                           | `30001`                                                  |
-| `tap.proxy.hub.port`                      | Hub service port                              | `8898`                                                  |
-| `tap.proxy.hub.srvPort`                   | Hub server port                   | `8898`                                                  |
-| `tap.proxy.front.port`                    | Front-facing service port                     | `8899`                                                  |
-| `tap.proxy.host`                          | Proxy server's IP                                   | `127.0.0.1`                                             |
-| `tap.namespaces`                          | List of namespaces for the traffic capture                 | `[]`                                                    |
-| `tap.release.repo`                        | URL of the Helm chart repository             | `https://helm.kubeshark.co`                             |
-| `tap.release.name`                        | Helm release name                          | `kubeshark`                                             |
-| `tap.release.namespace`                   | Helm release namespace                | `default`                                               |
-| `tap.persistentStorage`                   | Use `persistentVolumeClaim` instead of `emptyDir` | `false`                                                |
-| `tap.persistentStorageStatic`             | Use static persistent volume provisioning (explicitly defined `PersistentVolume` ) | `false`                                                      |
-| `tap.efsFileSytemIdAndPath`               | [EFS file system ID and, optionally, subpath and/or access point](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/examples/kubernetes/access_points/README.md) `<FileSystemId>:<Path>:<AccessPointId>`     | ""                                                           |
-| `tap.storageLimit`                        | Limit of either the `emptyDir` or `persistentVolumeClaim`                  | `500Mi`                                                 |
-| `tap.storageClass`                        | Storage class of the `PersistentVolumeClaim`          | `standard`                                              |
-| `tap.dryRun`                              | Preview of all pods matching the regex, without tapping them                    | `false`                                                 |
-| `tap.pcap`                                |                                               | `""`                                                    |
-| `tap.resources.worker.limits.cpu`         | CPU limit for worker                          | `750m`                                                  |
-| `tap.resources.worker.limits.memory`      | Memory limit for worker                       | `1Gi`                                                   |
-| `tap.resources.worker.requests.cpu`       | CPU request for worker                        | `50m`                                                   |
-| `tap.resources.worker.requests.memory`    | Memory request for worker                     | `50Mi`                                                  |
-| `tap.resources.hub.limits.cpu`            | CPU limit for hub                             | `750m`                                                  |
-| `tap.resources.hub.limits.memory`         | Memory limit for hub                          | `1Gi`                                                   |
+| `tap.docker.imagePullSecrets`             | Kubernetes secrets to pull the images         | `[]`                                                    |
+| `tap.docker.overrideImage`                | Can be used to directly override image names  | `""`                                                    |
+| `tap.docker.overrideTag`                  | Can be used to override image tags            | `""`                                                    |
+| `tap.proxy.hub.srvPort`                   | Hub server port. Change if already occupied.  | `8898`                                                  |
+| `tap.proxy.worker.srvPort`                | Worker server port. Change if already occupied.| `48999`                                                |
+| `tap.proxy.front.port`                    | Front service port. Change if already occupied.| `8899`                                                 |
+| `tap.proxy.host`                          | Change to 0.0.0.0 top open up to the world.   | `127.0.0.1`                                             |
+| `tap.regex`                               | Target (process traffic from) pods that match regex | `.*`                                              |
+| `tap.namespaces`                          | Target pods in namespaces                     | `[]`                                                    |
+| `tap.excludedNamespaces`                  | Exclude pods in namespaces                    | `[]`                                                    |
+| `tap.bpfOverride`                         | When using AF_PACKET as a traffic capture backend, override any existing pod targeting rules and set explicit BPF expression (e.g. `net 0.0.0.0/0`).                                                          | `[]`                                                    |
+| `tap.stopped`                             | Set to `false` to have traffic processing start automatically. When set to `true`, traffic processing is stopped by default, resulting in almost no resource consumption (e.g. Kubeshark is dormant). This property can be dynamically control via the dashboard.      | `false`                                                                                                                                                |
+| `tap.release.repo`                        | URL of the Helm chart repository              | `https://helm.kubeshark.co`                             |
+| `tap.release.name`                        | Helm release name                             | `kubeshark`                                             |
+| `tap.release.namespace`                   | Helm release namespace                        | `default`                                               |
+| `tap.persistentStorage`                   | Use `persistentVolumeClaim` instead of `emptyDir` | `false`                                             |
+| `tap.persistentStorageStatic`             | Use static persistent volume provisioning (explicitly defined `PersistentVolume` ) | `false`            |
+| `tap.efsFileSytemIdAndPath`               | [EFS file system ID and, optionally, subpath and/or access point](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/examples/kubernetes/access_points/README.md) `<FileSystemId>:<Path>:<AccessPointId>`  | ""                             |
+| `tap.storageLimit`                        | Limit of either the `emptyDir` or `persistentVolumeClaim` | `500Mi`                                     |
+| `tap.storageClass`                        | Storage class of the `PersistentVolumeClaim`          | `standard`                                      |
+| `tap.dryRun`                              | Preview of all pods matching the regex, without tapping them    | `false`                               |
+| `tap.dnsConfig.nameservers`               | Nameservers to use for DNS resolution          | `[]`                                                    |
+| `tap.dnsConfig.searches`                  | Search domains to use for DNS resolution       | `[]`                                                    |
+| `tap.dnsConfig.options`                   | DNS options to use for DNS resolution          | `[]`                                                    |
+| `tap.resources.hub.limits.cpu`            | CPU limit for hub                             | `""`  (no limit)                                                 |
+| `tap.resources.hub.limits.memory`         | Memory limit for hub                          | `5Gi`                                                |
 | `tap.resources.hub.requests.cpu`          | CPU request for hub                           | `50m`                                                   |
 | `tap.resources.hub.requests.memory`       | Memory request for hub                        | `50Mi`                                                  |
+| `tap.resources.sniffer.limits.cpu`        | CPU limit for sniffer                         | `""`  (no limit)                                                    |
+| `tap.resources.sniffer.limits.memory`     | Memory limit for sniffer                      | `3Gi`                                                |
+| `tap.resources.sniffer.requests.cpu`      | CPU request for sniffer                       | `50m`                                                   |
+| `tap.resources.sniffer.requests.memory`   | Memory request for sniffer                    | `50Mi`                                                  |
+| `tap.resources.tracer.limits.cpu`         | CPU limit for tracer                          | `""`  (no limit)                                                     |
+| `tap.resources.tracer.limits.memory`      | Memory limit for tracer                       | `3Gi`                                                |
+| `tap.resources.tracer.requests.cpu`       | CPU request for tracer                        | `50m`                                                   |
+| `tap.resources.tracer.requests.memory`    | Memory request for tracer                     | `50Mi`                                                  |
+| `tap.probes.hub.initialDelaySeconds`      | Initial delay before probing the hub         | `15`                                                    |
+| `tap.probes.hub.periodSeconds`            | Period between probes for the hub             | `10`                                                    |
+| `tap.probes.hub.successThreshold`         | Number of successful probes before considering the hub healthy | `1`                                        |
+| `tap.probes.hub.failureThreshold`         | Number of failed probes before considering the hub unhealthy | `3`                                           |
+| `tap.probes.sniffer.initialDelaySeconds`  | Initial delay before probing the sniffer     | `15`                                                    |
+| `tap.probes.sniffer.periodSeconds`        | Period between probes for the sniffer         | `10`                                                    |
+| `tap.probes.sniffer.successThreshold`     | Number of successful probes before considering the sniffer healthy | `1`                                    |
+| `tap.probes.sniffer.failureThreshold`     | Number of failed probes before considering the sniffer unhealthy | `3`                                       |
 | `tap.serviceMesh`                         | Capture traffic from service meshes like Istio, Linkerd, Consul, etc.          | `true`                                                  |
 | `tap.tls`                                 | Capture the encrypted/TLS traffic from cryptography libraries like OpenSSL                         | `true`                                                  |
+| `tap.disableTlsLog`                       | Suppress logging for TLS/eBPF                 | `true`                                                 |
 | `tap.ignoreTainted`                       | Whether to ignore tainted nodes               | `false`                                                 |
 | `tap.labels`                              | Kubernetes labels to apply to all Kubeshark resources  | `{}`                                                    |
 | `tap.annotations`                         | Kubernetes annotations to apply to all Kubeshark resources | `{}`                                                |
-| `tap.nodeSelectorTerms`                   | Node selector terms                           | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
+| `tap.nodeSelectorTerms.Workers`                   | Node selector terms for workers components                       | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
+| `tap.nodeSelectorTerms.Hub`                   | Node selector terms for hub component                 | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
+| `tap.nodeSelectorTerms.Front`                   | Node selector terms for front-end component                         | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
 | `tap.auth.enabled`                        | Enable authentication                         | `false`                                                 |
 | `tap.auth.type`                           | Authentication type (1 option available: `saml`)      | `saml`                                              |
 | `tap.auth.approvedEmails`                 | List of approved email addresses for authentication              | `[]`                                                    |
@@ -149,7 +188,7 @@ Please refer to [metrics](./metrics.md) documentation for details.
 | `tap.auth.saml.x509crt`                   | A self-signed X.509 `.cert` contents <br/>(effective, if `tap.auth.type = saml`)          | ``                                                      |
 | `tap.auth.saml.x509key`                   | A self-signed X.509 `.key` contents <br/>(effective, if `tap.auth.type = saml`)           | ``                                                      |
 | `tap.auth.saml.roleAttribute`             | A SAML attribute name corresponding to user's authorization role <br/>(effective, if `tap.auth.type = saml`)  | `role` |
-| `tap.auth.saml.roles`                     | A list of SAML authorization roles and their permissions <br/>(effective, if `tap.auth.type = saml`)  | `{"admin":{"canDownloadPCAP":true,"canReplayTraffic":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}` |
+| `tap.auth.saml.roles`                     | A list of SAML authorization roles and their permissions <br/>(effective, if `tap.auth.type = saml`)  | `{"admin":{"canDownloadPCAP":true,"canUpdateTargetedPods":true,"canUseScripting":true, "scriptingPermissions":{"canSave":true, "canActivate":true, "canDelete":true}, "canStopTrafficCapturing":true, "filter":"","showAdminConsoleLink":true}}` |
 | `tap.ingress.enabled`                     | Enable `Ingress`                                | `false`                                                 |
 | `tap.ingress.className`                   | Ingress class name                            | `""`                                                    |
 | `tap.ingress.host`                        | Host of the `Ingress`                          | `ks.svc.cluster.local`                                  |
@@ -157,13 +196,19 @@ Please refer to [metrics](./metrics.md) documentation for details.
 | `tap.ingress.annotations`                 | `Ingress` annotations                           | `{}`                                                    |
 | `tap.ipv6`                                | Enable IPv6 support for the front-end                        | `true`                                                  |
 | `tap.debug`                               | Enable debug mode                             | `false`                                                 |
-| `tap.kernelModule.enabled`                | Use PF_RING kernel module([details](PF_RING.md))      | `true`                                                 |
-| `tap.kernelModule.image`                  | Container image containing PF_RING kernel module with supported kernel version([details](PF_RING.md))      | "kubeshark/pf-ring-module:all"                                                 |
-| `tap.kernelModule.unloadOnDestroy`        | Create additional container which watches for pod termination and unloads PF_RING kernel module. | `false`|
 | `tap.telemetry.enabled`                   | Enable anonymous usage statistics collection           | `true`                                                  |
-| `tap.defaultFilter`                       | Sets the default dashboard KFL filter (e.g. `http`)        | `""`                                                  |
-| `tap.globalFilter`                        | Prepends to any KFL filter and can be used to limit what is visible in the dashboard. For example, `redact("request.headers.Authorization")` will redact the appropriate field.       | `""`                                        |
+| `tap.resourceGuard.enabled`               | Enable resource guard worker process, which watches RAM/disk usage and enables/disables traffic capture based on available resources | `false` |
+| `tap.sentry.enabled`                      | Enable sending of error logs to Sentry          | `false`                                                  |
+| `tap.sentry.environment`                      | Sentry environment to label error logs with      | `production`                                                  |
+| `tap.defaultFilter`                       | Sets the default dashboard KFL filter (e.g. `http`). By default, this value is set to filter out noisy protocols such as DNS, UDP, ICMP and TCP. The user can easily change this, **temporarily**, in the Dashboard. For a permanent change, you should change this value in the `values.yaml` or `config.yaml` file.        | `"!dns and !error"`                                    |
+| `tap.liveConfigMapChangesDisabled`        | If set to `true`, all user functionality (scripting, targeting settings, global & default KFL modification, traffic recording, traffic capturing on/off, protocol dissectors) involving dynamic ConfigMap changes from UI will be disabled     | `false`      |
+| `tap.globalFilter`                        | Prepends to any KFL filter and can be used to limit what is visible in the dashboard. For example, `redact("request.headers.Authorization")` will redact the appropriate field. Another example `!dns` will not show any DNS traffic.      | `""`                                        |
+| `tap.metrics.port`                  | Pod port used to expose Prometheus metrics          | `49100`                                                  |
+| `tap.enabledDissectors`                   | This is an array of strings representing the list of supported protocols. Remove or comment out redundant protocols (e.g., dns).| The default list excludes: `udp` and `tcp` |
 | `logs.file`                               | Logs dump path                      | `""`                                                    |
+| `pcapdump.enabled`                        | Enable recording of all traffic captured according to other parameters. Whatever Kubeshark captures, considering pod targeting rules, will be stored in pcap files ready to be viewed by tools                 | `true`                                                                                                  |
+| `pcapdump.maxTime`                        | The time window into the past that will be stored. Older traffic will be discarded.  | `2h`  |
+| `pcapdump.maxSize`                        | The maximum storage size the PCAP files will consume. Old files that cause to surpass storage consumption will get discarded.   | `500MB`  |
 | `kube.configPath`                         | Path to the `kubeconfig` file (`$HOME/.kube/config`)            | `""`                                                    |
 | `kube.context`                            | Kubernetes context to use for the deployment  | `""`                                                    |
 | `dumpLogs`                                | Enable dumping of logs         | `false`                                                 |
@@ -172,7 +217,9 @@ Please refer to [metrics](./metrics.md) documentation for details.
 | `scripting.env`                           | Environment variables for the scripting      | `{}`                                                    |
 | `scripting.source`                        | Source directory of the scripts                | `""`                                                    |
 | `scripting.watchScripts`                  | Enable watch mode for the scripts in source directory          | `true`                                                  |
-| `tap.metrics.port`                  | Pod port used to expose Prometheus metrics          | `49100`                                                  |
+| `timezone`                                | IANA time zone applied to time shown in the front-end | `""` (local time zone applies) |
+| `supportChatEnabled`                      | Enable real-time support chat channel based on Intercom | `true` |
+| `internetConnectivity`                    | Turns off API requests that are dependant on Internet connectivity such as `telemetry` and `online-support`. | `true` |

 KernelMapping pairs kernel versions with a
                            DriverContainer image. Kernel versions can be matched
@@ -225,7 +272,7 @@ tap:
    enabled: true
    type: saml
    saml:
-      idpMetadataUrl: "https://tiptophelmet.us.auth0.com/samlp/metadata/MpWiDCMMB5ShU1HRnhdb1sHM6VWqdnDG"
+      idpMetadataUrl: "https://ti..th0.com/samlp/metadata/MpWiDCM..qdnDG"
      x509crt: |
        -----BEGIN CERTIFICATE-----
        MIIDlTCCAn0CFFRUzMh+dZvp+FvWd4gRaiBVN8EvMA0GCSqGSIb3DQEBCwUAMIGG
--- a/helm-chart/metrics.md
+++ b/helm-chart/metrics.md
@@ -52,4 +52,4 @@ prometheus:

 ## Ready-to-use Dashboard

-You can import a ready-to-use dashboard from [Grafana's Dashboards Portal](https://grafana.com/grafana/dashboards/20359-kubeshark-dashboard-v1-0-003/).
+You can import a ready-to-use dashboard from [Grafana's Dashboards Portal](https://grafana.com/grafana/dashboards/21332-kubeshark-dashboard-v3-4/).
--- a/helm-chart/templates/02-cluster-role.yaml
+++ b/helm-chart/templates/02-cluster-role.yaml
@@ -16,6 +16,7 @@ rules:
      - extensions
      - apps
    resources:
+      - nodes
      - pods
      - services
      - endpoints
@@ -24,6 +25,25 @@ rules:
      - list
      - get
      - watch
+  - apiGroups:
+      - ""
+    resources:
+      - namespaces
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+    - networking.k8s.io
+    resources:
+    - networkpolicies
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - delete
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@@ -49,5 +69,6 @@ rules:
    verbs:
      - get
      - watch
+      - list
      - update
      - patch
--- a/helm-chart/templates/04-hub-deployment.yaml
+++ b/helm-chart/templates/04-hub-deployment.yaml
@@ -16,7 +16,7 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: hub
-      {{- include "kubeshark.labels" . | nindent 6 }}
+      {{- include "kubeshark.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
@@ -26,12 +26,13 @@ spec:
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ include "kubeshark.serviceAccountName" . }}
      containers:
-        - name: kubeshark-hub
+        - name: hub
          command:
            - ./hub
-          {{- if .Values.tap.debug }}
-            - -debug
-          {{- end }}
+            - -port
+            - "8080"
+            - -loglevel
+            - '{{ .Values.logLevel | default "warning" }}'
          env:
          - name: POD_NAME
            valueFrom:
@@ -41,35 +42,92 @@ spec:
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
+          - name: SENTRY_ENABLED
+            value: '{{ (include "sentry.enabled" .) }}'
+          - name: SENTRY_ENVIRONMENT
+            value: '{{ .Values.tap.sentry.environment }}'
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
-          image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
+          - name: PROFILING_ENABLED
+            value: '{{ .Values.tap.pprof.enabled }}'
+        {{- if .Values.tap.docker.overrideImage.hub }}
+          image: '{{ .Values.tap.docker.overrideImage.hub }}'
+        {{- else if .Values.tap.docker.overrideTag.hub }}
+          image: '{{ .Values.tap.docker.registry }}/hub:{{ .Values.tap.docker.overrideTag.hub }}'
+        {{ else }}
+          image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}'
+        {{- end }}
          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
+        {{- if .Values.tap.docker.imagePullSecrets }}
+          imagePullSecrets:
+            {{- range .Values.tap.docker.imagePullSecrets }}
+            - name: {{ . }}
+            {{- end }}
+        {{- end }}
          readinessProbe:
-            periodSeconds: 1
-            failureThreshold: 3
-            successThreshold: 1
-            initialDelaySeconds: 3
+            periodSeconds: {{ .Values.tap.probes.hub.periodSeconds }}
+            failureThreshold: {{ .Values.tap.probes.hub.failureThreshold }}
+            successThreshold: {{ .Values.tap.probes.hub.successThreshold }}
+            initialDelaySeconds: {{ .Values.tap.probes.hub.initialDelaySeconds }}
            tcpSocket:
-              port: 80
+              port: 8080
          livenessProbe:
-            periodSeconds: 1
-            failureThreshold: 3
-            successThreshold: 1
-            initialDelaySeconds: 3
+            periodSeconds: {{ .Values.tap.probes.hub.periodSeconds }}
+            failureThreshold: {{ .Values.tap.probes.hub.failureThreshold }}
+            successThreshold: {{ .Values.tap.probes.hub.successThreshold }}
+            initialDelaySeconds: {{ .Values.tap.probes.hub.initialDelaySeconds }}
            tcpSocket:
-              port: 80
+              port: 8080
          resources:
            limits:
+              {{ if ne (toString .Values.tap.resources.hub.limits.cpu) "0" }}
              cpu: {{ .Values.tap.resources.hub.limits.cpu }}
+              {{ end }}
+              {{ if ne (toString .Values.tap.resources.hub.limits.memory) "0" }}
              memory: {{ .Values.tap.resources.hub.limits.memory }}
+              {{ end }}
            requests:
+              {{ if ne (toString .Values.tap.resources.hub.requests.cpu) "0" }}
              cpu: {{ .Values.tap.resources.hub.requests.cpu }}
+              {{ end }}
+              {{ if ne (toString .Values.tap.resources.hub.requests.memor) "0" }}
              memory: {{ .Values.tap.resources.hub.requests.memory }}
+              {{ end }}
          volumeMounts:
          - name: saml-x509-volume
            mountPath: "/etc/saml/x509"
            readOnly: true
+{{- if gt (len .Values.tap.nodeSelectorTerms.hub) 0}}
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              {{- toYaml .Values.tap.nodeSelectorTerms.hub | nindent 12 }}
+{{- end }}
+      {{- if or .Values.tap.dns.nameservers .Values.tap.dns.searches .Values.tap.dns.options }}
+      dnsConfig:
+        {{- if .Values.tap.dns.nameservers }}
+        nameservers:
+        {{- range .Values.tap.dns.nameservers }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.searches }}
+        searches:
+        {{- range .Values.tap.dns.searches }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.options }}
+        options:
+        {{- range .Values.tap.dns.options }}
+          - name: {{ .name | quote }}
+            {{- if .value }}
+            value: {{ .value | quote }}
+            {{- end }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
      volumes:
      - name: saml-x509-volume
        projected:
--- a/helm-chart/templates/05-hub-service.yaml
+++ b/helm-chart/templates/05-hub-service.yaml
@@ -15,7 +15,7 @@ spec:
  ports:
    - name: kubeshark-hub
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: hub
  type: ClusterIP
--- a/helm-chart/templates/06-front-deployment.yaml
+++ b/helm-chart/templates/06-front-deployment.yaml
@@ -15,7 +15,7 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: front
-      {{- include "kubeshark.labels" . | nindent 6 }}
+      {{- include "kubeshark.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
@@ -24,18 +24,62 @@ spec:
    spec:
      containers:
        - env:
-            - name: REACT_APP_DEFAULT_FILTER
-              value: '{{ not (eq .Values.tap.defaultFilter "") | ternary .Values.tap.defaultFilter " " }}'
            - name: REACT_APP_AUTH_ENABLED
-              value: '{{ .Values.tap.auth.enabled }}'
+              value: '{{- if or (and .Values.cloudLicenseEnabled (not (empty .Values.license))) (not .Values.internetConnectivity) -}}
+                      "false"
+                    {{- else -}}
+                      {{ .Values.cloudLicenseEnabled | ternary "true" .Values.tap.auth.enabled }}
+                    {{- end }}'
            - name: REACT_APP_AUTH_TYPE
-              value: '{{ not (eq .Values.tap.auth.type "") | ternary .Values.tap.auth.type " " }}'
+              value: '{{ not (eq .Values.tap.auth.type "") | ternary (.Values.cloudLicenseEnabled | ternary "oidc" .Values.tap.auth.type) " " }}'
            - name: REACT_APP_AUTH_SAML_IDP_METADATA_URL
              value: '{{ not (eq .Values.tap.auth.saml.idpMetadataUrl "") | ternary .Values.tap.auth.saml.idpMetadataUrl " " }}'
-            - name: REACT_APP_REPLAY_DISABLED
-              value: '{{ .Values.tap.replayDisabled }}'
-          image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
+            - name: REACT_APP_TIMEZONE
+              value: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
+            - name: REACT_APP_SCRIPTING_DISABLED
+              value: '{{ .Values.tap.liveConfigMapChangesDisabled }}'
+            - name: REACT_APP_TARGETED_PODS_UPDATE_DISABLED
+              value: '{{ .Values.tap.liveConfigMapChangesDisabled }}'
+            - name: REACT_APP_PRESET_FILTERS_CHANGING_ENABLED
+              value: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
+            - name: REACT_APP_BPF_OVERRIDE_DISABLED
+              value: '{{ eq .Values.tap.packetCapture "ebpf" | ternary "true" "false" }}'
+            - name: REACT_APP_RECORDING_DISABLED
+              value: '{{ .Values.tap.liveConfigMapChangesDisabled }}'
+            - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED
+              value: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.stopped -}}
+                        false
+                      {{- else -}}
+                        {{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
+                      {{- end -}}'
+            - name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
+              value: '{{- if or (and .Values.cloudLicenseEnabled (not (empty .Values.license))) (not .Values.internetConnectivity) -}}
+                        "false"
+                      {{- else -}}
+                        {{ .Values.cloudLicenseEnabled }}
+                      {{- end }}'
+            - name: REACT_APP_SUPPORT_CHAT_ENABLED
+              value: '{{ and .Values.supportChatEnabled .Values.internetConnectivity | ternary "true" "false" }}'
+            - name: REACT_APP_DISSECTORS_UPDATING_ENABLED
+              value: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
+            - name: REACT_APP_SENTRY_ENABLED
+              value: '{{ (include "sentry.enabled" .) }}'
+            - name: REACT_APP_SENTRY_ENVIRONMENT
+              value: '{{ .Values.tap.sentry.environment }}'
+        {{- if .Values.tap.docker.overrideImage.front }}
+          image: '{{ .Values.tap.docker.overrideImage.front }}'
+        {{- else if .Values.tap.docker.overrideTag.front }}
+          image: '{{ .Values.tap.docker.registry }}/front:{{ .Values.tap.docker.overrideTag.front }}'
+        {{ else }}
+          image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}'
+        {{- end }}
          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
+        {{- if .Values.tap.docker.imagePullSecrets }}
+          imagePullSecrets:
+            {{- range .Values.tap.docker.imagePullSecrets }}
+            - name: {{ . }}
+            {{- end }}
+        {{- end }}
          name: kubeshark-front
          livenessProbe:
            periodSeconds: 1
@@ -43,14 +87,14 @@ spec:
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          readinessProbe:
            periodSeconds: 1
            failureThreshold: 3
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
            timeoutSeconds: 1
          resources:
            limits:
@@ -64,6 +108,37 @@ spec:
              mountPath: /etc/nginx/conf.d/default.conf
              subPath: default.conf
              readOnly: true
+{{- if gt (len .Values.tap.nodeSelectorTerms.front) 0}}
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              {{- toYaml .Values.tap.nodeSelectorTerms.front | nindent 12 }}
+{{- end }}
+      {{- if or .Values.tap.dns.nameservers .Values.tap.dns.searches .Values.tap.dns.options }}
+      dnsConfig:
+        {{- if .Values.tap.dns.nameservers }}
+        nameservers:
+        {{- range .Values.tap.dns.nameservers }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.searches }}
+        searches:
+        {{- range .Values.tap.dns.searches }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.options }}
+        options:
+        {{- range .Values.tap.dns.options }}
+          - name: {{ .name | quote }}
+            {{- if .value }}
+            value: {{ .value | quote }}
+            {{- end }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
      volumes:
        - name: nginx-config
          configMap:
--- a/helm-chart/templates/07-front-service.yaml
+++ b/helm-chart/templates/07-front-service.yaml
@@ -14,7 +14,7 @@ spec:
  ports:
    - name: kubeshark-front
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: front
  type: ClusterIP
--- a/helm-chart/templates/09-worker-daemon-set.yaml
+++ b/helm-chart/templates/09-worker-daemon-set.yaml
@@ -16,7 +16,7 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: worker
-      {{- include "kubeshark.labels" . | nindent 6 }}
+      {{- include "kubeshark.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
@@ -25,23 +25,39 @@ spec:
      name: kubeshark-worker-daemon-set
      namespace: kubeshark
    spec:
-    {{- if .Values.tap.kernelModule.enabled }}
      initContainers:
-      - name: load-pf-ring
-        image: {{ .Values.tap.kernelModule.image }}
-        imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
-        securityContext:
-          capabilities:
-            add:
-              {{- range .Values.tap.capabilities.kernelModule }}
-              {{ print "- " . }}
-              {{- end }}
-            drop:
-              - ALL
-        volumeMounts:
-        - name: lib-modules
-          mountPath: /lib/modules
-    {{- end }}
+        - command:
+          - /bin/sh
+          - -c
+          - mkdir -p /sys/fs/bpf && mount | grep -q '/sys/fs/bpf' || mount -t bpf bpf /sys/fs/bpf
+        {{- if .Values.tap.docker.overrideTag.worker }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{ else }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{- end }}
+          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
+          name: check-bpf
+          securityContext:
+            privileged: true
+          volumeMounts:
+          - mountPath: /sys
+            name: sys
+            mountPropagation: Bidirectional
+        - command:
+          - ./tracer
+          - -init-bpf
+        {{- if .Values.tap.docker.overrideTag.worker }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{ else }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{- end }}
+          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
+          name: init-bpf
+          securityContext:
+            privileged: true
+          volumeMounts:
+          - mountPath: /sys
+            name: sys
      containers:
        - command:
            - ./worker
@@ -51,22 +67,44 @@ spec:
            - '{{ .Values.tap.proxy.worker.srvPort }}'
            - -metrics-port
            - '{{ .Values.tap.metrics.port }}'
+            - -packet-capture
+            - '{{ .Values.tap.packetCapture }}'
+            - -loglevel
+            - '{{ .Values.logLevel | default "warning" }}'
+          {{- if .Values.tap.tls }}
            - -unixsocket
+          {{- else }}
+            - -disable-tracer
+          {{- end }}
          {{- if .Values.tap.serviceMesh }}
            - -servicemesh
          {{- end }}
            - -procfs
            - /hostproc
-          {{- if .Values.tap.kernelModule.enabled }}
-            - -kernel-module
+          {{- if ne .Values.tap.packetCapture "ebpf" }}
+            - -disable-ebpf
          {{- end }}
-          {{- if .Values.tap.debug }}
-            - -debug
-            - -dumptracer
-            - "100000000"
+          {{- if .Values.tap.resourceGuard.enabled }}
+            - -enable-resource-guard
          {{- end }}
-          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
+            - -resolution-strategy
+            - '{{ .Values.tap.misc.resolutionStrategy }}'
+            - -staletimeout
+            - '{{ .Values.tap.misc.staleTimeoutSeconds }}'
+        {{- if .Values.tap.docker.overrideImage.worker }}
+          image: '{{ .Values.tap.docker.overrideImage.worker }}'
+        {{- else if .Values.tap.docker.overrideTag.worker }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{ else }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{- end }}
          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
+        {{- if .Values.tap.docker.imagePullSecrets }}
+          imagePullSecrets:
+            {{- range .Values.tap.docker.imagePullSecrets }}
+            - name: {{ . }}
+            {{- end }}
+        {{- end }}
          name: sniffer
          ports:
            - containerPort: {{ .Values.tap.metrics.port }}
@@ -82,16 +120,32 @@ spec:
              fieldRef:
                fieldPath: metadata.namespace
          - name: TCP_STREAM_CHANNEL_TIMEOUT_MS
-            value: '{{ .Values.tap.tcpStreamChannelTimeoutMs }}'
+            value: '{{ .Values.tap.misc.tcpStreamChannelTimeoutMs }}'
+          - name: TCP_STREAM_CHANNEL_TIMEOUT_SHOW
+            value: '{{ .Values.tap.misc.tcpStreamChannelTimeoutShow }}'
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
+          - name: PROFILING_ENABLED
+            value: '{{ .Values.tap.pprof.enabled }}'
+          - name: SENTRY_ENABLED
+            value: '{{ (include "sentry.enabled" .) }}'
+          - name: SENTRY_ENVIRONMENT
+            value: '{{ .Values.tap.sentry.environment }}'
          resources:
            limits:
+              {{ if ne (toString .Values.tap.resources.sniffer.limits.cpu) "0" }}
              cpu: {{ .Values.tap.resources.sniffer.limits.cpu }}
+              {{ end }}
+              {{ if ne (toString .Values.tap.resources.sniffer.limits.memory) "0" }}
              memory: {{ .Values.tap.resources.sniffer.limits.memory }}
+              {{ end }}
            requests:
+              {{ if ne (toString .Values.tap.resources.sniffer.requests.cpu) "0" }}
              cpu: {{ .Values.tap.resources.sniffer.requests.cpu }}
+              {{ end }}
+              {{ if ne (toString .Values.tap.resources.sniffer.requests.memory) "0" }}
              memory: {{ .Values.tap.resources.sniffer.requests.memory }}
+              {{ end }}
          securityContext:
            capabilities:
              add:
@@ -103,20 +157,25 @@ spec:
                {{ print "- " . }}
                {{- end }}
                {{- end }}
+                {{- if .Values.tap.capabilities.ebpfCapture }}
+                {{- range .Values.tap.capabilities.ebpfCapture }}
+                {{ print "- " . }}
+                {{- end }}
+                {{- end }}
              drop:
                - ALL
          readinessProbe:
-            periodSeconds: 1
-            failureThreshold: 3
-            successThreshold: 1
-            initialDelaySeconds: 5
+            periodSeconds: {{ .Values.tap.probes.sniffer.periodSeconds }}
+            failureThreshold: {{ .Values.tap.probes.sniffer.failureThreshold }}
+            successThreshold: {{ .Values.tap.probes.sniffer.successThreshold }}
+            initialDelaySeconds: {{ .Values.tap.probes.sniffer.initialDelaySeconds }}
            tcpSocket:
              port: {{ .Values.tap.proxy.worker.srvPort }}
          livenessProbe:
-            periodSeconds: 1
-            failureThreshold: 3
-            successThreshold: 1
-            initialDelaySeconds: 5
+            periodSeconds: {{ .Values.tap.probes.sniffer.periodSeconds }}
+            failureThreshold: {{ .Values.tap.probes.sniffer.failureThreshold }}
+            successThreshold: {{ .Values.tap.probes.sniffer.successThreshold }}
+            initialDelaySeconds: {{ .Values.tap.probes.sniffer.initialDelaySeconds }}
            tcpSocket:
              port: {{ .Values.tap.proxy.worker.srvPort }}
          volumeMounts:
@@ -128,30 +187,35 @@ spec:
              readOnly: true
            - mountPath: /app/data
              name: data
-      {{- if and (eq .Values.tap.kernelModule.enabled true) (eq .Values.tap.kernelModule.unloadOnDestroy true) }}
-        - name: unload-pf-ring
-          image: {{ .Values.tap.kernelModule.image }}
-          command: ["/bin/sh"]
-          args: ["-c", "trap 'rmmod pf_ring && sleep 3' SIGTERM; while true; do sleep 1; done"] 
-          securityContext:
-            capabilities:
-              add:
-                {{- range .Values.tap.capabilities.kernelModule }}
-                {{ print "- " . }}
-                {{- end }}
-              drop:
-                - ALL
-      {{- end }}
      {{- if .Values.tap.tls }}
        - command:
            - ./tracer
            - -procfs
            - /hostproc
-          {{- if .Values.tap.debug }}
-            - -debug
+          {{- if ne .Values.tap.packetCapture "ebpf" }}
+            - -disable-ebpf
          {{- end }}
-          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
+          {{- if .Values.tap.disableTlsLog }}
+            - -disable-tls-log
+          {{- end }}
+          {{- if .Values.tap.pprof.enabled }}
+            - -port
+            - '{{ add .Values.tap.proxy.worker.srvPort 1 }}'
+          {{- end }}
+            # - -loglevel
+            # - '{{ .Values.logLevel | default "warning" }}'
+        {{- if .Values.tap.docker.overrideTag.worker }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{ else }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{- end }}
          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
+        {{- if .Values.tap.docker.imagePullSecrets }}
+          imagePullSecrets:
+            {{- range .Values.tap.docker.imagePullSecrets }}
+            - name: {{ . }}
+            {{- end }}
+        {{- end }}
          name: tracer
          env:
          - name: POD_NAME
@@ -162,19 +226,36 @@ spec:
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
+          - name: PROFILING_ENABLED
+            value: '{{ .Values.tap.pprof.enabled }}'
+          - name: SENTRY_ENABLED
+            value: '{{ (include "sentry.enabled" .) }}'
+          - name: SENTRY_ENVIRONMENT
+            value: '{{ .Values.tap.sentry.environment }}'
          resources:
            limits:
+              {{ if ne (toString .Values.tap.resources.tracer.limits.cpu) "0" }}
              cpu: {{ .Values.tap.resources.tracer.limits.cpu }}
+              {{ end }}
+              {{ if ne (toString .Values.tap.resources.tracer.limits.memory) "0" }}
              memory: {{ .Values.tap.resources.tracer.limits.memory }}
+              {{ end }}
            requests:
+              {{ if ne (toString .Values.tap.resources.tracer.requests.cpu) "0" }}
              cpu: {{ .Values.tap.resources.tracer.requests.cpu }}
+              {{ end }}
+              {{ if ne (toString .Values.tap.resources.tracer.requests.memory) "0" }}
              memory: {{ .Values.tap.resources.tracer.requests.memory }}
+              {{ end }}
          securityContext:
            capabilities:
              add:
                {{- range .Values.tap.capabilities.ebpfCapture }}
                {{ print "- " . }}
                {{- end }}
+                {{- range .Values.tap.capabilities.networkCapture }}
+                {{ print "- " . }}
+                {{- end }}
              drop:
                - ALL
          volumeMounts:
@@ -186,6 +267,13 @@ spec:
              readOnly: true
            - mountPath: /app/data
              name: data
+            - mountPath: /etc/os-release
+              name: os-release
+              readOnly: true
+            - mountPath: /hostroot
+              mountPropagation: HostToContainer
+              name: root
+              readOnly: true
      {{- end }}
      dnsPolicy: ClusterFirstWithHostNet
      hostNetwork: true
@@ -198,13 +286,37 @@ spec:
        - effect: NoSchedule
          operator: Exists
 {{- end }}
-{{- if gt (len .Values.tap.nodeSelectorTerms) 0}}
+{{- if gt (len .Values.tap.nodeSelectorTerms.workers) 0}}
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
-              {{- toYaml .Values.tap.nodeSelectorTerms | nindent 12 }}
+              {{- toYaml .Values.tap.nodeSelectorTerms.workers | nindent 12 }}
 {{- end }}
+      {{- if or .Values.tap.dns.nameservers .Values.tap.dns.searches .Values.tap.dns.options }}
+      dnsConfig:
+        {{- if .Values.tap.dns.nameservers }}
+        nameservers:
+        {{- range .Values.tap.dns.nameservers }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.searches }}
+        searches:
+        {{- range .Values.tap.dns.searches }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.options }}
+        options:
+        {{- range .Values.tap.dns.options }}
+          - name: {{ .name | quote }}
+            {{- if .value }}
+            value: {{ .value | quote }}
+            {{- end }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
      volumes:
        - hostPath:
            path: /proc
@@ -215,6 +327,12 @@ spec:
        - name: lib-modules
          hostPath:
            path: /lib/modules
+        - hostPath:
+            path: /etc/os-release
+          name: os-release
+        - hostPath:
+            path: /
+          name: root
        - name: data
 {{- if .Values.tap.persistentStorage }}
          persistentVolumeClaim:
--- a/helm-chart/templates/11-nginx-config-map.yaml
+++ b/helm-chart/templates/11-nginx-config-map.yaml
@@ -9,9 +9,9 @@ metadata:
 data:
  default.conf: |
    server {
-      listen 80;
+      listen 8080;
 {{- if .Values.tap.ipv6 }}
-      listen [::]:80;
+      listen [::]:8080;
 {{- end }}
      access_log /dev/stdout;
      error_log /dev/stdout;
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@@ -9,19 +9,51 @@ metadata:
 data:
    POD_REGEX: '{{ .Values.tap.regex }}'
    NAMESPACES: '{{ gt (len .Values.tap.namespaces) 0 | ternary (join "," .Values.tap.namespaces) "" }}'
+    EXCLUDED_NAMESPACES: '{{ gt (len .Values.tap.excludedNamespaces) 0 | ternary (join "," .Values.tap.excludedNamespaces) "" }}'
+    BPF_OVERRIDE: '{{ .Values.tap.bpfOverride }}'
+    STOPPED: '{{ .Values.tap.stopped | ternary "true" "false" }}'
    SCRIPTING_SCRIPTS: '{}'
+    SCRIPTING_ACTIVE_SCRIPTS: '{{ gt (len .Values.scripting.active) 0 | ternary (join "," .Values.scripting.active) "" }}'
    INGRESS_ENABLED: '{{ .Values.tap.ingress.enabled }}'
    INGRESS_HOST: '{{ .Values.tap.ingress.host }}'
    PROXY_FRONT_PORT: '{{ .Values.tap.proxy.front.port }}'
-    AUTH_ENABLED: '{{ .Values.tap.auth.enabled | ternary "true" "" }}'
-    AUTH_TYPE: '{{ .Values.tap.auth.type }}'
+    AUTH_ENABLED: '{{- if and .Values.cloudLicenseEnabled (not (empty .Values.license)) -}}
+                      "false"
+                  {{- else -}}
+                      {{ .Values.cloudLicenseEnabled | ternary "true" (.Values.tap.auth.enabled | ternary "true" "") }}
+                  {{- end }}'
+    AUTH_TYPE: '{{ .Values.cloudLicenseEnabled | ternary "oidc" (.Values.tap.auth.type) }}'
    AUTH_SAML_IDP_METADATA_URL: '{{ .Values.tap.auth.saml.idpMetadataUrl }}'
    AUTH_SAML_ROLE_ATTRIBUTE: '{{ .Values.tap.auth.saml.roleAttribute }}'
    AUTH_SAML_ROLES: '{{ .Values.tap.auth.saml.roles | toJson }}'
-    TELEMETRY_DISABLED: '{{ not .Values.tap.telemetry.enabled | ternary "true" "" }}'
-    REPLAY_DISABLED: '{{ .Values.tap.replayDisabled | ternary "true" "" }}'
+    TELEMETRY_DISABLED: '{{ not .Values.internetConnectivity | ternary "true" (not .Values.tap.telemetry.enabled | ternary "true" "false") }}'
+    SCRIPTING_DISABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "" }}'
+    TARGETED_PODS_UPDATE_DISABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "" }}'
+    PRESET_FILTERS_CHANGING_ENABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
+    RECORDING_DISABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "" }}'
+    STOP_TRAFFIC_CAPTURING_DISABLED: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.stopped -}}
+                                        false
+                                      {{- else -}}
+                                        {{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
+                                      {{- end }}'
    GLOBAL_FILTER: {{ include "kubeshark.escapeDoubleQuotes" .Values.tap.globalFilter | quote }}
-    TRAFFIC_SAMPLE_RATE: '{{ .Values.tap.trafficSampleRate }}'
+    DEFAULT_FILTER: {{ include "kubeshark.escapeDoubleQuotes" .Values.tap.defaultFilter | quote }}
+    TRAFFIC_SAMPLE_RATE: '{{ .Values.tap.misc.trafficSampleRate }}'
    JSON_TTL: '{{ .Values.tap.misc.jsonTTL }}'
    PCAP_TTL: '{{ .Values.tap.misc.pcapTTL }}'
    PCAP_ERROR_TTL: '{{ .Values.tap.misc.pcapErrorTTL }}'
+    TIMEZONE: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
+    CLOUD_LICENSE_ENABLED: '{{- if and .Values.cloudLicenseEnabled (not (empty .Values.license)) -}}
+                              false
+                            {{- else -}}
+                              {{ .Values.cloudLicenseEnabled }}
+                            {{- end }}'
+    DUPLICATE_TIMEFRAME: '{{ .Values.tap.misc.duplicateTimeframe }}'
+    ENABLED_DISSECTORS: '{{ gt (len .Values.tap.enabledDissectors) 0 | ternary (join "," .Values.tap.enabledDissectors) "" }}'
+    CUSTOM_MACROS: '{{ toJson .Values.tap.customMacros }}'
+    DISSECTORS_UPDATING_ENABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
+    DETECT_DUPLICATES: '{{ .Values.tap.misc.detectDuplicates | ternary "true" "false" }}'
+    PCAP_DUMP_ENABLE: '{{ .Values.pcapdump.enabled }}'
+    PCAP_TIME_INTERVAL: '{{ .Values.pcapdump.timeInterval }}'
+    PCAP_MAX_TIME: '{{ .Values.pcapdump.maxTime }}'
+    PCAP_MAX_SIZE: '{{ .Values.pcapdump.maxSize }}'
--- a/helm-chart/templates/14-openshift-security-context-constraints.yaml
+++ b/helm-chart/templates/14-openshift-security-context-constraints.yaml
@@ -28,6 +28,7 @@ allowedCapabilities:
  - DAC_OVERRIDE
  - SYS_RESOURCE
  - SYS_MODULE
+  - IPC_LOCK
 runAsUser:
  type: RunAsAny
 fsGroup:
--- a/helm-chart/templates/15-worker-service-metrics.yaml
+++ b/helm-chart/templates/15-worker-service-metrics.yaml
@@ -2,11 +2,16 @@
 kind: Service
 apiVersion: v1
 metadata:
-  name: kubeshark-worker-metrics
-  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
  annotations:
    prometheus.io/scrape: 'true'
    prometheus.io/port: '{{ .Values.tap.metrics.port }}'
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
+  name: kubeshark-worker-metrics
+  namespace: {{ .Release.Namespace }}
 spec:
  selector:
    app.kubeshark.co/app: worker
--- a/helm-chart/templates/16-hub-service-metrics.yaml
+++ b/helm-chart/templates/16-hub-service-metrics.yaml
@@ -0,0 +1,23 @@
+---
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+    prometheus.io/scrape: 'true'
+    prometheus.io/port: '9100'
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
+  name: kubeshark-hub-metrics
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    app.kubeshark.co/app: hub
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: 9100
+    targetPort: 9100
--- a/helm-chart/templates/17-network-policies.yaml
+++ b/helm-chart/templates/17-network-policies.yaml
@@ -0,0 +1,79 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
+  name: kubeshark-hub-network-policy
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: hub
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+    - ports:
+        - protocol: TCP
+          port: 9100
+  egress:
+    - {}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
+  name: kubeshark-front-network-policy
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: front
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+  egress:
+    - {}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
+  name: kubeshark-worker-network-policy
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: worker
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: {{ .Values.tap.proxy.worker.srvPort }}
+        - protocol: TCP
+          port: {{ .Values.tap.metrics.port }}
+  egress:
+    - {}
--- a/helm-chart/templates/NOTES.txt
+++ b/helm-chart/templates/NOTES.txt
@@ -2,14 +2,36 @@ Thank you for installing {{ title .Chart.Name }}.

 Registry: {{ .Values.tap.docker.registry }}
 Tag: {{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}
+{{- if .Values.tap.docker.overrideTag.worker }}
+Overridden worker tag: {{ .Values.tap.docker.overrideTag.worker }}
+{{- end }}
+{{- if .Values.tap.docker.overrideTag.hub }}
+Overridden hub tag: {{ .Values.tap.docker.overrideTag.hub }}
+{{- end }}
+{{- if .Values.tap.docker.overrideTag.front }}
+Overridden front tag: {{ .Values.tap.docker.overrideTag.front }}
+{{- end }}
+{{- if .Values.tap.docker.overrideImage.worker }}
+Overridden worker image: {{ .Values.tap.docker.overrideImage.worker }}
+{{- end }}
+{{- if .Values.tap.docker.overrideImage.hub }}
+Overridden hub image: {{ .Values.tap.docker.overrideImage.hub }}
+{{- end }}
+{{- if .Values.tap.docker.overrideImage.front }}
+Overridden front image: {{ .Values.tap.docker.overrideImage.front }}
+{{- end }}

 Your deployment has been successful. The release is named `{{ .Release.Name }}` and it has been deployed in the `{{ .Release.Namespace }}` namespace.

-{{- if .Values.tap.telemetry.enabled }}
-Notice: Telemetry is enabled. Kubeshark will collect anonymous usage statistics.
-{{ end }}
+Notices:
+{{- if .Values.supportChatEnabled}}
+- Support chat using Intercom is enabled. It can be disabled using `--set supportChatEnabled=false`
+{{- end }}
+{{- if eq .Values.license ""}}
+- No license key was detected. You can get your license key from https://console.kubeshark.co/.
+{{- end }}

-{{- if .Values.tap.ingress.enabled }}
+{{ if .Values.tap.ingress.enabled }}

 You can now access the application through the following URL:
 http{{ if .Values.tap.ingress.tls }}s{{ end }}://{{ .Values.tap.ingress.host }}
@@ -24,4 +46,4 @@ To access the application, follow these steps:
 2. Once port forwarding is done, you can access the application by visiting the following URL in your web browser:
    http://0.0.0.0:8899

-{{ end }}
+{{- end }}
--- a/helm-chart/templates/_helpers.tpl
+++ b/helm-chart/templates/_helpers.tpl
@@ -56,3 +56,33 @@ Escape double quotes in a string
  {{- regexReplaceAll "\"" . "\"" -}}
 {{- end -}}

+{{/*
+Define debug docker tag suffix
+*/}}
+{{- define "kubeshark.dockerTagDebugVersion" -}}
+{{- .Values.tap.pprof.enabled | ternary "-debug" "" }}
+{{- end -}}
+
+{{/*
+Create docker tag default version
+*/}}
+{{- define "kubeshark.defaultVersion" -}}
+{{- $defaultVersion := (printf "v%s" .Chart.Version) -}}
+{{- if not .Values.tap.docker.tagLocked }}
+  {{- $defaultVersion = regexReplaceAll "^([^.]+\\.[^.]+).*" $defaultVersion "$1" -}}
+{{- end }}
+{{- $defaultVersion }}
+{{- end -}}
+
+{{/*
+Set sentry based on internet connectivity and telemetry
+*/}}
+{{- define "sentry.enabled" -}}
+  {{- $sentryEnabledVal := .Values.tap.sentry.enabled -}}
+  {{- if not .Values.internetConnectivity -}}
+    {{- $sentryEnabledVal = false -}}
+  {{- else if not .Values.tap.telemetry.enabled -}}
+    {{- $sentryEnabledVal = false -}}
+  {{- end -}}
+  {{- $sentryEnabledVal -}}
+{{- end -}}
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -1,12 +1,22 @@
+# find a detailed description here: https://github.com/kubeshark/kubeshark/blob/master/helm-chart/README.md
 tap:
  docker:
    registry: docker.io/kubeshark
    tag: ""
+    tagLocked: true
    imagePullPolicy: Always
    imagePullSecrets: []
+    overrideImage:
+      worker: ""
+      hub: ""
+      front: ""
+    overrideTag:
+      worker: ""
+      hub: ""
+      front: ""
  proxy:
    worker:
-      srvPort: 30001
+      srvPort: 48999
    hub:
      srvPort: 8898
    front:
@@ -14,6 +24,9 @@ tap:
    host: 127.0.0.1
  regex: .*
  namespaces: []
+  excludedNamespaces: []
+  bpfOverride: ""
+  stopped: false
  release:
    repo: https://helm.kubeshark.co
    name: kubeshark
@@ -21,42 +34,72 @@ tap:
  persistentStorage: false
  persistentStorageStatic: false
  efsFileSytemIdAndPath: ""
-  storageLimit: 500Mi
+  storageLimit: 5000Mi
  storageClass: standard
  dryRun: false
+  dns:
+    nameservers: []
+    searches: []
+    options: []
  resources:
    hub:
      limits:
-        cpu: 750m
-        memory: 1Gi
+        cpu: "0"
+        memory: 5Gi
      requests:
        cpu: 50m
        memory: 50Mi
    sniffer:
      limits:
-        cpu: 750m
-        memory: 1Gi
+        cpu: "0"
+        memory: 5Gi
      requests:
        cpu: 50m
        memory: 50Mi
    tracer:
      limits:
-        cpu: 750m
-        memory: 1Gi
+        cpu: "0"
+        memory: 5Gi
      requests:
        cpu: 50m
        memory: 50Mi
+  probes:
+    hub:
+      initialDelaySeconds: 15
+      periodSeconds: 10
+      successThreshold: 1
+      failureThreshold: 3
+    sniffer:
+      initialDelaySeconds: 15
+      periodSeconds: 10
+      successThreshold: 1
+      failureThreshold: 3
  serviceMesh: true
  tls: true
+  disableTlsLog: true
+  packetCapture: best
  ignoreTainted: false
  labels: {}
  annotations: {}
  nodeSelectorTerms:
-  - matchExpressions:
-    - key: kubernetes.io/os
-      operator: In
-      values:
-      - linux
+    hub:
+    - matchExpressions:
+      - key: kubernetes.io/os
+        operator: In
+        values:
+        - linux
+    workers:
+    - matchExpressions:
+      - key: kubernetes.io/os
+        operator: In
+        values:
+        - linux
+    front:
+    - matchExpressions:
+      - key: kubernetes.io/os
+        operator: In
+        values:
+        - linux
  auth:
    enabled: false
    type: saml
@@ -68,10 +111,14 @@ tap:
      roles:
        admin:
          filter: ""
-          canReplayTraffic: true
          canDownloadPCAP: true
          canUseScripting: true
+          scriptingPermissions:
+            canSave: true
+            canActivate: true
+            canDelete: true
          canUpdateTargetedPods: true
+          canStopTrafficCapturing: true
          showAdminConsoleLink: true
  ingress:
    enabled: false
@@ -81,14 +128,15 @@ tap:
    annotations: {}
  ipv6: true
  debug: false
-  kernelModule:
-    enabled: true
-    image: kubeshark/pf-ring-module:all
-    unloadOnDestroy: false
  telemetry:
    enabled: true
-  defaultFilter: ""
-  replayDisabled: false
+  resourceGuard:
+    enabled: false
+  sentry:
+    enabled: false
+    environment: production
+  defaultFilter: "!dns and !error"
+  liveConfigMapChangesDisabled: false
  capabilities:
    networkCapture:
    - NET_RAW
@@ -97,31 +145,68 @@ tap:
    - SYS_ADMIN
    - SYS_PTRACE
    - DAC_OVERRIDE
-    kernelModule:
-    - SYS_MODULE
    ebpfCapture:
    - SYS_ADMIN
    - SYS_PTRACE
    - SYS_RESOURCE
    - IPC_LOCK
  globalFilter: ""
+  enabledDissectors:
+  - amqp
+  - dns
+  - http
+  - icmp
+  - kafka
+  - redis
+  - sctp
+  - syscall
+  - ws
+  - ldap
+  - radius
+  - diameter
+  customMacros:
+    https: tls and (http or http2)
  metrics:
    port: 49100
-  trafficSampleRate: 100
-  tcpStreamChannelTimeoutMs: 10000
+  pprof:
+    enabled: false
+    port: 8000
+    view: flamegraph
  misc:
    jsonTTL: 5m
    pcapTTL: 10s
    pcapErrorTTL: 60s
+    trafficSampleRate: 100
+    tcpStreamChannelTimeoutMs: 10000
+    tcpStreamChannelTimeoutShow: false
+    resolutionStrategy: auto
+    duplicateTimeframe: 200ms
+    detectDuplicates: false
+    staleTimeoutSeconds: 30
 logs:
  file: ""
+  grep: ""
+pcapdump:
+  enabled: true
+  timeInterval: 1m
+  maxTime: 1h
+  maxSize: 500MB
+  time: time
 kube:
  configPath: ""
  context: ""
 dumpLogs: false
 headless: false
 license: ""
+cloudLicenseEnabled: true
+supportChatEnabled: true
+internetConnectivity: true
 scripting:
  env: {}
  source: ""
+  sources: []
  watchScripts: true
+  active: []
+  console: true
+timezone: ""
+logLevel: warning
--- a/internal/connect/hub.go
+++ b/internal/connect/hub.go
@@ -3,7 +3,6 @@ package connect
 import (
 	"bytes"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -12,7 +11,6 @@ import (
 	"time"

 	"github.com/kubeshark/kubeshark/config"
-	"github.com/kubeshark/kubeshark/misc"
 	"github.com/kubeshark/kubeshark/utils"

 	"github.com/rs/zerolog/log"
@@ -121,138 +119,6 @@ func (connector *Connector) PostLicense(license string) {
 	}
 }

-type postScriptRequest struct {
-	Title string `json:"title"`
-	Code  string `json:"code"`
-}
-
-func (connector *Connector) PostScript(script *misc.Script) (index int64, err error) {
-	postScriptUrl := fmt.Sprintf("%s/scripts", connector.url)
-
-	payload := postScriptRequest{
-		Title: script.Title,
-		Code:  script.Code,
-	}
-
-	var scriptMarshalled []byte
-	if scriptMarshalled, err = json.Marshal(payload); err != nil {
-		log.Error().Err(err).Msg("Failed to marshal the script:")
-	} else {
-		ok := false
-		for !ok {
-			var resp *http.Response
-			if resp, err = utils.Post(postScriptUrl, "application/json", bytes.NewBuffer(scriptMarshalled), connector.client, config.Config.License); err != nil || resp.StatusCode != http.StatusOK {
-				if _, ok := err.(*url.Error); ok {
-					break
-				}
-				log.Warn().Err(err).Msg("Failed creating script Hub:")
-			} else {
-
-				var j map[string]interface{}
-				err = json.NewDecoder(resp.Body).Decode(&j)
-				if err != nil {
-					return
-				}
-
-				val, ok := j["index"]
-				if !ok {
-					err = errors.New("Response does not contain `key` field!")
-					return
-				}
-
-				index = int64(val.(float64))
-
-				log.Debug().Int("index", int(index)).Interface("script", script).Msg("Created script on Hub:")
-				return
-			}
-			time.Sleep(DefaultSleep)
-		}
-	}
-
-	return
-}
-
-func (connector *Connector) PutScript(script *misc.Script, index int64) (err error) {
-	putScriptUrl := fmt.Sprintf("%s/scripts/%d", connector.url, index)
-
-	var scriptMarshalled []byte
-	if scriptMarshalled, err = json.Marshal(script); err != nil {
-		log.Error().Err(err).Msg("Failed to marshal the script:")
-	} else {
-		ok := false
-		for !ok {
-			client := &http.Client{}
-
-			var req *http.Request
-			req, err = http.NewRequest(http.MethodPut, putScriptUrl, bytes.NewBuffer(scriptMarshalled))
-			if err != nil {
-				log.Error().Err(err).Send()
-				return
-			}
-			req.Header.Set("Content-Type", "application/json")
-			req.Header.Set("License-Key", config.Config.License)
-
-			var resp *http.Response
-			resp, err = client.Do(req)
-			if err != nil {
-				log.Error().Err(err).Send()
-				return
-			}
-
-			if resp.StatusCode != http.StatusOK {
-				if _, ok := err.(*url.Error); ok {
-					break
-				}
-				log.Warn().Err(err).Msg("Failed updating script on Hub:")
-			} else {
-				log.Debug().Int("index", int(index)).Interface("script", script).Msg("Updated script on Hub:")
-				return
-			}
-			time.Sleep(DefaultSleep)
-		}
-	}
-
-	return
-}
-
-func (connector *Connector) DeleteScript(index int64) (err error) {
-	deleteScriptUrl := fmt.Sprintf("%s/scripts/%d", connector.url, index)
-
-	ok := false
-	for !ok {
-		client := &http.Client{}
-
-		var req *http.Request
-		req, err = http.NewRequest(http.MethodDelete, deleteScriptUrl, nil)
-		if err != nil {
-			log.Error().Err(err).Send()
-			return
-		}
-		req.Header.Set("Content-Type", "application/json")
-		req.Header.Set("License-Key", config.Config.License)
-
-		var resp *http.Response
-		resp, err = client.Do(req)
-		if err != nil {
-			log.Error().Err(err).Send()
-			return
-		}
-
-		if resp.StatusCode != http.StatusOK {
-			if _, ok := err.(*url.Error); ok {
-				break
-			}
-			log.Warn().Err(err).Msg("Failed deleting script on Hub:")
-		} else {
-			log.Debug().Int("index", int(index)).Msg("Deleted script on Hub:")
-			return
-		}
-		time.Sleep(DefaultSleep)
-	}
-
-	return
-}
-
 func (connector *Connector) PostPcapsMerge(out *os.File) {
 	postEnvUrl := fmt.Sprintf("%s/pcaps/merge", connector.url)

--- a/kubernetes/config.go
+++ b/kubernetes/config.go
@@ -2,8 +2,12 @@ package kubernetes

 import (
 	"context"
+	"encoding/json"
+	"slices"
+	"strings"

 	"github.com/kubeshark/kubeshark/config"
+	"github.com/kubeshark/kubeshark/misc"
 	"github.com/rs/zerolog/log"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -15,6 +19,7 @@ const (
 	SECRET_LICENSE                    = "LICENSE"
 	CONFIG_POD_REGEX                  = "POD_REGEX"
 	CONFIG_NAMESPACES                 = "NAMESPACES"
+	CONFIG_EXCLUDED_NAMESPACES        = "EXCLUDED_NAMESPACES"
 	CONFIG_SCRIPTING_ENV              = "SCRIPTING_ENV"
 	CONFIG_INGRESS_ENABLED            = "INGRESS_ENABLED"
 	CONFIG_INGRESS_HOST               = "INGRESS_HOST"
@@ -22,6 +27,12 @@ const (
 	CONFIG_AUTH_ENABLED               = "AUTH_ENABLED"
 	CONFIG_AUTH_TYPE                  = "AUTH_TYPE"
 	CONFIG_AUTH_SAML_IDP_METADATA_URL = "AUTH_SAML_IDP_METADATA_URL"
+	CONFIG_SCRIPTING_SCRIPTS          = "SCRIPTING_SCRIPTS"
+	CONFIG_SCRIPTING_ACTIVE_SCRIPTS   = "SCRIPTING_ACTIVE_SCRIPTS"
+	CONFIG_PCAP_DUMP_ENABLE           = "PCAP_DUMP_ENABLE"
+	CONFIG_TIME_INTERVAL              = "TIME_INTERVAL"
+	CONFIG_MAX_TIME                   = "MAX_TIME"
+	CONFIG_MAX_SIZE                   = "MAX_SIZE"
 )

 func SetSecret(provider *Provider, key string, value string) (updated bool, err error) {
@@ -47,6 +58,17 @@ func SetSecret(provider *Provider, key string, value string) (updated bool, err
 	return
 }

+func GetConfig(provider *Provider, key string) (value string, err error) {
+	var configMap *v1.ConfigMap
+	configMap, err = provider.clientSet.CoreV1().ConfigMaps(config.Config.Tap.Release.Namespace).Get(context.TODO(), SELF_RESOURCES_PREFIX+SUFFIX_CONFIG_MAP, metav1.GetOptions{})
+	if err != nil {
+		return
+	}
+
+	value = configMap.Data[key]
+	return
+}
+
 func SetConfig(provider *Provider, key string, value string) (updated bool, err error) {
 	var configMap *v1.ConfigMap
 	configMap, err = provider.clientSet.CoreV1().ConfigMaps(config.Config.Tap.Release.Namespace).Get(context.TODO(), SELF_RESOURCES_PREFIX+SUFFIX_CONFIG_MAP, metav1.GetOptions{})
@@ -62,10 +84,56 @@ func SetConfig(provider *Provider, key string, value string) (updated bool, err
 	_, err = provider.clientSet.CoreV1().ConfigMaps(config.Config.Tap.Release.Namespace).Update(context.TODO(), configMap, metav1.UpdateOptions{})
 	if err == nil {
 		if updated {
-			log.Info().Str("config", key).Str("value", value).Msg("Updated:")
+			log.Info().
+				Str("config", key).
+				Str("value", func() string {
+					if len(value) > 10 {
+						return value[:10]
+					}
+					return value
+				}()).
+				Int("length", len(value)).
+				Msg("Updated. Printing only 10 first characters of value:")
 		}
 	} else {
 		log.Error().Str("config", key).Err(err).Send()
 	}
 	return
 }
+
+func ConfigGetScripts(provider *Provider) (scripts map[int64]misc.ConfigMapScript, err error) {
+	var data string
+	data, err = GetConfig(provider, CONFIG_SCRIPTING_SCRIPTS)
+	if err != nil {
+		return
+	}
+
+	err = json.Unmarshal([]byte(data), &scripts)
+	return
+}
+
+func IsActiveScript(provider *Provider, title string) bool {
+	configActiveScripts, err := GetConfig(provider, CONFIG_SCRIPTING_ACTIVE_SCRIPTS)
+	if err != nil {
+		return false
+	}
+	return strings.Contains(configActiveScripts, title)
+}
+
+func DeleteActiveScriptByTitle(provider *Provider, title string) (err error) {
+	configActiveScripts, err := GetConfig(provider, CONFIG_SCRIPTING_ACTIVE_SCRIPTS)
+	if err != nil {
+		return err
+	}
+	activeScripts := strings.Split(configActiveScripts, ",")
+
+	idx := slices.Index(activeScripts, title)
+	if idx != -1 {
+		activeScripts = slices.Delete(activeScripts, idx, idx+1)
+		_, err = SetConfig(provider, CONFIG_SCRIPTING_ACTIVE_SCRIPTS, strings.Join(activeScripts, ","))
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
--- a/kubernetes/consts.go
+++ b/kubernetes/consts.go
@@ -8,4 +8,5 @@ const (
 	HubServiceName             = HubPodName
 	K8sAllNamespaces           = ""
 	MinKubernetesServerVersion = "1.16.0"
+	AppLabelKey                = "app.kubeshark.co/app"
 )
--- a/kubernetes/provider.go
+++ b/kubernetes/provider.go
@@ -1,6 +1,7 @@
 package kubernetes

 import (
+	"bufio"
 	"bytes"
 	"context"
 	"fmt"
@@ -8,12 +9,14 @@ import (
 	"net/url"
 	"path/filepath"
 	"regexp"
+	"strings"

 	"github.com/kubeshark/kubeshark/config"
 	"github.com/kubeshark/kubeshark/misc"
 	"github.com/kubeshark/kubeshark/semver"
 	"github.com/kubeshark/kubeshark/utils"
 	"github.com/rs/zerolog/log"
+	"github.com/tanqiangyes/grep-go/reader"
 	core "k8s.io/api/core/v1"
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -142,7 +145,7 @@ func (provider *Provider) ListPodsByAppLabel(ctx context.Context, namespaces str
 	return pods.Items, err
 }

-func (provider *Provider) GetPodLogs(ctx context.Context, namespace string, podName string, containerName string) (string, error) {
+func (provider *Provider) GetPodLogs(ctx context.Context, namespace string, podName string, containerName string, grep string) (string, error) {
 	podLogOpts := core.PodLogOptions{Container: containerName}
 	req := provider.clientSet.CoreV1().Pods(namespace).GetLogs(podName, &podLogOpts)
 	podLogs, err := req.Stream(ctx)
@@ -154,8 +157,26 @@ func (provider *Provider) GetPodLogs(ctx context.Context, namespace string, podN
 	if _, err = io.Copy(buf, podLogs); err != nil {
 		return "", fmt.Errorf("error copy information from podLogs to buf, ns: %s, pod: %s, %w", namespace, podName, err)
 	}
-	str := buf.String()
-	return str, nil
+
+	if grep != "" {
+		finder, err := reader.NewFinder(grep, true, true)
+		if err != nil {
+			panic(err)
+		}
+
+		read, err := reader.NewStdReader(bufio.NewReader(buf), []reader.Finder{finder})
+		if err != nil {
+			panic(err)
+		}
+		read.Run()
+		result := read.Result()[0]
+
+		log.Info().Str("namespace", namespace).Str("pod", podName).Str("container", containerName).Int("lines", len(result.Lines)).Str("grep", grep).Send()
+		return strings.Join(result.MatchString, "\n"), nil
+	} else {
+		log.Info().Str("namespace", namespace).Str("pod", podName).Str("container", containerName).Send()
+		return buf.String(), nil
+	}
 }

 func (provider *Provider) GetNamespaceEvents(ctx context.Context, namespace string) (string, error) {
@@ -206,12 +227,28 @@ func (provider *Provider) GetKubernetesVersion() (*semver.SemVersion, error) {
 	return &serverVersionSemVer, nil
 }

-func (provider *Provider) GetNamespaces() []string {
+func (provider *Provider) GetNamespaces() (namespaces []string) {
 	if len(config.Config.Tap.Namespaces) > 0 {
-		return utils.Unique(config.Config.Tap.Namespaces)
+		namespaces = utils.Unique(config.Config.Tap.Namespaces)
 	} else {
-		return []string{K8sAllNamespaces}
+		namespaceList, err := provider.clientSet.CoreV1().Namespaces().List(context.TODO(), metav1.ListOptions{})
+		if err != nil {
+			log.Error().Err(err).Send()
+			return
+		}
+
+		for _, ns := range namespaceList.Items {
+			namespaces = append(namespaces, ns.Name)
+		}
 	}
+
+	namespaces = utils.Diff(namespaces, config.Config.Tap.ExcludedNamespaces)
+
+	return
+}
+
+func (provider *Provider) GetClientSet() *kubernetes.Clientset {
+	return provider.clientSet
 }

 func getClientSet(config *rest.Config) (*kubernetes.Clientset, error) {
--- a/kubernetes/proxy.go
+++ b/kubernetes/proxy.go
@@ -106,7 +106,7 @@ func getRerouteHttpHandlerSelfStatic(proxyHandler http.Handler, selfNamespace st
 }

 func NewPortForward(kubernetesProvider *Provider, namespace string, podRegex *regexp.Regexp, srcPort uint16, dstPort uint16, ctx context.Context) (*portforward.PortForwarder, error) {
-	pods, err := kubernetesProvider.ListPodsByAppLabel(ctx, namespace, map[string]string{"app.kubeshark.co/app": "front"})
+	pods, err := kubernetesProvider.ListPodsByAppLabel(ctx, namespace, map[string]string{AppLabelKey: "front"})
 	if err != nil {
 		return nil, err
 	} else if len(pods) == 0 {
@@ -138,6 +138,7 @@ func NewPortForward(kubernetesProvider *Provider, namespace string, podRegex *re
 	go func() {
 		if err = forwarder.ForwardPorts(); err != nil {
 			log.Error().Err(err).Msg("While Kubernetes port-forwarding!")
+			log.Info().Str("command", fmt.Sprintf("kubectl port-forward -n %s service/kubeshark-front 8899:80", config.Config.Tap.Release.Namespace)).Msg("Please try running:")
 			return
 		}
 	}()
--- a/manifests/README.md
+++ b/manifests/README.md
@@ -23,7 +23,7 @@ kubectl delete clusterrolebinding kubeshark-cluster-role-binding
 kubectl delete clusterrole kubeshark-cluster-role
 ```

-## Accesing
+## Accessing

 Do the port forwarding:

--- a/manifests/complete.yaml
+++ b/manifests/complete.yaml
@@ -1,13 +1,99 @@
 ---
+# Source: kubeshark/templates/17-network-policies.yaml
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.96
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.96"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
+  name: kubeshark-hub-network-policy
+  namespace: default
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: hub
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+    - ports:
+        - protocol: TCP
+          port: 9100
+  egress:
+    - {}
+---
+# Source: kubeshark/templates/17-network-policies.yaml
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.96
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.96"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
+  name: kubeshark-front-network-policy
+  namespace: default
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: front
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+  egress:
+    - {}
+---
+# Source: kubeshark/templates/17-network-policies.yaml
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.96
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.96"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
+  name: kubeshark-worker-network-policy
+  namespace: default
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: worker
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 48999
+        - protocol: TCP
+          port: 49100
+  egress:
+    - {}
+---
 # Source: kubeshark/templates/01-service-account.yaml
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-service-account
@@ -21,10 +107,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
 stringData:
    LICENSE: ''
@@ -38,10 +124,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_CRT: |
@@ -54,10 +140,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_KEY: |
@@ -69,16 +155,16 @@ metadata:
  name: kubeshark-nginx-config-map
  namespace: default
  labels:
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
 data:
  default.conf: |
    server {
-      listen 80;
-      listen [::]:80;
+      listen 8080;
+      listen [::]:8080;
      access_log /dev/stdout;
      error_log /dev/stdout;

@@ -133,40 +219,60 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
 data:
    POD_REGEX: '.*'
    NAMESPACES: ''
+    EXCLUDED_NAMESPACES: ''
+    BPF_OVERRIDE: ''
+    STOPPED: 'false'
    SCRIPTING_SCRIPTS: '{}'
+    SCRIPTING_ACTIVE_SCRIPTS: ''
    INGRESS_ENABLED: 'false'
    INGRESS_HOST: 'ks.svc.cluster.local'
    PROXY_FRONT_PORT: '8899'
-    AUTH_ENABLED: ''
-    AUTH_TYPE: 'saml'
+    AUTH_ENABLED: 'true'
+    AUTH_TYPE: 'oidc'
    AUTH_SAML_IDP_METADATA_URL: ''
    AUTH_SAML_ROLE_ATTRIBUTE: 'role'
-    AUTH_SAML_ROLES: '{"admin":{"canDownloadPCAP":true,"canReplayTraffic":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}'
-    TELEMETRY_DISABLED: ''
-    REPLAY_DISABLED: ''
+    AUTH_SAML_ROLES: '{"admin":{"canDownloadPCAP":true,"canStopTrafficCapturing":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","scriptingPermissions":{"canActivate":true,"canDelete":true,"canSave":true},"showAdminConsoleLink":true}}'
+    TELEMETRY_DISABLED: 'false'
+    SCRIPTING_DISABLED: ''
+    TARGETED_PODS_UPDATE_DISABLED: ''
+    PRESET_FILTERS_CHANGING_ENABLED: 'true'
+    RECORDING_DISABLED: ''
+    STOP_TRAFFIC_CAPTURING_DISABLED: 'false'
    GLOBAL_FILTER: ""
+    DEFAULT_FILTER: "!dns and !error"
    TRAFFIC_SAMPLE_RATE: '100'
    JSON_TTL: '5m'
    PCAP_TTL: '10s'
    PCAP_ERROR_TTL: '60s'
+    TIMEZONE: ' '
+    CLOUD_LICENSE_ENABLED: 'true'
+    DUPLICATE_TIMEFRAME: '200ms'
+    ENABLED_DISSECTORS: 'amqp,dns,http,icmp,kafka,redis,sctp,syscall,ws,ldap,radius,diameter'
+    CUSTOM_MACROS: '{"https":"tls and (http or http2)"}'
+    DISSECTORS_UPDATING_ENABLED: 'true'
+    DETECT_DUPLICATES: 'false'
+    PCAP_DUMP_ENABLE: 'true'
+    PCAP_TIME_INTERVAL: '1m'
+    PCAP_MAX_TIME: '1h'
+    PCAP_MAX_SIZE: '500MB'
 ---
 # Source: kubeshark/templates/02-cluster-role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-cluster-role-default
@@ -177,6 +283,7 @@ rules:
      - extensions
      - apps
    resources:
+      - nodes
      - pods
      - services
      - endpoints
@@ -185,16 +292,35 @@ rules:
      - list
      - get
      - watch
+  - apiGroups:
+      - ""
+    resources:
+      - namespaces
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+    - networking.k8s.io
+    resources:
+    - networkpolicies
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - delete
 ---
 # Source: kubeshark/templates/03-cluster-role-binding.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-cluster-role-binding-default
@@ -213,10 +339,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role
@@ -234,6 +360,7 @@ rules:
    verbs:
      - get
      - watch
+      - list
      - update
      - patch
 ---
@@ -242,10 +369,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role-binding
@@ -265,10 +392,10 @@ kind: Service
 metadata:
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-hub
@@ -277,7 +404,7 @@ spec:
  ports:
    - name: kubeshark-hub
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: hub
  type: ClusterIP
@@ -287,10 +414,10 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-front
@@ -299,7 +426,7 @@ spec:
  ports:
    - name: kubeshark-front
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: front
  type: ClusterIP
@@ -308,18 +435,24 @@ spec:
 kind: Service
 apiVersion: v1
 metadata:
-  name: kubeshark-worker-metrics
-  namespace: default
+  labels:
+    helm.sh/chart: kubeshark-52.3.96
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.96"
+    app.kubernetes.io/managed-by: Helm
  annotations:
    prometheus.io/scrape: 'true'
    prometheus.io/port: '49100'
+  name: kubeshark-worker-metrics
+  namespace: default
 spec:
  selector:
    app.kubeshark.co/app: worker
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  ports:
  - name: metrics
@@ -327,6 +460,35 @@ spec:
    port: 49100
    targetPort: 49100
 ---
+# Source: kubeshark/templates/16-hub-service-metrics.yaml
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.96
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.96"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
+    prometheus.io/scrape: 'true'
+    prometheus.io/port: '9100'
+  name: kubeshark-hub-metrics
+  namespace: default
+spec:
+  selector:
+    app.kubeshark.co/app: hub
+    helm.sh/chart: kubeshark-52.3.96
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.96"
+    app.kubernetes.io/managed-by: Helm
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: 9100
+    targetPort: 9100
+---
 # Source: kubeshark/templates/09-worker-daemon-set.yaml
 apiVersion: apps/v1
 kind: DaemonSet
@@ -334,10 +496,10 @@ metadata:
  labels:
    app.kubeshark.co/app: worker
    sidecar.istio.io/inject: "false"
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-worker-daemon-set
@@ -346,51 +508,68 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: worker
-      helm.sh/chart: kubeshark-52.1.61
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
-      app.kubernetes.io/version: "52.1.61"
-      app.kubernetes.io/managed-by: Helm
  template:
    metadata:
      labels:
        app.kubeshark.co/app: worker
-        helm.sh/chart: kubeshark-52.1.61
+        helm.sh/chart: kubeshark-52.3.96
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.1.61"
+        app.kubernetes.io/version: "52.3.96"
        app.kubernetes.io/managed-by: Helm
      name: kubeshark-worker-daemon-set
      namespace: kubeshark
    spec:
      initContainers:
-      - name: load-pf-ring
-        image: kubeshark/pf-ring-module:all
-        imagePullPolicy: Always
-        securityContext:
-          capabilities:
-            add:
-              - SYS_MODULE
-            drop:
-              - ALL
-        volumeMounts:
-        - name: lib-modules
-          mountPath: /lib/modules
+        - command:
+          - /bin/sh
+          - -c
+          - mkdir -p /sys/fs/bpf && mount | grep -q '/sys/fs/bpf' || mount -t bpf bpf /sys/fs/bpf
+          image: 'docker.io/kubeshark/worker:v52.3.96'
+          imagePullPolicy: Always
+          name: check-bpf
+          securityContext:
+            privileged: true
+          volumeMounts:
+          - mountPath: /sys
+            name: sys
+            mountPropagation: Bidirectional
+        - command:
+          - ./tracer
+          - -init-bpf
+          image: 'docker.io/kubeshark/worker:v52.3.96'
+          imagePullPolicy: Always
+          name: init-bpf
+          securityContext:
+            privileged: true
+          volumeMounts:
+          - mountPath: /sys
+            name: sys
      containers:
        - command:
            - ./worker
            - -i
            - any
            - -port
-            - '30001'
+            - '48999'
            - -metrics-port
            - '49100'
+            - -packet-capture
+            - 'best'
+            - -loglevel
+            - 'warning'
            - -unixsocket
            - -servicemesh
            - -procfs
            - /hostproc
-            - -kernel-module
-          image: 'docker.io/kubeshark/worker:v52.1.61'
+            - -disable-ebpf
+            - -resolution-strategy
+            - 'auto'
+            - -staletimeout
+            - '30'
+          image: 'docker.io/kubeshark/worker:v52.3.96'
          imagePullPolicy: Always
          name: sniffer
          ports:
@@ -408,15 +587,29 @@ spec:
                fieldPath: metadata.namespace
          - name: TCP_STREAM_CHANNEL_TIMEOUT_MS
            value: '10000'
+          - name: TCP_STREAM_CHANNEL_TIMEOUT_SHOW
+            value: 'false'
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
+          - name: PROFILING_ENABLED
+            value: 'false'
+          - name: SENTRY_ENABLED
+            value: 'false'
+          - name: SENTRY_ENVIRONMENT
+            value: 'production'
          resources:
            limits:
-              cpu: 750m
-              memory: 1Gi
+              
+              
+              memory: 5Gi
+              
            requests:
+              
              cpu: 50m
+              
+              
              memory: 50Mi
+              
          securityContext:
            capabilities:
              add:
@@ -425,22 +618,26 @@ spec:
                - SYS_ADMIN
                - SYS_PTRACE
                - DAC_OVERRIDE
+                - SYS_ADMIN
+                - SYS_PTRACE
+                - SYS_RESOURCE
+                - IPC_LOCK
              drop:
                - ALL
          readinessProbe:
-            periodSeconds: 1
+            periodSeconds: 10
            failureThreshold: 3
            successThreshold: 1
-            initialDelaySeconds: 5
+            initialDelaySeconds: 15
            tcpSocket:
-              port: 30001
+              port: 48999
          livenessProbe:
-            periodSeconds: 1
+            periodSeconds: 10
            failureThreshold: 3
            successThreshold: 1
-            initialDelaySeconds: 5
+            initialDelaySeconds: 15
            tcpSocket:
-              port: 30001
+              port: 48999
          volumeMounts:
            - mountPath: /hostproc
              name: proc
@@ -454,7 +651,11 @@ spec:
            - ./tracer
            - -procfs
            - /hostproc
-          image: 'docker.io/kubeshark/worker:v52.1.61'
+            - -disable-ebpf
+            - -disable-tls-log
+            # - -loglevel
+            # - 'warning'
+          image: 'docker.io/kubeshark/worker:v52.3.96'
          imagePullPolicy: Always
          name: tracer
          env:
@@ -466,13 +667,25 @@ spec:
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
+          - name: PROFILING_ENABLED
+            value: 'false'
+          - name: SENTRY_ENABLED
+            value: 'false'
+          - name: SENTRY_ENVIRONMENT
+            value: 'production'
          resources:
            limits:
-              cpu: 750m
-              memory: 1Gi
+              
+              
+              memory: 5Gi
+              
            requests:
+              
              cpu: 50m
+              
+              
              memory: 50Mi
+              
          securityContext:
            capabilities:
              add:
@@ -480,6 +693,8 @@ spec:
                - SYS_PTRACE
                - SYS_RESOURCE
                - IPC_LOCK
+                - NET_RAW
+                - NET_ADMIN
              drop:
                - ALL
          volumeMounts:
@@ -491,6 +706,13 @@ spec:
              readOnly: true
            - mountPath: /app/data
              name: data
+            - mountPath: /etc/os-release
+              name: os-release
+              readOnly: true
+            - mountPath: /hostroot
+              mountPropagation: HostToContainer
+              name: root
+              readOnly: true
      dnsPolicy: ClusterFirstWithHostNet
      hostNetwork: true
      serviceAccountName: kubeshark-service-account
@@ -519,9 +741,15 @@ spec:
        - name: lib-modules
          hostPath:
            path: /lib/modules
+        - hostPath:
+            path: /etc/os-release
+          name: os-release
+        - hostPath:
+            path: /
+          name: root
        - name: data
          emptyDir:
-            sizeLimit: 500Mi
+            sizeLimit: 5000Mi
 ---
 # Source: kubeshark/templates/04-hub-deployment.yaml
 apiVersion: apps/v1
@@ -529,10 +757,10 @@ kind: Deployment
 metadata:
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-hub
@@ -542,27 +770,28 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: hub
-      helm.sh/chart: kubeshark-52.1.61
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
-      app.kubernetes.io/version: "52.1.61"
-      app.kubernetes.io/managed-by: Helm
  template:
    metadata:
      labels:
        app.kubeshark.co/app: hub
-        helm.sh/chart: kubeshark-52.1.61
+        helm.sh/chart: kubeshark-52.3.96
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.1.61"
+        app.kubernetes.io/version: "52.3.96"
        app.kubernetes.io/managed-by: Helm
    spec:
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: kubeshark-service-account
      containers:
-        - name: kubeshark-hub
+        - name: hub
          command:
            - ./hub
+            - -port
+            - "8080"
+            - -loglevel
+            - 'warning'
          env:
          - name: POD_NAME
            valueFrom:
@@ -572,35 +801,56 @@ spec:
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
+          - name: SENTRY_ENABLED
+            value: 'false'
+          - name: SENTRY_ENVIRONMENT
+            value: 'production'
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
-          image: 'docker.io/kubeshark/hub:v52.1.61'
+          - name: PROFILING_ENABLED
+            value: 'false'
+          image: 'docker.io/kubeshark/hub:v52.3.96'
          imagePullPolicy: Always
          readinessProbe:
-            periodSeconds: 1
+            periodSeconds: 10
            failureThreshold: 3
            successThreshold: 1
-            initialDelaySeconds: 3
+            initialDelaySeconds: 15
            tcpSocket:
-              port: 80
+              port: 8080
          livenessProbe:
-            periodSeconds: 1
+            periodSeconds: 10
            failureThreshold: 3
            successThreshold: 1
-            initialDelaySeconds: 3
+            initialDelaySeconds: 15
            tcpSocket:
-              port: 80
+              port: 8080
          resources:
            limits:
-              cpu: 750m
-              memory: 1Gi
+              
+              
+              memory: 5Gi
+              
            requests:
+              
              cpu: 50m
+              
+              
              memory: 50Mi
+              
          volumeMounts:
          - name: saml-x509-volume
            mountPath: "/etc/saml/x509"
            readOnly: true
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/os
+                operator: In
+                values:
+                - linux
      volumes:
      - name: saml-x509-volume
        projected:
@@ -622,10 +872,10 @@ kind: Deployment
 metadata:
  labels:
    app.kubeshark.co/app: front
-    helm.sh/chart: kubeshark-52.1.61
+    helm.sh/chart: kubeshark-52.3.96
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.61"
+    app.kubernetes.io/version: "52.3.96"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-front
@@ -635,34 +885,51 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: front
-      helm.sh/chart: kubeshark-52.1.61
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
-      app.kubernetes.io/version: "52.1.61"
-      app.kubernetes.io/managed-by: Helm
  template:
    metadata:
      labels:
        app.kubeshark.co/app: front
-        helm.sh/chart: kubeshark-52.1.61
+        helm.sh/chart: kubeshark-52.3.96
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.1.61"
+        app.kubernetes.io/version: "52.3.96"
        app.kubernetes.io/managed-by: Helm
    spec:
      containers:
        - env:
-            - name: REACT_APP_DEFAULT_FILTER
-              value: ' '
            - name: REACT_APP_AUTH_ENABLED
-              value: 'false'
+              value: 'true'
            - name: REACT_APP_AUTH_TYPE
-              value: 'saml'
+              value: 'oidc'
            - name: REACT_APP_AUTH_SAML_IDP_METADATA_URL
              value: ' '
-            - name: REACT_APP_REPLAY_DISABLED
+            - name: REACT_APP_TIMEZONE
+              value: ' '
+            - name: REACT_APP_SCRIPTING_DISABLED
              value: 'false'
-          image: 'docker.io/kubeshark/front:v52.1.61'
+            - name: REACT_APP_TARGETED_PODS_UPDATE_DISABLED
+              value: 'false'
+            - name: REACT_APP_PRESET_FILTERS_CHANGING_ENABLED
+              value: 'true'
+            - name: REACT_APP_BPF_OVERRIDE_DISABLED
+              value: 'false'
+            - name: REACT_APP_RECORDING_DISABLED
+              value: 'false'
+            - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED
+              value: 'false'
+            - name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
+              value: 'true'
+            - name: REACT_APP_SUPPORT_CHAT_ENABLED
+              value: 'true'
+            - name: REACT_APP_DISSECTORS_UPDATING_ENABLED
+              value: 'true'
+            - name: REACT_APP_SENTRY_ENABLED
+              value: 'false'
+            - name: REACT_APP_SENTRY_ENVIRONMENT
+              value: 'production'
+          image: 'docker.io/kubeshark/front:v52.3.96'
          imagePullPolicy: Always
          name: kubeshark-front
          livenessProbe:
@@ -671,14 +938,14 @@ spec:
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          readinessProbe:
            periodSeconds: 1
            failureThreshold: 3
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
            timeoutSeconds: 1
          resources:
            limits:
@@ -692,6 +959,15 @@ spec:
              mountPath: /etc/nginx/conf.d/default.conf
              subPath: default.conf
              readOnly: true
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/os
+                operator: In
+                values:
+                - linux
      volumes:
        - name: nginx-config
          configMap:
--- a/misc/fsUtils/kubesharkLogsUtils.go
+++ b/misc/fsUtils/kubesharkLogsUtils.go
@@ -13,7 +13,7 @@ import (
 	"github.com/rs/zerolog/log"
 )

-func DumpLogs(ctx context.Context, provider *kubernetes.Provider, filePath string) error {
+func DumpLogs(ctx context.Context, provider *kubernetes.Provider, filePath string, grep string) error {
 	podExactRegex := regexp.MustCompile("^" + kubernetes.SELF_RESOURCES_PREFIX)
 	pods, err := provider.ListAllPodsMatchingRegex(ctx, podExactRegex, []string{config.Config.Tap.Release.Namespace})
 	if err != nil {
@@ -34,7 +34,7 @@ func DumpLogs(ctx context.Context, provider *kubernetes.Provider, filePath strin

 	for _, pod := range pods {
 		for _, container := range pod.Spec.Containers {
-			logs, err := provider.GetPodLogs(ctx, pod.Namespace, pod.Name, container.Name)
+			logs, err := provider.GetPodLogs(ctx, pod.Namespace, pod.Name, container.Name, grep)
 			if err != nil {
 				log.Error().Err(err).Msg("Failed to get logs!")
 				continue
--- a/misc/scripting.go
+++ b/misc/scripting.go
@@ -10,9 +10,24 @@ import (
 )

 type Script struct {
-	Path  string `json:"path"`
-	Title string `json:"title"`
-	Code  string `json:"code"`
+	Path   string `json:"path"`
+	Title  string `json:"title"`
+	Code   string `json:"code"`
+	Active bool   `json:"active"`
+}
+
+type ConfigMapScript struct {
+	Title  string `json:"title"`
+	Code   string `json:"code"`
+	Active bool   `json:"active"`
+}
+
+func (s *Script) ConfigMap() ConfigMapScript {
+	return ConfigMapScript{
+		Title:  s.Title,
+		Code:   s.Code,
+		Active: s.Active,
+	}
 }

 func ReadScriptFile(path string) (script *Script, err error) {
@@ -46,9 +61,10 @@ func ReadScriptFile(path string) (script *Script, err error) {
 	}

 	script = &Script{
-		Path:  path,
-		Title: title,
-		Code:  code,
+		Path:   path,
+		Title:  title,
+		Code:   code,
+		Active: false,
 	}

 	return
--- a/utils/http.go
+++ b/utils/http.go
@@ -8,10 +8,21 @@ import (
 	"strings"
 )

+const (
+	X_KUBESHARK_CAPTURE_HEADER_KEY          = "X-Kubeshark-Capture"
+	X_KUBESHARK_CAPTURE_HEADER_IGNORE_VALUE = "ignore"
+)
+
 // Get - When err is nil, resp always contains a non-nil resp.Body.
 // Caller should close resp.Body when done reading from it.
 func Get(url string, client *http.Client) (*http.Response, error) {
-	return checkError(client.Get(url))
+	req, err := http.NewRequest(http.MethodGet, url, nil)
+	if err != nil {
+		return nil, err
+	}
+	AddIgnoreCaptureHeader(req)
+
+	return checkError(client.Do(req))
 }

 // Post - When err is nil, resp always contains a non-nil resp.Body.
@@ -21,6 +32,7 @@ func Post(url, contentType string, body io.Reader, client *http.Client, licenseK
 	if err != nil {
 		return nil, err
 	}
+	AddIgnoreCaptureHeader(req)
 	req.Header.Set("Content-Type", "application/json")
 	req.Header.Set("License-Key", licenseKey)

@@ -51,3 +63,7 @@ func checkError(response *http.Response, errInOperation error) (*http.Response,

 	return response, nil
 }
+
+func AddIgnoreCaptureHeader(req *http.Request) {
+	req.Header.Set(X_KUBESHARK_CAPTURE_HEADER_KEY, X_KUBESHARK_CAPTURE_HEADER_IGNORE_VALUE)
+}
--- a/utils/slice.go
+++ b/utils/slice.go
@@ -37,3 +37,18 @@ func EqualStringSlices(slice1 []string, slice2 []string) bool {

 	return true
 }
+
+// Diff returns the elements in `a` that aren't in `b`.
+func Diff(a, b []string) []string {
+	mb := make(map[string]struct{}, len(b))
+	for _, x := range b {
+		mb[x] = struct{}{}
+	}
+	var diff []string
+	for _, x := range a {
+		if _, found := mb[x]; !found {
+			diff = append(diff, x)
+		}
+	}
+	return diff
+}