cilium
diff --git a/‎Documentation/cmdref/cilium-agent.md‎
Lines changed: 1 addition & 0 deletions b/‎Documentation/cmdref/cilium-agent.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Documentation/cmdref/cilium-agent_hive.md‎
Lines changed: 1 addition & 0 deletions b/‎Documentation/cmdref/cilium-agent_hive.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Documentation/cmdref/cilium-agent_hive_dot-graph.md‎
Lines changed: 1 addition & 0 deletions b/‎Documentation/cmdref/cilium-agent_hive_dot-graph.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Documentation/helm-values.rst‎
Lines changed: 4 additions & 0 deletions b/‎Documentation/helm-values.rst‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/kubernetes/cilium/README.md‎
Lines changed: 1 addition & 0 deletions b/‎install/kubernetes/cilium/README.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎install/kubernetes/cilium/templates/cilium-configmap.yaml‎
Lines changed: 3 additions & 0 deletions b/‎install/kubernetes/cilium/templates/cilium-configmap.yaml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎install/kubernetes/cilium/values.schema.json‎
Lines changed: 7 additions & 0 deletions b/‎install/kubernetes/cilium/values.schema.json‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎install/kubernetes/cilium/values.yaml‎
Lines changed: 3 additions & 0 deletions b/‎install/kubernetes/cilium/values.yaml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎install/kubernetes/cilium/values.yaml.tmpl‎
Lines changed: 3 additions & 0 deletions b/‎install/kubernetes/cilium/values.yaml.tmpl‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎pkg/hubble/cell/config.go‎
Lines changed: 7 additions & 3 deletions b/‎pkg/hubble/cell/config.go‎
Lines changed: 7 additions & 3 deletions
@@ -981,6 +981,9 @@ data:
   enable-hubble-open-metrics: {{ .Values.hubble.metrics.enableOpenMetrics | quote }}
 {{- end }}
 
+{{- if hasKey .Values.hubble.l3l4netpolenrichment "enabled" }}
+  hubble-l3l4-net-pol-enrichment-enabled: {{ .Values.hubble.l3l4netpolenrichment.enabled | quote }}
+{{- end }}
 {{- if .Values.hubble.redact }}
 {{- if eq .Values.hubble.redact.enabled true }}
   # Enables hubble redact capabilities
 
@@ -2665,6 +2665,13 @@
           },
           "type": "object"
         },
+        "l3l4netpolenrichment": {
+          "properties": {
+            "enabled": {
+              "type": "boolean"
+            }
+          }
+        },
         "listenAddress": {
           "type": "string"
         },
 
@@ -1340,6 +1340,9 @@ hubble:
             excludeFilters: []
   # -- Unix domain socket path to listen to when Hubble is enabled.
   socketPath: /var/run/cilium/hubble.sock
+  # -- Enable L3/L4 network policy enrichment of Hubble Flows (true by default).
+  l3l4netpolenrichment:
+    enabled: true  
   # -- Enables redacting sensitive information present in Layer 7 flows.
   redact:
     enabled: false
 
@@ -113,6 +113,8 @@ type config struct {
 	K8sDropEventsInterval time.Duration `mapstructure:"hubble-drop-events-interval"`
 	// K8sDropEventsReasons controls which drop reasons to emit events for.
 	K8sDropEventsReasons []string `mapstructure:"hubble-drop-events-reasons"`
+	// EnableL3L4PolicyEnrichment controls whether to enable L3/L4 network policy enrichment.
+	EnableL3L4PolicyEnrichment bool `mapstructure:"hubble-l3l4-net-pol-enrichment-enabled"`
 }
 
 var defaultConfig = config{
@@ -154,9 +156,10 @@ var defaultConfig = config{
 	RedactHttpHeadersDeny:  []string{},
 	RedactKafkaAPIKey:      false,
 	// Hubble k8s v1.Events integration configuration.
-	EnableK8sDropEvents:   false,
-	K8sDropEventsInterval: 2 * time.Minute,
-	K8sDropEventsReasons:  []string{"auth_required", "policy_denied"},
+	EnableK8sDropEvents:        false,
+	K8sDropEventsInterval:      2 * time.Minute,
+	K8sDropEventsReasons:       []string{"auth_required", "policy_denied"},
+	EnableL3L4PolicyEnrichment: true,
 }
 
 func (def config) Flags(flags *pflag.FlagSet) {
@@ -205,6 +208,7 @@ func (def config) Flags(flags *pflag.FlagSet) {
 	flags.Bool("hubble-drop-events", def.EnableK8sDropEvents, "Emit packet drop Events related to pods (alpha)")
 	flags.Duration("hubble-drop-events-interval", def.K8sDropEventsInterval, "Minimum time between emitting same events")
 	flags.StringSlice("hubble-drop-events-reasons", def.K8sDropEventsReasons, "Drop reasons to emit events for")
+	flags.Bool("hubble-l3l4-net-pol-enrichment-enabled", def.EnableL3L4PolicyEnrichment, "Enable L3/L4 network policy enrichment of Hubble Flow logs")
 }
 
 func (cfg *config) normalize() {