/** * Parse set_tp_src actions. * The key and delimiter for the action should be omitted, and only the * data should be presented to this decoder. A leading 0x is permitted. * * @param actionToDecode; The action as a string to decode * @param version; The OF version to create the action for * @param log * @return */ private static OFActionSetTpSrc decode_set_src_port(String actionToDecode, OFVersion version, Logger log) { Matcher n = Pattern.compile("((?:0x)?\\d+)").matcher(actionToDecode); if (n.matches()) { if (n.group(1) != null) { try { TransportPort portnum = TransportPort.of(get_int(n.group(1))); OFActionSetTpSrc.Builder ab = OFFactories.getFactory(version).actions().buildSetTpSrc(); ab.setTpPort(portnum); log.debug("action {}", ab.build()); return ab.build(); } catch (NumberFormatException e) { log.debug("Invalid src-port in: {} (error ignored)", actionToDecode); return null; } } } else { log.debug("Invalid action: '{}'", actionToDecode); return null; } return null; }
/** * Parse set_tp_dst actions. * The key and delimiter for the action should be omitted, and only the * data should be presented to this decoder. A leading 0x is permitted. * * @param actionToDecode; The action as a string to decode * @param version; The OF version to create the action for * @param log * @return */ private static OFAction decode_set_dst_port(String actionToDecode, OFVersion version, Logger log) { Matcher n = Pattern.compile("((?:0x)?\\d+)").matcher(actionToDecode); if (n.matches()) { if (n.group(1) != null) { try { TransportPort portnum = TransportPort.of(get_int(n.group(1))); OFActionSetTpDst.Builder ab = OFFactories.getFactory(version).actions().buildSetTpDst(); ab.setTpPort(portnum); log.debug("action {}", ab.build()); return ab.build(); } catch (NumberFormatException e) { log.debug("Invalid dst-port in: {} (error ignored)", actionToDecode); return null; } } } else { log.debug("Invalid action: '{}'", actionToDecode); return null; } return null; }
/** * The default rule is to match on anything. */ public FirewallRule() { this.dpid = DatapathId.NONE; this.in_port = OFPort.ANY; this.dl_src = MacAddress.NONE; this.dl_dst = MacAddress.NONE; this.dl_type = EthType.NONE; this.nw_src_prefix_and_mask = IPv4AddressWithMask.NONE; this.nw_dst_prefix_and_mask = IPv4AddressWithMask.NONE; this.nw_proto = IpProtocol.NONE; this.tp_src = TransportPort.NONE; this.tp_dst = TransportPort.NONE; this.any_dpid = true; this.any_in_port = true; this.any_dl_src = true; this.any_dl_dst = true; this.any_dl_type = true; this.any_nw_src = true; this.any_nw_dst = true; this.any_nw_proto = true; this.any_tp_src = true; this.any_tp_dst = true; this.priority = 0; this.action = FirewallAction.ALLOW; this.ruleid = 0; }
/** * Parse set_tp_src actions. * The key and delimiter for the action should be omitted, and only the * data should be presented to this decoder. A leading 0x is permitted. * * @param actionToDecode; The action as a string to decode * @param version; The OF version to create the action for * @param log * @return */ private static OFActionSetTpSrc decode_set_src_port(String actionToDecode, OFVersion version, Logger log) { Matcher n = Pattern.compile("((?:0x)?\\d+)").matcher(actionToDecode); if (n.matches()) { if (n.group(1) != null) { try { TransportPort portnum = TransportPort.of(get_short(n.group(1))); OFActionSetTpSrc.Builder ab = OFFactories.getFactory(version).actions().buildSetTpSrc(); ab.setTpPort(portnum); log.debug("action {}", ab.build()); return ab.build(); } catch (NumberFormatException e) { log.debug("Invalid src-port in: {} (error ignored)", actionToDecode); return null; } } } else { log.debug("Invalid action: '{}'", actionToDecode); return null; } return null; }
/** * Parse set_tp_dst actions. * The key and delimiter for the action should be omitted, and only the * data should be presented to this decoder. A leading 0x is permitted. * * @param actionToDecode; The action as a string to decode * @param version; The OF version to create the action for * @param log * @return */ private static OFAction decode_set_dst_port(String actionToDecode, OFVersion version, Logger log) { Matcher n = Pattern.compile("((?:0x)?\\d+)").matcher(actionToDecode); if (n.matches()) { if (n.group(1) != null) { try { TransportPort portnum = TransportPort.of(get_short(n.group(1))); OFActionSetTpDst.Builder ab = OFFactories.getFactory(version).actions().buildSetTpDst(); ab.setTpPort(portnum); log.debug("action {}", ab.build()); return ab.build(); } catch (NumberFormatException e) { log.debug("Invalid dst-port in: {} (error ignored)", actionToDecode); return null; } } } else { log.debug("Invalid action: '{}'", actionToDecode); return null; } return null; }
public FlowRecord(IPv6Address srcAddr, IPv6Address dstAddr, TransportPort srcPort, TransportPort dstPort, IpProtocol prot, byte tos, int input, int pkts, int octs, long first, long last, byte tcpflags, int drops, int type, long timestamp) { this.srcAddr = srcAddr; this.dstAddr = dstAddr; this.srcPort = srcPort; this.dstPort = dstPort; this.prot = prot; this.tos = tos; this.input = input; this.pkts = pkts; this.octs = octs; this.first = first; this.last = last; this.tcpflags = tcpflags; this.drops = drops; this.type = type; this.timestamp = timestamp; }
public FlowPersistence(IPv6Address srcAddr, IPv6Address dstAddr, TransportPort srcPort, TransportPort dstPort, IpProtocol prot, byte tos, int input, int pkts, int octs, long first, long last, byte tcpflags, int drops, int type, long timestamp) { this.srcAddr = srcAddr; this.dstAddr = dstAddr; this.srcPort = srcPort; this.dstPort = dstPort; this.prot = prot; this.tos = tos; this.input = input; this.pkts = pkts; this.octs = octs; this.first = first; this.last = last; this.tcpflags = tcpflags; this.drops = drops; this.type = type; this.timestamp = timestamp; }
public static void main(String []args){ IPv6Address srcAddr = IPv6Address.of(11L, 11L); IPv6Address dstAddr = IPv6Address.of(12L,12L); TransportPort srcPort = TransportPort.of(11); TransportPort dstPort = TransportPort.of(12); //int prot = 67; IpProtocol prot = IpProtocol.of((byte)67); byte tos = 1; int input= 1 ; int pkts=1212; int octs=123123; long first=System.currentTimeMillis(); long last= System.currentTimeMillis(); byte tcpflags= 11; int drops= 1223; int type =2;//因为何种原因而不再活跃 long timestamp= System.currentTimeMillis();// FlowPersistence f = new FlowPersistence(srcAddr,dstAddr,srcPort,dstPort,prot,tos,input,pkts ,octs,first,last,tcpflags,drops,type,timestamp); FlowStatisticsDAO fsDAO = new FlowStatisticsDAOImpl(); fsDAO.insertFlow(f); }
protected IPacket getPacket() { UDP udp = new UDP() .setDestinationPort( TransportPort.of(PathVerificationService.VERIFICATION_PACKET_UDP_PORT)) .setSourcePort( TransportPort.of(PathVerificationService.VERIFICATION_PACKET_UDP_PORT)); VerificationPacket verificationPacket = new VerificationPacket() .setChassisId(new LLDPTLV().setType((byte) 1).setLength((short) 7) .setValue(new byte[] {0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01})) .setPortId(new LLDPTLV().setType((byte) 2).setLength((short) 3) .setValue(new byte[] {0x02, 0x00, 0x01})) .setTtl(new LLDPTLV().setType((byte) 3).setLength((short) 2) .setValue(new byte[] {0x00, 0x78})); udp.setPayload(new Data(verificationPacket.serialize())); IPv4 ip = new IPv4() .setSourceAddress("192.168.0.1") .setDestinationAddress(PathVerificationService.VERIFICATION_PACKET_IP_DST) .setProtocol(IpProtocol.UDP); Ethernet eth = new Ethernet() .setDestinationMACAddress("AA:BB:CC:DD:EE:FF") .setSourceMACAddress("11:22:33:44:55:66") .setEtherType(EthType.IPv4); eth.setPayload(ip); ip.setPayload(udp); return eth; }
@Test public void testTDD() throws Exception { String controllerAddress = "kilda"; TransportPort controllerPort = TransportPort.of(6653); OFVersion ofVersion = OFVersion.OF_13; IMininetController controller = new MininetController() .setIP(controllerAddress) .setPort(controllerPort) .setVersion(ofVersion) .setName("floodlight") .build(); IMininet mininet = new Mininet() .addMininetServer(MININET_ADDRESS, MININET_PORT) .clear() .addController(controller) .addSwitch("sw1", DatapathId.of(1)) .addSwitch("sw2", DatapathId.of(2)) .addLink("sw1", "sw2") .build(); List<MininetSwitch> switches = mininet.switches().getSwitches(); assertEquals("failure - should have exactly 2 switches", 2, switches.size()); Thread.sleep(MAX_CONNECT_TIME); switches = mininet.switches().getSwitches(); for(MininetSwitch sw: switches) { assertTrue(String.format("failure - %s should be connected", sw.getName()), sw.getConnected()); } List<MininetLink> links = mininet.links().getLinks(); for(MininetLink link: links) { assertTrue(String.format("failure - %s should be up", link.getName()), link.isUp()); } }
@Override public IPacket deserialize(byte[] data, int offset, int length) throws PacketParsingException { ByteBuffer bb = ByteBuffer.wrap(data, offset, length); this.sourcePort = TransportPort.of((int) (bb.getShort() & 0xffff)); // short will be signed, pos or neg this.destinationPort = TransportPort.of((int) (bb.getShort() & 0xffff)); // convert range 0 to 65534, not -32768 to 32767 this.sequence = bb.getInt(); this.acknowledge = bb.getInt(); this.flags = bb.getShort(); this.dataOffset = (byte) ((this.flags >> 12) & 0xf); if (this.dataOffset < 5) { throw new PacketParsingException("Invalid tcp header length < 20"); } this.flags = (short) (this.flags & 0x1ff); this.windowSize = bb.getShort(); this.checksum = bb.getShort(); this.urgentPointer = bb.getShort(); if (this.dataOffset > 5) { int optLength = (dataOffset << 2) - 20; if (bb.limit() < bb.position()+optLength) { optLength = bb.limit() - bb.position(); } try { this.options = new byte[optLength]; bb.get(this.options, 0, optLength); } catch (IndexOutOfBoundsException e) { this.options = null; } } this.payload = new Data(); int remLength = bb.limit()-bb.position(); this.payload = payload.deserialize(data, bb.position(), remLength); this.payload.setParent(this); return this; }
@Test public void testReadRulesFromStorage() throws Exception { // add 2 rules first FirewallRule rule = new FirewallRule(); rule.in_port = OFPort.of(2); rule.dl_src = MacAddress.of("00:00:00:00:00:01"); rule.dl_dst = MacAddress.of("00:00:00:00:00:02"); rule.priority = 1; rule.action = FirewallRule.FirewallAction.DROP; firewall.addRule(rule); rule = new FirewallRule(); rule.in_port = OFPort.of(3); rule.dl_src = MacAddress.of("00:00:00:00:00:02"); rule.dl_dst = MacAddress.of("00:00:00:00:00:01"); rule.nw_proto = IpProtocol.TCP; rule.any_nw_proto = false; rule.tp_dst = TransportPort.of(80); rule.priority = 2; rule.action = FirewallRule.FirewallAction.ALLOW; firewall.addRule(rule); List<FirewallRule> rules = firewall.readRulesFromStorage(); // verify rule 1 FirewallRule r = rules.get(0); assertEquals(r.in_port, OFPort.of(2)); assertEquals(r.priority, 1); assertEquals(r.dl_src, MacAddress.of("00:00:00:00:00:01")); assertEquals(r.dl_dst, MacAddress.of("00:00:00:00:00:02")); assertEquals(r.action, FirewallRule.FirewallAction.DROP); // verify rule 2 r = rules.get(1); assertEquals(r.in_port, OFPort.of(3)); assertEquals(r.priority, 2); assertEquals(r.dl_src, MacAddress.of("00:00:00:00:00:02")); assertEquals(r.dl_dst, MacAddress.of("00:00:00:00:00:01")); assertEquals(r.nw_proto, IpProtocol.TCP); assertEquals(r.tp_dst, TransportPort.of(80)); assertEquals(r.any_nw_proto, false); assertEquals(r.action, FirewallRule.FirewallAction.ALLOW); }
public int querySourceId(MacAddress mac, IPv4Address ip, IpProtocol protocol, TransportPort port) { if (!oPolicy.doRewrite(ObfuscationPolicy.Field.MAC_SRC)) mac = MacAddress.of(1); if (!oPolicy.doRewrite(ObfuscationPolicy.Field.IP_SRC)) ip = IPv4Address.of(1); if (!(oPolicy.doRewrite(ObfuscationPolicy.Field.TP_SRC) && oPolicy.doRewrite(port.getPort()))) port = TransportPort.of(0); return queryHostId(0, mac, ip, protocol, port); }
public int queryDestinationId(MacAddress mac, IPv4Address ip, IpProtocol protocol, TransportPort port) { if (!oPolicy.doRewrite(ObfuscationPolicy.Field.MAC_DST)) mac = MacAddress.of(1); if (!oPolicy.doRewrite(ObfuscationPolicy.Field.IP_DST)) ip = IPv4Address.of(1); if (!(oPolicy.doRewrite(ObfuscationPolicy.Field.TP_DST) && oPolicy.doRewrite(port.getPort()))) port = TransportPort.of(0); return queryHostId(1, mac, ip, protocol, port); }
public ObfuscationHeader() { rand = new Random(); obfuscatedHeaderValue = new BitSet(ObfuscationPolicy.LEN_HEADER); obfuscatedHeaderMask = new BitSet(ObfuscationPolicy.LEN_HEADER); obfuscatedSrcPort = TransportPort.of(0); obfuscatedDstPort = TransportPort.of(0); }
public void initRandomHeader() { for (int i=0; i<ObfuscationPolicy.LEN_HEADER; i++) { obfuscatedHeaderValue.set(i, rand.nextBoolean()); } obfuscatedSrcPort = TransportPort.of(rand.nextInt(65535)+1); obfuscatedDstPort = TransportPort.of(rand.nextInt(65535)+1); }
public static void sendMessage(IOFSwitch sw, OFPort inPort, MacAddress srcMac, MacAddress dstMac, IPv4Address srcAddress, IPv4Address dstAddress, TransportPort srcPort, TransportPort dstPort, byte[] acamp_bytes) { Ethernet l2 = new Ethernet(); l2.setSourceMACAddress(srcMac); l2.setDestinationMACAddress(dstMac); l2.setEtherType(EthType.IPv4); IPv4 l3 = new IPv4(); l3.setDestinationAddress(dstAddress); l3.setSourceAddress(srcAddress); l3.setTtl((byte)64); l3.setProtocol(IpProtocol.UDP); UDP l4 = new UDP(); l4.setSourcePort(srcPort); l4.setDestinationPort(dstPort); Data l7 = new Data(); l7.setData(acamp_bytes); l4.setPayload(l7); l3.setPayload(l4); l2.setPayload(l3); byte[] serializeData = l2.serialize(); OFPacketOut po = sw.getOFFactory().buildPacketOut() .setData(serializeData) .setActions(Collections.singletonList((OFAction) sw.getOFFactory().actions().output(inPort, 0xffFFffFF))) .setInPort(OFPort.CONTROLLER) .build(); sw.write(po); }