def test_nlri(self):
components = {
'destination': Flow4Destination(IPv4.pton("192.0.2.0"), 24),
'source': Flow4Source(IPv4.pton("10.1.2.0"), 24),
'anyport_1': FlowAnyPort(NumericOperator.EQ | NumericOperator.GT,
25),
'anyport_2': FlowAnyPort(NumericOperator.EQ | NumericOperator.LT,
80),
}
messages = {
'destination': [0x01, 0x18, 0xC0, 0x00, 0x02],
'source': [0x02, 0x18, 0x0A, 0x01, 0x02],
'anyport_1': [0x04, 0x43, 0x19],
'anyport_2': [0x85, 0x50],
}
flow = Flow()
message = b""
for key in ['destination', 'source', 'anyport_1', 'anyport_2']:
flow.add(components[key])
message += bytes(messages[key])
message = bytes([len(message)]) + message
# policy.add(to_FlowAction(65000,False,False))
flow = flow.pack()
if message[0] != flow[0]:
self.fail('size mismatch %s %s\n' % (flow[0], message[0]))
if len(flow) != flow[0] + 1:
self.fail('invalid size for message')
def test_nlri (self):
components = {
'destination': Flow4Destination("192.0.2.0",24),
'source': Flow4Source("10.1.2.0",24),
'anyport_1': FlowAnyPort(NumericOperator.EQ | NumericOperator.GT,25),
'anyport_2': FlowAnyPort(NumericOperator.EQ | NumericOperator.LT,80),
}
messages = {
'destination': [0x01, 0x18, 0xc0, 0x00, 0x02],
'source': [0x02, 0x18, 0x0a, 0x01, 0x02],
'anyport_1': [0x04, 0x43, 0x19],
'anyport_2': [0x85, 0x50],
}
flow = Flow()
message = ""
for key in ['destination','source','anyport_1','anyport_2']:
flow.add(components[key])
message += ''.join([chr(_) for _ in messages[key]])
message = chr(len(message)) + message
# policy.add(to_FlowAction(65000,False,False))
flow = flow.pack()
if message[0] != flow[0]:
self.fail('size mismatch %s %s\n' % (ord(flow[0]),ord(message[0])))
if len(flow) != ord(flow[0]) + 1:
self.fail('invalid size for message')
def destination(tokeniser):
data = tokeniser()
if data.count('/') == 1:
ip, netmask = data.split('/')
raw = ''.join(chr(int(_)) for _ in ip.split('.'))
yield Flow4Destination(raw, int(netmask))
return
else:
ip, netmask, offset = data.split('/')
yield Flow6Destination(IP.pton(ip), int(netmask), int(offset))
def destination(tokeniser):
data = tokeniser()
if data.count('.') == 3 and data.count(':') == 0:
ip, netmask = data.split('/')
raw = b''.join(bytes([int(_)]) for _ in ip.split('.'))
yield Flow4Destination(raw, int(netmask))
elif data.count('/') == 1:
ip, netmask = data.split('/')
offset = 0
yield Flow6Destination(IP.pton(ip), int(netmask), int(offset))
else:
ip, netmask, offset = data.split('/')
yield Flow6Destination(IP.pton(ip), int(netmask), int(offset))
def destination(tokeniser):
data = tokeniser()
if data.count('.') == 3 and data.count(':') == 0:
ip, netmask = data.split('/')
raw = concat_bytes_i(character(int(_)) for _ in ip.split('.'))
yield Flow4Destination(raw, int(netmask))
elif data.count('/') == 1:
ip, netmask = data.split('/')
offset = 0
yield Flow6Destination(IP.pton(ip), int(netmask), int(offset))
else:
ip, netmask, offset = data.split('/')
yield Flow6Destination(IP.pton(ip), int(netmask), int(offset))
def test_rule(self):
components = {
'destination': Flow4Destination(IPv4.pton("192.0.2.0"), 24),
'source': Flow4Source(IPv4.pton("10.1.2.0"), 24),
'anyport_1': FlowAnyPort(NumericOperator.EQ, 25),
}
messages = {
'destination': [0x01, 0x18, 0xC0, 0x00, 0x02],
'source': [0x02, 0x18, 0x0A, 0x01, 0x02],
'anyport_1': [0x04, 0x01, 0x19],
}
for key in ['destination', 'source', 'anyport_1']:
component = components[key].pack()
message = bytes(messages[key])
def test_rule (self):
components = {
'destination': Flow4Destination("192.0.2.0",24),
'source': Flow4Source("10.1.2.0",24),
'anyport_1': FlowAnyPort(NumericOperator.EQ,25),
}
messages = {
'destination': [0x01, 0x18, 0xc0, 0x00, 0x02],
'source': [0x02, 0x18, 0x0a, 0x01, 0x02],
'anyport_1': [0x04, 0x01, 0x19],
}
for key in ['destination','source','anyport_1']:
component = components[key].pack()
message = ''.join((chr(_) for _ in messages[key]))
def test_compare(self):
components = {
'destination': Flow4Destination(IPv4.pton("192.0.2.0"), 24),
'source': Flow4Source(IPv4.pton("10.1.2.0"), 24),
'anyport_1': FlowAnyPort(NumericOperator.EQ | NumericOperator.GT, 25),
'anyport_2': FlowAnyPort(NumericOperator.EQ | NumericOperator.LT, 80),
'anyport_3': FlowAnyPort(NumericOperator.EQ, 80),
}
flow1 = Flow()
for key in ['destination', 'source', 'anyport_1', 'anyport_2']:
flow1.add(components[key])
flow2 = Flow()
for key in ['destination', 'source', 'anyport_3']:
flow2.add(components[key])
if flow1 != flow1:
self.fail('the flows are the same')
if flow1 == flow2:
self.fail('the flows are not the same')
def test_rule_and(self):
components = {
'destination': Flow4Destination(IPv4.pton("192.0.2.0"), 24),
'source': Flow4Source(IPv4.pton("10.1.2.0"), 24),
'anyport_1': FlowAnyPort(NumericOperator.EQ | NumericOperator.GT, 25),
'anyport_2': FlowAnyPort(NumericOperator.EQ | NumericOperator.LT, 80),
}
messages = {
'destination': [0x01, 0x18, 0xC0, 0x00, 0x02],
'source': [0x02, 0x18, 0x0A, 0x01, 0x02],
'anyport_1': [0x04, 0x43, 0x19],
'anyport_2': [0x04, 0x85, 0x50],
}
flow = Flow()
message = b""
for key in ['destination', 'source', 'anyport_1', 'anyport_2']:
flow.add(components[key])
message += bytes(messages[key])
message = bytes([len(message)]) + message
# flow.add(to_FlowAction(65000,False,False))
flow.pack()
def test_rule_and (self):
components = {
'destination': Flow4Destination("192.0.2.0",24),
'source': Flow4Source("10.1.2.0",24),
'anyport_1': FlowAnyPort(NumericOperator.EQ | NumericOperator.GT,25),
'anyport_2': FlowAnyPort(NumericOperator.EQ | NumericOperator.LT,80),
}
messages = {
'destination': [0x01, 0x18, 0xc0, 0x00, 0x02],
'source': [0x02, 0x18, 0x0a, 0x01, 0x02],
'anyport_1': [0x04, 0x43, 0x19],
'anyport_2': [0x04, 0x85, 0x50],
}
flow = Flow()
message = ""
for key in ['destination','source','anyport_1','anyport_2']:
flow.add(components[key])
message += ''.join([chr(_) for _ in messages[key]])
message = chr(len(message)) + message
# flow.add(to_FlowAction(65000,False,False))
flow.pack()
def destination(self, scope, name, command, tokens):
try:
data = tokens.pop(0)
if data.count('/') == 1:
ip, netmask = data.split('/')
raw = ''.join(chr(int(_)) for _ in ip.split('.'))
if not scope[-1]['announce'][-1].nlri.add(
Flow4Destination(raw, int(netmask))):
return self.error.set('Flow can only have one destination')
else:
ip, netmask, offset = data.split('/')
change = scope[-1]['announce'][-1]
# XXX: This is ugly
change.nlri.afi = AFI(AFI.ipv6)
if not change.nlri.add(
Flow6Destination(IP.pton(ip), int(netmask),
int(offset))):
return self.error.set('Flow can only have one destination')
return True
except (IndexError, ValueError):
return self.error.set(self.syntax)
