def LSRRFwTriv(): ctx = components.Context(['e0' , 'e1', 'a', 'b', 'f'], \ ['ip_e0', 'ip_e1', 'ip_a', 'ip_b','ip_f']) net = components.Network(ctx) # Register something that tells us about LSR ip_lsr_field = components.LSRROption('ip_lsr', ctx) ctx.AddPolicy(ip_lsr_field) e0 = components.EndHost(ctx.e0, net, ctx) e1 = components.EndHost(ctx.e1, net, ctx) # Yeah I can put this in a list etc., doing it this way mostly for no good reason. a = components.LSRRRouter(ctx.a, ip_lsr_field, net, ctx) b = components.LSRRRouter(ctx.b, ip_lsr_field, net, ctx) f = components.AclFirewall(ctx.f, net, ctx) net.setAddressMappings([(e0, ctx.ip_e0), \ (e1, ctx.ip_e1), \ (a, ctx.ip_a), \ (b, ctx.ip_b), \ (f, ctx.ip_f)]) net.SetGateway(e0, a) net.SetGateway(e1, b) net.RoutingTable(a, [(ctx.ip_e0, e0), \ (ctx.ip_f, f), \ (ctx.ip_b, f), \ (ctx.ip_e1, f)]) net.RoutingTable(b, [(ctx.ip_e0, f), \ (ctx.ip_f, f), \ (ctx.ip_b, f), \ (ctx.ip_e1, e1)]) net.RoutingTable(f, [(ctx.ip_e0, a), \ (ctx.ip_e1, b), \ (ctx.ip_b, b), \ (ctx.ip_a, a)]) node_dict = {'e0': e0, \ 'e1': e1, \ 'a': a, \ 'b': b, \ 'f': f} net.Attach(*node_dict.values()) class LSRRReturn(object): def __init__(self, net, ctx, **nodes): self.net = net self.ctx = ctx for k, v in nodes.iteritems(): setattr(self, k, v) self.check = components.PropertyChecker(ctx, net) return LSRRReturn(net, ctx, **node_dict)
def LSRRFwTriv (sz): assert (sz >= 1) endhosts = ['e0', 'e1'] lsrr_boxes = ['l_%d'%(l) for l in xrange(0, sz)] firewall = ['f'] nodes = list() nodes.extend(endhosts) nodes.extend(lsrr_boxes) nodes.extend(firewall) addresses = ['ip_%s'%(c) for c in nodes] ctx = components.Context(nodes, \ addresses) net = components.Network(ctx) # Register something that tells us about LSRR ip_lsr_field = components.LSRROption ('ip_lsr', ctx) ctx.AddPolicy (ip_lsr_field) e0 = components.EndHost(ctx.e0, net, ctx) e1 = components.EndHost(ctx.e1, net, ctx) ## Yeah I can put this in a list etc., doing it this way mostly for no good reason. #a = components.LSRRRouter (ctx.a, ip_lsr_field, net, ctx) #b = components.LSRRRouter (ctx.b, ip_lsr_field, net, ctx) lsrrs = [components.LSRRRouter (getattr(ctx, n), ip_lsr_field, net, ctx) for n in lsrr_boxes] lsrr_addresses = [getattr(ctx, 'ip_%s'%(l.z3Node)) for l in lsrrs] f = components.AclFirewall (ctx.f, net, ctx) address_mappings = [(e0, ctx.ip_e0), \ (e1, ctx.ip_e1), \ (f, ctx.ip_f)] lsrr_address_mappings = zip(lsrrs, lsrr_addresses) address_mappings.extend(lsrr_address_mappings) net.setAddressMappings(address_mappings) routing_table_base = zip(lsrr_addresses, lsrrs) routing_table_base.append((ctx.ip_e0, e0)) net.SetGateway(e1, f) f.AddAcls([(ctx.ip_e0, ctx.ip_e1)]) f.AddAcls([(a, ctx.ip_e1) for a in lsrr_addresses[:-1]]) f_routing_table = list(routing_table_base) f_routing_table.append((ctx.ip_e1, e1)) net.RoutingTable(f, f_routing_table) routing_table_base.append((ctx.ip_e1, f)) net.RoutingTable(e0, routing_table_base) for l in lsrrs: net.RoutingTable(l, routing_table_base) net.Attach(e0, e1, f, *lsrrs) class LSRRReturn (object): def __init__ (self, net, ctx, e0, e1, f, lsrrs): self.net = net self.ctx = ctx self.e0 = e0 self.e1 = e1 self.f = f self.lsrrs = lsrrs self.check = components.PropertyChecker (ctx, net) return LSRRReturn (net, ctx, e0, e1, f, lsrrs)
def LSRRDenyFwExample(size): left_nodes = ['l_%d' % (l) for l in xrange(size)] right_nodes = ['r_%d' % (r) for r in xrange(size)] end_hosts = ['e0', 'e1'] firewalls = ['f0'] all_nodes = [] all_nodes.extend(left_nodes) all_nodes.extend(right_nodes) all_nodes.extend(end_hosts) all_nodes.extend(firewalls) addresses = ['ip_%s' % (n) for n in all_nodes] ctx = components.Context(all_nodes, addresses) net = components.Network(ctx) # Register something that tells us about LSR ip_lsr_field = components.LSRROption('ip_lsr', ctx) ctx.AddPolicy(ip_lsr_field) end_hosts = [ components.EndHost(getattr(ctx, e), net, ctx) for e in end_hosts ] [e0, e1] = end_hosts firewalls = [ components.AclFirewall(getattr(ctx, f), net, ctx) for f in firewalls ] left_nodes = [ components.LSRRRouter(getattr(ctx, l), ip_lsr_field, net, ctx) for l in left_nodes ] right_nodes = [ components.LSRRRouter(getattr(ctx, l), ip_lsr_field, net, ctx) for l in right_nodes ] all_node_objects = [] all_node_objects.extend(left_nodes) all_node_objects.extend(right_nodes) all_node_objects.extend(end_hosts) all_node_objects.extend(firewalls) addresses = [getattr(ctx, a) for a in addresses] address_map = [(o, a) for (o, a) in zip(all_node_objects, addresses)] net.setAddressMappings(address_map) #firewalls[0].AddAcls([(ctx.ip_e0, ctx.ip_e1), \ #(ctx.ip_e1, ctx.ip_e0)]) firewalls[0].AddAcls([(getattr(ctx, 'ip_%s' % (left_nodes[-1].z3Node)), getattr(ctx, 'ip_%s' % (right_nodes[-1].z3Node)))]) e0_routing_table = [(getattr(ctx, 'ip_%s' % (ol.z3Node)), ol) for ol in left_nodes] e0_routing_table.append((ctx.ip_e1, firewalls[0])) net.RoutingTable(e0, e0_routing_table) left_routing_table = [(getattr(ctx, 'ip_%s' % (orr.z3Node)), firewalls[0]) for orr in right_nodes] left_routing_table.append((ctx.ip_e0, e0)) for ol in left_nodes: net.RoutingTable(ol, left_routing_table) right_routing_table = [(getattr(ctx, 'ip_%s' % (ol.z3Node)), firewalls[0]) for ol in left_nodes] right_routing_table.append((ctx.ip_e1, e1)) for orr in right_nodes: net.RoutingTable(orr, right_routing_table) firewall_routing_table = [(a, o) for (a, o) in zip(addresses, all_node_objects)] net.RoutingTable(firewalls[0], firewall_routing_table) net.Attach(*all_node_objects) class LSRRReturn(object): def __init__(self, net, ctx, **nodes): self.net = net self.ctx = ctx for k, v in nodes.iteritems(): setattr(self, k, v) self.check = components.PropertyChecker(ctx, net) return LSRRReturn(net, ctx, **dict(zip(all_nodes, all_node_objects)))
def LSRRExample(): ctx = components.Context(['e0' , 'e1', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h'], \ ['ip_e0', 'ip_e1', 'ip_a', 'ip_b', 'ip_c', 'ip_d', 'ip_e', 'ip_f', 'ip_g', 'ip_h']) net = components.Network(ctx) # Register something that tells us about LSR ip_lsr_field = components.LSRROption('ip_lsr', ctx) ctx.AddPolicy(ip_lsr_field) e0 = components.EndHost(ctx.e0, net, ctx) e1 = components.EndHost(ctx.e1, net, ctx) # Yeah I can put this in a list etc., doing it this way mostly for no good reason. a = components.LSRRRouter(ctx.a, ip_lsr_field, net, ctx) b = components.LSRRRouter(ctx.b, ip_lsr_field, net, ctx) c = components.LSRRRouter(ctx.c, ip_lsr_field, net, ctx) d = components.LSRRRouter(ctx.d, ip_lsr_field, net, ctx) e = components.LSRRRouter(ctx.e, ip_lsr_field, net, ctx) f = components.LSRRRouter(ctx.f, ip_lsr_field, net, ctx) g = components.LSRRRouter(ctx.g, ip_lsr_field, net, ctx) h = components.LSRRRouter(ctx.h, ip_lsr_field, net, ctx) net.setAddressMappings([(e0, ctx.ip_e0), \ (e1, ctx.ip_e1), \ (a, ctx.ip_a), \ (b, ctx.ip_b), \ (c, ctx.ip_c), \ (d, ctx.ip_d), \ (e, ctx.ip_e), \ (f, ctx.ip_f), \ (g, ctx.ip_g), \ (h, ctx.ip_h)]) routing_table = [(ctx.ip_e0, e0), \ (ctx.ip_e1, e1), \ (ctx.ip_a, a), \ (ctx.ip_b, b), \ (ctx.ip_c, c), \ (ctx.ip_d, d), \ (ctx.ip_e, e), \ (ctx.ip_f, f), \ (ctx.ip_g, g), \ (ctx.ip_h, h)] nodes = [e0, e1, a, b, c, d, e, f, g, h] node_dict = {'a': a, \ 'b': b, \ 'c': c, \ 'd': d, \ 'e': e, \ 'f': f, \ 'g': g, \ 'h': h} for n in nodes: net.RoutingTable(n, routing_table) net.Attach(*nodes) class LSRRReturn(object): def __init__(self, net, ctx, e0, e1, **nodes): self.net = net self.ctx = ctx self.e0 = e0 self.e1 = e1 for k, v in nodes.iteritems(): setattr(self, k, v) self.check = components.PropertyChecker(ctx, net) return LSRRReturn(net, ctx, e0, e1, **node_dict)