def create_bearer(self, imsi, lbi): """ Sends a CreateBearer Request to SPGW service """ print('Sending CreateBearer request to spgw service') req = CreateBearerRequest( sid=SIDUtils.to_pb(imsi), link_bearer_id=lbi, policy_rules=[ PolicyRule( qos=FlowQos( qci=1, gbr_ul=10000000, gbr_dl=10000000, max_req_bw_ul=10000000, max_req_bw_dl=10000000, arp=QosArp( priority_level=1, pre_capability=1, pre_vulnerability=0, ) ) ) ] ) self._stub.CreateBearer(req)
def create_bearer(client, args): req = CreateBearerRequest( sid=SIDUtils.to_pb(args.imsi), link_bearer_id=args.lbi, policy_rules=[ PolicyRule(qos=FlowQos(qci=args.qci, gbr_ul=args.gbr_ul, gbr_dl=args.gbr_dl, max_req_bw_ul=args.mbr_ul, max_req_bw_dl=args.mbr_dl, arp=QosArp(priority_level=args.priority, pre_capability=args.pre_cap, pre_vulnerability=args.pre_vul))) ]) print("Creating dedicated bearer for : ", args.imsi) client.CreateBearer(req)
def __init__(self): self._set_session = SetSMSessionContext( common_context=CommonSessionContext( sid=SubscriberID(id="IMSI12345"), ue_ipv4="192.168.128.11", apn=bytes("BLR", 'utf-8'), rat_type=RATType.Name(2), sm_session_state=SMSessionFSMState.Name(2), sm_session_version=1, ), rat_specific_context=RatSpecificContext( m5gsm_session_context=M5GSMSessionContext( pdu_session_id=1, request_type=RequestType.Name( 1, ), gnode_endpoint=TeidSet( teid=10000, end_ipv4_addr="192.168.60.141", ), pdu_session_type=PduSessionType.Name(0), ssc_mode=SscMode.Name(2), qos_policy=[ QosPolicy( policy_state=0, policy_action=1, version=2, qos=PolicyRule( id="ims-voice", priority=10, flow_list=[], qos=FlowQos( qci=int(5), max_req_bw_ul=100000, max_req_bw_dl=100000, arp=QosArp( priority_level=1, pre_capability=1, pre_vulnerability=0, ), ), ), ), ], ), ), )
def _get_default_qos(self) -> FlowQos: """ Get a default QoS, usable for an allow-all flow, and for redirection to a captive_portal. """ return FlowQos( max_req_bw_ul=2 * 1024 * 1024 * 1024, # 2G max_req_bw_dl=2 * 1024 * 1024 * 1024, # 2G gbr_ul=1 * 1024 * 1024, # 1 Mb/s gbr_dl=1 * 1024 * 1024, # 1 Mb/s qci=FlowQos.Qci.Value('QCI_3'), # Allocation and Retention Policy # Set to high priority, and disallow pre-emption # capability/vulnerability arp=QosArp( priority_level=1, pre_capability=QosArp.PreCap.Value("PRE_CAP_DISABLED"), pre_vulnerability=QosArp.PreVul.Value("PRE_VUL_DISABLED"), ), )
def create_bearer_ipv4v6(self, imsi, lbi, qci_val=1, ipv4=False, ipv6=False): """ Sends a CreateBearer Request with ipv4/ipv6/ipv4v6 packet """ """ filters to SPGW service """ print("Sending CreateBearer request to spgw service") flow_match_list = [] if ipv4: flow_match_list.append( FlowDescription( match=FlowMatch( ip_dst=IPAddress( version=IPAddress.IPV4, address="192.168.129.42/24".encode("utf-8"), ), tcp_dst=5001, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, )) flow_match_list.append( FlowDescription( match=FlowMatch( ip_src=IPAddress( version=IPAddress.IPV4, address="192.168.129.42".encode("utf-8"), ), tcp_src=5001, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, )) if ipv6: flow_match_list.append( FlowDescription( match=FlowMatch( ip_dst=IPAddress( version=IPAddress.IPV6, address="5546:222:2259::226".encode("utf-8"), ), tcp_dst=5001, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, )) flow_match_list.append( FlowDescription( match=FlowMatch( ip_src=IPAddress( version=IPAddress.IPV6, address="fdee:0005:006c:018c::8c99".encode( "utf-8"), ), tcp_src=5002, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, )) req = CreateBearerRequest( sid=SIDUtils.to_pb(imsi), link_bearer_id=lbi, policy_rules=[ PolicyRule( id="rar_rule_1", qos=FlowQos( qci=qci_val, gbr_ul=10000000, gbr_dl=10000000, max_req_bw_ul=10000000, max_req_bw_dl=10000000, arp=QosArp( priority_level=1, pre_capability=1, pre_vulnerability=0, ), ), flow_list=flow_match_list, ) ], ) self._stub.CreateBearer(req)
def create_bearer(self, imsi, lbi, qci_val=1): """ Sends a CreateBearer Request to SPGW service """ print("Sending CreateBearer request to spgw service") req = CreateBearerRequest( sid=SIDUtils.to_pb(imsi), link_bearer_id=lbi, policy_rules=[ PolicyRule( id="rar_rule_1", qos=FlowQos( qci=qci_val, gbr_ul=10000000, gbr_dl=10000000, max_req_bw_ul=10000000, max_req_bw_dl=10000000, arp=QosArp( priority_level=1, pre_capability=1, pre_vulnerability=0, ), ), flow_list=[ FlowDescription( match=FlowMatch( ip_dst=IPAddress( version=IPAddress.IPV4, address="0.0.0.0/0".encode('utf-8')), tcp_dst=5001, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_dst=IPAddress( version=IPAddress.IPV4, address="192.168.129.42/24".encode( 'utf-8')), tcp_dst=5002, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_dst=IPAddress( version=IPAddress.IPV4, address="192.168.129.42".encode('utf-8')), tcp_dst=5003, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_dst=IPAddress( version=IPAddress.IPV4, address="192.168.129.42".encode('utf-8')), tcp_dst=5004, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_dst=IPAddress( version=IPAddress.IPV4, address="192.168.129.42".encode('utf-8')), tcp_dst=5005, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.DENY, ), FlowDescription( match=FlowMatch( ip_src=IPAddress( version=IPAddress.IPV4, address="192.168.129.42".encode('utf-8')), tcp_src=5001, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_src=IPAddress(version=IPAddress.IPV4, address="".encode('utf-8')), tcp_dst=5002, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_src=IPAddress( version=IPAddress.IPV4, address="192.168.129.64/26".encode( 'utf-8')), tcp_src=5003, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_src=IPAddress( version=IPAddress.IPV4, address="192.168.129.42/16".encode( 'utf-8')), tcp_src=5004, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ip_src=IPAddress( version=IPAddress.IPV4, address="192.168.129.42".encode('utf-8')), tcp_src=5005, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.DENY, ), ], ) ], ) self._stub.CreateBearer(req)
def create_ReAuthRequest(self, imsi, policy_id, flow_list, qos): """ Sends Policy RAR message to session manager """ print("Sending Policy RAR message to session manager") flow_match_list = [] res = None self.get_flow_match(flow_list, flow_match_list) policy_qos = FlowQos( qci=qos["qci"], max_req_bw_ul=qos["max_req_bw_ul"], max_req_bw_dl=qos["max_req_bw_dl"], gbr_ul=qos["gbr_ul"], gbr_dl=qos["gbr_dl"], arp=QosArp( priority_level=qos["arp_prio"], pre_capability=qos["pre_cap"], pre_vulnerability=qos["pre_vul"], ), ) policy_rule = PolicyRule( id=policy_id, priority=qos["priority"], flow_list=flow_match_list, tracking_type=PolicyRule.NO_TRACKING, rating_group=1, monitoring_key=None, qos=policy_qos, ) qos = QoSInformation(qci=qos["qci"]) # Get sessionid req = GetDirectoryFieldRequest(id=imsi, field_key="session_id") try: res = self._directorydstub.GetDirectoryField( req, DEFAULT_GRPC_TIMEOUT) except grpc.RpcError as err: logging.error( "GetDirectoryFieldRequest error for id: %s! [%s] %s", imsi, err.code(), err.details(), ) self._session_stub.PolicyReAuth( PolicyReAuthRequest( session_id=res.value, imsi=imsi, rules_to_remove=[], rules_to_install=[], dynamic_rules_to_install=[ DynamicRuleInstall(policy_rule=policy_rule) ], event_triggers=[], revalidation_time=None, usage_monitoring_credits=[], qos_info=qos, ))
def create_ReAuthRequest(self, imsi, policy_id, flow_list, qos): """ Sends Policy RAR message to session manager """ print("Sending Policy RAR message to session manager") flow_match_list = [] res = None self.get_flow_match(flow_list, flow_match_list) policy_qos = FlowQos( qci=qos["qci"], max_req_bw_ul=qos["max_req_bw_ul"], max_req_bw_dl=qos["max_req_bw_dl"], gbr_ul=qos["gbr_ul"], gbr_dl=qos["gbr_dl"], arp=QosArp( priority_level=qos["arp_prio"], pre_capability=qos["pre_cap"], pre_vulnerability=qos["pre_vul"], ), ) policy_rule = PolicyRule( id=policy_id, priority=qos["priority"], flow_list=flow_match_list, tracking_type=PolicyRule.NO_TRACKING, rating_group=1, monitoring_key=None, qos=policy_qos, ) qos = QoSInformation(qci=qos["qci"]) # Get sessionid #TODO: remove retries i = 0 MAX = 3 res = None while i < MAX: req = GetDirectoryFieldRequest(id=imsi, field_key="session_id") try: res = self._directorydstub.GetDirectoryField( req, DEFAULT_GRPC_TIMEOUT) except grpc.RpcError as err: print( "error: GetDirectoryFieldRequest error for id: %s! [%s] %s", imsi, err.code(), err.details(), ) if req != None: i = MAX else: i += 1 print( "warning: directoryd failed to return sessionId for %s. Retrying", imsi) time.sleep(3) if res == None: print("error: Couldnt find sessionid. Directoryd content:") allRecordsResponse = self._directorydstub.GetAllDirectoryRecords( Void(), DEFAULT_GRPC_TIMEOUT) for record in allRecordsResponse.recordsResponse: print("%s", str(record)) self._session_stub.PolicyReAuth( PolicyReAuthRequest( session_id=res.value, imsi=imsi, rules_to_remove=[], rules_to_install=[], dynamic_rules_to_install=[ DynamicRuleInstall(policy_rule=policy_rule) ], event_triggers=[], revalidation_time=None, usage_monitoring_credits=[], qos_info=qos, ))
def send_policy_rar(client, args): sessiond_chan = ServiceRegistry.get_rpc_channel("sessiond", ServiceRegistry.LOCAL) sessiond_client = SessionProxyResponderStub(sessiond_chan) flow_list_str = args.flow_rules.split(";") flow_match_list = [] for i, flow_str in enumerate(flow_list_str): print("%d: %s" % (i, flow_str)) flow_fields = flow_str.split(",") if flow_fields[0] == "UL": flow_direction = FlowMatch.UPLINK elif flow_fields[0] == "DL": flow_direction = FlowMatch.DOWNLINK else: print("%s is not valid" % flow_fields[0]) raise ValueError( "UL or DL are the only valid" " values for first parameter of flow match" ) ip_protocol = int(flow_fields[1]) if flow_fields[1] == FlowMatch.IPPROTO_TCP: udp_src_port = 0 udp_dst_port = 0 if flow_fields[3]: tcp_src_port = int(flow_fields[3]) else: tcp_src_port = 0 if flow_fields[5]: tcp_dst_port = int(flow_fields[5]) else: tcp_dst_port = 0 elif flow_fields[1] == FlowMatch.IPPROTO_UDP: tcp_src_port = 0 tcp_dst_port = 0 if flow_fields[3]: udp_src_port = int(flow_fields[3]) else: udp_src_port = 0 if flow_fields[5]: udp_dst_port = int(flow_fields[5]) else: udp_dst_port = 0 else: udp_src_port = 0 udp_dst_port = 0 tcp_src_port = 0 tcp_dst_port = 0 flow_match_list.append( FlowDescription( match=FlowMatch( direction=flow_direction, ip_proto=ip_protocol, ipv4_src=flow_fields[2], ipv4_dst=flow_fields[4], tcp_src=tcp_src_port, tcp_dst=tcp_dst_port, udp_src=udp_src_port, udp_dst=udp_dst_port, ), action=FlowDescription.PERMIT, ) ) qos_parameter_list = args.qos.split(",") if len(qos_parameter_list) == 7: # utilize user passed arguments policy_qos = FlowQos( qci=int(args.qci), max_req_bw_ul=int(qos_parameter_list[0]), max_req_bw_dl=int(qos_parameter_list[1]), gbr_ul=int(qos_parameter_list[2]), gbr_dl=int(qos_parameter_list[3]), arp=QosArp( priority_level=int(qos_parameter_list[4]), pre_capability=int(qos_parameter_list[5]), pre_vulnerability=int(qos_parameter_list[6]), ), ) else: # parameter missing, use default values policy_qos = FlowQos( qci=int(args.qci), max_req_bw_ul=100000, max_req_bw_dl=100000, arp=QosArp(priority_level=1, pre_capability=1, pre_vulnerability=0), ) policy_rule = PolicyRule( id=args.policy_id, priority=int(args.priority), flow_list=flow_match_list, tracking_type=PolicyRule.NO_TRACKING, rating_group=1, monitoring_key=None, qos=policy_qos, ) qos = QoSInformation(qci=int(args.qci)) reauth_result = sessiond_client.PolicyReAuth( PolicyReAuthRequest( session_id=args.session_id, imsi=args.imsi, rules_to_remove=[], rules_to_install=[], dynamic_rules_to_install=[DynamicRuleInstall(policy_rule=policy_rule)], event_triggers=[], revalidation_time=None, usage_monitoring_credits=[], qos_info=qos, ) ) print(reauth_result)
def create_bearer(self, imsi, lbi): """ Sends a CreateBearer Request to SPGW service """ print("Sending CreateBearer request to spgw service") req = CreateBearerRequest( sid=SIDUtils.to_pb(imsi), link_bearer_id=lbi, policy_rules=[ PolicyRule( qos=FlowQos( qci=1, gbr_ul=10000000, gbr_dl=10000000, max_req_bw_ul=10000000, max_req_bw_dl=10000000, arp=QosArp(priority_level=1, pre_capability=1, pre_vulnerability=0), ), flow_list=[ FlowDescription( match=FlowMatch( ipv4_dst="192.168.129.42", tcp_dst=5001, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_dst="192.168.129.42", tcp_dst=5002, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_dst="192.168.129.42", tcp_dst=5003, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_dst="192.168.129.42", tcp_dst=5004, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_dst="192.168.129.42", tcp_dst=5005, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.UPLINK, ), action=FlowDescription.DENY, ), FlowDescription( match=FlowMatch( ipv4_src="192.168.129.42", tcp_src=5001, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_src="192.168.129.42", tcp_src=5002, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_src="192.168.129.42", tcp_src=5003, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_src="192.168.129.42", tcp_src=5004, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.PERMIT, ), FlowDescription( match=FlowMatch( ipv4_src="192.168.129.42", tcp_src=5005, ip_proto=FlowMatch.IPPROTO_TCP, direction=FlowMatch.DOWNLINK, ), action=FlowDescription.DENY, ), ], ) ], ) self._stub.CreateBearer(req)