def __init__(self, data): self.dps = [] self.links = {} link_re = re.compile('(\S+)\s+(\d+)\s+(\S+)\s+(\d+)') # Read link information lines = data.splitlines() if not len(lines): return dpline = lines[0] for k in dpline.split(): dp = create_datapathid_from_host(create_eaddr(k).hb_long()) self.dps.append(dp) for line in lines[1:]: r = link_re.match(line) if r is not None: dp1 = create_datapathid_from_host(create_eaddr(r.group(1)).hb_long()) port1 = int(r.group(2)) dp2 = create_datapathid_from_host(create_eaddr(r.group(3)).hb_long()) port2 = int(r.group(4)) if dp1 not in self.dps: self.dps.append[dp1] if dp2 not in self.dps: self.dps.append[dp2] if dp1 not in self.links: self.links[dp1] = {} if dp2 not in self.links: self.links[dp2] = {} self.links[dp1][dp2] = (port1, port2) self.links[dp2][dp1] = (port2, port1)
def get_addr_groups_op(self, request, arg): try: def cb(res): request.write(simplejson.dumps(res)) request.finish() gtype_str = get_principal_type_from_args(arg) gtype = groupname_to_type[gtype_str] if gtype == Directory.NWADDR_GROUP: addr = create_cidr_ipaddr(arg['<address>'].encode('utf-8')) elif gtype == Directory.DLADDR_GROUP: addr = create_eaddr(arg['<address>'].encode('utf-8')) else: return webservice.badRequest( request, "Could not retrieve " "address groups: invalid address type.") if addr is None: return webservice.badRequest( request, "Could not retrieve " "address groups: invalid address format.") d = self.dm.get_group_membership(gtype, addr) d.addCallback(cb) d.addErrback(self.err, request, "get_group_parents", "Could not retrieve address groups.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "get_addr_groups", "Could not retrieve address groups.")
def member_op_start(self, request, arg, otype_str): try: groupname = arg["<group name>"] groupdir = arg["<group dir>"] mangled_group = mangle_name(groupdir, groupname) membername = arg["<member name>"] memberdir = arg.get("<member dir>") ptype_str = get_principal_type_from_args(arg) ctype_str = find_value_in_args(arg, ["principal", "address", "subgroup"]) if memberdir == self.dm.discovered_dir.name: return webservice.badRequest( request, "Discovered principals " "may not be added to groups; try moving principal to " "a persistent directory first.", ) ptype = groupname_to_type[ptype_str] is_address = ctype_str == "address" if is_address and ptype == Directory_Factory.DLADDR_GROUP: mangled_member = create_eaddr(membername.encode("utf-8")) elif is_address and ptype == Directory_Factory.NWADDR_GROUP: mangled_member = create_cidr_ipaddr(membername.encode("utf-8")) else: mangled_member = mangle_name(memberdir, membername) if mangled_member is None: return webservice.badRequest(request, "Invalid group member parameter: '%s'" % membername) d = self.dm.get_group(ptype, mangled_group) f = lambda x: self.member_op(request, x, mangled_member, ptype_str, otype_str, ctype_str) d.addCallback(f) d.addErrback(self.err, request, "member_op_start", "Could not retrieve group.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "member_op_start", "Could not retrieve group.")
def convert_to_eaddr(val): if isinstance(val, ethernetaddr): return val if isinstance(val, array.array): val = val.tostring() if isinstance(val, str) and len(val) == ethernetaddr.LEN: return create_bin_eaddr(val) elif isinstance(val, str) or isinstance(val, int) or isinstance(val, long): return create_eaddr(val) return None
def register_dladdr_group(name, description, principals, subgroups): eths = [ netinet.create_eaddr(p) for p in principals ] n = SEPL_DIRECTORY_NAME + ';' sgs = [] for s in subgroups: if ';' not in s: sgs.append(n+s) else: sgs.append(s) return __instance__.add_group(Directory.DLADDR_GROUP, GroupInfo(name, description, eths, sgs))
def convert_to_eaddr(val): if isinstance(val, ethernetaddr): return val if isinstance(val, array.array): val = val.tostring() if isinstance(val, str) and re.search("([0-9a-fA-F][0-9a-fA-F]:){6,6}", val+ ":") is None: if len(val) < ethernetaddr.LEN: return None return create_bin_eaddr(val) elif isinstance(val, str) or isinstance(val, int) or isinstance(val, long): return create_eaddr(val) return None
def __dladdr_check__(addr): if isinstance(addr, basestring) and len(addr) == ethernetaddr.LEN: addr = create_bin_eaddr(addr) elif isinstance(addr, basestring) or ((isinstance(addr, long) or isinstance(addr, int)) and addr >= 0): addr = create_eaddr(addr) elif not isinstance(addr, ethernetaddr): return None if addr == None: return None return addr.hb_long()
def register_host(name, dpid=None, port=None, dladdr=None, is_router=False, is_gateway=False, nwaddr=None): ninfos = [] if dpid != None or port != None: if not isinstance(dpid, netinet.datapathid): dpid = netinet.create_datapathid_from_host(dpid) ninfos.append(NetInfo(dpid, port)) if dladdr != None: if not isinstance(dladdr, netinet.ethernetaddr): dladdr = netinet.create_eaddr(dladdr) ninfos.append(NetInfo(None, None, dladdr, None, is_router, is_gateway)) if nwaddr != None: ninfos.append(NetInfo(None, None, None, nwaddr)) return __instance__.add_host(HostInfo(name, netinfos=ninfos))
def convert_to_eaddr(val): if isinstance(val, ethernetaddr): return val if isinstance(val, array.array): val = val.tostring() if isinstance(val, str) and re.search("([0-9a-fA-F][0-9a-fA-F]:){6,6}", val + ":") is None: if len(val) < ethernetaddr.LEN: return None return create_bin_eaddr(val) elif isinstance(val, str) or isinstance(val, int) or isinstance(val, long): return create_eaddr(val) return None
def __init__(self, data): self.clients = {} self.servers = {} loc_re = re.compile('(\S+)\s+(\S+)\s+(\d+)') lines = data.splitlines() for line in lines: if line.startswith('#Servers:'): configType = 'Servers' continue elif line.startswith('#Clients:'): configType = 'Clients' continue r = loc_re.match(line) if r is not None: host = create_eaddr(r.group(1)) dpid = create_datapathid_from_host(create_eaddr(r.group(2)).hb_long()) port = int(r.group(3)) if configType == 'Servers': self.servers[host] = (dpid, port) elif configType == 'Clients': self.clients[host] = (dpid, port)
def translate(self): decr = False if self.type == Flow_action.NAT: self.caction = Flow_action(self.type, len(self.args)) argtype = action_info(self.type)[ARG_IDX] check_fn = pred_type_info(argtype)[CHECK_IDX] if not self.caction.set_arg(0, check_fn(self.args[0], True)): raise Exception('Cannot set action argument.') # if dladdr given, set if len(self.args) > 1: self.caction.set_arg(1, create_eaddr(self.args[1].encode('utf-8')).hb_long()) elif self.type == Flow_action.WAYPOINT: argtype = action_info(self.type)[ARG_IDX] check_fn = pred_type_info(argtype)[CHECK_IDX] self.caction = Flow_action(self.type, len(self.args)) if self.caction is None: raise Exception('Out of memory.') args = [ check_fn(arg, True) for arg in self.args ] for i in xrange(len(args)): arg = args[i] self.to_decrement.append(arg) if not self.caction.set_arg(i, args[i]): raise Exception('Cannot set action argument.') else: self.caction = Flow_action(self.type) if self.caction is None: raise Exception('Out of memory.') if len(self.args) > 0: if self.type == Flow_action.C_FUNC: slist = strlist() fn = self.args[0].encode('utf-8') for ar in self.args[1:]: slist.push_back(ar.encode('utf-8')) success = __policy__.flow_util.set_action_argument(self.caction, fn, slist) else: argtype = action_info(self.type)[ARG_IDX] if argtype == LOC_T or argtype == HOST_T or argtype == USER_T or argtype == GROUP_T: decr = True check_fn = pred_type_info(argtype)[CHECK_IDX] a = check_fn(self.args[0], True) if decr: self.to_decrement.append(a) success = self.caction.set_arg(a) if not success: raise Exception('Cannot set action argument.')
def dladdr_check(addr, translate=False): # should check if defined constant here if isinstance(addr, unicode): addr = addr.encode('utf-8') if isinstance(addr, str) and not (':' in addr): if len(addr) != ethernetaddr.LEN: return defer.succeed(None) addr = create_bin_eaddr(addr) elif isinstance(addr, str) or ((isinstance(addr, long) or isinstance(addr, int)) and addr >= 0): addr = create_eaddr(addr) elif not isinstance(addr, ethernetaddr): return defer.succeed(None) if addr is None: return defer.succeed(None) if translate: return addr.nb_long() return defer.succeed(unicode(str(addr)))
def member_op_start(self, request, arg, otype_str): try: groupname = arg['<group name>'] groupdir = arg['<group dir>'] mangled_group = mangle_name(groupdir, groupname) membername = arg['<member name>'] memberdir = arg.get('<member dir>') ptype_str = get_principal_type_from_args(arg) ctype_str = find_value_in_args( arg, ["principal", "address", "subgroup"]) if memberdir == self.dm.discovered_dir.name: return webservice.badRequest( request, "Discovered principals " "may not be added to groups; try moving principal to " "a persistent directory first.") ptype = groupname_to_type[ptype_str] is_address = ctype_str == "address" if is_address and ptype == Directory_Factory.DLADDR_GROUP: mangled_member = create_eaddr(membername.encode('utf-8')) elif is_address and ptype == Directory_Factory.NWADDR_GROUP: mangled_member = create_cidr_ipaddr(membername.encode('utf-8')) else: mangled_member = mangle_name(memberdir, membername) if mangled_member is None: return webservice.badRequest( request, "Invalid group member parameter: '%s'" % membername) d = self.dm.get_group(ptype, mangled_group) f = lambda x: self.member_op(request, x, mangled_member, ptype_str, otype_str, ctype_str) d.addCallback(f) d.addErrback(self.err, request, "member_op_start", "Could not retrieve group.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "member_op_start", "Could not retrieve group.")
def get_addr_groups_op(self, request, arg): try: def cb(res): request.write(simplejson.dumps(res)) request.finish() gtype_str = get_principal_type_from_args(arg) gtype = groupname_to_type[gtype_str] if gtype == Directory.NWADDR_GROUP: addr = create_cidr_ipaddr(arg["<address>"].encode("utf-8")) elif gtype == Directory.DLADDR_GROUP: addr = create_eaddr(arg["<address>"].encode("utf-8")) else: return webservice.badRequest(request, "Could not retrieve " "address groups: invalid address type.") if addr is None: return webservice.badRequest(request, "Could not retrieve " "address groups: invalid address format.") d = self.dm.get_group_membership(gtype, addr) d.addCallback(cb) d.addErrback(self.err, request, "get_group_parents", "Could not retrieve address groups.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "get_addr_groups", "Could not retrieve address groups.")
def _netic_create_path(self, request, arg): # content = json_parse_message_body(arg) content = request.content.read() errorCode = {} try: nw_src = str(request.args["nw_src"][0]) nw_dst = str(request.args["nw_dst"][0]) duration = int(request.args["duration"][0]) bandwidth = int(request.args["bandwidth"][0]) set_arp = int(request.args["set_arp"][0]) bidirectional = int(request.args["bidirectional"][0]) except: errorCode["errorCode"] = NTC_VP_ERR_MISSING_M_FIELD webservice.badRequest(request, errcode2str[NTC_VP_ERR_MISSING_M_FIELD], errorCode) return NOT_DONE_YET # bidirectional and set_arp has to be either 0 or 1: if ((set_arp != 0) and (set_arp != 1)) or ((bidirectional != 0) and (bidirectional != 1)): errorCode["errorCode"] = NTC_VP_ERR_MISSING_M_FIELD webservice.badRequest(request, errcode2str[NTC_VP_ERR_MISSING_M_FIELD], errorCode) return NOT_DONE_YET paramsMissing = 0 try: dp_src = datapathid.from_host(int(request.args["dp_src"][0])) dp_dst = datapathid.from_host(int(request.args["dp_dst"][0])) first_port = int(request.args["first_port"][0]) last_port = int(request.args["last_port"][0]) except: dp_src = -1 dp_dst = -1 first_port = -1 last_port = -1 paramsMissing = 1 info_src = self.discovery.find_host_by_ipstr(nw_src) info_dst = self.discovery.find_host_by_ipstr(nw_dst) if paramsMissing == 1: # Try to find in which port and switch the path will begin and # terminate if info_src == None or info_dst == None: errorCode["errorCode"] = NTC_VP_ERR_MISSING_LOC_INFO webservice.badRequest(request, errcode2str[NTC_VP_ERR_MISSING_LOC_INFO], errorCode) return NOT_DONE_YET else: dp_src = datapathid.from_host(info_src["dp"]) first_port = info_src["port"] dp_dst = datapathid.from_host(info_dst["dp"]) last_port = info_dst["port"] else: # the dp source and dest and also first and last ports # are those specified by the request, lets check them if not self.discoveryws.discovery.is_valid_dpid( dp_src.as_host() ) or not self.discoveryws.discovery.is_valid_dpid(dp_dst.as_host()): errorCode["errorCode"] = NTC_VP_ERR_UNKNOWN_SWITCH webservice.badRequest(request, errcode2str[NTC_VP_ERR_UNKNOWN_SWITCH], errorCode) return NOT_DONE_YET if not self.discoveryws.discovery.is_valid_port_in_dpid( dp_src.as_host(), first_port ) or not self.discoveryws.discovery.is_valid_port_in_dpid(dp_dst.as_host(), last_port): errorCode["errorCode"] = NTC_VP_ERR_UNKNOWN_PORT webservice.badRequest(request, errcode2str[NTC_VP_ERR_UNKNOWN_PORT], errorCode) return NOT_DONE_YET # At this point we have the mandatory params of the flow and # location of the source and destination point of the path paramsMissing = 0 keyError = 0 with_arp = False if set_arp == 1: with_arp = True try: dl_src = create_eaddr(str(request.args["dl_src"][0])) dl_dst = create_eaddr(str(request.args["dl_dst"][0])) except KeyError: dl_src = 0 dl_dst = 0 keyError = 1 paramsMissing = 1 except: print "other error" if (dl_src == None) | (dl_dst == None): paramsMissing = 1 if paramsMissing == 1: if info_src != None: dl_src = info_src["dl_addr"] if info_dst != None: dl_dst = info_dst["dl_addr"] if (dl_src == None) | (dl_dst == None): if keyError == 1: errorCode["errorCode"] = NTC_VP_ERR_MISSING_MAC_ADDRESS webservice.badRequest(request, errcode2str[NTC_VP_ERR_MISSING_MAC_ADDRESS], errorCode) else: errorCode["errorCode"] = NTC_VP_ERR_BAD_MAC_ADDRESS webservice.badRequest(request, errcode2str[NTC_VP_ERR_MISSING_MAC_ADDRESS], errorCode) return NOT_DONE_YET # At this point even arp info is ready tp_src = 0 tp_dst = 0 ip_proto = 255 granularity = True try: ip_proto = int(request.args["ip_proto"][0]) except: granularity = False if granularity == True: try: tp_src = int(request.args["tp_src"][0]) except: tp_src = 0 try: tp_dst = int(request.args["tp_dst"][0]) except: tp_dst = 0 else: ip_proto = 255 npi = Netic_path_info() npi.nw_src = nw_src npi.nw_dst = nw_dst npi.duration = duration npi.bandwidth = bandwidth if set_arp == True: npi.set_arp = True else: npi.set_arp = False if bidirectional == True: npi.bidirect = True else: npi.bidirect = False npi.dp_src = dp_src npi.dp_dst = dp_dst npi.first_port = first_port npi.last_port = last_port if set_arp == True: npi.dl_src = dl_src npi.dl_dst = dl_dst npi.ip_proto = ip_proto npi.tp_src = tp_src npi.tp_dst = tp_dst res, error = self.bodrt.netic_create_route(npi) if error == 0: a = {} a["directPath"] = res.directPath self.discoveryws.add_created_path(res.directPath) if res.reversPath >= 0: self.discoveryws.add_created_path(res.reversPath) a["reversPath"] = res.reversPath neticResponse(request, NTC_OK, a) else: neticResponse(request, NTC_VP_INFO_PATH_NOT_FOUND)
class policyws(Component): def __init__(self, ctxt): Component.__init__(self, ctxt) self.cur_policy_table = 'current_policy' self.rule_table = 'policy_rules' self.policy = None self.v1 = None def install(self): self.policy = self.resolve(str(sepl.policy.PyPolicyComponent)) self.v1 = self.resolve(str(webservice.webservice)).get_version("1") self.v1.register_request( protocolsws.get_protocols, "GET", (webservice.WSPathStaticString('protocols'), ), "Get the set of currently defined protocol.") self.v1.register_request(protocolsws.get_protocol, "GET", (webservice.WSPathStaticString('protocols'), protocolsws.WSPathExistProtocolIdent()), "Get a protocol's definition.") self.v1.register_request(protocolsws.modify_protocol, "PUT", (webservice.WSPathStaticString('protocols'), protocolsws.WSPathProtocolIdent()), "Modify/create a protocol's definition.") self.v1.register_request(protocolsws.delete_protocol, "DELETE", (webservice.WSPathStaticString('protocols'), protocolsws.WSPathExistProtocolIdent()), "Delete a protocol's definition.") self.v1.register_request(self.get_policy_names, "GET", (webservice.WSPathStaticString('policy'), webservice.WSPathStaticString('names')), "Get name mappings.") self.v1.register_request(self.get_policy, "GET", (webservice.WSPathStaticString('policy'), ), "Get installed policy id.") self.v1.register_request(self.get_stats, "GET", ( webservice.WSPathStaticString('policy'), webservice.WSPathStaticString('stats'), ), "Get basic policy stats.") self.v1.register_request( self.reset_stats, "DELETE", ( webservice.WSPathStaticString('policy'), webservice.WSPathStaticString('stats'), ), "Reset all policy stats; returns stats " "prior to delete") self.v1.register_request(self.get_rule, "GET", (webservice.WSPathStaticString('policy'), WSPathExistingPolicyId(self.policy), webservice.WSPathStaticString('rule'), WSPathExistingRuleId(self.policy)), "Get rule id's defintion.") # disabled since we need .../rule/<rule id>/<other_stuff> # we may want to move this under ../<rule id>/attribute/... #self.v1.register_request(self.get_rule_param, "GET", # (webservice.WSPathStaticString('policy'), # WSPathExistingPolicyId(self.policy), # webservice.WSPathStaticString('rule'), # WSPathExistingRuleId(self.policy), # WSPathRuleParam()), # "Get rule id's parameter value.") self.v1.register_request(self.get_rules, "GET", (webservice.WSPathStaticString('policy'), WSPathExistingPolicyId(self.policy), webservice.WSPathStaticString('rules')), "Get policy id's rules.") self.v1.register_request(self.get_rule_stats, "GET", (webservice.WSPathStaticString('policy'), WSPathExistingPolicyId(self.policy), webservice.WSPathStaticString('rule'), WSPathExistingRuleId(self.policy), webservice.WSPathStaticString('stats')), "Get rule id's enforcement stats.") self.v1.register_request(self.put_rule, "PUT", (webservice.WSPathStaticString('policy'), WSPathExistingPolicyId(self.policy), webservice.WSPathStaticString('rule'), WSPathExistingRuleId(self.policy)), "Modify a rule's attributes or definition.") self.v1.register_request(self.put_record_rule_senders, "PUT", (webservice.WSPathStaticString('policy'), WSPathExistingPolicyId(self.policy), webservice.WSPathStaticString('rule'), WSPathExistingRuleId(self.policy), webservice.WSPathStaticString('stats')), "Configure stats collection for a rule.") self.v1.register_request(self.put_analysis, "PUT", (webservice.WSPathStaticString('policy'), WSPathExistingPolicyId(self.policy), webservice.WSPathStaticString('analysis'), webservice.WSPathStaticString('rules')), "Analyze a new policy relative to another.") self.v1.register_request(self.delete_rule, "DELETE", (webservice.WSPathStaticString('policy'), WSPathExistingPolicyId(self.policy), webservice.WSPathStaticString('rule'), WSPathExistingRuleId(self.policy)), "Delete a rule by id.") self.v1.register_request(self.post_rules, "POST", (webservice.WSPathStaticString('policy'), ), "Post a new policy.") def err(self, failure, request, fn_name, msg): lg.error('%s: %s' % (fn_name, str(failure))) if isinstance(failure.value, DirectoryException) \ and (failure.value.code == DirectoryException.COMMUNICATION_ERROR \ or failure.value.code == DirectoryException.REMOTE_ERROR): msg = failure.value.message if isinstance(msg, str): msg = unicode(msg, 'utf-8') return webservice.internalError(request, msg) def badReq(self, failure, request, fn_name): lg.error('%s: %s' % (fn_name, str(failure))) msg = failure.value.message if isinstance(msg, str): msg = unicode(msg, 'utf-8') return webservice.badRequest(request, msg) def get_policy_names(self, request, data): try: content = web_arg_utils.flatten_args(request.args) keys = ['inport', 'dpsrc', 'dlsrc', 'dldst', 'nwsrc', 'nwdst'] for key in keys: if not content.has_key(key): return webservice.badRequest( request, "Must include '%s' argument." % key) try: dp = create_datapathid_from_host(long(content['dpsrc'])) if dp == None: return webservice.badRequest(request, "Invalid datapath ID.") except ValueError, e: return webservice.badRequest(request, "Invalid datapath.") try: port = int(content['inport']) except ValueError, e: return webservice.badRequest(request, "Invalid inport.") dlsrc = create_eaddr(content['dlsrc']) dldst = create_eaddr(content['dldst']) if dlsrc == None or dldst == None: return webservice.badRequest(request, "Invalid MAC address.") nwsrc = create_ipaddr(content['nwsrc']) nwdst = create_ipaddr(content['nwdst']) if nwsrc == None or nwdst == None: return webservice.badRequest(request, "Invalid IP address.") def cb(names): try: request.write(simplejson.dumps(names)) request.finish() except Exception, e: self.err(Failure(), request, "get_names", "Could not retrieve name mappings.")
def send_port_mod(self, dpid, portno, hwaddr, mask, config): try: addr = create_eaddr(str(hwaddr)) return self.ctxt.send_port_mod(dpid, portno, addr, mask, config) except Exception, e: print e
def send_port_mod(self, dpid, portno, hwaddr, mask, config): try: addr = create_eaddr(str(hwaddr)) return self.ctxt.send_port_mod(dpid, portno, addr, mask, config) except Exception, e: raise RuntimeError("unable to send port mod:" + str(e))
return self.render_tmpl(request, "policydebug.mako", args=mako_args) except ValueError, e: mako_args["name_err"] = "Invalid dpsrc." return self.render_tmpl(request, "policydebug.mako", args=mako_args) try: if self.inport != '': inport = int(self.inport) else: inport = 0 except ValueError, e: mako_args["name_err"] = "Invalid inport." return self.render_tmpl(request, "policydebug.mako", args=mako_args) if self.dlsrc == '': dlsrc = create_eaddr(0) else: dlsrc = create_eaddr(self.dlsrc) if dlsrc == None: mako_args["name_err"] = "Invalid dlsrc." return self.render_tmpl(request, "policydebug.mako", args=mako_args) if self.dldst == '': dldst = create_eaddr(0) else: dldst = create_eaddr(self.dldst) if dldst == None: mako_args["name_err"] = "Invalid dldst." return self.render_tmpl(request, "policydebug.mako", args=mako_args) if self.nwsrc == '':