def exec_discover (self, event, p):
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.OFFER_MSG))
src = event.parsed.src
if src in self.leases:
offer = self.leases[src]
del self.leases[src]
self.offers[src] = offer
else:
offer = self.offers.get(src)
if offer is None:
if len(self.pool) == 0:
log.error("Out of IP addresses")
self.nak(event)
return
offer = self.pool[0]
if p.REQUEST_IP_OPT in p.options:
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
if wanted_ip in self.pool:
offer = wanted_ip
self.pool.remove(offer)
self.offers[src] = offer
reply.yiaddr = offer
reply.siaddr = self.ip_addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
self.fill(wanted_opts, reply)
self.reply(event, reply)
def exec_discover(self, event, p, pool):
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.OFFER_MSG))
src = event.parsed.src
if src in self.leases:
offer = self.leases[src]
del self.leases[src]
self.offers[src] = offer
else:
offer = self.offers.get(src)
if offer is None:
if len(pool) == 0:
log.error("Out of IP addresses")
self.nak(event)
return
offer = pool[0]
if p.REQUEST_IP_OPT in p.options:
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
if wanted_ip in pool:
offer = wanted_ip
pool.remove(offer)
self.offers[src] = offer
reply.yiaddr = offer
reply.siaddr = self.ip_addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
self.fill(wanted_opts, reply)
self.reply(event, reply)
def _discover(self):
self.offers = []
msg = pkt.dhcp()
self._add_param_requests(msg)
self.offer_xid = self._send(msg, msg.DISCOVER_MSG)
def _request(self):
msg = pkt.dhcp()
msg.siaddr = self.requested.server
#self._add_param_requests(msg)
msg.add_option(pkt.DHCP.DHCPServerIdentifierOption(msg.siaddr))
msg.add_option(pkt.DHCP.DHCPRequestIPOption(self.requested.address))
self.request_xid = self._send(msg, msg.REQUEST_MSG)
def exec_request (self, event, p, pool):
if not p.REQUEST_IP_OPT in p.options:
# Uhhh...
return
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
src = event.parsed.src
got_ip = None
if src in self.leases:
if wanted_ip != self.leases[src]:
pool.append(self.leases[src])
del self.leases[src]
else:
got_ip = self.leases[src]
if got_ip is None:
if src in self.offers:
if wanted_ip != self.offers[src]:
pool.append(self.offers[src])
del self.offers[src]
else:
got_ip = self.offers[src]
if got_ip is None:
if wanted_ip in pool:
pool.remove(wanted_ip)
got_ip = wanted_ip
if got_ip is None:
log.warn("%s asked for un-offered %s", src, wanted_ip)
self.nak(event)
return
assert got_ip == wanted_ip
self.leases[src] = got_ip
ev = DHCPLease(src, got_ip)
self.raiseEvent(ev)
if ev._nak:
self.nak(event)
return
log.info("Leased %s to %s" % (got_ip, src))
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.ACK_MSG))
reply.yiaddr = wanted_ip
reply.siaddr = self.ip_addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
self.fill(wanted_opts, reply)
self.reply(event, reply)
log.info("Running vulnerability scan for device %s" % (src))
result = Interface.runScan(str(got_ip))
# black list or white list
if (result == 'Good'):
Interface.updateList(whitelist, str(src))
else:
Interface.updateList(blacklist, str(src))
# set firewall rules/ policies
Interface.updatePolicy(whitelist, blacklist, firewallpolicies)
def _request (self): msg = pkt.dhcp() msg.siaddr = self.requested.server #self._add_param_requests(msg) msg.add_option(pkt.DHCP.DHCPServerIdentifierOption(msg.siaddr)) msg.add_option(pkt.DHCP.DHCPRequestIPOption(self.requested.address)) self.request_xid = self._send(msg, msg.REQUEST_MSG)
def _discover (self):
self.offers = []
msg = pkt.dhcp()
self._add_param_requests(msg)
self.offer_xid = self._send(msg, msg.DISCOVER_MSG)
def exec_request(self, event, p, pool):
if not p.REQUEST_IP_OPT in p.options:
# Uhhh...
return
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
src = event.parsed.src
port = event.port
got_ip = None
if src in self.leases:
if wanted_ip != self.leases[src]:
pool.append(self.leases[src])
del self.leases[src]
else:
got_ip = self.leases[src]
if got_ip is None:
if src in self.offers:
if wanted_ip != self.offers[src]:
pool.append(self.offers[src])
del self.offers[src]
else:
got_ip = self.offers[src]
if got_ip is None:
if wanted_ip in pool:
pool.remove(wanted_ip)
got_ip = wanted_ip
if got_ip is None:
log.warn("%s asked for un-offered %s", src, wanted_ip)
self.nak(event)
return
assert got_ip == wanted_ip
self.leases[src] = got_ip
ev = DHCPLease(src, got_ip, port)
self.raiseEvent(ev)
if ev._nak:
self.nak(event)
return
log.info("Leased %s to %s" % (got_ip, src))
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.ACK_MSG))
reply.yiaddr = wanted_ip
reply.siaddr = self.ip_addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
self.fill(wanted_opts, reply)
self.reply(event, reply)
def exec_request (self, event, p):
if not p.REQUEST_IP_OPT in p.options:
# Uhhh...
return
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
src = event.parsed.src
got_ip = None
if src in self.leases:
if wanted_ip != self.leases[src]:
self.pool.append(self.leases[src])
del self.leases[src]
else:
got_ip = self.leases[src]
if got_ip is None:
if src in self.offers:
if wanted_ip != self.offers[src]:
self.pool.append(self.offers[src])
del self.offers[src]
else:
got_ip = self.offers[src]
if got_ip is None:
if wanted_ip in self.pool:
self.pool.remove(wanted_ip)
got_ip = wanted_ip
if got_ip is None:
log.warn("%s asked for un-offered %s", src, wanted_ip)
self.nak(event)
return
assert got_ip == wanted_ip
self.leases[src] = got_ip
ev = DHCPLease(src, got_ip)
self.raiseEvent(ev)
if ev._nak:
self.nak(event)
return
log.info("Leased %s to %s" % (got_ip, src))
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.ACK_MSG))
reply.yiaddr = wanted_ip
reply.siaddr = self.ip_addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
self.fill(wanted_opts, reply)
self.reply(event, reply)
def exec_request(cls, event, p, pool):
if not p.REQUEST_IP_OPT in p.options:
# Uhhh...
return
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
src = event.parsed.src
got_ip = None
if src in cls.leases:
if wanted_ip != cls.leases[src]:
pool.append(cls.leases[src])
del cls.leases[src]
else:
got_ip = cls.leases[src]
if got_ip is None:
if src in cls.offers:
if wanted_ip != cls.offers[src]:
pool.append(cls.offers[src])
del cls.offers[src]
else:
got_ip = cls.offers[src]
if got_ip is None:
if wanted_ip in pool:
pool.remove(wanted_ip)
got_ip = wanted_ip
if got_ip is None:
log.warn("%s asked for un-offered %s", src, wanted_ip)
cls.nak(event)
return
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.ACK_MSG))
reply.yiaddr = wanted_ip
reply.siaddr = cls.server_addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
cls.fill(wanted_opts, reply)
cls.reply(event, reply)
bucket.arp_table[got_ip] = ARPDets(event.dpid, event.port, src)
def exec_request(cls, event, p, pool):
if not p.REQUEST_IP_OPT in p.options:
# Uhhh...
return
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
src = event.parsed.src
got_ip = None
if src in cls.leases:
if wanted_ip != cls.leases[src]:
pool.append(cls.leases[src])
del cls.leases[src]
else:
got_ip = cls.leases[src]
if got_ip is None:
if src in cls.offers:
if wanted_ip != cls.offers[src]:
pool.append(cls.offers[src])
del cls.offers[src]
else:
got_ip = cls.offers[src]
if got_ip is None:
if wanted_ip in pool:
pool.remove(wanted_ip)
got_ip = wanted_ip
if got_ip is None:
log.warn("%s asked for un-offered %s", src, wanted_ip)
cls.nak(event)
return
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.ACK_MSG))
reply.yiaddr = wanted_ip
reply.siaddr = cls.server_addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
cls.fill(wanted_opts, reply)
cls.reply(event, reply)
bucket.arp_table[got_ip] = ARPDets(event.dpid, event.port, src)
def generate_dhcp_reply(self, dhcp, send_ip, dhcp_msg_type, lease):
reply_pkt = pkt.dhcp()
reply_pkt.op = pkt.dhcp.BOOTREPLY
reply_pkt.htype = 0x01
reply_pkt.hlen = 0x6
reply_pkt.xid = dhcp.xid
if dhcp_msg_type != pkt.dhcp.NAK_MSG:
reply_pkt.yiaddr = send_ip
reply_pkt.siaddr = self.increment_ip(send_ip)
reply_pkt.chaddr = dhcp.chaddr
reply_pkt.options[pkt.dhcp.MSG_TYPE_OPT] = pkt.DHCP.DHCPMsgTypeOption(dhcp_msg_type)
reply_pkt.options[pkt.dhcp.SUBNET_MASK_OPT] = pkt.DHCP.DHCPSubnetMaskOption(0xFFFFFFFC)
reply_pkt.options[pkt.dhcp.REQUEST_LEASE_OPT] = pkt.DHCP.DHCPIPAddressLeaseTimeOption(lease)
reply_pkt.options[pkt.dhcp.SERVER_ID_OPT] = pkt.DHCP.DHCPServerIdentifierOption(str(self.increment_ip(send_ip)))
if dhcp_msg_type == pkt.dhcp.NAK_MSG:
return reply_pkt
reply_pkt.options[pkt.dhcp.GATEWAY_OPT] = pkt.DHCP.DHCPRoutersOption(str(self.increment_ip(send_ip)))
reply_pkt.options[pkt.dhcp.DNS_SERVER_OPT] = pkt.DHCP.DHCPDNSServersOption(str(self.increment_ip(send_ip)))
return reply_pkt
def exec_discover(self, event, p, subnet):
# creates an OFFER in response to a DISCOVER
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.OFFER_MSG))
src = event.parsed.src
# if this host already has a lease
if src in self.leases[subnet]:
offer = self.leases[subnet][src].ip # offer it the same address
del self.leases[subnet][src]
self.offers[subnet][src] = offer # move from leases to offers
# otherwise check if we already offered an address to this host
else:
offer = self.offers[subnet].get(src)
if offer is None:
if len(subnet.pool) == 0:
log.error("Out of IP addresses")
self.nak(event, subnet)
return
offer = subnet.pool[0] # offer the first available address
if p.REQUEST_IP_OPT in p.options: # if host requested specific address
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
if wanted_ip in subnet.pool:
offer = wanted_ip
subnet.pool.remove(offer)
self.offers[subnet][src] = offer
reply.yiaddr = offer # your IP
reply.siaddr = subnet.server.addr # server's IP
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
self.fill(wanted_opts, subnet, reply)
self.reply(event, subnet, reply)
def exec_request(self, event, p, subnet):
# create and send ACKNOWLEDGE in response to REQUEST
if not p.REQUEST_IP_OPT in p.options:
# Uhhh...
return
# if client asks for specific IP
wanted_ip = p.options[p.REQUEST_IP_OPT].addr
src = event.parsed.src
dpid = event.connection.dpid
port = event.port
got_ip = None
# renew
if src in self.leases[subnet]:
if wanted_ip != self.leases[subnet][src]:
subnet.pool.append(self.leases[subnet][src].ip)
del self.leases[subnet][src]
else:
got_ip = self.leases[subnet][src]
got_ip.refresh() # this is a lease renew
# respond to offer
if got_ip is None:
if src in self.offers[
subnet]: # if there was an offer to this client
if wanted_ip != self.offers[subnet][src]:
subnet.pool.append(self.offers[subnet][src])
del self.offers[subnet][src]
else:
got_ip = LeaseEntry(self.offers[subnet][src])
# new host request
if got_ip is None:
if wanted_ip in subnet.pool:
subnet.pool.remove(wanted_ip)
got_ip = LeaseEntry(wanted_ip)
if got_ip is None:
log.warn("%s asked for un-offered %s", src, wanted_ip)
self.nak(event, subnet)
return
assert got_ip == wanted_ip
self.leases[subnet][src] = got_ip
ev = DHCPLease(src, got_ip.ip, port, dpid, renew=True)
log.debug("%s leased %s to %s" % (subnet.server.addr, got_ip, src))
self.raiseEvent(ev)
if ev._nak:
self.nak(event, subnet)
return
# create ack reply
reply = pkt.dhcp()
reply.add_option(pkt.DHCP.DHCPMsgTypeOption(p.ACK_MSG))
reply.yiaddr = wanted_ip
reply.siaddr = subnet.server.addr
wanted_opts = set()
if p.PARAM_REQ_OPT in p.options:
wanted_opts.update(p.options[p.PARAM_REQ_OPT].options)
self.fill(wanted_opts, subnet, reply)
self.reply(event, subnet, reply)
def nak(self, event, subnet, msg=None):
if msg is None:
msg = pkt.dhcp()
msg.add_option(pkt.DHCP.DHCPMsgTypeOption(msg.NAK_MSG))
msg.siaddr = subnet.server.addr
self.reply(event, subnet, msg)
def nak(cls, event, msg = None):
if msg is None:
msg = pkt.dhcp()
msg.add_option(pkt.DHCP.DHCPMsgTypeOption(msg.NAK_MSG))
msg.siaddr = cls.server_addr
cls.reply(event, msg)
def nak(cls, event, msg=None):
if msg is None:
msg = pkt.dhcp()
msg.add_option(pkt.DHCP.DHCPMsgTypeOption(msg.NAK_MSG))
msg.siaddr = cls.server_addr
cls.reply(event, msg)
def nak (self, event, msg = None):
if msg is None:
msg = pkt.dhcp()
msg.add_option(pkt.DHCP.DHCPMsgTypeOption(msg.NAK_MSG))
msg.siaddr = self.ip_addr
self.reply(event, msg)