def run_exercise():
#Create and start a new network with our custom topology
topo = SSHTopo()
net = Mininet(topo=topo)
net.start()
pids = []
net['httpd'].cmd('ip addr add fc00::5:80/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:88/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:8080/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:8888/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:8889/64 dev httpd-eth0')
for i in range(1,20):
net['proxy%i'%i].cmd('ip addr add fc00::5:%x/64 dev proxy%i-eth0'%(i*111, i))
pids.append(net["proxy%i"%i].popen('/usr/sbin/sshd', '-o', 'PermitTTY=no', '-o', 'ForceCommand=/usr/sbin/nologin').pid)
httpd_pid = net["httpd"].popen('nginx', '-c', '/home/vagrant/assignments/ssh/nginx.conf').pid
ssh1_sshd_pid = net["ssh1"].popen('/usr/sbin/sshd', '-o', 'Ciphers=3des-cbc', '-o', 'PrintMotd=yes').pid #, '-f', '/home/vagrant/assignments/ssh/ssh1_sshd.conf').pid
ssh3_sshd_pid = net["ssh3"].popen('/usr/sbin/sshd', '-o', 'PrintMotd=no').pid
pids += [httpd_pid, ssh1_sshd_pid, ssh3_sshd_pid]
makeTerms([net["you"]], title="term1")
makeTerms([net["you"]], title="term2")
state = ExerciseState(net, pids)
return state
def startTerms( self ):
"Start a terminal for each node."
info( "*** Running terms on %s\n" % os.environ[ 'DISPLAY' ] )
cleanUpScreens()
self.terms += makeTerms( self.controllers, 'controller' )
self.terms += makeTerms( self.switches, 'switch' )
self.terms += makeTerms( self.hosts, 'host' )
def startTerms(self):
"Start a terminal for each node."
info("*** Running terms on %s\n" % os.environ["DISPLAY"])
cleanUpScreens()
self.terms += makeTerms(self.controllers, "controller")
self.terms += makeTerms(self.switches, "switch")
self.terms += makeTerms(self.hosts, "host")
def startTerms( self ):
"Start a terminal for each node."
if 'DISPLAY' not in os.environ:
error( "Error starting terms: Cannot connect to display\n" )
return
info( "*** Running terms on %s\n" % os.environ[ 'DISPLAY' ] )
cleanUpScreens()
self.terms += makeTerms( self.controllers, 'controller' )
self.terms += makeTerms( self.switches, 'switch' )
self.terms += makeTerms( self.hosts, 'host' )
def startTerms( self ):
"Start a terminal for each node."
if 'DISPLAY' not in os.environ:
error( "Error starting terms: Cannot connect to display\n" )
return
info( "*** Running terms on %s\n" % os.environ[ 'DISPLAY' ] )
cleanUpScreens()
self.terms += makeTerms( self.controllers, 'controller' )
self.terms += makeTerms( self.switches, 'switch' )
self.terms += makeTerms( self.hosts, 'host' )
def startTerms(self):
"Start a terminal for each node."
if "DISPLAY" not in os.environ:
error("Error starting terms: Cannot connect to display\n")
return
info("*** Running terms on %s\n" % os.environ["DISPLAY"])
cleanUpScreens()
self.terms += makeTerms(self.controllers, "controller")
self.terms += makeTerms(self.switches, "switch")
self.terms += makeTerms(self.hosts, "host")
def startTerms(self): # pragma: no cover
"Start a terminal for each node."
if "DISPLAY" not in os.environ:
error("Error starting terms: Cannot connect to display\n")
return
info("*** Running terms on %s\n" % os.environ["DISPLAY"])
cleanUpScreens()
self.terms += makeTerms(self.controllers, "controller")
self.terms += makeTerms(self.switches, "switch")
dhosts = [h for h in self.hosts if isinstance(h, DockerHost)]
for d in dhosts:
self.terms.append(spawnXtermDocker(d.name))
rest = [h for h in self.hosts if h not in dhosts]
self.terms += makeTerms(rest, "host")
def run_exercise():
#Create and start a new network with our custom topology
topo = TLSTopo()
net = Mininet(topo=topo)
net.start()
net.pingAll()
processes = []
#Start Nginx HTTP-server
processes.append(net["Server-1"].popen('nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_1.conf'))
processes.append(net["Server-2"].popen('nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_2.conf'))
processes.append(net["Server-3"].popen('nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_3.conf'))
processes.append(net["Server-4"].popen('nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_4.conf'))
processes.append(net["Server-5"].popen('nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_5.conf'))
#Open wireshark
processes.append(net["A"].popen('wireshark'))
#Open terminals
processes.append(makeTerms([net["A"]], title="Student terminal")[0])
raw_input("Press Enter to exit....")
for process in processes:
process.kill()
Cleanup.cleanup()
def dhcpdemo(firefox=True, controller=None):
"Rogue DHCP server demonstration"
checkRequired()
topo = DHCPTopo()
net = Mininet(topo=topo,
link=TCLink,
switch=OVSSwitch,
controller=controller)
h1, dhcp, evil = net.get('h1', 'dhcp', 'evil')
# connectToInternet calls net.start() for us!
rootnode = connectToInternet(net, 's1')
mountPrivateResolvconf(h1)
# Set up a good but slow DHCP server
startDHCPserver(dhcp, gw=rootnode.IP(), dns='8.8.8.8')
startDHCPclient(h1)
waitForIP(h1)
# Make sure we can fetch the good google.com
info('* Fetching google.com:\n')
print h1.cmd('curl google.com')
# For firefox, start it up and tell user what to do
if firefox:
net.terms += makeTerms([h1], 'h1')
h1.cmd('firefox www.stanford.edu -geometry 400x400-50+50 &')
print '*** You may want to do some DNS lookups using dig'
print '*** Please go to amazon.com in Firefox'
print '*** You may also wish to start up wireshark and look at bootp and/or dns'
prompt("*** Press return to start up evil DHCP server: ")
# Now start up an evil but fast DHCP server
startDHCPserver(evil, gw=rootnode.IP(), dns=evil.IP())
# And an evil fake DNS server
startFakeDNS(evil)
# And an evil web server
startEvilWebServer(evil)
h1.cmd('ifconfig', h1.defaultIntf(), '0')
waitForIP(h1)
info('* New DNS result:\n')
info(h1.cmd('host google.com'))
# Test http request
if firefox:
print "*** You may wish to look at DHCP and DNS results in wireshark"
print "*** You may also wish to do some DNS lookups using dig"
print "*** Please go to google.com in Firefox"
print "*** You may also want to try going back to amazon.com and hitting shift-refresh"
else:
info('* Fetching google.com:\n')
print h1.cmd('curl google.com')
if firefox:
prompt("*** Press return to shut down evil DHCP/DNS/Web servers: ")
# Clean up everything
stopFakeDNS(evil)
stopEvilWebServer(evil)
stopDHCPserver(evil)
if firefox:
print "*** Try going to some other web sites if you like"
prompt("*** Press return to exit: ")
stopDHCPserver(dhcp)
stopDHCPclient(h1)
stopNAT(rootnode)
unmountPrivateResolvconf(h1)
net.stop()
def run_exercise():
#Create and start a new network with our custom topology
topo = TLSTopo()
net = Mininet(topo=topo)
net.start()
net.pingAll()
processes = []
#Start Nginx HTTP-server
processes.append(net["Server-1"].popen(
'nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_1.conf'))
processes.append(net["Server-2"].popen(
'nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_2.conf'))
processes.append(net["Server-3"].popen(
'nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_3.conf'))
processes.append(net["Server-4"].popen(
'nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_4.conf'))
processes.append(net["Server-5"].popen(
'nginx -p /home/vagrant/assignments/ssl_tls/nginx -c nginx_5.conf'))
#Open wireshark
processes.append(net["A"].popen('wireshark'))
#Open terminals
processes.append(makeTerms([net["A"]], title="Student terminal")[0])
raw_input("Press Enter to exit....")
for process in processes:
process.kill()
Cleanup.cleanup()
def run():
# Creates the virtual environment, by starting the network and configuring debug information
info('** Creating an instance of Lab6 network topology\n')
topo = Lab6Topo()
info('** Starting the network\n')
global net
global hosts
# We specify the OVSSwitch for better IPv6 performance
# We use mininext constructor with the instance of the network, the default controller and the customized openvswitch
net = MiniNExT(topo, controller=Controller, switch=OVSSwitch)
net.start()
info('** Executing custom commands\n')
# Space to add any customize command before prompting command line
# We assign IPv6 addresses to hosts h1, h2, and h5 as they are not configured through Quagga
# We gather only the hosts created in the topology (no switches nor controller)
hosts = [ net.getNodeByName( h ) for h in topo.hosts() ]
for host in hosts:
# Only to hosts: We assign IPv6 address
if host.name == 'h1':
host.cmd('ip -6 addr add 2001:1:0:1010::10/64 dev h1-eth1')
host.cmd('ip -6 route add default via 2001:1:0:1010::1')
elif host.name == 'h2':
host.cmd('ip -6 addr add 2001:1:0:2020::20/64 dev h2-eth1')
host.cmd('ip -6 route add default via 2001:1:0:2020::2')
elif host.name == 'h5':
host.cmd('ip -6 addr add 2001:1:0:5050::50/64 dev h5-eth1')
host.cmd('ip -6 route add default via 2001:1:0:5050::5')
# Enable Xterm window for every host
info('** Enabling xterm for hosts only\n')
# We check if the display is available
if 'DISPLAY' not in os.environ:
error( "Error starting terms: Cannot connect to display\n" )
return
# Remove previous (and possible non-used) socat X11 tunnels
cleanUpScreens()
# Mininet's function to create Xterms in hosts
makeTerms( hosts, 'host' )
# Enable the mininext> prompt
info('** Running CLI\n')
CLI(net)
def start_xterm(self, host_name):
"Start a terminal for each node."
if 'DISPLAY' not in os.environ:
error("Error starting terms: Cannot connect to display\n")
return
info("*** Running terms on %s\n" % os.environ['DISPLAY'])
cleanUpScreens()
self.terms += makeTerms([self.net.get(host_name)], 'host')
def hostTerm(net):
"Start a terminal for each node."
if 'DISPLAY' not in os.environ:
error("Error starting terms: Cannot connect to display\n")
return
info("*** Running terms on %s\n" % os.environ['DISPLAY'])
cleanUpScreens()
terms = []
net.terms += makeTerms(net.hosts, 'host')
def dhcpdemo( firefox=True , controller=None):
"Rogue DHCP server demonstration"
checkRequired()
topo = DHCPTopo()
net = Mininet( topo=topo, link=TCLink , switch=OVSSwitch, controller=controller)
h1, dhcp, evil = net.get( 'h1', 'dhcp', 'evil' )
# connectToInternet calls net.start() for us!
rootnode = connectToInternet( net, 's1' )
mountPrivateResolvconf( h1 )
# Set up a good but slow DHCP server
startDHCPserver( dhcp, gw=rootnode.IP(), dns='8.8.8.8')
startDHCPclient( h1 )
waitForIP( h1 )
# Make sure we can fetch the good google.com
info( '* Fetching google.com:\n' )
print h1.cmd( 'curl google.com' )
# For firefox, start it up and tell user what to do
if firefox:
net.terms += makeTerms( [ h1 ], 'h1' )
h1.cmd( 'firefox www.stanford.edu -geometry 400x400-50+50 &' )
print '*** You may want to do some DNS lookups using dig'
print '*** Please go to amazon.com in Firefox'
print '*** You may also wish to start up wireshark and look at bootp and/or dns'
prompt( "*** Press return to start up evil DHCP server: " )
# Now start up an evil but fast DHCP server
startDHCPserver( evil, gw=rootnode.IP(), dns=evil.IP() )
# And an evil fake DNS server
startFakeDNS( evil )
# And an evil web server
startEvilWebServer( evil )
h1.cmd( 'ifconfig', h1.defaultIntf(), '0' )
waitForIP( h1 )
info( '* New DNS result:\n' )
info( h1.cmd( 'host google.com' ) )
# Test http request
if firefox:
print "*** You may wish to look at DHCP and DNS results in wireshark"
print "*** You may also wish to do some DNS lookups using dig"
print "*** Please go to google.com in Firefox"
print "*** You may also want to try going back to amazon.com and hitting shift-refresh"
else:
info( '* Fetching google.com:\n' )
print h1.cmd( 'curl google.com' )
if firefox:
prompt( "*** Press return to shut down evil DHCP/DNS/Web servers: " )
# Clean up everything
stopFakeDNS( evil )
stopEvilWebServer( evil )
stopDHCPserver( evil )
if firefox:
print "*** Try going to some other web sites if you like"
prompt( "*** Press return to exit: " )
stopDHCPserver( dhcp )
stopDHCPclient( h1 )
stopNAT( rootnode )
unmountPrivateResolvconf( h1 )
net.stop()
def do_xterm( self, line, term='xterm' ):
"Spawn xterm(s) for the given node(s)."
args = line.split()
if not args:
error( 'usage: %s node1 node2 ...\n' % term )
else:
for arg in args:
if arg not in self.mn:
error( "node '%s' not in network\n" % arg )
else:
node = self.mn[ arg ]
self.mn.terms += makeTerms( [ node ], term = term )
def do_xterm(self, line, term='xterm'):
"Spawn xterm(s) for the given node(s)."
args = line.split()
if not args:
error('usage: %s node1 node2 ...\n' % term)
else:
for arg in args:
if arg not in self.nodemap:
error("node '%s' not in network\n" % arg)
else:
node = self.nodemap[arg]
self.mn.terms += makeTerms([node], term=term)
def do_xterm( self, line, term='xterm' ):
"Spawn xterm(s) for the given component(s)."
args = line.split()
if not args:
error( 'usage: %s comp1 comp2 ...\n' % term )
else:
for arg in args:
if arg not in self.cn:
error( "component '%s' not in network\n" % arg )
else:
comp = self.cn[ arg ]
self.cn.terms += makeTerms( [ comp.node ], term = term )
def run_exercise():
# first backup /etc/resolv.conf, we'll put it back in cleanup()
copyfile("/etc/resolv.conf", "/tmp/resolv.conf.bak")
#Create and start a new network with our custom topology
topo = SSHTopo()
net = Mininet(topo=topo)
net.start()
#Verify connectivity
#net.pingAll()
# These commands affect the host VM itself AND all hosts spawned
# by mininet. We only need to do it once, on any host in our topo.
net['DNS'].cmd('echo "nameserver 10.0.3.1" > /etc/resolv.conf')
net['DNS'].cmd('echo "search mooc" >> /etc/resolv.conf')
# configure resolv.conf on all hosts:
for i, host in enumerate(net.hosts):
host.cmd('ip addr add fc00::3:%i/64 dev %s-eth0' % (i, host.name))
if re.match('T\d', host.name) is not None:
host.cmd('/usr/sbin/sshd -p %i -6' % (2230 + i * 2))
print "Host name %s is running SSH on port %i" % (host.name,
2230 + i * 2)
for randomport in random.sample(range(1, 65535), 20 - i):
print " Host name %s is listening on port %i" % (
host.name, randomport)
host.cmd('/bin/netcat', '-k -l -p %i &' % randomport)
#Start BIND DNS-server
bind_pid = net["DNS"].popen(
'named', '-g', '-c',
'/home/vagrant/assignments/3-network_attacks/named.conf').pid
#makeTerms([net["B"]], title="DNS")
#Open terminals
makeTerms([net["A"]], title="Attacker terminal")
state = ExerciseState(net, bind_pid)
return state
def runXTerms (self):
"""
Start an xterm to every SAP if it's enabled in the global config. SAP are
stored as hosts in the Mininet class.
:return: None
"""
if CONFIG.get_SAP_xterms():
log.debug("Starting xterm on SAPS...")
terms = makeTerms(nodes=self.__mininet.hosts, title='SAP', term="xterm")
self.xterms.extend(terms)
else:
log.warning("Skip starting xterms on SAPS according to global config")
def process_message(self, msg):
if msg == 'current_network':
self.send_network()
elif msg.startswith('link '):
self.mininet.configLinkStatus( *msg.split()[1:] )
elif msg.startswith('node xterm'):
node = self.mininet[msg.split()[-1]]
self.mininet.terms += makeTerms([node], term = 'xterm')
elif msg == 'port_stats_request':
self.handle_port_stats_request()
elif msg == 'flow_stats_request':
self.handle_flow_stats_request()
else:
self.log.warn('Unrecognized message from browser: %s' % msg)
def run():
" Creates the virtual environment, by starting the network and configuring debug information "
info('** Creating an instance of Lab4 network topology\n')
topo = Lab4Topo()
info('** Starting the network\n')
global net
global hosts
# We use mininext constructor with the instance of the network, the default controller and the openvswitch
net = MiniNExT(topo, controller=Controller, switch=OVSSwitch)
net.start()
info('** Executing custom commands\n')
##############################################
# Space to add any customize command before prompting command line
# We provide an example on how to assign IPv6 addresses to hosts h1 and h2 as they
# are not configured through Quagga
# If required, you can add any extra logic to it
# We gather only the hosts created in the topology (no switches nor controller)
hosts = [net.getNodeByName(h) for h in topo.hosts()]
info('** Adding IPv6 address to hosts\n')
for host in hosts:
if host.name is 'h1':
host.cmd('ip -6 addr add 2001:1:0:11::10/64 dev h1-eth1')
host.cmd('ip -6 route add default via 2001:1:0:11::1')
elif host.name is 'h2':
host.cmd('ip -6 addr add 2001:1:0:12::20/64 dev h2-eth1')
host.cmd('ip -6 route add default via 2001:1:0:12::2')
info('** Enabling xterm for all hosts\n')
makeTerms(hosts, 'node')
##############################################
# Enable the mininext> prompt
info('** Running CLI\n')
CLI(net)
def run_exercise():
#Create and start a new network with our custom topology
topo = SSHTopo()
net = Mininet(topo=topo)
net.start()
pids = []
net['httpd'].cmd('ip addr add fc00::5:80/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:88/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:8080/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:8888/64 dev httpd-eth0')
net['httpd'].cmd('ip addr add fc00::5:8889/64 dev httpd-eth0')
for i in range(0, 20):
net['proxy%i' % i].cmd('ip addr add fc00::5:%x/64 dev proxy%i-eth0' %
(i * 111, i))
print 'proxy', i, ' has ipv6 ', 'fc00::5:%x/64 dev proxy%i-eth0' % (
i * 111, i)
pids.append(net["proxy%i" %
i].popen('/usr/sbin/sshd', '-o', 'PrintMotd=no', '-o',
'ForceCommand=/usr/sbin/nologin').pid)
httpd_pid = net["httpd"].popen(
'nginx', '-c', '/home/vagrant/assignments/ssh/nginx.conf').pid
ssh1_sshd_pid = net["ssh1"].popen(
'/usr/sbin/sshd', '-o', 'Ciphers=3des-cbc', '-o', 'PrintMotd=yes'
).pid #, '-f', '/home/vagrant/assignments/ssh/ssh1_sshd.conf').pid
ssh3_sshd_pid = net["ssh3"].popen('/usr/sbin/sshd', '-o',
'PrintMotd=no').pid
pids += [httpd_pid, ssh1_sshd_pid, ssh3_sshd_pid]
makeTerms([net["you"]], title="term1")
makeTerms([net["you"]], title="term2")
state = ExerciseState(net, pids)
return state
def do_xterm(self, line, term="xterm"):
"""Spawn xterm(s) for the given node(s).
Usage: xterm node1 node2 ..."""
args = line.split()
if not args:
error("usage: %s node1 node2 ...\n" % term)
else:
for arg in args:
if arg not in self.mn:
error("node '%s' not in network\n" % arg)
else:
node = self.mn[arg]
if isinstance(node, DockerHost):
self.mn.terms.append(spawnXtermDocker(node))
else:
self.mn.terms += makeTerms([node], term=term)
def startXterms(self):
self.network.terms += makeTerms( self.network.hosts, 'host' )
def newTerm( net=self.net, node=self.node, title=self.title ):
"Pop up a new terminal window for a node."
net.terms += makeTerms( [ node ], title )
def _createHostAtDummy( self, hostName, **params ):
"""
Add a host node to Mininet and link it to the dummy.
hostName: name of the host
params: parameters for host
"""
if self.debug_flag1:
print "EXEC: createHostAtDummy(%s):" % hostName
# Part 0: Main assertions.
assert hostName not in self.mn.nameToNode
assert self.mn.built
# Part 1: Getting dummy.
dummy = self.mn.nameToNode.get("dummy", None)
if dummy is None:
error('dummy node does not exist\n')
return
assert isinstance(dummy, Dummy)
# The following corresponds to code in self.build()
# if self.topo:
# self.buildFromTopo( self.topo )
info( '*** Adding host: %s\n' % hostName )
host = self.mn.addHost( hostName, **params )
info( '*** Adding link: (%s, %s)\n' % ( host.name, dummy.name ) )
hostPort = host.newPort()
dummyPort = dummy.newPort()
self.mn.addLink( host, dummy, hostPort, dummyPort )
# if ( self.inNamespace ):
# self.configureControlNetwork()
if ( self.mn.inNamespace ):
self.mn.configureControlNetwork()
# info( '*** Configuring hosts\n' )
# self.configHosts()
info( '*** Configuring host: %s\n' % host.name )
intf = host.defaultIntf()
if intf:
host.configDefault()
else: # Don't configure nonexistent intf
host.configDefault( ip=None, mac=None )
host.cmd( 'ifconfig lo up' )
# if self.xterms:
# self.startTerms()
if self.mn.xterms:
if 'DISPLAY' not in os.environ:
error( "Error starting terms: Cannot connect to display\n" )
return
info( "*** Running term on %s\n" % os.environ[ 'DISPLAY' ] )
self.mn.terms += makeTerms( [host], 'host' )
# if self.autoStaticArp:
# self.staticArp()
if self.mn.autoStaticArp:
for dst in self.mn.hosts:
if host != dst:
host.setARP( ip=dst.IP(), mac=dst.MAC() )
dst.setARP( ip=host.IP(), mac=host.MAC() )
# self.built = True
self.mn.built = True
return host
def _tempStartDummy(self):
info( '\n*** Adding dummy:\n' )
dummy = self._addDummy()
self.mn.terms += makeTerms( [dummy], 'dummy' )
def do_xxx_xterms( self, _line ): locals = self.getLocals() terms = makeTerms( [ locals[name] for name in [ 'h1', 'h2', 's1', 's2' ] ] ) self.mn.terms += terms
def run():
" Creates the virtual environment, by starting the network and configuring debug information "
info('** Creating an instance of Lab5 network topology\n')
global net
global hosts
# We specify the OVSSwitch for better IPv6 performance
# We use mininext constructor with the instance of the network, the default controller and the customized openvswitch
net = Mininet(intf=TCIntf)
info('\n** Adding Controller\n')
net.addController('c0')
info('\n** Adding Hosts\n')
h1 = net.addHost('h1',
ip='10.10.0.1/24',
hostname='h1',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
# Space to add any commands for configuring the IP addresses
h2 = net.addHost('h2',
ip='10.10.0.2/24',
hostname='h2',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
h3 = net.addHost('h3',
ip='10.10.1.3/24',
hostname='h3',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
r1 = net.addHost('r1',
ip='10.10.0.10/24',
hostname='r1',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
#
#
info('\n** Adding Switches\n')
# Adding switches to the network
sw1 = net.addSwitch('sw1')
sw2 = net.addSwitch('sw2')
info('\n** Creating Links \n')
link_h1sw1 = net.addLink(h1, sw1)
link_h2sw1 = net.addLink(h2, sw1)
link_h3sw2 = net.addLink(h3, sw2)
link_r1sw1 = net.addLink(r1, sw1, intfName1='r1-eth0')
link_r1sw2 = net.addLink(r1, sw2, intfName1='r1-eth1')
info('\n** Modifying Link Parameters \n')
"""
Default parameters for links:
bw = None,
delay = None,
jitter = None,
loss = None,
disable_gro = True,
speedup = 0,
use_hfsc = False,
use_tbf = False,
latency_ms = None,
enable_ecn = False,
enable_red = False,
max_queue_size = None
"""
link_r1sw2.intf1.config(bw=5, enable_red=True, enable_ecn=True)
net.start()
info('*** Configuring hosts\n')
r1.cmd('ifconfig r1-eth1 10.10.1.10 netmask 255.255.255.0')
r1.cmd('echo 1 > /proc/sys/net/ipv4/ip_forward')
#
h1.cmd('ip route add 10.10.1.0/24 via 10.10.0.10')
h2.cmd('ip route add 10.10.1.0/24 via 10.10.0.10')
h3.cmd('ip route add 10.10.0.0/24 via 10.10.1.10')
info('** Executing custom commands\n')
output = net.nameToNode.keys
#Enable Xterm window for every host
info('** Enabling xterm for hosts only\n')
# We check if the display is available
hosts = [h1, h2, h3, r1]
if 'DISPLAY' not in os.environ:
error("Error starting terms: Cannot connect to display\n")
return
# Remove previous (and possible non-used) socat X11 tunnels
cleanUpScreens()
# Mininet's function to create Xterms in hosts
makeTerms(hosts, 'host')
# Enable the mininet> prompt
info('** Running CLI\n')
CLI(net)
info('*** Closing the terminals on the hosts\n')
h1.cmd("killall xterm")
h2.cmd("killall xterm")
h3.cmd("killall xterm")
r1.cmd("killall xterm")
# This command stops the simulation
net.stop()
cleanUpScreens()
def run():
" Creates the virtual environment, by starting the network and configuring debug information "
info('** Creating an instance of Lab5 network topology\n')
global net
global hosts
net = Mininet(intf=TCIntf)
info('\n** Adding Controller\n')
net.addController('c0')
info('\n** Adding Hosts\n')
h1 = net.addHost('h1',
ip='10.0.0.1/24',
hostname='h1',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
h2 = net.addHost('h2',
ip='10.0.0.2/24',
hostname='h2',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
h3 = net.addHost('h3',
ip='10.0.3.3/24',
hostname='h3',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
r1 = net.addHost('r1',
ip='10.0.0.10/24',
hostname='r1',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
r2 = net.addHost('r2',
ip='10.0.1.20/24',
hostname='r2',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
r3 = net.addHost('r3',
ip='10.0.2.30/24',
hostname='r3',
privateLogDir=True,
privateRunDir=True,
inMountNamespace=True,
inPIDNamespace=True,
inUTSNamespace=True)
info('\n** Adding Switches\n')
# Adding switches to the network
sw1 = net.addSwitch('sw1')
sw2 = net.addSwitch('sw2')
sw3 = net.addSwitch('sw3')
sw4 = net.addSwitch('sw4')
info('\n** Creating Links \n')
link_h1sw1 = net.addLink(h1, sw1)
link_h2sw1 = net.addLink(h2, sw1)
link_h3sw4 = net.addLink(h3, sw4)
link_r1sw1 = net.addLink(r1, sw1, intfName1='r1-eth0')
link_r1sw2 = net.addLink(r1, sw2, intfName1='r1-eth1')
link_r2sw2 = net.addLink(r2, sw2, intfName1='r2-eth0')
link_r2sw3 = net.addLink(r2, sw3, intfName1='r2-eth1')
link_r3sw3 = net.addLink(r3, sw3, intfName1='r3-eth0')
link_r3sw4 = net.addLink(r3, sw4, intfName1='r3-eth1')
info('\n** Modifying Link Parameters \n')
"""
Default parameters for links:
bw = None,
delay = None,
jitter = None,
loss = None,
disable_gro = True,
speedup = 0,
use_hfsc = False,
use_tbf = False,
latency_ms = None,
enable_ecn = False,
enable_red = False,
max_queue_size = None
"""
net.start()
info('*** Configuring hosts\n')
r1.cmd('ifconfig r1-eth1 10.0.1.10 netmask 255.255.255.0')
r1.cmd('echo 1 > /proc/sys/net/ipv4/ip_forward')
r2.cmd('ifconfig r2-eth1 10.0.2.20 netmask 255.255.255.0')
r2.cmd('echo 1 > /proc/sys/net/ipv4/ip_forward')
r3.cmd('ifconfig r3-eth1 10.0.3.30 netmask 255.255.255.0')
r3.cmd('echo 1 > /proc/sys/net/ipv4/ip_forward')
# Space to add any customize command before prompting command line
#
#
#
#
r1.cmd(
'tc qdisc add dev r1-eth1 root handle 1: cbq avpkt 1000 bandwidth 60mbit'
)
r1.cmd(
'tc class add dev r1-eth1 parent 1: classid 1:1 cbq rate 2mbit allot 1500 prio 5 bounded isolated'
)
r1.cmd(
'tc class add dev r1-eth1 parent 1: classid 1:2 cbq rate 20mbit allot 1500 prio 5 bounded isolated'
)
r1.cmd(
'tc filter add dev r1-eth1 protocol ip parent 1: prio 16 u32 match ip src 10.0.0.1 flowid 1:1'
)
r1.cmd(
'tc filter add dev r1-eth1 protocol ip parent 1: prio 16 u32 match ip src 10.0.0.2 flowid 1:2'
)
# Space to add any customize command before prompting command line
#
#
#
#
info('** Executing custom commands\n')
output = net.nameToNode.keys
#Enable Xterm window for every host
info('** Enabling xterm for hosts only\n')
# We check if the display is available
hosts = [h1, h2, h3, r1, r2, r3]
if 'DISPLAY' not in os.environ:
error("Error starting terms: Cannot connect to display\n")
return
# Remove previous (and possible non-used) socat X11 tunnels
cleanUpScreens()
# Mininet's function to create Xterms in hosts
makeTerms(hosts, 'host')
# Enable the mininet> prompt
info('** Running CLI\n')
CLI(net)
r1.cmd("killall xterm")
r2.cmd("killall xterm")
r3.cmd("killall xterm")
h1.cmd("killall xterm")
h2.cmd("killall xterm")
h3.cmd("killall xterm")
# This command stops the simulation
net.stop()
cleanUpScreens()
def multiControllerNet(argv):
#argv[0] is the IP address of the controller
#argv[1] is either p for proactive or r for reactive
#argv[2] is mean = 1/lambda
#argv[3] is numofflows
#argv[4] is expiration timer in floodlight
#argv[5] is numofhosts to generate
#argv[6] is sigma for overflow policy
#argv[7] is either u for udp or t for tcp
#argv[8] is the number for the run so the log file is generated by the postfix r1, r2, etc.
strcontroller = argv[0]
simmode = argv[1]
mean = argv[2]
flows = argv[3]
tau = argv[4]
numhosts = argv[5]
sigma = argv[6]
udportcp = argv[7]
numruns = argv[8]
"Create a network from semi-scratch with multiple controllers."
net = Mininet(controller=Controller, switch=OVSSwitch)
print "*** Creating (reference) controllers"
# add controller
##c = net.addController( 'c1',controller=RemoteController,ip='192.168.56.102',port=6653)
c = net.addController('c1',
controller=RemoteController,
ip=strcontroller,
port=6653)
print "*** Creating switches with OF10"
s = net.addSwitch('s1', protocols="OpenFlow10")
print "*** Creating hosts"
hosts = [net.addHost('h1', ip='10.0.0.1')]
# for range from 2 to 11, not including 11 if argv[5] is 10
for i in range(2, int(argv[5]) + 1):
hostname = 'h' + str(i)
hostip = '10.0.0.' + str(i)
hosts.append(net.addHost(hostname, ip=hostip))
print hosts
print "*** Creating links"
for h in hosts:
net.addLink(s, h)
print "Added link " + s.name + " -> " + h.name
print "*** Starting network"
net.build()
net.start()
time.sleep(1)
# configure the GRE tunnel
print "*** Configuring GRE tunnel ***"
s.cmd('ovs-vsctl add-port s1 s1-gre1 -- set interface s1-gre1 type=gre ' +
'options:remote_ip=192.168.56.104')
s.cmdPrint('ovs-vsctl show')
print "*** Inserting proactive rules for DITG signaling and ARP ***"
# add proactive rules for DITG signaling on TCP port 9000
s.cmd(
'ovs-ofctl add-flow s1 dl_type=0x800,nw_proto=6,tcp_dst=9000,actions=normal'
)
s.cmd(
'ovs-ofctl add-flow s1 dl_type=0x800,nw_proto=6,tcp_src=9000,actions=normal'
)
# add proactive rule for ARP and ICMP
s.cmd(
'ovs-ofctl add-flow s1 dl_type=0x806,arp_op=1,nw_proto=1,actions=flood'
) #ARP request broadcast
s.cmd(
'ovs-ofctl add-flow s1 dl_type=0x800,icmp_type=8,nw_proto=1,actions=normal'
) #ICMP echo request
s.cmd(
'ovs-ofctl add-flow s1 dl_type=0x800,icmp_type=0,nw_proto=1,actions=normal'
) #ICMP echo reply
s.cmd('ovs-ofctl add-flow s1 dl_type=0x806,arp_op=2,actions=normal'
) #ARP reply unicast
print "*** Inserted proactve rules for DITG signaling and ARP ***"
# if 'r' is chosen, then configure overflow policy, else add UDP allow rule for praoctive case
if simmode == 'r':
if udportcp == 'u':
flow_limit = int(sigma) + 6
# configure overflow-policy only in case of UDP reactive 11/5
print "*** Configuring overflow policy ***"
strEvict = "ovs-vsctl -- --id=@ft create Flow_Table flow_limit=" + str(
flow_limit
) + " overflow_policy=evict groups='\"NXM_OF_IN_PORT[]\"' -- set Bridge s1 flow_tables:0=@ft"
s.cmd(strEvict)
elif simmode == 'p':
if udportcp == 'u':
print "*** Configuring UDP proactive rule ***"
# configure UDP proactive rule to allow all UDP traffic
s.cmd(
'ovs-ofctl add-flow s1 dl_type=0x800,nw_proto=17,actions=normal'
)
else:
print "*** Configuring TCP proactive rules***"
# configure TCP proactive rule to allow all bi-directional TCP traffic
s.cmd(
'ovs-ofctl add-flow s1 dl_type=0x800,nw_proto=6,actions=normal'
)
else:
print "either r or p expected as simmode"
print "*** Testing network"
net.pingAll()
# wait a bit before starting xterms
print "*** Waiting to start xterms***"
#time.sleep(5)
print "*** Starting xTerms"
i = 1
port = 50001
print hosts
for h in hosts:
#sendlog = "send" + h.name + ".log"
#recvlog = "recv" + h.name + ".log"
print h
destip = "10.0.1." + str(i)
#destport = str(port)
if udportcp == 'u':
flowfilename = "multiflowu-" + mean + "-" + flows + "-" + destip
sendlog = "su-" + simmode + "-m" + mean + "-f" + flows + "-x" + numhosts + "-t" + tau + "-s" + sigma + "-h" + str(
i) + "-b" + str(i) + "-r" + numruns
recvlog = "ru-" + simmode + "-m" + mean + "-f" + flows + "-x" + numhosts + "-t" + tau + "-s" + sigma + "-h" + str(
i) + "-b" + str(i) + "-r" + numruns
else:
flowfilename = "multiflowt-" + mean + "-" + flows + "-" + destip
sendlog = "st-" + simmode + "-m" + mean + "-f" + flows + "-x" + numhosts + "-t" + tau + "-s" + sigma + "-h" + str(
i) + "-b" + str(i) + "-r" + numruns
recvlog = "rt-" + simmode + "-m" + mean + "-f" + flows + "-x" + numhosts + "-t" + tau + "-s" + sigma + "-h" + str(
i) + "-b" + str(i) + "-r" + numruns
print flowfilename + " " + sendlog + " " + recvlog
#poisson -O <mean> WORKS!
#cmdstr = "bash -c '~/D-ITG-2.8.1-r1023-src/D-ITG-2.8.1-r1023/bin/ITGSend -a 10.0.1."+str(i)+" -rp " + destport + " -O 30 -c 10 -T UDP -t 60000 -l sendh"+str(i)+".log -x recvh"+str(i)+".log;'"
#poisson -O <mean> with script for multiple flows between source and destination
#the following works only if run in the DITG bin directory
#cmdstr = "bash -c './ITGSend multiflowu-30-50-10.0.1.1 -l sendh"+str(i)+".log -x recvh"+str(i)+".log;'"
cmdstr = "bash -c './ITGSend " + flowfilename + " -l " + sendlog + " -x " + recvlog + " ;'"
# cmdstr = "bash -c 'ping -c 10.0.1.1;'"
# print cmdstr
#constant -C <packets/sec> WORKS!
#cmdstr = "bash -c '~/D-ITG-2.8.1-r1023-src/D-ITG-2.8.1-r1023/bin/ITGSend -a 10.0.1."+str(i)+" -rp " + destport + " -C 100 -c 10 -T UDP -t 60000 -l sendh"+str(i)+".log -x recvh"+str(i)+".log;'"
term = makeTerm(h, cmd=cmdstr)
#term = makeTerm(h, cmd="bash -c './ITGSend "+flowfilename+" -l sendlog -x recvlog;'")
#-a 10.0.1.1 -T UDP -O 20 -c 512 -t 120000 -l sendlog -x recvlog;'")
net.terms.append(term)
# net.terms.append(makeTerm(h,cmd="bash -c 'ping -c 10.0.1.1;'"))
i += 1
#port +=1
#if test1 is specified or no test is specified, run SimpleHTTPServer on h2
#h2 = net.hosts[1]
#print "*** Starting SimpleHTTPServer on host " + h2.name
#print h2.cmd('python -m SimpleHTTPServer 80 &')
#time.sleep(1)
net.terms += makeTerms(net.switches, 'switch')
#net.terms += makeTerms (net.hosts, 'host')
print "*** Running CLI"
CLI(net)
print "*** Stopping network"
net.stop()
def newTerm(net=self.net, node=self.node, title=self.title):
"Pop up a new terminal window for a node."
net.terms += makeTerms([node], title)
if args.remote_controller:
info("*** Use remote controller\n")
warn(
"*** The controller program should already run and listen on port 6653\n"
)
c = RemoteController("ryu", ip="127.0.0.1", port=6653)
net.addController(c)
net.build()
net.start()
else:
net.build()
net.start()
dumpNodeConnections(net.hosts)
if args.use_ofctl:
info("*** Add flows by using ovs-ofctl locally\n")
build_scl(net, "s1", "cam1", "server", SFP1[0])
# TODO: Build the service function path
# build_sfp("s1", SFP1, net)
info("*** Print host informations\n")
for h in topo.hosts():
print("{}: {}".format(h, net.get(h).IP()))
if args.term:
host_objs = [net[h] for h in topo.hosts()]
makeTerms(host_objs, term="xterm")
cli = CLI(net)
net.stop()
def showTerminal(self):
self.network.terms += makeTerms([self.node], self.node.name)
def multiControllerNet(argv):
#argv[0] has remote controller ip address
#argv[1] has r for reactive and p for proactive
#argv[2] is numofhosts to generate
sigma = argv[3]
udportcp = argv[4]
"Create a network from semi-scratch with multiple controllers."
net = Mininet(controller=Controller, switch=OVSSwitch)
print "*** Creating (reference) controllers"
# add a local controller
#works with remote pox controller
#c1 = net.addController( 'c2', controller=RemoteController,
# ip=arg1, port=int(arg2)) #6633 is default
##c1 = net.addController( 'c2', controller=RemoteController,
## ip='127.0.0.1', port=6633)
###c1 = net.addController( 'c2', controller=RemoteController,
### ip='192.168.56.103', port=6653)
c1 = net.addController('c2',
controller=RemoteController,
ip=argv[0],
port=6653)
#c1 = net.addController( 'c1', controller=RemoteController,
# ip=arg1, port=6653)
print "*** Creating switches with OF10"
s1 = net.addSwitch('s2', protocols="OpenFlow10")
print "*** Creating hosts"
hosts1 = [net.addHost('b1', ip='10.0.1.1')]
# for range from 2 to 11, goes up to 10 not including 11
for i in range(2, int(argv[2]) + 1):
hostname = 'b' + str(i)
hostip = '10.0.1.' + str(i)
hosts1.append(net.addHost(hostname, ip=hostip))
print hosts1
print "*** Creating links"
for h in hosts1:
net.addLink(s1, h)
print "Added link " + s1.name + " -> " + h.name
print "*** Starting network"
net.build()
net.start()
time.sleep(1)
# configure the GRE tunnel
print "*** Configuring GRE tunnel ***"
s1.cmd('ovs-vsctl add-port s2 s2-gre1 -- set interface s2-gre1 type=gre ' +
'options:remote_ip=192.168.56.101')
s1.cmdPrint('ovs-vsctl show')
print "*** Inserting proactive rules for DITG signaling and ARP ***"
# add the proactive rules for DITG signaling on port 9000
s1.cmd(
'ovs-ofctl add-flow s2 dl_type=0x800,nw_proto=6,tcp_dst=9000,actions=normal'
)
s1.cmd(
'ovs-ofctl add-flow s2 dl_type=0x800,nw_proto=6,tcp_src=9000,actions=normal'
)
# add proactive rule for ARP and ICMP
s1.cmd(
'ovs-ofctl add-flow s2 dl_type=0x806,arp_op=1,nw_proto=1,actions=flood'
) #ARP request
s1.cmd(
'ovs-ofctl add-flow s2 dl_type=0x800,nw_proto=1,icmp_type=8,actions=normal'
) #ICMP echo request
s1.cmd(
'ovs-ofctl add-flow s2 dl_type=0x800,nw_proto=1,icmp_type=0,actions=normal'
) #ICMP echo reply
s1.cmd('ovs-ofctl add-flow s2 dl_type=0x806,arp_op=2,actions=normal'
) #ARP reply
print "*** Inserted proactive rules for DITG signaling and ARP ***"
#if 'r' is chosen, then configure overflow-policy, else add UDP allow rule for proactive case
if argv[1] == 'r':
print "r"
if udportcp == 'u':
flow_limit = int(sigma) + 6
#configure overflow-policy only in case of UDP reactive 11/5
print "*** Configuring overflow policy ***"
strEvict = "ovs-vsctl -- --id=@ft create Flow_Table flow_limit=" + str(
flow_limit
) + " overflow_policy=evict groups='\"NXM_OF_IN_PORT[]\"' -- set Bridge s2 flow_tables:0=@ft"
s1.cmd(strEvict)
elif argv[1] == 'p':
if udportcp == 'u':
print "*** Configuring UDP proactive rules ***"
#configure udp allow proactive rule
s1.cmd(
'ovs-ofctl add-flow s2 dl_type=0x800,nw_proto=17,actions=normal'
)
else:
print "*** Configuring TCP proactive rules ***"
#configure tcp allow proactive rule
s1.cmd(
'ovs-ofctl add-flow s2 dl_type=0x800,nw_proto=6,actions=normal'
)
print "*** Testing network with pingAll"
net.pingAll()
#wait a bit before starting xterms
print "*** Starting xterms...***"
#time.sleep(5)
for b in hosts1:
#the followings works but generates log file in the mininet custom folder insted of DITG bin
#which makes ITGDec an extra step of having to move all the files
#term = makeTerm(b, cmd="bash -c '~/D-ITG-2.8.1-r1023-src/D-ITG-2.8.1-r1023/bin/ITGRecv'")
#assuming that you are in the DITG directory
term = makeTerm(b, cmd="bash -c './ITGRecv;'")
net.terms.append(term)
# open switch in a terminal and dump flows
net.terms += makeTerms(net.switches, 'switch')
#net.terms += makeTerms (net.hosts, 'host')
#makeTerm(s1, cmd="bash -c 'ovs-ofctl dump-flows s2;'")
#start the terminal for each controller, switch, host
#net.startTerms()
#start terminal for each host
#net.terms += makeTerms( net.hosts, "host" )
###net.terms += makeTerm ( net.hosts[1], cmd="bash -c 'ifconfig;'" )
#start the ITGRecv on 10 hosts
#for h in hosts1:
#net.terms.append( term )
#if test1 is specified or no test is specified, run SimpleHTTPServer on h4
##h1 = net.hosts[0]
##h2 = net.hosts[1]
#h3 = net.hosts[2]
#h4 = net.hosts[3]
##print "*** Starting SimpleHTTPServer on host " + h2.name
##print h2.cmd('python -m SimpleHTTPServer 80 &')
time.sleep(1)
print "*** Running CLI"
CLI(net)
print "*** Stopping network"
net.stop()
def run_exercise():
#Create and start a new network with our custom topology
topo = DDoSTopo()
net = Mininet(topo=topo)
net.start()
#Configure switch so that packets reach the right port (to prevent l2 learning from affecting the exercise)
net["s1"].dpctl("del-flows")
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=1,nw_dst=10.0.0.1,actions=output:1,mod_vlan_vid:11,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=1,nw_dst=10.0.0.2,actions=output:2,mod_vlan_vid:11,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=1,nw_dst=10.0.0.3,actions=output:3,mod_vlan_vid:11,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=2,nw_dst=10.0.0.1,actions=output:1,mod_vlan_vid:12,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=2,nw_dst=10.0.0.2,actions=output:2,mod_vlan_vid:12,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=2,nw_dst=10.0.0.3,actions=output:3,mod_vlan_vid:12,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=3,nw_dst=10.0.0.1,actions=output:1,mod_vlan_vid:13,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=3,nw_dst=10.0.0.2,actions=output:2,mod_vlan_vid:13,output:4"
)
net["s1"].dpctl(
"add-flow",
"dl_type=0x0800,in_port=3,nw_dst=10.0.0.3,actions=output:3,mod_vlan_vid:13,output:4"
)
#Verify connectivity
net.pingAll()
processes = []
#Start BIND DNS-server
processes.append(net["B"].popen(
'named', '-g', '-c',
'/home/vagrant/assignments/DNS/config/named.conf'))
#Open terminals
processes.append(makeTerms([net["A"]], title="Attacker terminal")[0])
processes.append(makeTerms([net["D"]], title="Capture terminal")[0])
raw_input("Press Enter to exit....")
for process in processes:
process.kill()
Cleanup.cleanup()
