class NatMonitor():
def __init__(self, tenant_id, graph_id, vnf_id):
self.natController = NatController()
self.interfaceController = InterfaceController()
self.natTableController = NatTableController()
self.tenant_id = tenant_id
self.graph_id = graph_id
self.vnf_id = vnf_id
self.configuration_interface = None
self.interfacesMonitor = None
self.natTableMonitor = None
def set_initial_configuration(self, initial_configuration):
curr_interfaces = self.interfaceController.get_interfaces()
self.interfacesMonitor = InterfacesMonitor(self, curr_interfaces)
curr_natTable = self.natController.get_nat_table()
self.natTableMonitor = NatTableMonitor(self, curr_natTable)
logging.debug("Setting initial configuration...")
self.natController.set_configuration(initial_configuration)
logging.debug("Setting initial configuration...done!")
def get_address_of_configuration_interface(self, configuration_interface):
self.configuration_interface = configuration_interface
return self.natController.get_interface_ipv4Configuration_address(
configuration_interface)
def start(self):
threads = []
threads.append(
Thread(target=self.interfacesMonitor.start_monitoring, args=()))
threads.append(
Thread(target=self.natTableMonitor.start_monitoring, args=()))
# Start all threads
for t in threads:
t.start()
# Wait for all of them to finish
for t in threads:
t.join()
def publish_on_bus(self, url, method, data):
msg = self.tenant_id + "." + self.graph_id + "." + self.vnf_id + "/" + url
body = {}
if method is not None:
body['event'] = method.upper()
else:
body['event'] = "PERIODIC"
body['timestamp'] = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
body['data'] = data
MessageBusController().publish_on_bus(
msg, json.dumps(body, indent=4, sort_keys=True))
class IdsController():
def __init__(self):
self.interfaceController = InterfaceController()
self.interfaceParser = InterfaceParser()
self.bridgeController = BridgeController()
self.idsCoreController = IdsCoreController()
self.idsCoreParser = IdsCoreParser()
self.idsParser = IdsParser()
self.transparent_intefaces = []
def set_configuration(self, json_configuration):
json_interfaces = self.idsParser.parse_interfaces(json_configuration)
for json_iface in json_interfaces:
self.configure_interface(json_iface)
assert len(self.transparent_intefaces
) == 2, "Error: transparent interfaces have to be 2"
logging.debug(
"Found " + str(len(self.transparent_intefaces)) +
" transparent interfaces, now create a bridge between them")
bridge = Bridge("br0", self.transparent_intefaces[0].name,
self.transparent_intefaces[1].name)
logging.debug("Bridge to create: " + bridge.__str__())
self.create_bridge(bridge)
# Configure IDS
if 'config-ids:ids' in json_configuration:
logging.debug("Found and Ids Configuration, try to set it...")
ids_configuration = self.idsParser.parse_ids_configuration(
json_configuration)
self.set_ids_configuration(ids_configuration)
logging.debug("Found and Ids Configuration, try to set it...done!")
logging.debug("Starting snort as a daemon...")
self.idsCoreController.start_ids()
logging.debug("Starting snort as a daemon...done!")
def get_full_status(self):
pass
# Interfaces
def get_interfaces_status(self):
conf_interfaces = {}
conf_interfaces["ifEntry"] = self.get_interfaces()
return conf_interfaces
# Interfaces/ifEntry
def get_interfaces(self):
interfaces = self.interfaceController.get_interfaces()
interfaces_dict = []
for interface in interfaces:
interfaces_dict.append(
self.interfaceParser.get_interface_dict(interface))
return interfaces_dict
def get_interface(self, name):
interface = self.interfaceController.get_interface_by_name(name)
if interface is None:
raise ValueError("could not find interface: " + name)
interface_dict = self.interfaceParser.get_interface_dict(interface)
return interface_dict
def configure_interface(self, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type == "transparent":
self.transparent_intefaces.append(interface)
logging.debug("Found a transparent interface: " +
interface.__str__())
return
else:
iface_found = self.interfaceController.get_interface_by_name(
interface.name)
if iface_found is not None:
if iface_found.__eq__(interface):
return
self.interfaceController.configure_interface(interface)
logging.debug("Configured interface: " + interface.__str__())
def update_interface(self, name, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
if self.interfaceController.interface_exists(name):
self.interfaceController.configure_interface(interface)
logging.debug("Updated interface: " + interface.__str__())
else:
raise ValueError("could not find interface: " + name)
def reset_interface(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
self.interfaceController.reset_interface(name)
def update_interface_ipv4Configuration(self, ifname,
json_ipv4Configuration):
ipv4Configuration = self.interfaceParser.parse_ipv4_configuration(
json_ipv4Configuration)
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration(
ifname, ipv4Configuration)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_address(self, ifname, address):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_address(
ifname, address)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_netmask(self, ifname, netmask):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_netmask(
ifname, netmask)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_default_gw(self, ifname,
default_gw):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_default_gw(
ifname, default_gw)
else:
raise ValueError("could not find interface: " + ifname)
def get_interface_ipv4Configuration(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
ipv4_configuration_dict = self.interfaceParser.get_interface_ipv4Configuration(
interface.ipv4_configuration)
return ipv4_configuration_dict
def get_interface_ipv4Configuration_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.address
def get_interface_ipv4Configuration_netmask(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.netmask
def get_interface_ipv4Configuration_default_gw(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.default_gw
def get_interface_ipv4Configuration_mac_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.mac_address
# Bridge
def create_bridge(self, bridge):
br_found = self.interfaceController.get_interface_by_name(bridge.name)
if br_found is None:
self.bridgeController.create_bridge(bridge)
logging.debug("Bridge created")
else:
logging.debug("Bridge already existent")
# Ids
def set_ids_configuration(self, json_ids_configuration):
idsConfiguration = self.idsCoreParser.parse_ids_configuration(
json_ids_configuration)
self.idsCoreController.set_configuration(idsConfiguration)
def add_attackToMonitor(self, attack):
try:
self.idsCoreController.add_attackToMonitor(attack)
except ValueError as ve:
raise ve
class NatController():
def __init__(self):
self.natParser = NatParser()
self.interfaceController = InterfaceController()
self.interfaceParser = InterfaceParser()
self.natCoreController = NatCoreController()
self.natCoreParser = NatCoreParser()
self.natTableController = NatTableController()
self.natTableParser = NatTableParser()
self.arpTableController = ArpTableController()
self.arpTableParser = ArpTableParser()
self.floatingIpController = FloatingIpController()
self.floatingIpParser = FloatingIpParser()
def set_configuration(self, json_configuration):
json_interfaces = self.natParser.parse_interfaces(json_configuration)
for json_iface in json_interfaces:
self.configure_interface(json_iface)
conf_nat = self.natParser.parse_nat_configuration(json_configuration)
public_interface_id = self.natCoreParser.parse_public_interface(conf_nat)
self.set_ip_forward(public_interface_id)
private_interface_id = self.natCoreParser.parse_private_interface(conf_nat)
if 'nat-table' in conf_nat:
json_nat_table = self.natTableParser.parse_nat_table(conf_nat)
json_nat_sessions = self.natTableParser.parse_nat_sessions(json_nat_table)
for json_nat_session in json_nat_sessions:
self.add_nat_session(json_nat_session)
if 'arp-table' in conf_nat:
json_arp_table = self.arpTableParser.parse_arp_table(conf_nat)
json_arp_entries = self.arpTableParser.parse_arp_entries(json_arp_table)
for json_arp_entry in json_arp_entries:
self.add_arp_entry(json_arp_entry)
if 'floatingIP' in conf_nat:
json_floating_ip_list = self.floatingIpParser.parse_floating_ip_list(conf_nat)
for curr_json_floating_ip in json_floating_ip_list:
self.add_floating_ip(curr_json_floating_ip)
pass
def get_full_status(self):
status = {}
status["config-nat:interfaces"] = self.get_interfaces_status()
status["config-nat:nat"] = self.get_nat_status()
return status
# Interfaces
def get_interfaces_status(self):
conf_interfaces = {}
conf_interfaces["ifEntry"] = self.get_interfaces()
return conf_interfaces
# Interfaces/ifEntry
def get_interfaces(self):
interfaces = self.interfaceController.get_interfaces()
interfaces_dict = []
for interface in interfaces:
interfaces_dict.append(self.interfaceParser.get_interface_dict(interface))
return interfaces_dict
def get_interface(self, name):
interface = self.interfaceController.get_interface_by_name(name)
if interface is None:
raise ValueError("could not find interface: " + name)
interface_dict = self.interfaceParser.get_interface_dict(interface)
interface_dict = self.interfaceParser.get_interface_dict(interface)
return interface_dict
def configure_interface(self, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
iface_found = self.interfaceController.get_interface_by_name(interface.name)
if iface_found is not None:
if iface_found.__eq__(interface):
return
self.interfaceController.configure_interface(interface)
logging.debug("Configured interface: " + interface.__str__())
def update_interface(self, name, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
if self.interfaceController.interface_exists(name):
self.interfaceController.configure_interface(interface)
logging.debug("Updated interface: " + interface.__str__())
else:
raise ValueError("could not find interface: " + name)
def reset_interface(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
self.interfaceController.reset_interface(name)
def update_interface_ipv4Configuration(self, ifname, json_ipv4Configuration):
ipv4Configuration = self.interfaceParser.parse_ipv4_configuration(json_ipv4Configuration)
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration(ifname, ipv4Configuration)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_address(self, ifname, address):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_address(ifname, address)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_netmask(self, ifname, netmask):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_netmask(ifname, netmask)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_default_gw(self, ifname, default_gw):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_default_gw(ifname, default_gw)
else:
raise ValueError("could not find interface: " + ifname)
def get_interface_ipv4Configuration(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
ipv4_configuration_dict = self.interfaceParser.get_interface_ipv4Configuration(interface.ipv4_configuration)
return ipv4_configuration_dict
def get_interface_ipv4Configuration_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.address
def get_interface_ipv4Configuration_netmask(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.netmask
def get_interface_ipv4Configuration_default_gw(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.default_gw
def get_interface_ipv4Configuration_mac_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.mac_address
# Nat
def get_nat_status(self):
nat = {}
nat['private-interface'] = self.get_private_interface_id()
nat['public-interface'] = self.get_public_interface_id()
nat['nat-table'] = self.get_nat_table()
nat['arp-table'] = self.get_arp_table()
nat['floatingIP'] = self.get_all_floating_ip()
return nat
# Nat/Wan-interface
def set_ip_forward(self, public_interface_id):
current_public_iface_name = self.natCoreController.get_public_interface_name()
if current_public_iface_name is None:
public_iface = self.interfaceController.get_interface_by_id(public_interface_id)
self.natCoreController.set_ip_forward(public_iface.name)
logging.debug("Nat set on wan interface: " + public_iface.name)
def unset_ip_forward(self, public_interface_id):
current_public_iface_name = self.natCoreController.get_public_interface_name()
if current_public_iface_name is not None:
public_iface = self.interfaceController.get_interface_by_id(public_interface_id)
self.natCoreController.unset_ip_forward(public_iface.name)
logging.debug("Nat unset")
def get_public_interface_id(self):
public_iface_name = self.natCoreController.get_public_interface_name()
public_iface = self.interfaceController.get_interface_by_name(public_iface_name)
return public_iface.id
def get_private_interface_id(self):
public_iface_name = self.natCoreController.get_public_interface_name()
interfaces = self.interfaceController.get_interfaces()
for interface in interfaces:
if interface.management == False:
if interface.name != public_iface_name:
return interface.id
# Nat/nat-table
def get_nat_table(self):
nat_table = {}
nat_table['nat-session'] = self.get_nat_session()
return nat_table
def get_nat_session(self):
nat_table = self.natTableController.get_nat_table()
nat_table_dict = []
for nat_session in nat_table:
nat_table_dict.append(self.natTableParser.get_nat_session_dict(nat_session))
return nat_table_dict
def add_nat_session(self, json_nat_session):
# not supported
nat_session = self.natTableParser.parse_nat_session(json_nat_session)
self.natTableController.add_nat_session(nat_session)
#logging.debug("Added nat_session: " + nat_session.__str__())
# Nat/arp-table
def get_arp_table(self):
arp_table = {}
arp_table['arp-entry'] = self.get_arp_entry()
return arp_table
def get_arp_entry(self):
arp_table = self.arpTableController.get_arp_table()
arp_table_dict = []
for arp_entry in arp_table:
arp_table_dict.append(self.arpTableParser.get_arp_entry_dict(arp_entry))
return arp_table_dict
def add_arp_entry(self, json_arp_entry):
arp_entry = self.arpTableParser.parse_arp_entry(json_arp_entry)
self.arpTableController.add_arp_entry(arp_entry.ip_address, arp_entry.mac_address)
logging.debug("Added arp_entry: " + arp_entry.__str__())
def delete_arp_entry(self, ip_address):
if self.arpTableController.arp_entry_exists(ip_address):
self.arpTableController.delete_arp_entry(ip_address)
logging.debug("Removed arp_entry with ip_address: " + ip_address)
else:
raise ValueError("There is no entry in arp table with ip_address: " + ip_address)
def get_arp_table_mac_address(self, ip_address):
return self.arpTableController.get_mac_address(ip_address)
def update_arp_table_mac_address(self, ip_address, mac_address):
if self.arpTableController.arp_entry_exists(ip_address):
self.arpTableController.add_arp_entry(ip_address, mac_address)
logging.debug("Updated arp_entry, ip_address: " + ip_address + " mac_address: " + mac_address)
else:
raise ValueError("There is no entry in arp table with ip_address: " + ip_address)
# Nat/StaticBindings
def add_floating_ip(self, json_floating_ip):
floating_ip = self.floatingIpParser.parse_floating_ip(json_floating_ip)
floating_ip_list = self.floatingIpController.get_all_floating_ip()
for curr_floating_ip in floating_ip_list:
if curr_floating_ip.__eq__(floating_ip):
return
wan_interface = self.natCoreController.get_public_interface_name()
self.floatingIpController.configure_floating_ip(floating_ip, wan_interface)
logging.debug("floating_ip set: private address " + floating_ip.private_address + " => public address" + floating_ip.public_address)
def update_floating_ip(self, public_address, json_floating_ip):
pass
def update_floating_ip_private_address(self, public_address, private_address):
pass
def update_floating_ip_public_address(self, public_address, private_address):
pass
def delete_floating_ip(self, public_address):
if self.floatingIpController.floating_ip_exists(public_address):
self.floatingIpController.delete_floating_ip(public_address)
else:
raise ValueError("could not find a floating_ip with public address " + public_address)
def get_all_floating_ip(self):
floating_ip_list = self.floatingIpController.get_all_floating_ip()
floating_ip_dict = []
for floating_ip in floating_ip_list:
floating_ip_dict.append(self.floatingIpParser.get_floating_ip_dict(floating_ip))
return floating_ip_dict
def get_floating_ip(self, public_address):
floating_ip = self.floatingIpController.get_floating_ip(public_address)
if floating_ip is None:
raise ValueError("could not find a floating_ip with public address " + public_address)
floating_ip_dict = self.floatingIpParser.get_floating_ip_dict(floating_ip)
return floating_ip_dict
def get_floating_ip_private_address(self, public_address):
floating_ip_list = self.floatingIpController.get_all_floating_ip()
for floating_ip in floating_ip_list:
if floating_ip.public_address == public_address:
return floating_ip.private_address
raise ValueError("could not find a floating_ip with public address " + public_address)
def get_floating_ip_public_address(self, public_address):
floating_ip_list = self.floatingIpController.get_all_floating_ip()
for floating_ip in floating_ip_list:
if floating_ip.public_address == public_address:
return floating_ip.public_address
raise ValueError("could not find a floating_ip with public address " + public_address)
class DhcpController():
def __init__(self):
self.interfaceController = InterfaceController()
self.interfaceParser = InterfaceParser()
self.dhcpServerController = DhcpServerController()
self.dhcpServerParser = DhcpServerParser()
self.dhcpClientController = DhcpClientController()
self.dhcpClientParser = DhcpClientParser()
self.dhcpParser = DhcpParser()
def set_configuration(self, json_configuration):
json_interfaces = self.dhcpParser.parse_interfaces(json_configuration)
for json_iface in json_interfaces:
self.configure_interface(json_iface)
conf_dhcp_server = self.dhcpParser.parse_dhcp_server(
json_configuration)
self.configure_dhcp_server(conf_dhcp_server)
def get_full_status(self):
status = {}
status["config-firewall:interfaces"] = self.get_interfaces_status()
status["config-dhcp-server:server"] = self.get_dhcp_server_status()
status["config-dhcp-server:clients"] = self.get_clients()
return status
# Interfaces
def get_interfaces_status(self):
conf_interfaces = {}
conf_interfaces["ifEntry"] = self.get_interfaces()
return conf_interfaces
# Interfaces/ifEntry
def get_interfaces(self):
interfaces = self.interfaceController.get_interfaces()
interfaces_dict = []
for interface in interfaces:
interfaces_dict.append(
self.interfaceParser.get_interface_dict(interface))
return interfaces_dict
def get_interface(self, name):
interface = self.interfaceController.get_interface_by_name(name)
if interface is None:
raise ValueError("could not find interface: " + name)
interface_dict = self.interfaceParser.get_interface_dict(interface)
return interface_dict
def configure_interface(self, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
iface_found = self.interfaceController.get_interface_by_name(
interface.name)
if iface_found is not None:
if iface_found.__eq__(interface):
return
self.interfaceController.configure_interface(interface)
logging.debug("Configured interface: " + interface.__str__())
def update_interface(self, name, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
if self.interfaceController.interface_exists(name):
self.interfaceController.configure_interface(interface)
logging.debug("Updated interface: " + interface.__str__())
else:
raise ValueError("could not find interface: " + name)
def reset_interface(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
self.interfaceController.reset_interface(name)
def get_interface_ipv4Configuration(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
ipv4_configuration_dict = self.interfaceParser.get_interface_ipv4Configuration(
interface.ipv4_configuration)
return ipv4_configuration_dict
def get_interface_ipv4Configuration_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.address
def get_interface_ipv4Configuration_netmask(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.netmask
def get_interface_ipv4Configuration_default_gw(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.default_gw
def get_interface_ipv4Configuration_mac_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.mac_address
def update_interface_ipv4Configuration(self, ifname,
json_ipv4Configuration):
ipv4Configuration = self.interfaceParser.parse_ipv4_configuration(
json_ipv4Configuration)
print(ipv4Configuration)
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration(
ifname, ipv4Configuration)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_address(self, ifname, address):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_address(
ifname, address)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_netmask(self, ifname, netmask):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_netmask(
ifname, netmask)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_default_gw(self, ifname,
default_gw):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_default_gw(
ifname, default_gw)
else:
raise ValueError("could not find interface: " + ifname)
# Dhcp
def get_dhcp_status(self):
conf_dhcp = {}
conf_dhcp['server'] = self.get_dhcp_server_configuration()
conf_dhcp['clients'] = self.get_clients()
return conf_dhcp
# Dhcp Server
def get_dhcp_server_status(self):
return self.get_dhcp_server_configuration()
# Dhcp Server/Configuration
def configure_dhcp_server(self, json_dhcp_server_params):
dhcp_server_configuration = self.dhcpServerParser.parse_dhcp_server_configuration(
json_dhcp_server_params)
logging.debug(dhcp_server_configuration.__str__())
logging.debug("Configure dhcp server parameters...")
if self.dhcpServerController.configuration_exists():
current_dhcp_server_configuration = self.dhcpServerController.get_dhcp_server_configuration(
)
if dhcp_server_configuration.__eq__(
current_dhcp_server_configuration):
logging.debug(
"Configure dhcp server parameters...done! (configuration is equal to the previous one)"
)
return
self.dhcpServerController.configure_dhcp_server(
dhcp_server_configuration)
logging.debug("Configure dhcp server parameters...done!")
def add_section(self, json_section):
section = self.dhcpServerParser.parse_section(json_section)
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.add_section(section)
else:
raise ValueError("could not find a dhcp server configuration")
def update_default_lease_time(self, default_lease_time):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_default_lease_time(
default_lease_time)
else:
raise ValueError("could not find a dhcp server configuration")
def update_max_lease_time(self, max_lease_time):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_max_lease_time(max_lease_time)
else:
raise ValueError("could not find a dhcp server configuration")
def update_subnet(self, subnet):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_subnet(subnet)
else:
raise ValueError("could not find a dhcp server configuration")
def update_subnet_mask(self, subnet_mask):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_subnet_mask(subnet_mask)
else:
raise ValueError("could not find a dhcp server configuration")
def update_router(self, router):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_router(router)
else:
raise ValueError("could not find a dhcp server configuration")
def update_dns_primary_server(self, dns_primary_server):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_dns_primary_server(
dns_primary_server)
else:
raise ValueError("could not find a dhcp server configuration")
def update_dns_secondary_server(self, dns_secondary_server):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_dns_secondary_server(
dns_secondary_server)
else:
raise ValueError("could not find a dhcp server configuration")
def update_dns_domain_name(self, dns_domain_name):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_domain_name(dns_domain_name)
else:
raise ValueError("could not find a dhcp server configuration")
def update_section(self, section_start_ip, json_section):
section = self.dhcpServerParser.parse_section(json_section)
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.update_section(section_start_ip, section)
else:
raise ValueError("could not find a dhcp server configuration")
def update_section_start_ip(self, section_start_ip, start_ip):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.add_section_start_ip(
section_start_ip, start_ip)
else:
raise ValueError("could not find a dhcp server configuration")
def update_section_end_ip(self, section_start_ip, end_ip):
if self.dhcpServerController.configuration_exists():
self.dhcpServerController.add_section_end_ip(
section_start_ip, end_ip)
else:
raise ValueError("could not find a dhcp server configuration")
def get_dhcp_server_configuration(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
dhcp_server_configuration = self.dhcpServerController.get_dhcp_server_configuration(
)
return self.dhcpServerParser.get_dhcp_server_configuration_dict(
dhcp_server_configuration)
def get_dhcp_server_configuration_default_lease_time(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
default_lease_time = self.dhcpServerController.get_dhcp_server_configuration_default_lease_time(
)
return default_lease_time
def get_dhcp_server_configuration_max_lease_time(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
max_lease_time = self.dhcpServerController.get_dhcp_server_configuration_max_lease_time(
)
return max_lease_time
def get_dhcp_server_configuration_subnet(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
subnet = self.dhcpServerController.get_dhcp_server_configuration_subnet(
)
return subnet
def get_dhcp_server_configuration_subnet_mask(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
subnet_mask = self.dhcpServerController.get_dhcp_server_configuration_subnet_mask(
)
return subnet_mask
def get_dhcp_server_configuration_router(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
router = self.dhcpServerController.get_dhcp_server_configuration_router(
)
return router
def get_dhcp_server_configuration_dns_primary_server(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
dns_primary_server = self.dhcpServerController.get_dhcp_server_configuration_dns_primary_server(
)
return dns_primary_server
def get_dhcp_server_configuration_dns_secondary_server(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
dns_secondary_server = self.dhcpServerController.get_dhcp_server_configuration_dns_secondary_server(
)
return dns_secondary_server
def get_dhcp_server_configuration_dns_domain_name(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
dns_domain_name = self.dhcpServerController.get_dhcp_server_configuration_dns_domain_name(
)
return dns_domain_name
def get_dhcp_server_configuration_sections(self):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
sections = self.dhcpServerController.get_dhcp_server_configuration_sections(
)
sections_dict = []
for section in sections:
section_dict = self.dhcpServerParser.get_dhcp_server_configuration_section_dict(
section)
sections_dict.append(section_dict)
return sections_dict
def get_dhcp_server_configuration_section(self, section_start_ip):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
section = self.dhcpServerController.get_dhcp_server_configuration_section(
section_start_ip)
if section is not None:
return self.dhcpServerParser.parse_section(section)
else:
raise ValueError("could not find section with start_ip: " +
section_start_ip)
def get_dhcp_server_configuration_section_start_ip(self, section_start_ip):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
start_ip = self.dhcpServerController.get_dhcp_server_configuration_section_start_ip(
section_start_ip)
if start_ip is not None:
return start_ip
else:
raise ValueError("could not find section with start_ip: " +
section_start_ip)
def get_dhcp_server_configuration_section_end_ip(self, section_start_ip):
if not self.dhcpServerController.configuration_exists():
raise ValueError("could not find a dhcp server configuration")
end_ip = self.dhcpServerController.get_dhcp_server_configuration_section_end_ip(
section_start_ip)
if end_ip is not None:
return end_ip
else:
raise ValueError("could not find section with start_ip: " +
section_start_ip)
# Dhcp Client
def get_clients(self):
clients = self.dhcpClientController.get_clients()
clients_dict = []
for client in clients:
clients_dict.append(self.dhcpClientParser.get_client_dict(client))
return clients_dict
def get_client(self, mac_address):
if not self.dhcpClientController.client_exists(mac_address):
raise ValueError("could not find client: " + mac_address)
client = self.dhcpClientController.get_client(mac_address)
client_dict = self.dhcpClientParser.get_client_dict(client)
return client_dict
def get_client_ip_address(self, mac_address):
if not self.dhcpClientController.client_exists(mac_address):
raise ValueError("could not find client: " + mac_address)
client_ip_address = self.dhcpClientController.get_client_ip_address(
mac_address)
return client_ip_address
def get_client_hostname(self, mac_address):
if not self.dhcpClientController.client_exists(mac_address):
raise ValueError("could not find client: " + mac_address)
client_hostname = self.dhcpClientController.get_client_hostname(
mac_address)
return client_hostname
def get_client_valid_until(self, mac_address):
if not self.dhcpClientController.client_exists(mac_address):
raise ValueError("could not find client: " + mac_address)
client_valid_until = self.dhcpClientController.get_client_valid_until(
mac_address)
return client_valid_until
class IperfController():
def __init__(self):
self.iperfParser = IperfParser()
self.interfaceController = InterfaceController()
self.interfaceParser = InterfaceParser()
self.iperfCoreController = IperfCoreController()
self.iperfCoreParser = IperfCoreParser()
def set_configuration(self, json_configuration):
json_interfaces = self.iperfParser.parse_interfaces(json_configuration)
for json_iface in json_interfaces:
self.configure_interface(json_iface)
json_conf_iperf = self.iperfParser.parse_iperf_configuration(json_configuration)
if 'server' in json_conf_iperf:
json_server_params = self.iperfCoreParser.parse_server(json_conf_iperf)
self.start_iperf_server(json_server_params)
if 'client' in json_conf_iperf:
json_client_params = self.iperfCoreParser.parse_client(json_conf_iperf)
self.start_iperf_client(json_client_params)
# Interfaces
def get_interfaces_status(self):
conf_interfaces = {}
conf_interfaces["ifEntry"] = self.get_interfaces()
return conf_interfaces
# Interfaces/ifEntry
def get_interfaces(self):
interfaces = self.interfaceController.get_interfaces()
interfaces_dict = []
for interface in interfaces:
interfaces_dict.append(self.interfaceParser.get_interface_dict(interface))
return interfaces_dict
def get_interface(self, name):
interface = self.interfaceController.get_interface_by_name(name)
if interface is None:
raise ValueError("could not find interface: " + name)
interface_dict = self.interfaceParser.get_interface_dict(interface)
return interface_dict
def configure_interface(self, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
iface_found = self.interfaceController.get_interface_by_name(interface.name)
if iface_found is not None:
if iface_found.__eq__(interface):
return
self.interfaceController.configure_interface(interface)
logging.debug("Configured interface: " + interface.__str__())
def update_interface(self, name, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
if self.interfaceController.interface_exists(name):
self.interfaceController.configure_interface(interface)
logging.debug("Updated interface: " + interface.__str__())
else:
raise ValueError("could not find interface: " + name)
def reset_interface(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
self.interfaceController.reset_interface(name)
def get_interface_ipv4Configuration(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
ipv4_configuration_dict = self.interfaceParser.get_interface_ipv4Configuration(interface.ipv4_configuration)
return ipv4_configuration_dict
def get_interface_ipv4Configuration_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.address
def get_interface_ipv4Configuration_netmask(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.netmask
def get_interface_ipv4Configuration_default_gw(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.default_gw
def get_interface_ipv4Configuration_mac_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.mac_address
def update_interface_ipv4Configuration(self, ifname, json_ipv4Configuration):
ipv4Configuration = self.interfaceParser.parse_ipv4_configuration(json_ipv4Configuration)
print(ipv4Configuration)
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration(ifname, ipv4Configuration)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_address(self, ifname, address):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_address(ifname, address)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_netmask(self, ifname, netmask):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_netmask(ifname, netmask)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_default_gw(self, ifname, default_gw):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_default_gw(ifname, default_gw)
else:
raise ValueError("could not find interface: " + ifname)
# Iperf
def start_iperf_client(self, json_iperf_client):
iperf_client = self.iperfCoreParser.parse_client_configuration(json_iperf_client)
return self.iperfCoreController.start_iperf_client(iperf_client)
def start_iperf_server(self, json_iperf_server):
iperf_server = self.iperfCoreParser.parse_server_configuration(json_iperf_server)
return self.iperfCoreController.start_iperf_server(iperf_server)
class FirewallController():
def __init__(self):
self.interfaceController = InterfaceController()
self.interfaceParser = InterfaceParser()
self.bridgeController = BridgeController()
self.policyController = PolicyController()
self.policyParser = PolicyParser()
self.blacklistController = BlacklistController()
self.blacklistParser = BlacklistParser()
self.whitelistController = WhitelistController()
self.whitelistParser = WhitelistParser()
self.firewallParser = FirewallParser()
self.transparent_intefaces = []
self.wan_interface = None
def set_configuration(self, json_configuration):
json_interfaces = self.firewallParser.parse_interfaces(
json_configuration)
for json_iface in json_interfaces:
self.configure_interface(json_iface)
conf_firewall = self.firewallParser.parse_firewall_configuration(
json_configuration)
self.set_wan_interface(conf_firewall)
assert len(self.transparent_intefaces
) == 2, "Error: transparent interfaces have to be 2"
logging.debug(
"Found " + str(len(self.transparent_intefaces)) +
" transparent interfaces, now create a bridge between them")
to_lan_interface = None
to_wan_interface = None
for tr_iface in self.transparent_intefaces:
if tr_iface.name == self.wan_interface:
to_wan_interface = tr_iface
else:
to_lan_interface = tr_iface
logging.debug("to_wan_interface : " + to_wan_interface.__str__())
logging.debug("to_lan_interface : " + to_lan_interface.__str__())
bridge = Bridge("br0", to_lan_interface.name, to_wan_interface.name)
logging.debug("Bridge to create: " + bridge.__str__())
if self.create_bridge(bridge) is True:
Bash('route del default')
Bash('/usr/sbin/dhclient ' + bridge.name + ' -nw')
br_iface = self.interfaceController.get_interface_by_name(
bridge.name)
policy = Policy(
description="drop all traffic from fw_host to lan_iface",
action="drop",
protocol="ipv4",
out_interface=to_lan_interface.name,
src_address=br_iface.ipv4_configuration.address)
self.policyController.add_policy(policy,
table="FILTER",
chain="OUTPUT")
#Bash('ebtables -A OUTPUT -p IPv4 --ip-src ' + br_iface.ipv4_configuration.address + ' --out-interface ' + to_lan_interface + ' -j DROP')
json_policies = self.policyParser.parse_policies(conf_firewall)
for json_policy in json_policies[::-1]:
self.add_policy(json_policy)
json_blacklist = self.blacklistParser.parse_blacklist(conf_firewall)
for json_url in json_blacklist:
url = self.blacklistParser.parse_url(json_url)
self.add_blacklist_url(url)
json_whitelist = self.whitelistParser.parse_whitelist(conf_firewall)
for json_url in json_whitelist:
url = self.whitelistParser.parse_url(json_url)
self.add_whitelist_url(url)
def get_full_status(self):
status = {}
status["config-firewall:interfaces"] = self.get_interfaces_status()
status["config-firewall:firewall"] = self.get_firewall_status()
return status
# Interfaces
def get_interfaces_status(self):
conf_interfaces = {}
conf_interfaces["ifEntry"] = self.get_interfaces()
conf_interfaces["wan-interface"] = self.get_wan_interface()
return conf_interfaces
# Interfaces/ifEntry
def get_interfaces(self):
interfaces = self.interfaceController.get_interfaces()
interfaces_dict = []
for interface in interfaces:
interfaces_dict.append(
self.interfaceParser.get_interface_dict(interface))
return interfaces_dict
def get_interface(self, name):
interface = self.interfaceController.get_interface_by_name(name)
if interface is None:
raise ValueError("could not find interface: " + name)
interface_dict = self.interfaceParser.get_interface_dict(interface)
return interface_dict
def configure_interface(self, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type == "transparent":
self.transparent_intefaces.append(interface)
logging.debug("Found a transparent interface: " +
interface.__str__())
return
else:
iface_found = self.interfaceController.get_interface_by_name(
interface.name)
if iface_found is not None:
if iface_found.__eq__(interface):
return
self.interfaceController.configure_interface(interface)
logging.debug("Configured interface: " + interface.__str__())
def update_interface(self, name, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
if self.interfaceController.interface_exists(name):
self.interfaceController.configure_interface(interface)
logging.debug("Updated interface: " + interface.__str__())
else:
raise ValueError("could not find interface: " + name)
def reset_interface(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
self.interfaceController.reset_interface(name)
def update_interface_ipv4Configuration(self, ifname,
json_ipv4Configuration):
ipv4Configuration = self.interfaceParser.parse_ipv4_configuration(
json_ipv4Configuration)
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration(
ifname, ipv4Configuration)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_address(self, ifname, address):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_address(
ifname, address)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_netmask(self, ifname, netmask):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_netmask(
ifname, netmask)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_default_gw(self, ifname,
default_gw):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_default_gw(
ifname, default_gw)
else:
raise ValueError("could not find interface: " + ifname)
def get_interface_ipv4Configuration(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
ipv4_configuration_dict = self.interfaceParser.get_interface_ipv4Configuration(
interface.ipv4_configuration)
return ipv4_configuration_dict
def get_interface_ipv4Configuration_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.address
def get_interface_ipv4Configuration_netmask(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.netmask
def get_interface_ipv4Configuration_default_gw(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.default_gw
def get_interface_ipv4Configuration_mac_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.mac_address
# Interfaces/Wan-interface
def get_wan_interface(self):
return self.wan_interface
def set_wan_interface(self, json_configuration):
self.wan_interface = json_configuration['wan-interface']
# Bridge
def create_bridge(self, bridge):
br_found = self.interfaceController.get_interface_by_name(bridge.name)
if br_found is None:
self.bridgeController.create_bridge(bridge)
logging.debug("Bridge created")
return True
else:
logging.debug("Bridge already existent")
return False
# Firewall
def get_firewall_status(self):
firewall = {}
firewall['policies'] = self.get_policies()
firewall['blacklist'] = self.get_blacklist()
firewall['whitelist'] = self.get_whitelist()
return firewall
# Firewall/Policies
def add_policy(self, json_policy):
policy = self.policyParser.parse_policy(json_policy)
policies = self.policyController.get_policies()
for pol in policies:
if pol.__eq__(policy):
logging.debug("The policy already exists, return")
return
id = self.policyController.add_policy(policy)
logging.debug("Configured policy: " + policy.__str__())
return id
def update_policy(self, id, json_policy):
pass
def update_policy_description(self, id, description):
pass
def update_policy_action(self, id, action):
pass
def update_policy_protocol(self, id, protocol):
pass
def update_policy_in_interface(self, id, in_interface):
pass
def update_policy_out_interface(self, id, out_interface):
pass
def update_policy_src_address(self, id, src_address):
pass
def update_policy_dst_address(self, id, dst_address):
pass
def update_policy_src_port(self, id, src_port):
pass
def update_policy_dst_port(self, id, dst_port):
pass
def get_policies(self):
policies = self.policyController.get_policies()
policies_dict = []
for policy in policies:
policies_dict.append(self.policyParser.get_policy_dict(policy))
return policies_dict
def get_policy(self, id):
policy = self.policyController.get_policy(id)
if policy is None:
raise ValueError("could not find policy: " + id)
policy_dict = self.policyParser.get_policy_dict(policy)
return policy_dict
def get_policy_description(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.description
def get_policy_action(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.action
def get_policy_protocol(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.protocol
def get_policy_in_interface(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.in_interface
def get_policy_out_interface(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.out_interface
def get_policy_src_address(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.src_address
def get_policy_dst_address(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.dst_address
def get_policy_src_port(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.src_port
def get_policy_dst_port(self, id):
if not self.policyController.policy_exists(id):
raise ValueError("could not find policy: " + id)
policy = self.policyController.get_policy(id)
return policy.dst_port
def delete_policies(self):
self.policyController.delete_policies()
def delete_policy(self, id):
if self.policyController.policy_exists(id):
self.policyController.delete_policy(id)
else:
raise ValueError("could not find policy: " + id)
def clear_policy_repo(self):
self.policyController.clear_policy_repo()
# Firewall/Blacklist
def add_blacklist_url(self, url):
blacklist = self.blacklistController.get_blacklist()
for curr_url in blacklist:
if curr_url.__eq__(url):
return
self.blacklistController.configure_url(url)
logging.debug("Configured blacklist url: " + url)
def get_blacklist(self):
blacklist = self.blacklistController.get_blacklist()
blacklist_dict = []
for url in blacklist:
blacklist_dict.append(self.blacklistParser.get_url_dict(url))
return blacklist_dict
def delete_blacklist(self):
pass
def delete_blacklist_url(self, url):
if self.blacklistController.url_exists(url):
self.blacklistController.delete_url(url)
else:
raise ValueError("could not find url " + url + " in blacklist")
# Firewall/Whitelist
def add_whitelist_url(self, url):
whitelist = self.whitelistController.get_whitelist()
for curr_url in whitelist:
if curr_url.__eq__(url):
return
self.whitelistController.configure_url(url)
logging.debug("Configured whitelist url: " + url)
def get_whitelist(self):
whitelist = self.whitelistController.get_whitelist()
whitelist_dict = []
for url in whitelist:
whitelist_dict.append(self.whitelistParser.get_url_dict(url))
return whitelist_dict
def delete_whitelist(self):
pass
def delete_whitelist_url(self, url):
if self.whitelistController.url_exists(url):
self.whitelistController.delete_url(url)
else:
raise ValueError("could not find url " + url + " in whitelist")
class InterfacesMonitor():
def __init__(self, dd_controller, curr_interfaces):
self.EVENT_ADD = Constants.EVENT_ADD
self.EVENT_UPDATE = Constants.EVENT_UPDATE
self.EVENT_DELETE = Constants.EVENT_DELETE
######################### YANG CONSTANTS #########################
self.SILENT = Constants.ADVERTISE_SILENT
self.ON_CHANGE = Constants.ADVERTISE_ON_CHANGE
self.PERIODIC = Constants.ADVERTISE_PERIODIC
self.url_iface = "interfaces/ifEntry"
self.elements = {}
self.elements['interface'] = Element(advertise=self.ON_CHANGE)
##################################################################
self.periods = []
for key, element in self.elements.items():
if element.advertise == self.PERIODIC:
element.period = element.period/1000
if element.period not in self.periods:
self.periods.append(element.period)
self.on_change_interval = float(ConfigurationInstance().get_on_change_interval())
logging.debug("on_change_interval: " + str(self.on_change_interval))
self.interfaces_old = curr_interfaces
print("interfaces_old: " + str(len(self.interfaces_old)))
self.interfaces_new = []
self.interfaces_updated = []
self.interfaces_removed = []
self.ddController = dd_controller
self.interfaceController = InterfaceController()
self.interfaceParser = InterfaceParser()
def start_monitoring(self):
logging.debug("Interfaces monitoring started!")
for period in self.periods:
Thread(target=self._timer_periodic_callback, args=([period])).start()
while True:
self._get_new_interfaces()
#print("interfaces_new: " + str(len(self.interfaces_new)))
if len(self.interfaces_new) > 0:
for interface in self.interfaces_new:
id = interface.name
self._publish_interface_leafs_on_change(id, interface, self.EVENT_ADD)
self.interfaces_new = []
#print("interfaces_removed: " + str(len(self.interfaces_removed)))
if len(self.interfaces_removed) > 0:
for interface in self.interfaces_removed:
id = interface.name
self._publish_interface_leafs_on_change(id, interface, self.EVENT_DELETE)
self.interfaces_removed = []
#print("interfaces_updated: " + str(len(self.interfaces_updated)))
if len(self.interfaces_updated) > 0:
for interface_map in self.interfaces_updated:
old_interface = interface_map['old']
new_interface = interface_map['new']
interface_diff = self._find_diff(old_interface, new_interface)
logging.debug(interface_diff.__str__())
id = new_interface.name
self._publish_interface_leafs_on_change(id, interface_diff, self.EVENT_UPDATE)
self.interfaces_updated = []
time.sleep(self.on_change_interval)
def _get_new_interfaces(self):
curr_interfaces = self.interfaceController.get_interfaces()
interface_map = {}
# Check new or modified interfaces
for interface in curr_interfaces:
# get the old interface whose name is the same of the new interface
old_interface = next((x for x in self.interfaces_old if x.name == interface.name), None)
if old_interface is None:
self.interfaces_new.append(interface)
else:
if not interface.__eq__(old_interface):
interface_map['old'] = old_interface
interface_map['new'] = interface
self.interfaces_updated.append(interface_map)
# Check if an interface was removed
for old_interface in self.interfaces_old:
# get the old interface whose name is the same of the new interface
interface = next((x for x in curr_interfaces if x.name == old_interface.name), None)
if interface is None:
self.interfaces_removed.append(old_interface)
self.interfaces_old = curr_interfaces
def _find_diff(self, old_interface, new_interface):
type = None
if not old_interface.type.__eq__(new_interface.type):
type = new_interface.type
management = None
if not old_interface.management.__eq__(new_interface.management):
management = new_interface.management
old_ipv4Config = old_interface.ipv4_configuration
new_ipv4Config = new_interface.ipv4_configuration
configuration_type = None
if not old_ipv4Config.configuration_type.__eq__(new_ipv4Config.configuration_type):
configuration_type = new_ipv4Config.configuration_type
address = None
if not old_ipv4Config.address.__eq__(new_ipv4Config.address):
address = new_ipv4Config.address
netmask = None
if not old_ipv4Config.netmask.__eq__(new_ipv4Config.netmask):
netmask = new_ipv4Config.netmask
mac_address = None
if not old_ipv4Config.mac_address.__eq__(new_ipv4Config.mac_address):
mac_address = new_ipv4Config.mac_address
default_gw = None
if not old_ipv4Config.default_gw.__eq__(new_ipv4Config.default_gw):
default_gw = new_ipv4Config.default_gw
ipv4_configuration = Ipv4Configuration(configuration_type=configuration_type,
address=address,
netmask=netmask,
mac_address=mac_address,
default_gw=default_gw)
interface = Interface(id=None,
name=None,
type=type,
management=management,
ipv4_configuration=ipv4_configuration)
return interface
def _publish_interface_leafs_on_change(self, id, interface, method):
if self.elements['interface'].advertise == self.ON_CHANGE:
self._publish_interface(id, interface, method)
def _publish_interface_leafs_periodic(self, interface, period):
id = interface.name
if self.elements['interface'].advertise == self.PERIODIC and self.elements['interface'].period == period:
self._publish_interface(id, interface)
def _timer_periodic_callback(self, period):
while True:
time.sleep(period)
logging.debug("timer callback, period:" + str(period))
curr_interfaces = self.interfaceController.get_interfaces()
for interface in curr_interfaces:
self._publish_interface_leafs_periodic(interface, period)
################### Private publish functions ###################
def _publish_interface(self, id, data, method=None):
interface_dict = self.interfaceParser.get_interface_dict(data)
url = self.url_iface + "/" + id
self.ddController.publish_on_bus(url, method, interface_dict)
def configure_dhcp_server(self, dhcp_server):
'''
example of configuration
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name "mydomain.example";
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
range 192.168.1.150 192.168.1.200;
}
'''
try:
with open('/etc/dhcp/dhcpd.conf', 'w') as dhcpd_file:
dhcpd_file.write('default-lease-time ' +
dhcp_server.default_lease_time + ';\n')
dhcpd_file.write('max-lease-time ' +
dhcp_server.max_lease_time + ';\n')
dhcpd_file.write('option subnet-mask ' +
dhcp_server.subnet_mask + ';\n')
dhcpd_file.write('option routers ' + dhcp_server.router +
';\n')
dhcpd_file.write('option domain-name-servers ' +
dhcp_server.dns_primary_server)
if dhcp_server.dns_secondary_server is not None:
dhcpd_file.write(', ' + dhcp_server.dns_secondary_server)
dhcpd_file.write(';\n')
dhcpd_file.write('option domain-name "' +
dhcp_server.dns_domain_name + '";\n')
dhcpd_file.write('subnet ' + dhcp_server.subnet + ' netmask ' +
dhcp_server.subnet_mask + ' {\n')
for section in dhcp_server.sections:
dhcpd_file.write(' range ' + section.start_ip + ' ' +
section.end_ip + ';\n')
dhcpd_file.write('}')
dhcpd_file.truncate()
except Exception as e:
raise IOError(
"Error during the creation of file: /etc/dhcp/dhcpd.conf \n" +
str(e))
interfacesController = InterfaceController()
interfaces = interfacesController.get_interfaces()
isc_dhcp_server = 'INTERFACES="'
k = 0
for interface in interfaces:
if k != 0:
isc_dhcp_server += ' '
isc_dhcp_server += interface.name
k += 1
isc_dhcp_server += '"'
try:
with open('/etc/default/isc-dhcp-server',
'w') as isc_dhcp_server_file:
isc_dhcp_server_file.write(isc_dhcp_server)
isc_dhcp_server_file.truncate()
except Exception as e:
raise IOError(
"Unable to create file: /etc/default/isc-dhcp-server")
# Restart service
Bash('service isc-dhcp-server restart')
if len(interfaces) == 0:
Bash('service isc-dhcp-server stop')
class TrafficShaperController():
def __init__(self):
self.trafficShaperParser = TrafficShaperParser()
self.interfaceController = InterfaceController()
self.interfaceParser = InterfaceParser()
self.bridgeController = BridgeController()
self.trafficShaperCoreController = TrafficShaperCoreController()
self.trafficShaperCoreParser = TrafficShaperCoreParser()
self.transparent_interfaces = []
def set_configuration(self, json_configuration):
json_interfaces = self.trafficShaperParser.parse_interfaces(
json_configuration)
for json_iface in json_interfaces:
self.configure_interface(json_iface)
if len(self.transparent_interfaces) == 2:
iface1 = self.transparent_interfaces[0].name
iface2 = self.transparent_interfaces[1].name
bridge = Bridge("br0", iface1, iface2)
logging.debug("Bridge to create: " + bridge.__str__())
self.create_bridge(bridge)
elif len(self.transparent_interfaces) == 0:
self.enable_ip_forwarding()
else:
logging.debug("Error: transparent interfaces must be two")
json_traffic_shaper = self.trafficShaperParser.parse_traffic_shaper_configuration(
json_configuration)
if 'configuration' in json_traffic_shaper:
json_traffic_shaper_configuration = self.trafficShaperCoreParser.parse_configuration(
json_traffic_shaper)
self.start_bandwitdh_shaping(json_traffic_shaper_configuration)
def get_full_status(self):
status = {}
status[
"config-traffic-shaper:interfaces"] = self.get_interfaces_status()
configuration = {}
configuration['configuration'] = self.get_all_traffic_shapers()
status["config-traffic-shaper:traffic_shaper"] = configuration
return status
# Interfaces
def get_interfaces_status(self):
conf_interfaces = {}
conf_interfaces["ifEntry"] = self.get_interfaces()
return conf_interfaces
# Bridge
def create_bridge(self, bridge):
br_found = self.interfaceController.get_interface_by_name(bridge.name)
if br_found is None:
self.bridgeController.create_bridge(bridge)
logging.debug("Bridge created")
return True
else:
logging.debug("Bridge already existent")
return False
# Interfaces/ifEntry
def get_interfaces(self):
interfaces = self.interfaceController.get_interfaces()
interfaces_dict = []
for interface in interfaces:
interfaces_dict.append(
self.interfaceParser.get_interface_dict(interface))
return interfaces_dict
def get_interface(self, name):
interface = self.interfaceController.get_interface_by_name(name)
if interface is None:
raise ValueError("could not find interface: " + name)
interface_dict = self.interfaceParser.get_interface_dict(interface)
return interface_dict
def configure_interface(self, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type == "transparent":
self.transparent_interfaces.append(interface)
logging.debug("Found a transparent interface: " +
interface.__str__())
return
else:
iface_found = self.interfaceController.get_interface_by_name(
interface.name)
if iface_found is not None:
if iface_found.__eq__(interface):
return
self.interfaceController.configure_interface(interface)
logging.debug("Configured interface: " + interface.__str__())
def update_interface(self, name, json_interface):
interface = self.interfaceParser.parse_interface(json_interface)
if interface.type != "transparent":
if self.interfaceController.interface_exists(name):
self.interfaceController.configure_interface(interface)
logging.debug("Updated interface: " + interface.__str__())
else:
raise ValueError("could not find interface: " + name)
def reset_interface(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
self.interfaceController.reset_interface(name)
def get_interface_ipv4Configuration(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
ipv4_configuration_dict = self.interfaceParser.get_interface_ipv4Configuration(
interface.ipv4_configuration)
return ipv4_configuration_dict
def get_interface_ipv4Configuration_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.address
def get_interface_ipv4Configuration_netmask(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.netmask
def get_interface_ipv4Configuration_default_gw(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.default_gw
def get_interface_ipv4Configuration_mac_address(self, name):
if not self.interfaceController.interface_exists(name):
raise ValueError("could not find interface: " + name)
interface = self.interfaceController.get_interface_by_name(name)
return interface.ipv4_configuration.mac_address
def update_interface_ipv4Configuration(self, ifname,
json_ipv4Configuration):
ipv4Configuration = self.interfaceParser.parse_ipv4_configuration(
json_ipv4Configuration)
print(ipv4Configuration)
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration(
ifname, ipv4Configuration)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_address(self, ifname, address):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_address(
ifname, address)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_netmask(self, ifname, netmask):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_netmask(
ifname, netmask)
else:
raise ValueError("could not find interface: " + ifname)
def update_interface_ipv4Configuration_default_gw(self, ifname,
default_gw):
if self.interfaceController.interface_exists(ifname):
self.interfaceController.configure_interface_ipv4Configuration_default_gw(
ifname, default_gw)
else:
raise ValueError("could not find interface: " + ifname)
def enable_ip_forwarding(self):
self.trafficShaperCoreController.enable_ip_forwarding()
logging.debug("ip_forwarding enabled")
# Traffic Shaper
def start_bandwitdh_shaping(self, json_traffic_shaper):
logging.debug(json_traffic_shaper)
for json_interface_to_shape in json_traffic_shaper:
traffic_shaper = self.trafficShaperCoreParser.parse_traffic_shaper_configuration(
json_interface_to_shape)
logging.debug(traffic_shaper.__str__())
interface_name = self.trafficShaperCoreParser.parse_interface_to_control(
json_interface_to_shape)
interface = self.interfaceController.get_interface_by_name(
interface_name)
traffic_shaper.add_interface_name(interface.name)
traffic_shaper.add_interface_address(
interface.ipv4_configuration.address)
self.trafficShaperCoreController.start_bandwitdh_shaping(
traffic_shaper)
def stop_bandwitdh_shaping(self, interface_name):
if self.trafficShaperCoreController.traffic_shaper_exists(
interface_name):
self.trafficShaperCoreController.stop_bandwitdh_shaping(
interface_name)
else:
raise ValueError("could not find traffic shaper for interface: " +
interface_name)
def update_bandwitdh_shaping(self, interface_name, json_traffic_shaper):
if self.trafficShaperCoreController.traffic_shaper_exists(
interface_name):
traffic_shaper = self.trafficShaperCoreParser.parse_traffic_shaper_configuration(
json_traffic_shaper)
logging.debug(traffic_shaper.__str__())
interface = self.interfaceController.get_interface_by_name(
interface_name)
traffic_shaper.add_interface_name(interface.name)
traffic_shaper.add_interface_address(
interface.ipv4_configuration.address)
self.trafficShaperCoreController.update_bandwidth_shaping(
traffic_shaper)
def update_bandwitdh_shaping_download_limit(self, interface_name,
download_limit):
if self.trafficShaperCoreController.traffic_shaper_exists(
interface_name):
self.trafficShaperCoreController.update_bandwidth_shaping_download_limit(
interface_name, download_limit)
else:
raise ValueError("could not find traffic shaper for interface: " +
interface_name)
def update_bandwitdh_shaping_upload_limit(self, interface_name,
upload_limit):
if self.trafficShaperCoreController.traffic_shaper_exists(
interface_name):
self.trafficShaperCoreController.update_bandwidth_shaping_upload_limit(
interface_name, upload_limit)
else:
raise ValueError("could not find traffic shaper for interface: " +
interface_name)
def get_all_traffic_shapers(self):
traffic_shapers_dict = []
traffic_shaper_list = self.trafficShaperCoreController.get_all_traffic_shapers(
)
for traffic_shaper in traffic_shaper_list:
traffic_shapers_dict.append(
self.trafficShaperCoreParser.get_traffic_shaper_dict(
traffic_shaper))
return traffic_shapers_dict
def get_traffic_shaper(self, interface_name):
if interface_name is not None:
if self.trafficShaperCoreController.traffic_shaper_exists(
interface_name):
traffic_shaper = self.trafficShaperCoreController.get_traffic_shaper(
interface_name)
return self.trafficShaperCoreParser.get_traffic_shaper_dict(
traffic_shaper)
else:
raise ValueError(
"could not find traffic shaper for interface: " +
interface_name)