def tests(): f = Firewall() ip = ipv4() ip.dstip = IPAddr("192.168.100.2") ip.srcip = IPAddr("172.16.42.1") ip.protocol = ip.TCP_PROTOCOL xudp = tcp() xudp.srcport = 49662 xudp.dstport = 80 xudp.payload = "Hello, world" xudp.len = 8 + len(xudp.payload) ip.payload = xudp print len(ip) # print the length of the packet, just for fun # you can name this method what ever you like, but you'll # need some method that gets periodically invoked for updating # token bucket state for any rules with rate limits f.update_tokens() # again, you can name your "checker" as you want, but the # idea here is that we call some method on the firewall to # test whether a given packet should be permitted or denied. print f.forward_packet(ip) ip2 = ipv4() ip2.srcip = IPAddr("192.168.100.2") ip2.dstip = IPAddr("172.16.42.1") ip2.protocol = ip2.TCP_PROTOCOL xudp2 = tcp() xudp2.srcport = 80 xudp2.dstport = 49662 xudp2.payload = "Hello, world" xudp2.len = 8 + len(xudp2.payload) ip2.payload = xudp2 print len(ip2) # print the length of the packet, just for fun # you can name this method what ever you like, but you'll # need some method that gets periodically invoked for updating # token bucket state for any rules with rate limits f.update_tokens() # again, you can name your "checker" as you want, but the # idea here is that we call some method on the firewall to # test whether a given packet should be permitted or denied. print f.forward_packet(ip2) # if you want to simulate a time delay and updating token buckets, # you can just call time.sleep and then update the buckets. time.sleep(0.5) f.update_tokens()
def create_ipv4_dns(self, req_packet, dns_rep): ether_req = req_packet.find('ethernet') udp_req = req_packet.find('udp') ipv4_req = req_packet.find('ipv4') if ether_req is None or udp_req is None or ipv4_req is None: return ether_rep = pkt.ethernet(ether_req.raw) #reply ethernet udp_rep = pkt.udp(udp_req.raw) #reply upd pkt ipv4_rep = pkt.ipv4(ipv4_req.raw) #reply ipv4 pkt #swap MACs ether_rep.dst = ether_req.src ether_rep.src = ether_req.dst ether_rep.type = pkt.ethernet.IP_TYPE #swap udp ports. udp_rep.dstport = udp_req.srcport udp_rep.srcport = 53 #swap ipaddresses. ipv4_rep.srcip = ipv4_req.dstip ipv4_rep.dstip = ipv4_req.srcip #ipv4_rep.srcport = ipv4_req.dstport #ipv4_rep.dstport = ipv4_req.srcport #put payloads udp_rep.payload = dns_rep ipv4_rep.payload = udp_rep ether_rep.payload = ipv4_rep return ether_rep
def install_path(self, dst_sw, last_port, match, event): p = _get_path(self, dst_sw, event.port, last_port) if p is None: if (match.dl_type == pkt.ethernet.IP_TYPE and event.parsed.find('ipv4')): e = pkt.ethernet() e.src = EthAddr(dpid_to_str(self.dpid)) e.dst = match.dl_src e.type = e.IP_TYPE ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = match.nw_dst ipp.dstip = match.nw_src icmp = pkt.icmp() icmp.type = pkt.ICMP.TYPE_DEST_UNREACH icmp.code = pkt.ICMP.CODE_UNREACH_HOST orig_ip = event.parsed.find('ipv4') d = orig_ip.pack() d = d[:orig_ip.hl * 4 + 8] d = struct.pack("!HH", 0, 0) + d icmp.payload = d ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=event.port)) msg.data = e.pack() self.connection.send(msg) return self._install_path(p, match, event.ofp) p = [(sw, out_port, in_port) for sw, in_port, out_port in p] self._install_path(p, match.flip())
def perform(self, event): packet = event.parse() n = packet.find("ipv4") i = packet.find("icmp") # Create echo reply icmp. icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REPLY icmp.payload = i.payload # Create ipv4 packet ipp. ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = n.dstip ipp.dstip = n.srcip # Create ethernet packet e. e = pkt.ethernet() e.src = packet.dst e.dst = packet.src e.type = e.IP_TYPE # Link the payloads. ipp.payload = icmp e.payload = ipp # Create PacketOut msg. msg = of.ofp_packet_out() msg.data = e.pack() msg.in_port = event.port msg.actions.append(of.ofp_action_output(port=of.OFPP_IN_PORT)) event.connection.send(msg)
def reply(self, event, subnet, msg): # fill out the rest of the DHCP packet orig = event.parsed.find('dhcp') broadcast = (orig.flags & orig.BROADCAST_FLAG) != 0 msg.op = msg.BOOTREPLY msg.chaddr = event.parsed.src msg.htype = 1 msg.hlen = 6 msg.xid = orig.xid msg.add_option(pkt.DHCP.DHCPServerIdentifierOption(subnet.server.addr)) # create ethernet header ethp = pkt.ethernet(src=ip_for_event(event), dst=event.parsed.src) ethp.type = pkt.ethernet.IP_TYPE ipp = pkt.ipv4(srcip=subnet.server.addr) ipp.dstip = event.parsed.find('ipv4').srcip if broadcast: ipp.dstip = IP_BROADCAST ethp.dst = pkt.ETHERNET.ETHER_BROADCAST # create UDP header ipp.protocol = ipp.UDP_PROTOCOL udpp = pkt.udp() udpp.srcport = pkt.dhcp.SERVER_PORT udpp.dstport = pkt.dhcp.CLIENT_PORT # encapsulate and reply to host udpp.payload = msg ipp.payload = udpp ethp.payload = ipp po = of.ofp_packet_out(data=ethp.pack()) po.actions.append(of.ofp_action_output(port=event.port)) event.connection.send(po)
def send_udp_packet_out(self, conn, payload, tp_src, tp_dst,src_ip, dst_ip, src_mac, dst_mac, fw_port = of.OFPP_ALL): msg = of.ofp_packet_out(in_port=of.OFPP_NONE) msg.buffer_id = None #Make the udp packet udpp = pkt.udp() udpp.srcport = tp_src udpp.dstport = tp_dst udpp.payload = payload #Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.UDP_PROTOCOL ipp.srcip = IPAddr(src_ip) ipp.dstip = IPAddr(dst_ip) # Ethernet around that... ethp = pkt.ethernet() ethp.src = EthAddr(src_mac) ethp.dst = EthAddr(dst_mac) ethp.type = ethp.IP_TYPE # Hook them up... ipp.payload = udpp ethp.payload = ipp # Send it to the sw msg.actions.append(of.ofp_action_output(port = fw_port)) msg.data = ethp.pack() #show msg before sending """ print '*******************' print 'msg.show(): ',msg.show() print '*******************' """ print "self.send_udp_packet_out; sw%s and fw_port:%s" %(conn.dpid, fw_port) conn.send(msg)
def tests(): f = Firewall() ip = ipv4() ip.srcip = IPAddr("172.16.42.1") ip.dstip = IPAddr("172.16.42.35") # 17 for udp, 6 tcp, 1 icmp ip.protocol = 6 icmppkt = pktlib.icmp() icmppkt.type = pktlib.TYPE_ECHO_REQUEST icmppkt.payload ="Hello, world" xudp = udp() xudp.srcport = 53 xudp.dstport = 53 xudp.payload = "Hello, world" xudp.len = 8 + len(xudp.payload) tcppkt = pktlib.tcp() tcppkt.SYN = 1 tcppkt.seq = 14 tcppkt.srcport = 80 tcppkt.dstport = 80 tcppkt.offset = 5 tcppkt.payload = "Hello, world" tcppkt.tcplen = 20 # ip.payload = xudp # ip.payload = icmppkt ip.payload = tcppkt f=Firewall() f.mainframe(ip, time.time())
def sendICMP(self,type_,code,ip,packet): icm = icmp() icm.type=type_ icm.code=code d = packet.next.pack() d = d[:packet.next.hl * 4+8] d = struct.pack("!HH", 0,0) + d icm.payload = d # icmp.type = pkt.TYPE_DEST_UNREACH # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = self.ip ipp.dstip = ip.srcip # Ethernet around that... e = pkt.ethernet() e.src = self.mac e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.set_payload(icm) e.set_payload(ipp) # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = self.event_port self.connection.send(msg)
def reply_to_ping(self, event): # Reply to pings packet=event.parsed # Make the ping reply icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REPLY icmp.payload = packet.find("icmp").payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL packet=event.parsed ipp.srcip = packet.find("ipv4").dstip ipp.dstip = packet.find("ipv4").srcip # Ethernet around that... e = pkt.ethernet() e.src = packet.dst e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp e.payload = ipp # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg) log.debug("%s pinged %s", ipp.dstip, ipp.srcip)
def reply_icmp_error(self, event, icmp_type, code): print "Replying Host Unreachable from ", event.dpid packet = event.parsed icmp_reply = icmp() icmp_reply.type = icmp_type icmp_reply.code = code # icmp_reply.payload = packet.find("icmp").payload d = packet.next.pack() d = d[:packet.next.hl * 4 + 8] d = struct.pack("!HH", 0, 0) + d icmp_reply.payload = d # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = self.ip ipp.dstip = packet.find("ipv4").srcip # Ethernet around that... e = pkt.ethernet() e.src = self.mac e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp_reply e.payload = ipp # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port print "Sending to (fromIP, toIP, fromMAC, toMAC) : ", ipp.srcip, ipp.dstip, e.src, e.dst event.connection.send(msg)
def reply(cls, event, msg): orig = event.parsed.find('dhcp') broadcast = (orig.flags & orig.BROADCAST_FLAG) != 0 msg.op = msg.BOOTREPLY msg.chaddr = event.parsed.src msg.htype = 1 msg.hlen = 6 msg.xid = orig.xid msg.add_option(pkt.DHCP.DHCPServerIdentifierOption(cls.server_addr)) ethp = pkt.ethernet(src=EthAddr('02:00:00:00:00:24'), dst=event.parsed.src) ethp.type = pkt.ethernet.IP_TYPE ipp = pkt.ipv4(srcip=cls.server_addr) ipp.dstip = event.parsed.find('ipv4').srcip if broadcast: ipp.dstip = IPAddr('255.255.255.255') eth.dst = pkt.ETHERNET.ETHER_BROADCAST ipp.protocol = ipp.UDP_PROTOCOL udpp = pkt.udp() udpp.srcport = pkt.dhcp.SERVER_PORT udpp.dstport = pkt.dhcp.CLIENT_PORT udpp.payload = msg ipp.payload = udpp ethp.payload = ipp po = of.ofp_packet_out(data=ethp.pack()) po.actions.append(of.ofp_action_output(port=event.port)) event.connection.send(po)
def handle_icmp(self, event): print "Replying to Ping: ", event.dpid packet = event.parsed icmp_reply = icmp() icmp_reply.type = pkt.TYPE_ECHO_REPLY icmp_reply.payload = packet.find("icmp").payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = packet.find("ipv4").dstip ipp.dstip = packet.find("ipv4").srcip # Ethernet around that... e = pkt.ethernet() e.src = packet.dst e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp_reply e.payload = ipp # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg)
def icmp_ping(self, interface, destination_interface): # randomly choose an in_port. e = ethernet() e.src = interface.hw_addr if destination_interface is not None: e.dst = destination_interface.hw_addr else: # TODO(cs): need a better way to create random MAC addresses e.dst = EthAddr(struct.pack("Q",self.random.randint(1,0xFF))[:6]) e.type = ethernet.IP_TYPE ipp = ipv4() ipp.protocol = ipv4.ICMP_PROTOCOL if hasattr(interface, 'ips'): ipp.srcip = self.random.choice(interface.ips) else: ipp.srcip = IPAddr(self.random.randint(0,0xFFFFFFFF)) if destination_interface is not None and hasattr(destination_interface, 'ips'): ipp.dstip = self.random.choice(destination_interface.ips) else: ipp.dstip = IPAddr(self.random.randint(0,0xFFFFFFFF)) ping = icmp() ping.type = self.random.choice([TYPE_ECHO_REQUEST,TYPE_ECHO_REPLY]) ping.payload = "PingPing" * 6 ipp.payload = ping e.payload = ipp return e
def sendHello(self): global HELLO print self.localIp + " sending hello message!" MIN_LEN = 20 IP_TYPE = 0x0800 ETHER_ANY = EthAddr(b"\x00\x00\x00\x00\x00\x00") ##################### ippacket = pkt.ipv4() ippacket.srcip = IPAddr(self.localIp) ippacket.dstip = IPAddr('10.0.0.20') #packet_base.__init__(self) ippacket.prev = None ippacket.v = 4 ippacket.hl = MIN_LEN / 4 ippacket.tos = HELLO #ipv4.ip_id = (ipv4.ip_id + 1) & 0xffff #self.counter = (self.counter + 1) & 0xffff ippacket.id = self.counter ippacket.flags = 0 ippacket.frag = 0 ippacket.ttl = 64 ippacket.protocol = 0 ippacket.csum = 0 ippacket.next = b'HELLO ANOOP' ippacket.iplen = ipv4.MIN_LEN + len('HELLO ANOOP') epacket = ethernet() epacket.type = IP_TYPE epacket.dst = ETHER_ANY epacket.src = ETHER_ANY epacket.set_payload(ippacket) self.eventid.connection.send(of.ofp_packet_out(data=epacket.pack(), action=of.ofp_action_output(port=of.OFPP_ALL)))
def send_udp_packet_out(self, conn, payload, tp_src, tp_dst,src_ip, dst_ip, src_mac, dst_mac, fw_port = of.OFPP_ALL): msg = of.ofp_packet_out(in_port=of.OFPP_NONE) msg.buffer_id = None #Make the udp packet udpp = pkt.udp() udpp.srcport = tp_src udpp.dstport = tp_dst udpp.payload = payload #Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.UDP_PROTOCOL ipp.srcip = IPAddr(src_ip) ipp.dstip = IPAddr(dst_ip) # Ethernet around that... ethp = pkt.ethernet() ethp.src = EthAddr(src_mac) ethp.dst = EthAddr(dst_mac) ethp.type = ethp.IP_TYPE # Hook them up... ipp.payload = udpp ethp.payload = ipp # Send it to the sw msg.actions.append(of.ofp_action_output(port = fw_port)) msg.data = ethp.pack() #show msg before sending """ print '*******************' print 'msg.show(): ',msg.show() print '*******************' """ #print "send_udp_packet_out; sw%s and fw_port:%s" %(conn.dpid, fw_port) conn.send(msg)
def generate_example_trace(): trace = [] mesh = topo.MeshTopology(num_switches=2) hosts = mesh.hosts access_links = mesh.access_links packet_events = [] ping_or_pong = "ping" for access_link in access_links: other_host = (set(hosts) - set([access_link.host])).pop() eth = ethernet(src=access_link.host.interfaces[0].hw_addr,dst=access_link.switch_port.hw_addr,type=ethernet.IP_TYPE) dst_ip_addr = other_host.interfaces[0].ips[0] ipp = ipv4(protocol=ipv4.ICMP_PROTOCOL, srcip=access_link.host.interfaces[0].ips[0], dstip=dst_ip_addr) if ping_or_pong == "ping": ping = icmp(type=TYPE_ECHO_REQUEST, payload=ping_or_pong) else: ping = icmp(type=TYPE_ECHO_REPLY, payload=ping_or_pong) ipp.payload = ping eth.payload = ipp packet_events.append(DataplaneEvent(access_link.interface, eth)) # ping ping (no responses) between fake hosts for _ in range(40): trace.append(packet_events[0]) trace.append(packet_events[1]) write_trace_log(trace, "dataplane_traces/ping_pong.trace")
def sendHello(self, entry): inf = entry[0] srcip = entry[1] port = self.intf2Port[inf] mac = self.port2Mac[port] pwospf_hello = pwospf() pwospf_hello.rid = self.rid pwospf_hello.type = pwospf.TYPE_HELLO pwospf_hello.helloint = self.helloint << 16 pwospf_hello.netmask = IPAddr("255.255.255.0").toUnsigned() ipp = pkt.ipv4() ipp.protocol = ipv4.PWOSPF_PROTOCOL ipp.srcip = IPAddr(srcip) ipp.dstip = IPAddr(ALLSPFRouters) ipp.payload = pwospf_hello ether = ethernet() ether.type = ethernet.IP_TYPE ether.src = mac ether.dst = ETHER_BROADCAST ether.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=port)) msg.data = ether.pack() self.connection.send(msg)
def _handle_PacketIn(event): packet = event.parsed if packet.find("arp"): # Reply to ARP a = packet.find("arp") if a.opcode == a.REQUEST: r = pkt.arp() r.hwtype = a.hwtype r.prototype = a.prototype r.hwlen = a.hwlen r.protolen = a.protolen r.opcode = r.REPLY r.hwdst = a.hwsrc r.protodst = a.protosrc r.protosrc = a.protodst r.hwsrc = EthAddr("02:00:DE:AD:BE:EF") e = pkt.ethernet(type=packet.type, src=r.hwsrc, dst=a.hwsrc) e.payload = r msg = of.ofp_packet_out() msg.data = e.pack() msg.actions.append(of.ofp_action_output(port=of.OFPP_IN_PORT)) msg.in_port = event.port event.connection.send(msg) log.info("%s ARPed for %s", r.protodst, r.protosrc) elif packet.find("icmp"): # Reply to pings # Make the ping reply icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REPLY icmp.payload = packet.find("icmp").payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = packet.find("ipv4").dstip ipp.dstip = packet.find("ipv4").srcip # Ethernet around that... e = pkt.ethernet() e.src = packet.dst e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp e.payload = ipp # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg) log.debug("%s pinged %s", ipp.dstip, ipp.srcip)
def icmp_unknownhost(self, p, interfaceip, out_port): global icmpf, ip_pakt, eth u = icmp() u.type = TYPE_DEST_UNREACH u.code = 1 orig_ip = p.payload d = orig_ip.pack() d = d[:orig_ip.hl * 4 + 8] d = struct.pack("!HH", 0, 0) + d # network, unsigned short, unsigned short u.payload = d ip_pakt = ipv4() ip_pakt.protocol = ip_pakt.ICMP_PROTOCOL ip_pakt.srcip = interfaceip ip_pakt.dstip = p.payload.srcip #log.debug('Forward ICMP %s from src_IP %s and dst_IP %s' %(icmp_type, ip_pakt.srcip, ip_pakt.dstip)) eth = ethernet() eth.src = p.dst eth.dst = p.src eth.type = eth.IP_TYPE ip_pakt.payload = u eth.payload = ip_pakt self.resend_packet(eth, out_port)
def handleIP(self, event): dpid = self.connection.dpid packet = event.parsed ipLoad = packet.payload dstip = ipLoad.dstip log.debug('-----It is an ip packet-----' + str(dstip)) if ifEcho(ipLoad, dstip, self, event) != True: if ifReach(dstip, event, self) != True: reply = icmp() reply.type = TYPE_DEST_UNREACH reply.code = CODE_UNREACH_NET payLoad = ipLoad.pack()[:ipLoad.iplen + 8] import struct payLoad = struct.pack("!I", 0) + payLoad reply.payload = payLoad ipShell = ipv4() ipShell.protocol = ipv4.ICMP_PROTOCOL for portIP in portsIP[dpid]: selfip = portIP[PORT_IP] if (event.port == portIP[pPORT]): ipShell.srcip = selfip break ipShell.dstip = ipLoad.srcip ipShell.payload = reply etherShell = ethernet() etherShell.type = ethernet.IP_TYPE etherShell.src = packet.dst etherShell.dst = packet.src etherShell.payload = ipShell msg = of.ofp_packet_out() msg.data = etherShell.pack() msg.actions.append(of.ofp_action_output(port=event.port)) self.connection.send(msg)
def send_ping(self): con = core.openflow.getConnection(1) icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REQUEST echo = pkt.ICMP.echo(payload="SENDING PING") icmp.payload = echo #Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL #ipp.srcip = IPAddr("127.2.0.1") #ipp.dstip = IPAddr("10.1.0.1") # Ethernet around that... e = pkt.ethernet() #e.src = EthAddr("02:00:DE:AD:BE:EF") #e.dst = EthAddr("00:00:00:00:00:11") e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=of.OFPP_TABLE)) msg.data = e.pack() con.send(msg) log.debug("%s pinged %s", ipp.srcip, ipp.dstip)
def handle_icmp(self, event): packet, packet_in, dpid = getpacket(event) dstip = str(packet.find('ipv4').dstip) srcip = str(packet.find('ipv4').srcip) log.debug("recv icmp dst=%s src=%s", dstip, srcip) if self.find_route(dstip, dpid) == None: rte = self.find_route(srcip, dpid) return self.send_unreachable(event, rte) i = packet.find('icmp') if i.type == pkt.TYPE_ECHO_REQUEST: icmp = pkt.icmp() icmp.payload = i.payload icmp.type = pkt.TYPE_ECHO_REPLY ip = pkt.ipv4() ip.protocol = ip.ICMP_PROTOCOL ip.srcip = packet.find('ipv4').dstip ip.dstip = packet.find('ipv4').srcip ip.payload = icmp eth = pkt.ethernet() eth.src = packet.dst eth.dst = packet.src eth.type = eth.IP_TYPE eth.payload = ip self.resend_packet(eth.pack(), packet_in.in_port, dpid) log.debug("send icmp reply to %s port %d", str(ip.dstip), packet_in.in_port)
def handle_icmp(self,event): print "Replying to Ping: ",event.dpid packet = event.parsed icmp_reply = icmp() icmp_reply.type = pkt.TYPE_ECHO_REPLY icmp_reply.payload = packet.find("icmp").payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = packet.find("ipv4").dstip ipp.dstip = packet.find("ipv4").srcip # Ethernet around that... e = pkt.ethernet() e.src = packet.dst e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp_reply e.payload = ipp # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg)
def create_ip_packet(self, src, dst, icmp_pkt): ip_pkt = pkt.ipv4() ip_pkt.srcip = src ip_pkt.dstip = dst ip_pkt.protocol = pkt.ipv4.ICMP_PROTOCOL ip_pkt.payload = icmp_pkt return ip_pkt
def send_icmp_msg_large(self, event, src_ip=IP_ANY, dst_ip=IP_ANY, src_mac=ETHER_BROADCAST, dst_mac=ETHER_BROADCAST, payload=None, icmp_type=pkt.TYPE_ECHO_REPLY): icmp = pkt.icmp() icmp.type = icmp_type icmp.payload = payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = src_ip ipp.dstip = dst_ip e = pkt.ethernet() e.src = src_mac e.dst = dst_mac e.type = e.IP_TYPE ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg)
def generate_example_trace(): trace = [] mesh = topo.MeshTopology(num_switches=2) hosts = mesh.hosts access_links = mesh.access_links packet_events = [] ping_or_pong = "ping" for access_link in access_links: other_host = (set(hosts) - set([access_link.host])).pop() eth = ethernet(src=access_link.host.interfaces[0].hw_addr, dst=access_link.switch_port.hw_addr, type=ethernet.IP_TYPE) dst_ip_addr = other_host.interfaces[0].ips[0] ipp = ipv4(protocol=ipv4.ICMP_PROTOCOL, srcip=access_link.host.interfaces[0].ips[0], dstip=dst_ip_addr) if ping_or_pong == "ping": ping = icmp(type=TYPE_ECHO_REQUEST, payload=ping_or_pong) else: ping = icmp(type=TYPE_ECHO_REPLY, payload=ping_or_pong) ipp.payload = ping eth.payload = ipp packet_events.append(DataplaneEvent(access_link.interface, eth)) # ping ping (no responses) between fake hosts for _ in range(40): trace.append(packet_events[0]) trace.append(packet_events[1]) write_trace_log(trace, "dataplane_traces/ping_pong.trace")
def send_icmp_msg_small(self, packet, match, event, icmp_type = pkt.TYPE_ECHO_REPLY, payload = None): pload = payload if payload is not None or packet is None or packet.find("icmp") is None else packet.find("icmp").payload return self.send_icmp_msg_large(event, packet.find("ipv4").dstip, packet.find("ipv4").srcip, packet.dst, packet.src, pload, icmp_type) icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REPLY icmp.payload = packet.find("icmp").payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = packet.find("ipv4").dstip ipp.dstip = packet.find("ipv4").srcip e = pkt.ethernet() e.src = packet.dst e.dst = packet.src e.type = e.IP_TYPE ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg) log.debug("%s pinged %s", ipp.dstip, ipp.srcip)
def envio_paquete_sonda(event, eth_packet, dst_port, src_port): global time_sleep while True: time.sleep(time_sleep) #log.debug("ENVIO PAQUETE SONDAAAAAAAAAAAAAA") icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REQUEST for interface in swpo.d[event.connection.dpid]: list1 = [time.time(), event.connection.dpid, interface] str1 = ','.join(str(j) for j in list1) echo = pkt.ICMP.echo(payload=str1) icmp.payload = echo ip_packet = eth_packet.payload i = pkt.ipv4(protocol=pkt.ipv4.ICMP_PROTOCOL, srcip=ip_packet.srcip, dstip=ip_packet.dstip) i.tos = 0x64 i.set_payload(icmp) e = pkt.ethernet(type=pkt.ethernet.IP_TYPE, src=eth_packet.src, dst=eth_packet.dst) e.set_payload(i) msg = of.ofp_packet_out(in_port=src_port) msg.data = e.pack() #log.debug("INTERFAZ: %s", interface) msg.actions.append(of.ofp_action_output(port=interface)) event.connection.send(msg) log.debug( "SE ENVIA PAQUETE SONDA: TOS: %s IP_SRC: %s IP_DEST: %s PROTOCOLO: %s PORT: %s" % (i.tos, ip_packet.srcip, ip_packet.dstip, pkt.ipv4.ICMP_PROTOCOL, of.OFPP_ALL))
def send_icmp_msg_large(self, event, src_ip = IP_ANY, dst_ip = IP_ANY, src_mac = ETHER_BROADCAST, dst_mac = ETHER_BROADCAST, payload = None, icmp_type = pkt.TYPE_ECHO_REPLY): icmp = pkt.icmp() icmp.type = icmp_type icmp.payload = payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = src_ip ipp.dstip = dst_ip e = pkt.ethernet() e.src = src_mac e.dst = dst_mac e.type = e.IP_TYPE ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg)
def sendLSU(self,seq,srcip,dstip): print "Sending LSU Packets: ",self.name pwospf_hello = pwospf() pwospf_hello.rid = self.rid pwospf_hello.type = pwospf.TYPE_LSU pwospf_hello.seq = seq pwospf_hello.nadv = len(self.adjList[self.rid].items()) for ne in self.adjList[self.rid].items(): print ne.subnet pwospf_hello.advList.append(IPAddr(ne.subnet).toUnsigned()) pwospf_hello.advList.append(IPAddr(ne.netmask).toUnsigned()) pwospf_hello.advList.append(ne.rid) ipp = pkt.ipv4() ipp.protocol = ipv4.PWOSPF_PROTOCOL ipp.srcip = IPAddr(srcip) ipp.dstip = IPAddr(dstip) ipp.payload = pwospf_hello ether = ethernet() ether.type = ethernet.IP_TYPE ether.payload = ipp self.send_ipv4_packet(ether)
def sendHello(self,entry): inf = entry[0] srcip = entry[1] port = self.intf2Port[inf] mac = self.port2Mac[port] pwospf_hello = pwospf() pwospf_hello.rid = self.rid pwospf_hello.type = pwospf.TYPE_HELLO pwospf_hello.helloint = self.helloint << 16 pwospf_hello.netmask = IPAddr("255.255.255.0").toUnsigned() ipp = pkt.ipv4() ipp.protocol = ipv4.PWOSPF_PROTOCOL ipp.srcip = IPAddr(srcip) ipp.dstip = IPAddr(ALLSPFRouters) ipp.payload = pwospf_hello ether = ethernet() ether.type = ethernet.IP_TYPE ether.src = mac ether.dst = ETHER_BROADCAST ether.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = port)) msg.data = ether.pack() self.connection.send(msg)
def new_packet(self, ack=True, data=None, syn=False): """ Creates and returns a new TCP segment encapsulated in an IP packet. If ack is set, it sets the ACK flag. If data is set, it is set as the TCP payload. If syn is set, it sets the SYN flag """ assert self.is_peered assert self.is_bound p = self.stack.new_packet() p.ipv4 = pkt.ipv4(srcip=self.name[0], dstip=self.peer[0]) p.ipv4.protocol = pkt.ipv4.TCP_PROTOCOL p.tcp = pkt.tcp(srcport=self.name[1], dstport=self.peer[1]) p.ipv4.payload = p.tcp p.tcp.seq = self.snd.nxt p.tcp.ack = self.rcv.nxt p.tcp.ACK = ack p.tcp.SYN = syn if data: p.tcp.payload = data p.tcp.win = min(0xffFF, self.rcv.wnd) return p
def _handle_PacketIn (event): packet = event.parsed if packet.find("arp"): # Reply to ARP a = packet.find("arp") if a.opcode == a.REQUEST: r = pkt.arp() r.hwtype = a.hwtype r.prototype = a.prototype r.hwlen = a.hwlen r.protolen = a.protolen r.opcode = r.REPLY r.hwdst = a.hwsrc r.protodst = a.protosrc r.protosrc = a.protodst r.hwsrc = EthAddr("02:00:DE:AD:BE:EF") e = pkt.ethernet(type=packet.type, src=r.hwsrc, dst=a.hwsrc) e.payload = r msg = of.ofp_packet_out() msg.data = e.pack() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.in_port = event.port event.connection.send(msg) log.info("%s ARPed for %s", r.protodst, r.protosrc) elif packet.find("icmp"): # Reply to pings # Make the ping reply icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REPLY icmp.payload = packet.find("icmp").payload # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = packet.find("ipv4").dstip ipp.dstip = packet.find("ipv4").srcip # Ethernet around that... e = pkt.ethernet() e.src = packet.dst e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp e.payload = ipp # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port event.connection.send(msg) log.debug("%s pinged %s", ipp.dstip, ipp.srcip)
def probe_packet(self, src, dst): src_host = info_manager.get_host(mac=src) dst_host = info_manager.get_host(mac=dst) ''' Based on OpenNetMon van Adrichem, N.L.M.; Doerr, C.; Kuipers, F.A., OpenNetMon: Network monitoring in OpenFlow Software-Defined Networks''' ip_pck = pkt.ipv4(protocol=253, dstip = IPAddr("224.0.0.255")) pl = Payload(time.time()) ip_pck.set_payload(repr(pl)) packet = pkt.ethernet(type=pkt.ethernet.IP_TYPE) packet.src = EthAddr(src_host.macaddr) packet.dst = EthAddr(dst_host.macaddr) packet.set_payload(ip_pck) msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = src_host.port)) msg.data = packet.pack() core.openflow.getConnection(src_host.dpid).send(msg) packet = pkt.ethernet(type=pkt.ethernet.IP_TYPE) packet.src = EthAddr(src_host.macaddr) packet.dst = EthAddr(dst_host.macaddr) packet.set_payload(ip_pck) msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_CONTROLLER)) msg.data = packet.pack() msg.idle_timeout = of.OFP_FLOW_PERMANENT msg.hard_timeout = of.OFP_FLOW_PERMANENT core.openflow.getConnection(src_host.dpid).send(msg)
def generate_example_trace_same_subnet(): # TODO: highly redundant trace = [] (patch_panel, switches, network_links, hosts, access_links) = topo_gen.create_mesh(num_switches=2) packet_events = [] ping_or_pong = "ping" for access_link in access_links: other_host = (set(hosts) - set([access_link.host])).pop() eth = ethernet(src=access_link.host.interfaces[0].mac,dst=other_host.interfaces[0].mac,type=ethernet.IP_TYPE) dst_ip_addr = other_host.interfaces[0].ips[0] ipp = ipv4(protocol=ipv4.ICMP_PROTOCOL, srcip=access_link.host.interfaces[0].ips[0], dstip=dst_ip_addr) if ping_or_pong == "ping": ping = icmp(type=TYPE_ECHO_REQUEST, payload=ping_or_pong) else: ping = icmp(type=TYPE_ECHO_REPLY, payload=ping_or_pong) ipp.payload = ping eth.payload = ipp packet_events.append(DataplaneEvent(access_link.interface, eth)) # ping ping (no responses) between fake hosts for _ in range(40): trace.append(packet_events[0]) trace.append(packet_events[1]) write_trace_log(trace, "traces/ping_pong_same_subnet.trace")
def reply_icmp_error(self, event, icmp_type, code): print "Replying Host Unreachable from ", event.dpid packet = event.parsed icmp_reply = icmp() icmp_reply.type = icmp_type icmp_reply.code = code # icmp_reply.payload = packet.find("icmp").payload d = packet.next.pack() d = d[:packet.next.hl*4+8] d = struct.pack("!HH", 0, 0) + d icmp_reply.payload = d # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = self.ip ipp.dstip = packet.find("ipv4").srcip # Ethernet around that... e = pkt.ethernet() e.src = self.mac e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp_reply e.payload = ipp # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = event.port print "Sending to (fromIP, toIP, fromMAC, toMAC) : ", ipp.srcip, ipp.dstip, e.src, e.dst event.connection.send(msg)
def sendLSU(self, seq, srcip, dstip): print "Sending LSU Packets: ", self.name pwospf_hello = pwospf() pwospf_hello.rid = self.rid pwospf_hello.type = pwospf.TYPE_LSU pwospf_hello.seq = seq pwospf_hello.nadv = len(self.adjList[self.rid].items()) for ne in self.adjList[self.rid].items(): print ne.subnet pwospf_hello.advList.append(IPAddr(ne.subnet).toUnsigned()) pwospf_hello.advList.append(IPAddr(ne.netmask).toUnsigned()) pwospf_hello.advList.append(ne.rid) ipp = pkt.ipv4() ipp.protocol = ipv4.PWOSPF_PROTOCOL ipp.srcip = IPAddr(srcip) ipp.dstip = IPAddr(dstip) ipp.payload = pwospf_hello ether = ethernet() ether.type = ethernet.IP_TYPE ether.payload = ipp self.send_ipv4_packet(ether)
def handle_unreachable(self, packet, packet_in): packet_unreachable = pkt.unreach() packet_unreachable.payload = packet.payload icmp_packet = pkt.icmp() icmp_packet.type = pkt.TYPE_DEST_UNREACH icmp_packet.payload = packet_unreachable ip_packet = pkt.ipv4() ip_packet.srcip = packet.payload.dstip ip_packet.dstip = packet.payload.srcip ip_packet.protocol = pkt.ipv4.ICMP_PROTOCOL ip_packet.payload = icmp_packet ether_packet = pkt.ethernet() ether_packet.type = pkt.ethernet.IP_TYPE ether_packet.dst = packet.src ether_packet.src = packet.dst ether_packet.payload = ip_packet msg = of.ofp_packet_out() msg.data = ether_packet.pack() action = of.ofp_action_output(port=packet_in.in_port) msg.actions.append(action) self.connection.send(msg)
def send_ping(self, dpid=1, eth_dst=ETHER_ANY): con = core.openflow.getConnection(dpid) icmp = pkt.icmp() icmp.type = pkt.TYPE_ECHO_REQUEST echo = pkt.ICMP.echo(payload="SENDING PING") icmp.payload = echo #Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL # Ethernet around that... e = pkt.ethernet() e.dst = eth_dst e.type = e.IP_TYPE # Hook them up... ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=of.OFPP_TABLE)) msg.data = e.pack() con.send(msg) self.previous_ping_returned = False log.info("Sending ping to switch %s" % dpid)
def send_unreachable(self, event): packet, packet_in, dpid = getpacket(event) icmp = pkt.icmp() ip = packet.find('ipv4') rte = self.find_route(ip.srcip, dpid) if rte == None: return dstip = ip.dstip payload = ip.pack() payload = payload[:ip.hl * 4 + 8] payload = struct.pack("!HH", 0, 0) + payload icmp.payload = payload icmp.type = pkt.TYPE_DEST_UNREACH ip = pkt.ipv4() ip.protocol = ip.ICMP_PROTOCOL ip.srcip = IPAddr(rte[3]) ip.dstip = packet.find('ipv4').srcip ip.payload = icmp eth = pkt.ethernet() eth.src = packet.dst eth.dst = packet.src eth.type = eth.IP_TYPE eth.payload = ip self.resend_packet(eth.pack(), packet_in.in_port, dpid) log.debug("%s is unreachable to %s", str(dstip), str(ip.dstip))
def generate_example_trace_fat_tree(num_pods=4): # TODO(cs): highly redundant fat_tree = topo.FatTree(num_pods) (_, _, hosts, access_links) = (fat_tree.switches, fat_tree.network_links, fat_tree.hosts, fat_tree.access_links) host2pings = defaultdict(lambda: []) payload = "ping" for access_link in access_links: host = access_link.host other_hosts = list((set(hosts) - set([access_link.host]))) for other_host in other_hosts: eth = ethernet(src=access_link.host.interfaces[0].hw_addr,dst=other_host.interfaces[0].hw_addr,type=ethernet.IP_TYPE) dst_ip_addr = other_host.interfaces[0].ips[0] ipp = ipv4(protocol=ipv4.ICMP_PROTOCOL, srcip=access_link.host.interfaces[0].ips[0], dstip=dst_ip_addr) ping = icmp(type=TYPE_ECHO_REQUEST, payload=payload) ipp.payload = ping eth.payload = ipp host2pings[host].append(DataplaneEvent(access_link.interface, eth)) # ping pong (no responses) between fake hosts # (Some large number: TODO(cs): serialize a generator to disk) # Trace is [one ping from every host to a random other host] * 50000 trace = [] for _ in range(50000): for host, pings in host2pings.iteritems(): trace.append(random.choice(pings)) write_trace_log(trace, "dataplane_traces/ping_pong_fat_tree.trace")
def unreachable_send(self, packet, packet_in): msgUnreachable = pkt.unreach() msgUnreachable.payload = packet.payload icmpReachable = pkt.icmp() icmpReachable.type = pkt.TYPE_DEST_UNREACH icmpReachable.payload = msgUnreachable #encapsulate reachable ICMP packet icmpPkt = pkt.ipv4() icmpPkt.srcip = packet.payload.dstip #change the source ip to router's ip icmpPkt.dstip = packet.payload.srcip icmpPkt.protocol = pkt.ipv4.ICMP_PROTOCOL icmpPkt.payload = icmpReachable #encapsulate packet into frame icmpFrame = pkt.ethernet() icmpFrame.type = pkt.ethernet.IP_TYPE icmpFrame.dst = packet.src icmpFrame.src = packet.dst icmpFrame.payload = icmpPkt msg = of.ofp_packet_out() msg.data = icmpFrame.pack() action = of.ofp_action_output(port=packet_in.in_port) msg.actions.append(action) self.connection.send(msg)
def generate_example_trace_fat_tree(num_pods=4): # TODO(cs): highly redundant fat_tree = topo.FatTree(num_pods) (_, _, hosts, access_links) = (fat_tree.switches, fat_tree.network_links, fat_tree.hosts, fat_tree.access_links) host2pings = defaultdict(lambda: []) payload = "ping" for access_link in access_links: host = access_link.host other_hosts = list((set(hosts) - set([access_link.host]))) for other_host in other_hosts: eth = ethernet(src=access_link.host.interfaces[0].hw_addr, dst=other_host.interfaces[0].hw_addr, type=ethernet.IP_TYPE) dst_ip_addr = other_host.interfaces[0].ips[0] ipp = ipv4(protocol=ipv4.ICMP_PROTOCOL, srcip=access_link.host.interfaces[0].ips[0], dstip=dst_ip_addr) ping = icmp(type=TYPE_ECHO_REQUEST, payload=payload) ipp.payload = ping eth.payload = ipp host2pings[host].append(DataplaneEvent(access_link.interface, eth)) # ping pong (no responses) between fake hosts # (Some large number: TODO(cs): serialize a generator to disk) # Trace is [one ping from every host to a random other host] * 50000 trace = [] for _ in range(50000): for host, pings in host2pings.iteritems(): trace.append(random.choice(pings)) write_trace_log(trace, "dataplane_traces/ping_pong_fat_tree.trace")
def sendICMP(self, type_, code, ip, packet): icm = icmp() icm.type = type_ icm.code = code d = packet.next.pack() d = d[:packet.next.hl * 4 + 8] d = struct.pack("!HH", 0, 0) + d icm.payload = d # icmp.type = pkt.TYPE_DEST_UNREACH # Make the IP packet around it ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = self.ip ipp.dstip = ip.srcip # Ethernet around that... e = pkt.ethernet() e.src = self.mac e.dst = packet.src e.type = e.IP_TYPE # Hook them up... ipp.set_payload(icm) e.set_payload(ipp) # Send it back to the input port msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=of.OFPP_IN_PORT)) msg.data = e.pack() msg.in_port = self.event_port self.connection.send(msg)
def reachable_send(self, packet, packet_in): msgEcho = pkt.echo() msgEcho.seq = packet.payload.payload.payload.seq + 1 msgEcho.id = packet.payload.payload.payload.id #encapsulate the reachable ICMP packet icmpReachable = pkt.icmp() icmpReachable.type = pkt.TYPE_ECHO_REPLY icmpReachable.payload = msgEcho icmpPkt = pkt.ipv4() icmpPkt.srcip = packet.payload.dstip icmpPkt.dstip = packet.payload.srcip icmpPkt.protocol = pkt.ipv4.ICMP_PROTOCOL icmpPkt.payload = icmpReachable #encapsulate the packet into frame icmpFrame2 = pkt.ethernet() icmpFrame2.type = pkt.ethernet.IP_TYPE icmpFrame2.dst = packet.src icmpFrame2.src = packet.dst icmpFrame2.payload = icmpPkt msg = of.ofp_packet_out() msg.data = icmpFrame2.pack() action = of.ofp_action_output(port=packet_in.in_port) msg.actions.append(action) self.connection.send(msg)
def reply (self, event, msg): orig = event.parsed.find('dhcp') broadcast = (orig.flags & orig.BROADCAST_FLAG) != 0 msg.op = msg.BOOTREPLY msg.chaddr = event.parsed.src msg.htype = 1 msg.hlen = 6 msg.xid = orig.xid msg.add_option(pkt.DHCP.DHCPServerIdentifierOption(self.ip_addr)) ethp = pkt.ethernet(src=ip_for_event(event),dst=event.parsed.src) ethp.type = pkt.ethernet.IP_TYPE ipp = pkt.ipv4(srcip = self.ip_addr) ipp.dstip = event.parsed.find('ipv4').srcip if broadcast: ipp.dstip = IP_BROADCAST ethp.dst = pkt.ETHERNET.ETHER_BROADCAST ipp.protocol = ipp.UDP_PROTOCOL udpp = pkt.udp() udpp.srcport = pkt.dhcp.SERVER_PORT udpp.dstport = pkt.dhcp.CLIENT_PORT udpp.payload = msg ipp.payload = udpp ethp.payload = ipp po = of.ofp_packet_out(data=ethp.pack()) po.actions.append(of.ofp_action_output(port=event.port)) event.connection.send(po)
def handle_reachable(self, packet, packet_in): # echo echo = pkt.echo() echo.seq = packet.payload.payload.payload.seq + 1 echo.id = packet.payload.payload.payload.id # icmp pakcet icmp_packet = pkt.icmp() icmp_packet.type = pkt.TYPE_ECHO_REPLY icmp_packet.payload = echo # ip packet ip_packet = pkt.ipv4() ip_packet.srcip = packet.payload.dstip ip_packet.dstip = packet.payload.srcip ip_packet.protocol = pkt.ipv4.ICMP_PROTOCOL ip_packet.payload = icmp_packet # ethernet packet ether_packet = pkt.ethernet() ether_packet.type = pkt.ethernet.IP_TYPE ether_packet.dst = packet.src ether_packet.src = packet.dst ether_packet.payload = ip_packet msg = of.ofp_packet_out() msg.data = ether_packet.pack() action = of.ofp_action_output(port=packet_in.in_port) msg.actions.append(action) self.connection.send(msg)
def Ping(s1,s2): global t1 port1 = 0 port2 = 0 mac1 = 0 mac2 = 0 ip1 = 0 ip2 = 0 for item in Switch_set: if s1 == item: for item1 in Switch_set[item]: if s2 == Switch_set[item][item1][0]: port1 = item1 port2 = Switch_set[item][item1][1] break else: continue # print s1,s2 for dpid in ArpTable: if s1 == dpid: for ip in ArpTable[dpid]: if ArpTable[dpid][ip][0] == port1: ip1 = ip mac1 = ArpTable[dpid][ip][1] break elif s2 == dpid: for ip in ArpTable[dpid]: if ArpTable[dpid][ip][0] == port2: ip2 = ip mac2 = ArpTable[dpid][ip][1] break for i in [ip1,ip2,mac1,mac2]: if not i: return False icmp = pkt.icmp() icmp.type = pkt.ICMP.TYPE_ECHO_REQUEST icmp.payload = "PingPing" * 6 ipp = pkt.ipv4() ipp.protocol = ipv4.ICMP_PROTOCOL ipp.srcip = IPAddr(ip1) ipp.dstip = IPAddr(ip2) ipp.payload = icmp e = pkt.ethernet() e.src = mac1 e.dst = mac2 e.type = ethernet.IP_TYPE e.payload = ipp # print "Send Packets!" # print mac1,mac2,ip1,ip2 for i in range(10): msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = port2)) msg.data = e.pack() core.openflow.sendToDPID(str_to_dpid(s2), msg) t1[(s1,s2)]+=time.time() # print t1 return True
def makeIP(self, icmppkt, ipsrc, ipdest): ippkt = pktlib.ipv4() ippkt.srcip = ipdest ippkt.dstip = ipsrc ippkt.ttl = 64 # a reasonable initial TTL value ippkt.protocol = ippkt.ICMP_PROTOCOL ippkt.payload = icmppkt return ippkt
def tests(): f = Firewall() ip1 = ipv4() ip1.srcip = IPAddr("172.16.42.1") ip1.dstip = IPAddr("10.0.0.2") ip1.protocol = 17 xudp1 = udp() xudp1.srcport = 53 xudp1.dstport = 53 xudp1.payload = "Hello, world" xudp1.len = 8 + len(xudp1.payload) ip1.payload = xudp1 ip2 = ipv4() ip2.srcip = IPAddr("172.16.40.1") ip2.dstip = IPAddr("10.0.0.1") ip2.protocol = ip2.ICMP_PROTOCOL icmppkt = icmp() icmppkt.type = pktlib.TYPE_ECHO_REQUEST ping = pktlib.echo() ping.id = 5 ping.seq = 10 icmppkt.payload = ping ip2.payload = icmppkt ip3 = ipv4() ip3.srcip = IPAddr("172.16.38.0") ip3.dstip = IPAddr("10.0.0.5") ip3.protocol = ip2.ICMP_PROTOCOL icmppkt = icmp() icmppkt.type = pktlib.TYPE_ECHO_REQUEST ping = pktlib.echo() ping.id = 5 ping.seq = 10 icmppkt.payload = ping ip3.payload = icmppkt i=0 while i<10: print "+"*70 f.update_token_buckets() f.allow(ip2) f.allow(ip3) time.sleep(0.5) i+=1
def install_path(self, dst_sw, last_port, match, event): #print 'install_path' """ Attempts to install a path between this switch and some destination """ p = _get_path(self, dst_sw, event.port, last_port, match) print 'the path is ' + str(p) if p is None: log.warning("Can't get from %s to %s", match.dl_src, match.dl_dst) import pox.lib.packet as pkt if (match.dl_type == pkt.ethernet.IP_TYPE and event.parsed.find('ipv4')): # It's IP -- let's send a destination unreachable log.debug("Dest unreachable (%s -> %s)", match.dl_src, match.dl_dst) from pox.lib.addresses import EthAddr e = pkt.ethernet() e.src = EthAddr(dpid_to_str(self.dpid)) #FIXME: Hmm... e.dst = match.dl_src e.type = e.IP_TYPE ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = match.nw_dst #FIXME: Ridiculous ipp.dstip = match.nw_src icmp = pkt.icmp() icmp.type = pkt.ICMP.TYPE_DEST_UNREACH icmp.code = pkt.ICMP.CODE_UNREACH_HOST orig_ip = event.parsed.find('ipv4') d = orig_ip.pack() d = d[:orig_ip.hl * 4 + 8] import struct d = struct.pack("!HH", 0, 0) + d #FIXME: MTU icmp.payload = d ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port=event.port)) msg.data = e.pack() self.connection.send(msg) return log.debug("Installing path for %s -> %s %04x (%i hops)", match.dl_src, match.dl_dst, match.dl_type, len(p)) # We have a path -- install it self._install_path(p, match, event.ofp) # Now reverse it and install it backwards # (we'll just assume that will work) p = [(sw, out_port, in_port) for sw, in_port, out_port in p] self._install_path(p, match.flip())
def _handle_vip_icmp(self, ether_pkt, ip_pkt, icmp_pkt, event): if icmp_pkt.type == TYPE_ECHO_REQUEST and ip_pkt.dstip == self._vip: # Always respond to echo requests to the VIP. vip_mac = self._get_mac_for_port(event.ofp.in_port) self.packet_logger.action('VIP ECHO REPLY', [ ('From MAC', vip_mac) ]) icmp_reply = icmp(type = TYPE_ECHO_REPLY, payload = icmp_pkt.payload) ipv4_wrapper = ipv4(protocol = ipv4.ICMP_PROTOCOL, srcip = self._vip, dstip = ip_pkt.srcip, payload = icmp_reply) ether_wrapper = ethernet(type = ethernet.IP_TYPE, src = vip_mac, dst = ether_pkt.src, payload = ipv4_wrapper) self._send_packet(ether_wrapper, event.ofp.in_port) return True return super(LoadBalancingSwitch, self).handle_icmp(ether_pkt, ip_pkt, icmp_pkt, event)
def make_ping(other_host): eth = ethernet(src=access_link.host.interfaces[0].hw_addr,dst=other_host.interfaces[0].hw_addr,type=ethernet.IP_TYPE) dst_ip_addr = other_host.interfaces[0].ips[0] ipp = ipv4(protocol=ipv4.ICMP_PROTOCOL, srcip=access_link.host.interfaces[0].ips[0], dstip=dst_ip_addr) if ping_or_pong == "ping": ping = icmp(type=TYPE_ECHO_REQUEST, payload=ping_or_pong) else: ping = icmp(type=TYPE_ECHO_REPLY, payload=ping_or_pong) ipp.payload = ping eth.payload = ipp return eth
def install_path (self, dst_sw, last_port, match, event): """ From l2_multi - tries to install a path between switch & some destination """ p = _get_path(self, dst_sw, event.port, last_port) if p is None: log.warning("Can't get from %s to %s", match.dl_src, match.dl_dst) import pox.lib.packet as pkt if (match.dl_type == pkt.ethernet.IP_TYPE and event.parsed.find('ipv4')): log.debug("Dest unreachable (%s -> %s)", match.dl_src, match.dl_dst) from pox.lib.addresses import EthAddr e = pkt.ethernet() e.src = EthAddr(dpid_to_str(self.dpid)) e.dst = match.dl_src e.type = e.IP_TYPE ipp = pkt.ipv4() ipp.protocol = ipp.ICMP_PROTOCOL ipp.srcip = match.nw_dst ipp.dstip = match.nw_src icmp = pkt.icmp() icmp.type = pkt.ICMP.TYPE_DEST_UNREACH icmp.code = pkt.ICMP.CODE_UNREACH_HOST orig_ip = event.parsed.find('ipv4') d = orig_ip.pack() d = d[:orig_ip.hl * 4 + 8] import struct d = struct.pack("!HH", 0,0) + d icmp.payload = d ipp.payload = icmp e.payload = ipp msg = of.ofp_packet_out() msg.actions.append(of.ofp_action_output(port = event.port)) msg.data = e.pack() self.connection.send(msg) return log.debug("Installing path for %s -> %s %04x (%i hops)", match.dl_src, match.dl_dst, match.dl_type, len(p)) # Install the path self._install_path(p, match, event.ofp) # Install the reverse path (assumed to work) p = [(sw,out_port,in_port) for sw,in_port,out_port in p] self._install_path(p, match.flip())
def send_IP_packet(self, src_ip, dst_ip): ip4_Packet = pkt.ipv4() ip4_Packet.srcip = IPAddr(src_ip) ip4_Packet.dstip = IPAddr(dst_ip) ether = pkt.ethernet() ether.type = pkt.ethernet.IP_TYPE ether.srcip = IPAddr(src_ip) ether.dstip = IPAddr(dst_ip) ether.payload = ip4_Packet msg = of.ofp_packet_out() msg.data = ether msg.actions.append(of.ofp_action_output(port = of.OFPP_ALL)) self.connection.send(msg)
def parse_dhcp(self, dhcp_packet, event): print "dhcp packet handler" if len(dhcp_packet.options) == 0: return if pkt.dhcp.HOST_NAME_OPT in dhcp_packet.options: self.hostname = dhcp_packet.options[pkt.dhcp.HOST_NAME_OPT].data if pkt.dhcp.REQUEST_IP_OPT in dhcp_packet.options: self.requestedIp = dhcp_packet.options[pkt.dhcp.REQUEST_IP_OPT].addr if pkt.dhcp.MSG_TYPE_OPT in dhcp_packet.options: mt = dhcp_packet.options[pkt.dhcp.MSG_TYPE_OPT] self.dhcp_msg_type = mt if mt == pkt.dhcp.INFORM_MSG: return elif mt == pkt.dhcp.DECLINE_MSG: return ip = self.select_ip(dhcp_packet.chaddr, mt) if mt == pkt.dhcp.RELEASE_MSG: #find mapping and delete it self.insert_couchdb("del", ip, dhcp_packet.chaddr, None) return reply_msg_type = pkt.dhcp.OFFER_MSG if self.dhcp_msg_type.type == pkt.dhcp.DISCOVER_MSG else pkt.dhcp.ACK_MSG if self.requestedIp != 0 and self.dhcp_msg_type == pkt.dhcp.REQUEST_MSG and self.requestedIp != int(ip): reply_msg_type = pkt.dhcp.nak ip = self.requestedIp print "not allowed that address" reply = self.generate_dhcp_reply(dhcp_packet, ip, reply_msg_type, MAX_ROUTABLE_LEASE) if reply_msg_type == pkt.dhcp.ACK_MSG: self.add_addr(str(self.increment_ip(ip))) self.insert_couchdb("add", ip, dhcp_packet.chaddr, self.hostname) eth = pkt.ethernet(src=ip_for_event(event), dst=event.parsed.src) eth.type = pkt.ethernet.IP_TYPE ipp = pkt.ipv4(srcip=self.increment_ip(ip)) ipp.dstip = event.parsed.find('ipv4').srcip broadcast = (dhcp_packet.ciaddr == 0) if broadcast: ipp.dstip = IP_BROADCAST eth.dst = pkt.ETHERNET.ETHER_BROADCAST ipp.protocol = ipp.UDP_PROTOCOL udpp = pkt.udp() udpp.srcport = pkt.dhcp.SERVER_PORT udpp.dstport = pkt.dhcp.CLIENT_PORT udpp.payload = reply ipp.payload = udpp eth.payload = ipp msg = of.ofp_packet_out(data=eth.pack()) msg.actions.append(of.ofp_action_output(port=event.port)) event.connection.send(msg)
def import_rules(self): file = open("firewall_rules.txt", "r") for line in file: if len(line) != 1: #this is to get rid of the empty lines words = [] words = line.split() if words[0] == "permit" or words[0] == "deny": #make sure it is not a comment ruleObject = Rules() ruleObject.line = line for idx in range(len(words)): if words[idx] == "permit": ruleObject.action = "permit" if words[idx] == "deny": ruleObject.action = "deny" if words[idx] == "ip": ruleObject.type = type(pktlib.ipv4()) if words[idx] == "tcp": ruleObject.type = type(pktlib.tcp()) if words[idx] == "udp": ruleObject.type = type(pktlib.udp()) if words[idx] == "icmp": ruleObject.type = type(pktlib.icmp()) if words[idx] == "src": if words[idx+1] == "any": ruleObject.src = 1 else: ruleObject.src = words[idx+1] if "/" in ruleObject.src: #meaning its a net addr-we need the netmask temp = parse_cidr(ruleObject.src) srcnetMask = cidr_to_netmask(temp[1]) ruleObject.netMask = srcnetMask if words[idx] == "srcport": if words[idx+1] == "any": ruleObject.srcport = 1 else: ruleObject.srcport = words[idx+1] if words[idx] == "dst": if words[idx+1] == "any": ruleObject.dst = 1 else: ruleObject.dst = words[idx+1] if words[idx] == "dstport": if words[idx+1] == "any": ruleObject.dstport = 1 else: ruleObject.dstport = words[idx+1] if words[idx] == "ratelimit": ruleObject.ratelimit = words[idx+1] self.rules.append(ruleObject)
def handle_dns_packet(self, packet, event): dns_name = str(packet.questions[0].name) dns_type = packet.questions[0].qtype dns_class = packet.questions[0].qclass log.info("name " + dns_name + " type " + pkt.rrtype_to_str[dns_type] + " class " + pkt.rrclass_to_str[dns_class]) log.info("Len " + str(len(packet.questions))) dns_reply = dns() dns_reply.qr = True dns_reply.rd = True dns_reply.ra = True answ = dns.rr("www.google.com",1,1,3600,4,IPAddr("1.1.1.1")) dns_reply.answers.append(answ) dns_reply.questions = packet.questions dns_reply.id = packet.id #dns_reply.total_questions = packet.total_questions #dns_reply.total_answers = 1 udp_req = event.parsed.find("udp") udp_reply = udp() udp_reply.srcport = udp_req.srcport udp_reply.dstport = udp_req.dstport udp_reply.len = len(dns_reply) + udp_reply.MIN_LEN udp_reply.set_payload(dns_reply) ip_reply = ipv4() ip_req = event.parsed.find("ipv4") reqSrc = ip_req.dstip reqDst = ip_req.srcip ip_reply = ip_req ip_reply.srcip = reqDst ip_reply.dstip = reqSrc ip_reply.set_payload(udp_reply) eth_reply = ethernet() eth_reply.type = ethernet.IP_TYPE eth_reply.dst = EthAddr("00:00:00:00:00:02") eth_reply.src = EthAddr("00:00:00:00:00:01") eth_reply.set_payload(ip_reply) msg = of.ofp_packet_out() msg.data = eth_reply.pack() msg.actions.append(of.ofp_action_output(port = 2)) msg.in_port = event.port self.connection.send(msg) log.info("send DNS response...")