def send_arp(self, datapath, opcode, src_mac, src_ip, dst_mac, dst_ip, out_port): if opcode == 1: # ARP request target_mac = "00:00:00:00:00:00" target_ip = dst_ip elif opcode == 2: # ARP reply target_mac = dst_mac target_ip = dst_ip e = ethernet.ethernet(dst_mac, src_mac, ether.ETH_TYPE_ARP) a = arp.arp(1, 0x0800, 6, 4, opcode, src_mac, src_ip, target_mac, target_ip) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(out_port, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out)
def send_icmp(self, datapath, etherFrame,ipPacket, icmpPacket,inPort): e = ethernet(dst=etherFrame.src , src=etherFrame.dst, ethertype=ether.ETH_TYPE_IP) a = ipv4(version=ipPacket.version, header_length=ipPacket.header_length, tos=ipPacket.tos, total_length=ipPacket.total_length, identification=ipPacket.identification, flags=ipPacket.flags, offset=ipPacket.offset, ttl=ipPacket.ttl, proto=ipPacket.proto, csum=ipPacket.csum, src=ipPacket.dst, dst= ipPacket.src, option=None) b = icmp( type_=ICMP_ECHO_REPLY, code=icmpPacket.code, csum=icmpPacket.csum, data=icmpPacket.data) p = Packet() p.add_protocol(e) p.add_protocol(a) p.add_protocol(b) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(inPort, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out)
def send_arp(datapath, opcode, source_mac, source_ip, destination_mac, destination_ip, out_port): in_port = datapath.ofproto.OFPP_CONTROLLER e = ethernet(destination_mac, source_mac, ether.ETH_TYPE_ARP) a = arp( ARP_HW_TYPE_ETHERNET, ether.ETH_TYPE_IP, 6, # ethernet mac address length 4, # ipv4 address length opcode, source_mac, source_ip, destination_mac, destination_ip) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(out_port, 0)] out = datapath.ofproto_parser.OFPPacketOut(datapath=datapath, buffer_id=0xffffffff, in_port=in_port, actions=actions, data=p.data) datapath.send_msg(out)
def test_Packet_in_2_icmpEcho1(self): print "*** Case2: HOST2のMAC未学習の時、HOST1からICMP Echoを受信 ***" sr = SimpleForward() dstMac = ROUTER_MACADDR1 srcMac = HOST_MACADDR1 srcIp = HOST_IPADDR1 dstIp = HOST_IPADDR2 targetMac = dstMac targetIp = dstIp ttl = 64 datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_IP) iph = ipv4(4, 5, 0, 0, 0, 2, 0, ttl, 1, 0, srcIp, dstIp) echo = icmp.echo(1, 1, 'unit test') icmph = icmp.icmp(8, 0, 0, echo) p = Packet() p.add_protocol(e) p.add_protocol(iph) p.add_protocol(icmph) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=1), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 1) print ""
def _build_vlan(self): src_mac = mac.haddr_to_bin('00:07:0d:af:f4:54') dst_mac = mac.haddr_to_bin('00:00:00:00:00:00') ethertype = ether.ETH_TYPE_8021Q e = ethernet(dst_mac, src_mac, ethertype) version = 4 header_length = 20 tos = 0 total_length = 24 identification = 0x8a5d flags = 0 offset = 1480 ttl = 64 proto = inet.IPPROTO_ICMP csum = 0xa7f2 src = int(netaddr.IPAddress('131.151.32.21')) dst = int(netaddr.IPAddress('131.151.32.129')) option = 'TEST' ip = ipv4(version, header_length, tos, total_length, identification, flags, offset, ttl, proto, csum, src, dst, option) p = Packet() p.add_protocol(e) p.add_protocol(self.v) p.add_protocol(ip) p.serialize() return p
def test_Packet_in_2_icmpEcho1(self): print "*** Case2: HOST2のMAC未学習の時、HOST1からICMP Echoを受信 ***" sr = SimpleForward() dstMac = ROUTER_MACADDR1 srcMac = HOST_MACADDR1 srcIp = HOST_IPADDR1 dstIp = HOST_IPADDR2 targetMac = dstMac targetIp = dstIp ttl = 64 datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_IP) iph = ipv4(4, 5, 0, 0, 0, 2, 0, ttl, 1, 0, srcIp, dstIp) echo = icmp.echo(1, 1, 'unit test') icmph = icmp.icmp(8, 0, 0, echo) p = Packet() p.add_protocol(e) p.add_protocol(iph) p.add_protocol(icmph) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=1), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 1) print ""
def test_Packet_in_4_icmpEcho2(self): print "*** Case4: HOST2からHOST1以外の宛先IPへのIPパケットを受信 ***" sr = SimpleForward() sr.HOST_MACADDR1 = HOST_MACADDR1 sr.HOST_MACADDR2 = HOST_MACADDR2 dstMac = ROUTER_MACADDR2 srcMac = HOST_MACADDR2 srcIp = HOST_IPADDR2 dstIp = "91.189.89.22" ttl = 64 datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_IP) iph = ipv4(4, 5, 0, 0, 0, 2, 0, ttl, 1, 0, srcIp, dstIp) p = Packet() p.add_protocol(e) p.add_protocol(iph) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=2), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 1) print ""
def test_Packet_in_1_arpRequest(self): print "*** Case1: HOST1からARP Request受信 ***" sr = SimpleForward() dstMac = "ff:ff:ff:ff:ff:ff" srcMac = HOST_MACADDR1 srcIp = HOST_IPADDR1 dstIp = ROUTER_IPADDR1 targetMac = dstMac targetIp = dstIp datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, 1, srcMac, srcIp, targetMac, targetIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=1), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 0) print ""
def test_Packet_in_1_arpRequest(self): print "*** Case1: HOST1からARP Request受信 ***" sr = SimpleForward() dstMac = "ff:ff:ff:ff:ff:ff" srcMac = HOST_MACADDR1 srcIp = HOST_IPADDR1 dstIp = ROUTER_IPADDR1 targetMac = dstMac targetIp = dstIp datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, 1, srcMac, srcIp, targetMac, targetIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=1), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 0) print ""
def test_Packet_in_3_arpReply2(self): print "*** Case3: HOST1のMAC学習済の時、HOST2からARP Replyを受信 ***" sr = SimpleForward() sr.HOST_MACADDR1 = HOST_MACADDR1 sr.HOST_MACADDR2 = HOST_MACADDR2 dstMac = ROUTER_MACADDR2 srcMac = HOST_MACADDR2 srcIp = HOST_IPADDR2 dstIp = ROUTER_IPADDR2 targetMac = dstMac targetIp = dstIp datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, 2, srcMac, srcIp, targetMac, targetIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=2), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 0) print ""
def send_icmp(self, datapath, srcMac, srcIp, dstMac, dstIp, outPort, seq, data, id=1, type=8, ttl=64): e = ethernet(dstMac, srcMac, ether.ETH_TYPE_IP) iph = ipv4(4, 5, 0, 0, 0, 2, 0, ttl, 1, 0, srcIp, dstIp) echo = icmp.echo(id, seq, data) icmph = icmp.icmp(type, 0, 0, echo) p = Packet() p.add_protocol(e) p.add_protocol(iph) p.add_protocol(icmph) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(outPort, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out) return 0
def send_arp(self, datapath, opcode, srcMac, srcIp, dstMac, dstIp, outPort, RouteDist=None): if opcode == 1: self.portInfo[outPort] = PortTable(outPort, srcIp, srcMac, RouteDist) targetMac = "00:00:00:00:00:00" targetIp = dstIp elif opcode == 2: targetMac = dstMac targetIp = dstIp e = ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, opcode, srcMac, srcIp, targetMac, targetIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(outPort, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out) return 0
def test_Packet_in_3_arpReply2(self): print "*** Case3: HOST1のMAC学習済の時、HOST2からARP Replyを受信 ***" sr = SimpleForward() sr.HOST_MACADDR1 = HOST_MACADDR1 sr.HOST_MACADDR2 = HOST_MACADDR2 dstMac = ROUTER_MACADDR2 srcMac = HOST_MACADDR2 srcIp = HOST_IPADDR2 dstIp = ROUTER_IPADDR2 targetMac = dstMac targetIp = dstIp datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, 2, srcMac, srcIp, targetMac, targetIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=2), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 0) print ""
def send_arp(self, datapath, opcode, srcMac, srcIp, dstMac, dstIp, outPort, RouteDist=None): if opcode == 1: self.portInfo[outPort] = PortTable(outPort, srcIp, srcMac, RouteDist) targetMac = "00:00:00:00:00:00" targetIp = dstIp elif opcode == 2: targetMac = dstMac targetIp = dstIp e = ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, opcode, srcMac, srcIp, targetMac, targetIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(outPort, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out) return 0
def test_Packet_in_4_icmpEcho2(self): print "*** Case4: HOST2からHOST1以外の宛先IPへのIPパケットを受信 ***" sr = SimpleForward() sr.HOST_MACADDR1 = HOST_MACADDR1 sr.HOST_MACADDR2 = HOST_MACADDR2 dstMac = ROUTER_MACADDR2 srcMac = HOST_MACADDR2 srcIp = HOST_IPADDR2 dstIp = "91.189.89.22" ttl = 64 datapath = _Datapath() e = ethernet(dstMac, srcMac, ether.ETH_TYPE_IP) iph = ipv4(4, 5, 0, 0, 0, 2, 0, ttl, 1, 0, srcIp, dstIp) p = Packet() p.add_protocol(e) p.add_protocol(iph) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=2), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sr.packet_in_handler(ev) self.assertEqual(result, 1) print ""
def send_icmp(self, datapath, etherFrame, ipPacket, icmpPacket, inPort): e = ethernet(dst=etherFrame.src, src=etherFrame.dst, ethertype=ether.ETH_TYPE_IP) a = ipv4(version=ipPacket.version, header_length=ipPacket.header_length, tos=ipPacket.tos, total_length=ipPacket.total_length, identification=ipPacket.identification, flags=ipPacket.flags, offset=ipPacket.offset, ttl=ipPacket.ttl, proto=ipPacket.proto, csum=ipPacket.csum, src=ipPacket.dst, dst=ipPacket.src, option=None) b = icmp(type_=ICMP_ECHO_REPLY, code=icmpPacket.code, csum=icmpPacket.csum, data=icmpPacket.data) p = Packet() p.add_protocol(e) p.add_protocol(a) p.add_protocol(b) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(inPort, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out)
def _build_vlan(self): src_mac = mac.haddr_to_bin('00:07:0d:af:f4:54') dst_mac = mac.haddr_to_bin('00:00:00:00:00:00') ethertype = ether.ETH_TYPE_8021Q e = ethernet(dst_mac, src_mac, ethertype) version = 4 header_length = 20 tos = 0 total_length = 24 identification = 0x8a5d flags = 0 offset = 1480 ttl = 64 proto = inet.IPPROTO_ICMP csum = 0xa7f2 src = int(netaddr.IPAddress('131.151.32.21')) dst = int(netaddr.IPAddress('131.151.32.129')) option = 'TEST' ip = ipv4(version, header_length, tos, total_length, identification, flags, offset, ttl, proto, csum, src, dst, option) p = Packet() p.add_protocol(e) p.add_protocol(self.v) p.add_protocol(ip) p.serialize() return p
def arp_response(self, datapath, pkt, ether_frame, ofp_parser, ofp, in_port): arp_packet = pkt.get_protocol(arp.arp) dst_ip = arp_packet.src_ip src_ip = arp_packet.dst_ip dst_mac = ether_frame.src # If the ARP request isn't from one of the two servers, # choose the target/source MAC address from one of the servers; # else the target MAC address is set to the one corresponding # to the target host's IP. if dst_ip != self.H1_ip and dst_ip != self.H2_ip: src_mac = self.VIRTUAL_MAC # if self.next_server == self.H1_ip: # src_mac = self.H1_mac # self.next_server = self.H2_ip # else: # src_mac = self.H2_mac # self.next_server = self.H1_ip else: src_mac = self.ip_to_mac[src_ip] print "arp_response -> src_mac : %s" % src_mac eth_header = ethernet.ethernet(dst_mac, src_mac, ether_types.ETH_TYPE_ARP) arp_reply_packet = arp.arp(hwtype=ARP_HW_TYPE_ETHERNET, proto=ETH_TYPE_IP, hlen=6, plen=4, opcode=ARP_REPLY, src_mac=src_mac, src_ip=src_ip, dst_mac=dst_mac, dst_ip=dst_ip) print "arp_response -> src_mac : %s" % src_mac print "arp_response -> src_ip : %s" % src_ip print "arp_response -> dst_mac : %s" % dst_mac print "arp_response -> dst_ip : %s" % dst_ip pkt = Packet(protocols=[eth_header, arp_reply_packet]) pkt.serialize() # ARP action list actions = [ofp_parser.OFPActionOutput(ofp.OFPP_IN_PORT)] # ARP output message out = ofp_parser.OFPPacketOut(datapath=datapath, buffer_id=ofp.OFP_NO_BUFFER, in_port=in_port, actions=actions, data=pkt.data) datapath.send_msg(out) # Send out ARP reply
def _build_lacp(self): ethertype = ether.ETH_TYPE_SLOW dst = SLOW_PROTOCOL_MULTICAST e = ethernet(dst, self.actor_system, ethertype) p = Packet() p.add_protocol(e) p.add_protocol(self.l) p.serialize() return p
def currentPacket(self, ev): #get basic data from packet inbound = ev.msg # packetData = packet.Packet(inbound.data) tempPath = inbound.datapath tempProto = tempPath.ofproto parser = tempPath.ofproto_parser #send a response if packetData.get_protocol( ethernet.ethernet).ethertype == ether_types.ETH_TYPE_ARP: self.forwarding(packetData, tempPath, packetData.get_protocol(ethernet.ethernet), tempProto, parser, inbound.match['in_port']) #Get ARP info arpInbound = packetData.get_protocol(arp.arp) arpSource = arpInbound.dst_ip arpDestination = arpInbound.src_ip arpMac = packetData.get_protocol(ethernet.ethernet).src #If the ARP request is from the back servers, set to return to host's IP for request in range(0, self.back): if arpDestination == self.backList[request][0]: outBoundMac = self.ip2mac[arpSource] break else: outBoundMac = self.ip2mac[self.currentHostIP] #create new packet and send to decided IP outEthernet = ethernet.ethernet(arpMac, outBoundMac, ether_types.ETH_TYPE_ARP) outArp = arp.arp(1, 0x0800, 6, 4, 2, outBoundMac, arpSource, arpMac, arpDestination) outPacket = Packet() outPacket.add_protocol(outEthernet) outPacket.add_protocol(outArp) outPacket.serialize() outbound = [parser.OFPActionOutput(tempProto.OFPP_IN_PORT)] outboundData = parser.OFPPacketOUT( datapath=tempPath, buffer_id=tempProto.OFP_NO_BUFFER, in_port=inbound.match['in_port'], actions=outbound, data=outPacket.data) tempPath.send_msg(outboundData) #iterate to next back server self.currentHostIP = self.backList[self.nextHostIP][0] self.nextHostIP += 1 if self.nextHostIP > self.back: self.nextHostIP = 1 return
def _build_arp(self, vlan_enabled): if vlan_enabled is True: ethertype = ether.ETH_TYPE_8021Q v = vlan(1, 1, 3, ether.ETH_TYPE_ARP) else: ethertype = ether.ETH_TYPE_ARP e = ethernet(self.dst_mac, self.src_mac, ethertype) p = Packet() p.add_protocol(e) if vlan_enabled is True: p.add_protocol(v) p.add_protocol(self.a) p.serialize() return p
def _build_arp(self, vlan_enabled): if vlan_enabled is True: ethertype = ether.ETH_TYPE_8021Q v = vlan(1, 1, 3, ether.ETH_TYPE_ARP) else: ethertype = ether.ETH_TYPE_ARP e = ethernet(self.dst_mac, self.src_mac, ethertype) p = Packet() p.add_protocol(e) if vlan_enabled is True: p.add_protocol(v) p.add_protocol(self.a) p.serialize() return p
def send_arp_reply(self, datapath, srcMac, srcIp, dstMac, dstIp, outPort): e = ethernet.ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp.arp(1, 0x0800, 6, 4, 2, srcMac, srcIp, dstMac, dstIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(outPort, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out)
def send_icmp(self, datapath, srcMac, srcIp, dstMac, dstIp, outPort, seq, data, id=1, type=8, ttl=64): e = ethernet.ethernet(dstMac, srcMac, ether.ETH_TYPE_IP) #Construye el protocolo ethernet iph = ipv4.ipv4(4, 5, 0, 0, 0, 2, 0, ttl, 1, 0, srcIp, dstIp) #Construye la parte del protocolo IP echo = icmp.echo(id, seq, data) #Construye la parte del echo que se añadirá al protocolo icmp icmph = icmp.icmp(type, 0, 0, echo) #Construye la parte del icmp p = Packet() #Crea el paquete p.add_protocol(e) #Añade el protocolo ethernet p.add_protocol(iph) #Añade el protocolo ip p.add_protocol(icmph) #Añade el protocolo icmp p.serialize() #Serializa todo actions = [datapath.ofproto_parser.OFPActionOutput(outPort, 0)] #Enviar por el puerto outPort #Mensaje a enviar out = datapath.ofproto_parser.OFPPacketOut(datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out) #Enviar mensaje
def test_Packet_in(self): sa = SimpleArp() datapath = _Datapath() e = ethernet.ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, 1, srcMac, srcIp, targetMac, dstIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=1), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sa.packet_in_handler(ev) self.assertEqual(result, 0)
def send_response(self, datapath, packet, ethernet_frame, ofp_parser, ofp, in_port, source_ip): """ Sends out an ARP response along the datapath such that hosts map the virtual IP address to the real MAC address of a server :param datapath: :param packet: :param ethernet_frame: :param ofp_parser: :param ofp: :param in_port: :param source_ip: """ # reverse source and destination IPs/MACs arp_packet = packet.get_protocol(arp.arp) destination_ip = source_ip source_ip = arp_packet.dst_ip destination_mac = ethernet_frame.src # Update source mac and next IP to alternate with each new host if destination_ip != self.h5_ip and destination_ip != self.h6_ip: if self.next_ip == self.h5_ip: source_mac = self.h5_mac self.next_ip = self.h6_ip else: source_mac = self.h6_mac self.next_ip = self.h5_ip else: source_mac = self.ip_to_mac[source_ip] # Construct packet and send response e = ethernet.ethernet(destination_mac, source_mac, ether_types.ETH_TYPE_ARP) a = arp.arp(1, 0x0800, 6, 4, 2, source_mac, source_ip, destination_mac, destination_ip) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [ofp_parser.OFPActionOutput(ofp.OFPP_IN_PORT)] out = ofp_parser.OFPPacketOut( datapath=datapath, buffer_id=ofp.OFP_NO_BUFFER, in_port=in_port, actions=actions, data=p.data ) datapath.send_msg(out)
def test_Packet_in(self): sa = SimpleArp() datapath = _Datapath() e = ethernet.ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, 1, srcMac, srcIp, targetMac, dstIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() packetIn = OFPPacketIn(datapath, match=OFPMatch(in_port=1), data=buffer(p.data)) ev = ofp_event.EventOFPPacketIn(packetIn) result = sa.packet_in_handler(ev) self.assertEqual(result, 0)
def _build_igmp(self): dl_dst = "11:22:33:44:55:66" dl_src = "aa:bb:cc:dd:ee:ff" dl_type = ether.ETH_TYPE_IP e = ethernet(dl_dst, dl_src, dl_type) total_length = 20 + igmp._MIN_LEN nw_proto = inet.IPPROTO_IGMP nw_dst = "11.22.33.44" nw_src = "55.66.77.88" i = ipv4(total_length=total_length, src=nw_src, dst=nw_dst, proto=nw_proto) p = Packet() p.add_protocol(e) p.add_protocol(i) p.add_protocol(self.g) p.serialize() return p
def _build_igmp(self): dl_dst = '11:22:33:44:55:66' dl_src = 'aa:bb:cc:dd:ee:ff' dl_type = ether.ETH_TYPE_IP e = ethernet(dl_dst, dl_src, dl_type) total_length = len(ipv4()) + len(self.g) nw_proto = inet.IPPROTO_IGMP nw_dst = '11.22.33.44' nw_src = '55.66.77.88' i = ipv4(total_length=total_length, src=nw_src, dst=nw_dst, proto=nw_proto, ttl=1) p = Packet() p.add_protocol(e) p.add_protocol(i) p.add_protocol(self.g) p.serialize() return p
def _build_igmp(self): dl_dst = '11:22:33:44:55:66' dl_src = 'aa:bb:cc:dd:ee:ff' dl_type = ether.ETH_TYPE_IP e = ethernet(dl_dst, dl_src, dl_type) total_length = 20 + igmp._MIN_LEN nw_proto = inet.IPPROTO_IGMP nw_dst = '11.22.33.44' nw_src = '55.66.77.88' i = ipv4(total_length=total_length, src=nw_src, dst=nw_dst, proto=nw_proto) p = Packet() p.add_protocol(e) p.add_protocol(i) p.add_protocol(self.g) p.serialize() return p
def send_arp(self, datapath, opcode, srcMac, srcIp, dstMac, dstIp, outPort): if opcode == 1: targetMac = "00:00:00:00:00:00" targetIp = dstIp elif opcode == 2: targetMac = dstMac targetIp = dstIp e = ethernet.ethernet(dstMac, srcMac, ether_types.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, opcode, srcMac, srcIp, targetMac, targetIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(outPort, 0)] #this packet is constructed by tyhe controller, so the in_port is OFPP_CONTROLLER. out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out)
def send_icmp(self, datapath, srcMac, srcIp, dstMac, dstIp, outPort, seq, data, id=1, type=8, ttl=64): e = ethernet(dstMac, srcMac, ether.ETH_TYPE_IP) iph = ipv4(4, 5, 0, 0, 0, 2, 0, ttl, 1, 0, srcIp, dstIp) echo = icmp.echo(id, seq, data) icmph = icmp.icmp(type, 0, 0, echo) p = Packet() p.add_protocol(e) p.add_protocol(iph) p.add_protocol(icmph) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(outPort, 0)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=0xffffffff, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out) return 0
def arp_response(self, datapath, packet, etherFrame, ofp_parser, ofp, in_port): arpPacket = packet.get_protocol(arp.arp) dstIp = arpPacket.src_ip srcIp = arpPacket.dst_ip dstMac = etherFrame.src # If the ARP request isn't from one of the two servers, # choose the target/source MAC address from one of the servers; # else the target MAC address is set to the one corresponding # to the target host's IP. if dstIp != self.H5_ip and dstIp != self.H6_ip: if self.next_server == self.H5_ip: srcMac = self.H5_mac self.next_server = self.H6_ip else: srcMac = self.H6_mac self.next_server = self.H5_ip else: srcMac = self.ip_to_mac[srcIp] e = ethernet.ethernet(dstMac, srcMac, ether_types.ETH_TYPE_ARP) a = arp.arp(1, 0x0800, 6, 4, 2, srcMac, srcIp, dstMac, dstIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() # ARP action list actions = [ofp_parser.OFPActionOutput(ofp.OFPP_IN_PORT)] # ARP output message out = ofp_parser.OFPPacketOut( datapath=datapath, buffer_id=ofp.OFP_NO_BUFFER, in_port=in_port, actions=actions, data=p.data ) datapath.send_msg(out) # Send out ARP reply
def _build_svlan(self): src_mac = '00:07:0d:af:f4:54' dst_mac = '00:00:00:00:00:00' ethertype = ether.ETH_TYPE_8021AD e = ethernet(dst_mac, src_mac, ethertype) pcp = 0 cfi = 0 vid = 32 tci = pcp << 15 | cfi << 12 | vid ethertype = ether.ETH_TYPE_IP v = vlan(pcp, cfi, vid, ethertype) version = 4 header_length = 20 tos = 0 total_length = 24 identification = 0x8a5d flags = 0 offset = 1480 ttl = 64 proto = inet.IPPROTO_ICMP csum = 0xa7f2 src = '131.151.32.21' dst = '131.151.32.129' option = 'TEST' ip = ipv4(version, header_length, tos, total_length, identification, flags, offset, ttl, proto, csum, src, dst, option) p = Packet() p.add_protocol(e) p.add_protocol(self.sv) p.add_protocol(v) p.add_protocol(ip) p.serialize() return p
def _build_svlan(self): src_mac = '00:07:0d:af:f4:54' dst_mac = '00:00:00:00:00:00' ethertype = ether.ETH_TYPE_8021AD e = ethernet(dst_mac, src_mac, ethertype) pcp = 0 cfi = 0 vid = 32 tci = pcp << 15 | cfi << 12 | vid ethertype = ether.ETH_TYPE_IP v = vlan(pcp, cfi, vid, ethertype) version = 4 header_length = 20 tos = 0 total_length = 24 identification = 0x8a5d flags = 0 offset = 1480 ttl = 64 proto = inet.IPPROTO_ICMP csum = 0xa7f2 src = '131.151.32.21' dst = '131.151.32.129' option = b'TEST' ip = ipv4(version, header_length, tos, total_length, identification, flags, offset, ttl, proto, csum, src, dst, option) p = Packet() p.add_protocol(e) p.add_protocol(self.sv) p.add_protocol(v) p.add_protocol(ip) p.serialize() return p
def send_arp(self, datapath, opcode, src, src_ip, dst, dst_ip, out_port): # 下发ARP请求包 if opcode == 1: target_mac = "00:00:00:00:00:00" target_ip = dst_ip # 下发ARP回复包 elif opcode == 2: target_mac = dst target_ip = dst_ip e = ethernet.ethernet(dst, src, ether_types.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, opcode, src, src_ip, target_mac, target_ip) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() actions = [datapath.ofproto_parser.OFPActionOutput(out_port)] out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=datapath.ofproto.OFP_NO_BUFFER, in_port=datapath.ofproto.OFPP_CONTROLLER, actions=actions, data=p.data) datapath.send_msg(out)
def generate_arp_reply(self, datapath, eth_frame, arp_pkt, dest_ip, in_port): dstIp = arp_pkt.src_ip srcIp = arp_pkt.dst_ip dstMac = eth_frame.src parser = datapath.ofproto_parser output_port = 0 output_ip = srcIp is_client = True #LOG.debug(srcIp) if srcIp == HOST1_IP: srcMac = HOST1_MAC output_port = 1 output_ip = "10.0.0.1" elif srcIp == HOST2_IP: srcMac = HOST2_MAC output_port = 2 elif srcIp == HOST3_IP: srcMac = HOST3_MAC output_port = 3 elif srcIp == HOST4_IP: srcMac = HOST4_MAC output_port = 4 else: srcMac = self.get_mac() is_client = False if srcMac == "00:00:00:00:00:05": output_port = 5 output_ip = "10.0.0.5" else: output_port = 6 output_ip = "10.0.0.6" #outPort = in_port #LOG.debug("Got to sending the ARP response!!!!") #These Flows are a little borked but really close if is_client: #LOG.debug("installing server -> client flow. srcIp= " + srcIp + "output_ip= " + output_ip) match = parser.OFPMatch(in_port=in_port, ipv4_dst=srcIp, eth_type=0x800) actions = [ parser.OFPActionSetField(ipv4_dst=output_ip), parser.OFPActionOutput(output_port) ] else: #LOG.debug("installing client -> server flow. dstIp= " + dstIp + "output_ip= " + output_ip) match = parser.OFPMatch(in_port=in_port, ipv4_dst="10.0.0.10", eth_type=0x800) actions = [ parser.OFPActionSetField(ipv4_dst=output_ip), parser.OFPActionOutput(output_port) ] e = ethernet(dstMac, srcMac, ether.ETH_TYPE_ARP) a = arp(1, 0x0800, 6, 4, 2, srcMac, srcIp, dstMac, dstIp) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() #LOG.debug(in_port) #LOG.debug(output_port) self.add_flow(datapath, 1, match, actions) #LOG.debug("Added Flow") self.send_arp_reply(datapath, in_port, p)
def _packet_in_handler(self, ev): msg = ev.msg in_port = msg.in_port datapath = msg.datapath ofproto = datapath.ofproto dpid = datapath.id print 'mac_to_port',self.mac_to_port,'\n' self.mac_to_port.setdefault(dpid, {}) print 'mac_to_port',self.mac_to_port,'\n' dst, src, _eth_type = struct.unpack_from('!6s6sH', buffer(msg.data), 0) LOG.info("packet in %s %s %s %s", dpid, haddr_to_str(src), haddr_to_str(dst), msg.in_port) if _eth_type == ether.ETH_TYPE_ARP: #if dst in self.port_to_switch_mac[dpid]: arp_pkt = self.find_packet(msg,'arp') if arp_pkt != None: dst_ip = arp_pkt.dst_ip src_ip = arp_pkt.src_ip self.port_to_ip.setdefault(dpid,{}) self.port_to_ip[dpid][in_port] = (src_ip & 0Xffffff00) + 0xfe if dst_ip == self.port_to_ip[dpid][in_port]: src_mac = self.port_to_switch_mac[dpid][in_port] e = ethernet.ethernet(src,self.port_to_switch_mac[dpid][in_port],ether.ETH_TYPE_ARP) if arp_pkt.opcode == arp.ARP_REQUEST: opcode = arp.ARP_REPLY #else: #opcode = arp.ARP_REV_REPLY a = arp.arp(hwtype = 1,proto = 0x0800, hlen = 6, plen = 4, opcode = opcode, src_mac = src_mac,src_ip = arp_pkt.dst_ip, dst_mac = arp_pkt.src_mac, dst_ip = arp_pkt.src_ip) p = Packet() p.add_protocol(e) p.add_protocol(a) p.serialize() datapath.send_packet_out(in_port=ofproto_v1_0.OFPP_NONE,actions=[datapath.ofproto_parser.OFPActionOutput(in_port)],data=p.data) print "arp request packet's dst_mac is ",haddr_to_str(self.port_to_switch_mac[dpid][in_port]) if _eth_type == ether.ETH_TYPE_IP: ip_pkt = self.find_packet(msg,'ipv4') #to judge if the ip packet contains icmp protocol #print 'lee 0' if ip_pkt.proto == 1: icmp_pkt = self.find_packet(msg,'icmp') if icmp_pkt.type == icmp.ICMP_ECHO_REQUEST: ip_src = ip_pkt.src ip_dst = ip_pkt.dst echo_id = icmp_pkt.data.id echo_seq = icmp_pkt.data.seq echo_data = bytearray(icmp_pkt.data.data) icmp_data = icmp.echo(id_=echo_id,seq=echo_seq,data=echo_data) self.port_to_ip.setdefault(dpid, {}) #mask is 24 bit self.port_to_ip[dpid][in_port] = (ip_src & 0Xffffff00) + 0xfe #print 'lee 1' if self.port_to_ip[dpid][in_port] == ip_dst: #send a echo reply packet ether_dst = src ether_src = self.port_to_switch_mac[dpid][in_port] e = ethernet.ethernet(ether_dst,ether_src,ether.ETH_TYPE_IP) #csum calculation should be paied attention #ic = icmp.icmp(type_= 0,code=0,csum=0,data=icmp_pkt.data) i = ipv4.ipv4(version=4,header_length=5,tos=0,total_length=0, identification=0,flags=0x000,offset=0,ttl=64,proto=1,csum=0,src=ip_dst, dst=ip_src,option=None) ic = icmp.icmp(type_= 0,code=0,csum=0,data=icmp_data) p = Packet() p.add_protocol(e) p.add_protocol(i) p.add_protocol(ic) p.serialize() datapath.send_packet_out(in_port=ofproto_v1_0.OFPP_NONE,actions=[datapath.ofproto_parser.OFPActionOutput(in_port)],data=p.data) print 'send a ping replay' else: pass if _eth_type == ether.ETH_TYPE_IPV6: ipv6_pkt = self.find_packet(msg,'ipv6') #don't care about ipv6's extention header icmpv6_pkt = self.find_packet(msg,'icmpv6') if icmpv6_pkt != None: if icmpv6_pkt.type_ == icmpv6.ND_NEIGHBOR_SOLICIT: self.port_to_ipv6.setdefault(dpid,{}) #self.port_to_ipv6[dpid][in_port]=hexlify(((ipv6_pkt.src & (1<<128))-(1<<64)) + (1<<64) - 2) self.port_to_ipv6[dpid][in_port]=struct.pack('!4I',0x100000,0x0,0xffffffff,0xfffffffd) if icmpv6_pkt.data.dst == self.port_to_ipv6[dpid][in_port]: #send a ND_NEIGHBOR_REPLY packet ether_dst = src ether_src = self.port_to_switch_mac[dpid][in_port] e = ethernet.ethernet(ether_dst,ether_src,ether.ETH_TYPE_IPV6) ic6_data_data = icmpv6.nd_option_la(hw_src=self.port_to_switch_mac[dpid][in_port],data=None) #res = 3 or 7 ic6_data = icmpv6.nd_neighbor(res=3,dst=icmpv6_pkt.data.dst,type_=icmpv6.nd_neighbor.ND_OPTION_TLA,length=1,data=ic6_data_data) ic6 = icmpv6.icmpv6(type_=icmpv6.ND_NEIGHBOR_ADVERT,code=0,csum=0,data=ic6_data) #payload_length i6 = ipv6.ipv6(version= 6,traffic_class=0,flow_label=0,payload_length=32,nxt=58,hop_limit=255, src=icmpv6_pkt.data.dst,dst=ipv6_pkt.src) p = Packet() p.add_protocol(e) p.add_protocol(i6) p.add_protocol(ic6) p.serialize() datapath.send_packet_out(in_port=ofproto_v1_0.OFPP_NONE,actions=[datapath.ofproto_parser.OFPActionOutput(in_port)],data=p.data) print 'send a NA packet' if icmpv6_pkt.type_ == icmpv6.ICMPV6_ECHO_REQUEST: if self.port_to_ipv6[dpid].has_key(in_port): #print hexlify(self.port_to_ipv6[dpid][in_port]) #print 'ipv6_pkt.dst is',hexlify(ipv6_pkt.dst) #print 'ipv6_pkt.dst is',hexlify(ipv6_pkt.dst) if ipv6_pkt.dst == self.port_to_ipv6[dpid][in_port]: ether_dst = src ether_src = self.port_to_switch_mac[dpid][in_port] e = ethernet.ethernet(ether_dst,ether_src,ether.ETH_TYPE_IPV6) ic6_data = icmpv6_pkt.data ic6 = icmpv6.icmpv6(type_=icmpv6.ICMPV6_ECHO_REPLY,code=0,csum=0,data=ic6_data) i6 = ipv6.ipv6(version= 6,traffic_class=0,flow_label=0,payload_length=64,nxt=58,hop_limit=64, src=ipv6_pkt.dst,dst=ipv6_pkt.src) p = Packet() p.add_protocol(e) p.add_protocol(i6) p.add_protocol(ic6) p.serialize() datapath.send_packet_out(in_port=ofproto_v1_0.OFPP_NONE,actions=[datapath.ofproto_parser.OFPActionOutput(in_port)],data=p.data) print 'send a ping6 reply packet' # learn a mac address to avoid FLOOD next time. self.mac_to_port[dpid][src] = msg.in_port if dst in self.mac_to_port[dpid]: out_port = self.mac_to_port[dpid][dst] else: out_port = ofproto.OFPP_FLOOD actions = [datapath.ofproto_parser.OFPActionOutput(out_port)] if out_port != ofproto.OFPP_FLOOD: if _eth_type == ether.ETH_TYPE_IP: self.add_flow(datapath, msg.in_port, dst, actions) #add a ipv6 flow table pay attention ipv6_flow entry only be added once when ipv4 flow entry is added elif _eth_type == ether.ETH_TYPE_IPV6: ''' # judge if src and dst addr is special # eg: src [0,0,0,0] dst begin with 0xff01 or 0x ff02 if ipv6_src == [0,0,0,0] or ipv6_dst[0]&0xff010000 == 0xff010000 or ipv6_dst[0]&0xff020000 == 0xff020000: print 'ipv6 reserved address\n' #elif ipv6_dst[0]&0xfe800000 == 0xfe800000: # print 'ipv6 dst address is Link-Local address' else: ''' ipv6_pkt = self.find_packet(msg,'ipv6') #ipv6_src=struct.pack('!4I',self._binary_to_ipv6_format(ipv6_packet.src)) #ipv6_dst=struct.pack('!4I',self._binary_to_ipv6_format(ipv6_packet.dst)) ipv6_src = convert.bin_to_ipv6_arg_list(ipv6_pkt.src) ipv6_dst = convert.bin_to_ipv6_arg_list(ipv6_pkt.dst) """ ipv6_src = struct.pack('!4I',int(hexlify(ipv6_pkt.src)[0:8],16),int(hexlify(ipv6_pkt.src)[8:16],16),int(hexlify(ipv6_pkt.src)[16:24],16),int(hexlify(ipv6_pkt.src)[24:32],16)) ipv6_dst = struct.pack('!4I',int(hexlify(ipv6_pkt.dst)[0:8],16),int(hexlify(ipv6_pkt.dst)[8:16],16),int(hexlify(ipv6_pkt.dst)[16:24],16),int(hexlify(ipv6_pkt.dst)[24:32],16)) """ rule={'ipv6_src':ipv6_src,'ipv6_dst':ipv6_dst} self.nx_ipv6_add_flow(datapath,rule,actions) print 'add a ipv6 flow entry' else: pass out = datapath.ofproto_parser.OFPPacketOut( datapath=datapath, buffer_id=msg.buffer_id, in_port=msg.in_port, actions=actions) datapath.send_msg(out)
def deal_Arp(self, ev): msg = ev.msg dpid = msg.datapath ofp = dpid.ofproto ofp_parser = dpid.ofproto_parser pkt = Packet(msg.data) #deal - arp if(len(pkt.protocols) >= 2 and str!=type(pkt.protocols[0]) and str!=type(pkt.protocols[1])): if("arp" == pkt.protocols[1].protocol_name): #print "\n==========================\n" #print pkt action = [ofp_parser.OFPActionOutput(ofp.OFPP_FLOOD)] out = ofp_parser.OFPPacketOut(datapath = dpid, buffer_id = msg.buffer_id, in_port = msg.in_port, actions = action) dpid.send_msg(out) #print "Arp Go" #deal - ipv4 - ping if(len(pkt.protocols) >= 3 and str!=type(pkt.protocols[0]) and str!=type(pkt.protocols[1]) and str!=type(pkt.protocols[2])): if("ipv4" == pkt.protocols[1].protocol_name): if("icmp" == pkt.protocols[2].protocol_name): #print "\n==========================\n" #print pkt ipSrc = pkt.protocols[1].src ipDst = pkt.protocols[1].dst Match = ofp_parser.OFPMatch( dl_type = 0x0800, nw_src = ipv4_text_to_int(ipSrc), nw_dst = ipv4_text_to_int(ipDst) ) Action = [ofp_parser.OFPActionOutput(ofp.OFPP_NORMAL)] out = ofp_parser.OFPFlowMod(datapath = dpid, match = Match, cookie = 0, command = ofp.OFPFC_ADD, idle_timeout = 10, hard_timeout = 10, buffer_id = msg.buffer_id, actions = Action) dpid.send_msg(out) #print "ICMP Go" # UP - forward, DOWN - backward Match = ofp_parser.OFPMatch( dl_type = 0x0800, nw_src = ipv4_text_to_int(ipDst), nw_dst = ipv4_text_to_int(ipSrc) ) Action = [ofp_parser.OFPActionOutput(ofp.OFPP_NORMAL)] out = ofp_parser.OFPFlowMod(datapath = dpid, match = Match, cookie = 0, command = ofp.OFPFC_ADD, idle_timeout = 10, hard_timeout = 10, buffer_id = msg.buffer_id, actions = Action) dpid.send_msg(out) #print "ICMP backward" elif("tcp" == pkt.protocols[2].protocol_name): tcpSrc = pkt.protocols[2].src_port tcpDst = pkt.protocols[2].dst_port if(80 == tcpDst): ipSrc = pkt.protocols[1].src ipDst = pkt.protocols[1].dst if(len(pkt.protocols) >= 4): if(time.time() - self.oldT < 5 and time.time() - self.oldT > 0.3): # 0.3 is compatible with normal resent because of normal delay # block visit web request #print "\n========== Ban ===========\n" #print self.oldT #print time.time() ethTo = pkt.protocols[0] ipTo = pkt.protocols[1] tcpTo = pkt.protocols[2] ethBan = ethernet(src = ethTo.dst, dst = ethTo.src, ethertype = ETH_TYPE_IP ) ipBan = ipv4(src = ipTo.dst, dst = ipTo.src, proto = 6 ) #httpBan = "HTTP/1.1 302 Moved Temporarily\r\nServer: DrcomServer1.0\r\nLocation: http://16.211.108.227\r\nCache-Control: no-cache\r\nContent-Length: 0\r\nConnection: close\r\n\r\n" httpBan = "HTTP/1.1 200 OK\r\nContent-Length: 257\r\nContent-Type: text/html; charset=utf-8\r\n\r\n<html><head><title>BigMao Radio Station</title></head><body>BigMao Radio Station </br></br> You don't have the permission to Load this Web.</br></br>Your access has been blocked by Ryu. Please contact Network Administrator at +86-152-0366-2016</body></html>" # Attention ! HTTP protocol + before(eth,ipv4,tcp),the total size is larger than 128 !!! Switch packet-in is not enough to calculate Ack! My God! I forgot it ! tcpAck = tcpTo.seq#+tcpTo.__len__()+len(pkt.protocols[3]) # TODO - OFPSwitchFeature # TODO - advance tcpAck! # print pkt.protocols[3] # print len(pkt.protocols[3]) # print tcpTo.__len__() # print tcpTo.seq # print tcpAck # print pkt tcpSeq = tcpTo.ack tcpBan = tcp(src_port = tcpTo.dst_port, dst_port = tcpTo.src_port, ack = tcpAck, seq = tcpSeq, bits = 0x018, # or 0x018 0x019 RST_TCP: 0x01c window_size = 57, # or 29184 ) httpBanPkt = Packet() httpBanPkt.add_protocol(ethBan) httpBanPkt.add_protocol(ipBan) httpBanPkt.add_protocol(tcpBan) httpBanPkt.add_protocol(httpBan) httpBanPkt.serialize() Action = [ofp_parser.OFPActionOutput(ofp.OFPP_NORMAL)] out1 = ofp_parser.OFPPacketOut(datapath = dpid, in_port = ofp.OFPP_CONTROLLER, buffer_id = ofp.OFP_NO_BUFFER, data = httpBanPkt.data, actions = Action) # UP - block visit web request HTTP contect DOWN - RST TCP connection """ tcpRST = tcp(src_port = tcpTo.dst_port, dst_port = tcpTo.src_port, ack = tcpAck+105, seq = tcpSeq, bits = 0x004, # or 0x018 0x019 RST_TCP: 0x01c window_size = 0 # or 29184 ) httpRST = Packet() httpRST.add_protocol(ethBan) httpRST.add_protocol(ipBan) httpRST.add_protocol(tcpRST) httpRST.serialize() Action = [ofp_parser.OFPActionOutput(ofp.OFPP_NORMAL)] out2 = ofp_parser.OFPPacketOut(datapath = dpid, in_port = ofp.OFPP_CONTROLLER, buffer_id = ofp.OFP_NO_BUFFER, data = httpRST.data, actions = Action) dpid.send_msg(out1) print "HTTP Ban Web" dpid.send_msg(out2) print "TCP RST" """ dpid.send_msg(out1) #print "HTTP Ban Web" # tell switch drop the buffer, is this indispensable? ActionDrop = [] out4 = ofp_parser.OFPPacketOut(datapath = dpid, in_port = msg.in_port, buffer_id = msg.buffer_id, actions = ActionDrop) dpid.send_msg(out4) #print "Switch Drop Packet" #print "*** 80 Send HTTP Ban ***" #print httpBanPkt #print "*** 80 Send TCP RST ***" #print httpRST else: # allow visit web request Action = [ofp_parser.OFPActionOutput(ofp.OFPP_NORMAL)] out4 = ofp_parser.OFPPacketOut(datapath = dpid, buffer_id = msg.buffer_id, in_port = msg.in_port, actions = Action) dpid.send_msg(out4) #print "HTTP Request Permit" #print pkt #print "\n========== Go ===========\n" #print self.oldT #print time.time() self.oldT = time.time() # Allow backward ,but filter forward - to allow TCP handshake but to ban HTTP request transmitting Match = ofp_parser.OFPMatch( dl_type = 0x0800, nw_src = ipv4_text_to_int(ipDst), nw_dst = ipv4_text_to_int(ipSrc), nw_proto = 6, tp_dst = tcpSrc ) out3 = ofp_parser.OFPFlowMod(datapath = dpid, match = Match, cookie = 0, command = ofp.OFPFC_ADD, idle_timeout = 3, hard_timeout = 3, actions = Action) dpid.send_msg(out3) #print "HTTP backward" else : # TCP handshake / goodbye / other packet ActionOut = [ofp_parser.OFPActionOutput(ofp.OFPP_NORMAL)] out1 = ofp_parser.OFPPacketOut(datapath = dpid, in_port = msg.in_port, buffer_id = msg.buffer_id, actions = ActionOut) Match = ofp_parser.OFPMatch( dl_type = 0x0800, nw_src = ipv4_text_to_int(ipDst), nw_dst = ipv4_text_to_int(ipSrc), nw_proto = 6, tp_dst = tcpDst ) ActionMatch = [ofp_parser.OFPActionOutput(ofp.OFPP_CONTROLLER)] out2 = ofp_parser.OFPFlowMod(datapath = dpid, match = Match, cookie = 0, command = ofp.OFPFC_ADD, idle_timeout = 3, hard_timeout = 3, buffer_id = msg.buffer_id, actions = ActionMatch) dpid.send_msg(out1) #print "TCP control Go" dpid.send_msg(out2) #print "TCP control backward" #print "\n==========================\n" #print "*** 80 Handshake Go ***" #print pkt else: #Allow other app to telecommunicate ipSrc = pkt.protocols[1].src ipDst = pkt.protocols[1].dst Match = ofp_parser.OFPMatch( dl_type = 0x0800, nw_src = ipv4_text_to_int(ipSrc), nw_dst = ipv4_text_to_int(ipDst), nw_proto = 6, tp_dst = tcpDst ) Action = [ofp_parser.OFPActionOutput(ofp.OFPP_NORMAL)] out = ofp_parser.OFPFlowMod(datapath = dpid, match = Match, cookie = 0, command = ofp.OFPFC_ADD, idle_timeout = 5, hard_timeout = 5, buffer_id = msg.buffer_id, actions = Action) dpid.send_msg(out) #print "allow other app" # print "\n==========================\n" # print "*** 80 Backward Go ***" # print pkt elif (True): #print "\n=========Unknown=========\n" #print pkt pass