def move_to_ACL2(): print 'Moving to ACL2' update_lib.update( ACL2, [leftFilter, egress, leftFilter, middleFilter, rightFilter, ingress]) sys.stdout.flush() send_signal()
def main_verification(): net_policies = [ verification.NO_LOOPS, verification.MATCH_EGRESS( Pattern({"NW_SRC": "127.0.0.1"}), ingress="dl_type = 0ud16_2048 & nw_src = 0ud32_1547 & nw_dst = 0ud32_1550 & switch = 101", ), verification.WAYPOINT_SWITCHES( Pattern({}), ["106"], ingress="dl_type = 0ud16_2048 & nw_src = 0ud32_1547 & nw_dst = 0ud32_1550 & switch = 101", ), ] sig = "" for i in xrange(0, len(topologies)): topo = topologies[i]() policy = policies[i](topo) model = verification.KripkeModel(topo, policy) for net_policy in net_policies: result, msg = model.verify(net_policy) if not result: sig += "%d - Verification: %s\n%s\n" % (i, result, msg) else: sig += "%d - Verification: %s\n" % (i, result) send_signal(sig) return
def main_verification(): net_policies = [ verification.NO_LOOPS, verification.MATCH_EGRESS( Pattern({'NW_SRC': '127.0.0.1'}), ingress= 'dl_type = 0ud16_2048 & nw_src = 0ud32_1547 & nw_dst = 0ud32_1550 & switch = 101' ), verification.WAYPOINT_SWITCHES( Pattern({}), ['106'], ingress= 'dl_type = 0ud16_2048 & nw_src = 0ud32_1547 & nw_dst = 0ud32_1550 & switch = 101' ) ] sig = "" for i in xrange(0, len(topologies)): topo = topologies[i]() policy = policies[i](topo) model = verification.KripkeModel(topo, policy) for net_policy in net_policies: result, msg = model.verify(net_policy) if not result: sig += '%d - Verification: %s\n%s\n' % (i, result, msg) else: sig += '%d - Verification: %s\n' % (i, result) send_signal(sig) return
def test_1(): ''' Construct and compile a policy for a forwarding switch. ''' # Build a netcore policy switch = 1 pol = PolicyUnion( PrimitivePolicy(Header({'loc': (switch, 2)}), [Action(1, [1], {'VLAN' : 1})]), PrimitivePolicy(Header(['loc': (switch, 1)}), [Action(1, [1], {'VLAN' : 0})])) networkConfig = netcore_compiler.compile(FakeNX([switch]), pol) send_signal("In main:\n%s\n" % networkConfig)
def main_verification(): sig = "" for i in xrange(0, len(topologies)): topo = topologies[i]() policy = policies[i](topo) model = verification.KripkeModel(topo, policy) result,msg = model.verify(verification.NO_LOOPS) if not result: sig += '%d - NO_LOOPS: %s\n%s\n' % (i,result,msg) else: sig += '%d - NO_LOOPS: %s\n' % (i,result) send_signal(sig) return
def test_2(Topology, flavor): ''' Mimic the routing example from routing.py. ''' topo = topologies[flavor](1, Topology) netcorePolicy = netcore_shortest_path(topo) spp = shortest_path_policy(topo) # send_signal("Topology: %s\n\nSPP:\n%s\n\nNetwork policy:\n%s\n" % # ([s for s in topo], spp, networkConfig)) # networkConfig = netcore_compiler.compile(topo, netcorePolicy) # update_lib.install(networkConfig, count=False) send_signal("Success!")
def test_3(Topology, flavor): ''' Verification over the routing example. ''' topo = topologies[flavor](1, Topology) netcorePolicy = netcore_shortest_path(topo) networkPolicy = netcore_compiler.compile(topo, netcorePolicy) # Verification: no loops model = verification.KripkeModel(topo, networkPolicy) result, msg = model.verify(verification.ISOLATE_HOSTS(topo.hosts())) if result: send_signal('SUCCESS - hosts isolated!\n') else: send_signal('FAILURE - hosts not isolated.\n%s\n' % msg)
def test_verification(): graph = Topology().nx_graph() graph.remove_edges_from([(101,102),(103,104),(105,106)]) policy = shortest_path_policy(graph) # Induce a loop conf = policy.get_configuration(106) conf.rules.insert(0,Rule({DL_TYPE:0x800},[forward(graph.node[106]['ports'][105])])) # Verify no loops -- should return false model = verification.KripkeModel(graph, policy) result,msg = model.verify(verification.NO_LOOPS) if not result: send_signal('SUCCESS - loop detected.\n') else: send_signal('FAILURE - loop not detected.\n%s\n' % msg) return
def test_verification(): graph = Topology().nx_graph() graph.remove_edges_from([(101, 102), (103, 104), (105, 106)]) policy = shortest_path_policy(graph) # Induce a loop conf = policy.get_configuration(106) conf.rules.insert( 0, Rule({DL_TYPE: 0x800}, [forward(graph.node[106]['ports'][105])])) # Verify no loops -- should return false model = verification.KripkeModel(graph, policy) result, msg = model.verify(verification.NO_LOOPS) if not result: send_signal('SUCCESS - loop detected.\n') else: send_signal('FAILURE - loop not detected.\n%s\n' % msg) return
def test_4(): logger.debug('Getting slices.') topo, slices = amaz.get_slices() logger.debug('Compiling slices.') netcorePolicy = compile.transform([(s, slice_sp(s)) for s in slices]) #logger.debug('NetCore policy:\n%s\n' % netcorePolicy) logger.debug('Compiling NetCore policy.') networkPolicy = netcore_compiler.compile(topo, netcorePolicy) #logger.debug('Network Policy:\n%s\n' % networkPolicy) logger.debug('Building model.') model = verification.KripkeModel(topo, networkPolicy) logger.debug('Verifying ISOLATE_HOSTS:') result, msg = model.verify(verification.ISOLATE_HOSTS(topo.hosts())) if result: logger.debug('... SUCCESS - hosts isolated!') else: logger.debug('... FAILURE - hosts not isolated.') logger.debug('%s' % msg) logger.debug('Done!') send_signal('Done!') return
def all_done(): s = str(update_lib.inst.stats) # yappi.stop() # stats = string.join([str(stat) for stat in yappi.get_stats(yappi.SORTTYPE_TTOTAL)],"\n") send_signal(s) # + stats + "\n") return
def move_to_ACL2(): print "Moving to ACL2" topo = Topology().nx_graph() update_lib.per_packet_update(topo, ACL2) send_signal(str(update_lib.inst.stats)) return
def move_to_ACL2(): print "Moving to ACL2" update_lib.update(ACL2, [leftFilter, egress, leftFilter, middleFilter, rightFilter, ingress]) sys.stdout.flush() send_signal()
def all_done(): s = str(update_lib.inst.stats) send_signal(s) return
def all_done(): s = str(update_lib.inst.stats) # sys.stdout.flush() send_signal(s) return
def move_to_ACL2(): print "Moving to ACL2" update_lib.update(ACL2) send_signal()