def assemble_offer(self, pkt):
disc_eth = pkt.get_protocol(ethernet.ethernet)
disc_ipv4 = pkt.get_protocol(ipv4.ipv4)
disc_udp = pkt.get_protocol(udp.udp)
disc = dhcp.dhcp.parser(pkt[3])
disc[0].options.option_list.remove(next(opt for opt in disc[0].options.option_list if opt.tag == 55))
disc[0].options.option_list.remove(next(opt for opt in disc[0].options.option_list if opt.tag == 53))
disc[0].options.option_list.remove(next(opt for opt in disc[0].options.option_list if opt.tag == 12))
disc[0].options.option_list.insert(0, dhcp.option(tag=1, value=self.bin_netmask))
disc[0].options.option_list.insert(0, dhcp.option(tag=3, value=self.bin_server))
disc[0].options.option_list.insert(0, dhcp.option(tag=6, value=self.bin_dns))
disc[0].options.option_list.insert(0, dhcp.option(tag=12, value=self.hostname))
disc[0].options.option_list.insert(0, dhcp.option(tag=53, value='02'.decode('hex')))
disc[0].options.option_list.insert(0, dhcp.option(tag=54, value=self.bin_server))
offer_pkt = packet.Packet()
offer_pkt.add_protocol(ethernet.ethernet(ethertype=disc_eth.ethertype, dst=disc_eth.src, src=self.hw_addr))
offer_pkt.add_protocol(ipv4.ipv4(dst=disc_ipv4.dst, src=self.dhcp_server, proto=disc_ipv4.proto))
offer_pkt.add_protocol(udp.udp(src_port=67,dst_port=68))
offer_pkt.add_protocol(dhcp.dhcp(op=2, chaddr=disc_eth.src,
siaddr=self.dhcp_server,
boot_file=disc[0].boot_file,
yiaddr=self.ip_addr,
xid=disc[0].xid,
options=disc[0].options))
self.logger.info("ASSEMBLED OFFER: %s" % offer_pkt)
return offer_pkt
def test_serialize_with_auth_sha1(self):
pkt = packet.Packet()
eth_pkt = ethernet.ethernet("08:00:27:d1:95:7c", "08:00:27:ed:54:41")
pkt.add_protocol(eth_pkt)
ip_pkt = ipv4.ipv4(src="192.168.57.2", dst="192.168.57.1", tos=192, identification=2960, proto=inet.IPPROTO_UDP)
pkt.add_protocol(ip_pkt)
udp_pkt = udp.udp(49152, 3784)
pkt.add_protocol(udp_pkt)
auth_cls = bfd.KeyedSHA1(auth_key_id=2, seq=16817, auth_key=self.auth_keys[2])
bfd_pkt = bfd.bfd(
ver=1,
diag=bfd.BFD_DIAG_NO_DIAG,
flags=bfd.BFD_FLAG_AUTH_PRESENT,
state=bfd.BFD_STATE_DOWN,
detect_mult=3,
my_discr=1,
your_discr=0,
desired_min_tx_interval=1000000,
required_min_rx_interval=1000000,
required_min_echo_rx_interval=0,
auth_cls=auth_cls,
)
pkt.add_protocol(bfd_pkt)
eq_(len(pkt.protocols), 4)
pkt.serialize()
eq_(pkt.data, self.data_auth_sha1)
def assemble_offer(self, pkt):
disc_eth = pkt.get_protocol(ethernet.ethernet)
disc_ipv4 = pkt.get_protocol(ipv4.ipv4)
disc_udp = pkt.get_protocol(udp.udp)
disc = dhcp.dhcp.parser(pkt[3])
disc[0].options.option_list.remove(next(opt for opt in disc[0].options.option_list if opt.tag == 55))
disc[0].options.option_list.remove(next(opt for opt in disc[0].options.option_list if opt.tag == 53))
disc[0].options.option_list.remove(next(opt for opt in disc[0].options.option_list if opt.tag == 12))
disc[0].options.option_list.insert(0, dhcp.option(tag=1, value=self.bin_netmask))
disc[0].options.option_list.insert(0, dhcp.option(tag=3, value=self.bin_server))
disc[0].options.option_list.insert(0, dhcp.option(tag=6, value=self.bin_dns))
disc[0].options.option_list.insert(0, dhcp.option(tag=12, value=self.hostname))
disc[0].options.option_list.insert(0, dhcp.option(tag=53, value='02'.decode('hex')))
disc[0].options.option_list.insert(0, dhcp.option(tag=54, value=self.bin_server))
offer_pkt = packet.Packet()
offer_pkt.add_protocol(ethernet.ethernet(ethertype=disc_eth.ethertype, dst=disc_eth.src, src=self.hw_addr))
offer_pkt.add_protocol(ipv4.ipv4(dst=disc_ipv4.dst, src=self.dhcp_server, proto=disc_ipv4.proto))
offer_pkt.add_protocol(udp.udp(src_port=67,dst_port=68))
offer_pkt.add_protocol(dhcp.dhcp(op=2, chaddr=disc_eth.src,
siaddr=self.dhcp_server,
boot_file=disc[0].boot_file,
yiaddr=self.ip_addr,
xid=disc[0].xid,
options=disc[0].options))
self.logger.info("ASSEMBLED OFFER: %s" % offer_pkt)
return offer_pkt
def packet_in_handler(self, ev):
pkt = packet.Packet()
pkt.add_protocol(ethernet.ethernet(ethertype=0x0800, dst='00:00:00:00:00:02', src='00:00:00:00:00:01'))
pkt.add_protocol(ipv4.ipv4(dst='10.0.0.2', src='10.0.0.1', proto=17))
pkt.add_protocol(udp.udp(src_port=1000, dst_port=8000))
payload = b'Hellooooooooo~~~~~~~~~'
pkt.add_protocol(payload)
# Packet serializing
pkt.serialize()
data = pkt.data
msg = ev.msg
dp = msg.datapath
ofproto = dp.ofproto
actions = [dp.ofproto_parser.OFPActionOutput(2)]
out = dp.ofproto_parser.OFPPacketOut(
datapath=dp, buffer_id=ofproto.OFP_NO_BUFFER, in_port=msg.match['in_port'],
actions=actions, data=data)
dp.send_msg(out)
def test_serialize_with_auth_sha1(self):
pkt = packet.Packet()
eth_pkt = ethernet.ethernet('08:00:27:d1:95:7c', '08:00:27:ed:54:41')
pkt.add_protocol(eth_pkt)
ip_pkt = ipv4.ipv4(src='192.168.57.2', dst='192.168.57.1', tos=192,
identification=2960, proto=inet.IPPROTO_UDP)
pkt.add_protocol(ip_pkt)
udp_pkt = udp.udp(49152, 3784)
pkt.add_protocol(udp_pkt)
auth_cls = bfd.KeyedSHA1(auth_key_id=2, seq=16817,
auth_key=self.auth_keys[2])
bfd_pkt = bfd.bfd(ver=1, diag=bfd.BFD_DIAG_NO_DIAG,
flags=bfd.BFD_FLAG_AUTH_PRESENT,
state=bfd.BFD_STATE_DOWN, detect_mult=3, my_discr=1,
your_discr=0, desired_min_tx_interval=1000000,
required_min_rx_interval=1000000,
required_min_echo_rx_interval=0,
auth_cls=auth_cls)
pkt.add_protocol(bfd_pkt)
eq_(len(pkt.protocols), 4)
pkt.serialize()
eq_(pkt.data, self.data_auth_sha1)
def send_msg(self, datapath, msg):
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
out_port = self.topo[datapath.id][msg.dst_id + 1]
actions = [parser.OFPActionOutput(out_port)]
src_mac = self.macStr(msg.src_id + 1)
dst_mac = self.macStr(msg.dst_id + 1)
src_ip = ipStr(msg.src_id + 1)
dst_ip = ipStr(msg.dst_id + 1)
self.logger.debug("sending message from %s to %s" % (src_ip, dst_ip))
# self.logger.info("sending this message from %s to %s" % (src_ip, dst_ip))
# self.logger.info(msg)
# self.logger.info("sending over")
udp_port = 6620
e = ethernet.ethernet(dst=dst_mac,
src=src_mac,
ethertype=ether.ETH_TYPE_IP)
sending_time = time() * 1000
msg.sending_time = sending_time
pmsg = pickle.dumps(msg)
i = ipv4.ipv4(src=src_ip,
dst=dst_ip,
proto=IPPROTO_UDP,
total_length=ipv4.ipv4._MIN_LEN + udp.udp._MIN_LEN +
len(pmsg))
u = udp.udp(dst_port=udp_port,
src_port=udp_port,
total_length=udp.udp._MIN_LEN + len(pmsg))
self.logger.debug("message length: %d" % len(pmsg))
pkt = packet.Packet()
pkt.add_protocol(e)
pkt.add_protocol(i)
pkt.add_protocol(u)
pkt.serialize()
pkt.data += bytearray(pmsg)
# FIXME: pmsg could be more than maximum payload ~1450 bytes
out = parser.OFPPacketOut(datapath=datapath,
in_port=ofproto.OFPP_CONTROLLER,
buffer_id=ofproto.OFP_NO_BUFFER,
actions=actions,
data=pkt.data)
# self.logger.info("in sendmsg the out.data %s "%str(out.data))
# self.logger.info("in sendmsg the out.data over")
if self.start_receiving_update_time is not None:
current_time = time() * 1000
# self.logger.info("sending msg to %d at %s" %
# (msg.dst_id, str(current_time - self.receiving_update_time)))
datapath.send_msg(out)
def test_serialize(self):
pkt = packet.Packet()
eth_pkt = ethernet.ethernet("b0:a8:6e:18:b8:08", "64:87:88:e9:cb:c8")
pkt.add_protocol(eth_pkt)
ip_pkt = ipv4.ipv4(src="172.28.3.1", dst="172.28.3.2", tos=192, identification=26697, proto=inet.IPPROTO_UDP)
pkt.add_protocol(ip_pkt)
udp_pkt = udp.udp(49152, 3784)
pkt.add_protocol(udp_pkt)
bfd_pkt = bfd.bfd(
ver=1,
diag=bfd.BFD_DIAG_CTRL_DETECT_TIME_EXPIRED,
state=bfd.BFD_STATE_UP,
detect_mult=3,
my_discr=6,
your_discr=7,
desired_min_tx_interval=60000,
required_min_rx_interval=60000,
required_min_echo_rx_interval=0,
)
pkt.add_protocol(bfd_pkt)
eq_(len(pkt.protocols), 4)
pkt.serialize()
eq_(pkt.data, self.data)
def assemble_ack(self, pkt):
req_eth = pkt.get_protocol(ethernet.ethernet)
req_ipv4 = pkt.get_protocol(ipv4.ipv4)
req_udp = pkt.get_protocol(udp.udp)
req = pkt.get_protocol(dhcp.dhcp)
req.options.option_list.remove(
next(opt for opt in req.options.option_list if opt.tag == 53))
req.options.option_list.insert(
0, dhcp.option(tag=51, value=bytes.fromhex('8640'.encode().hex())))
req.options.option_list.insert(0, dhcp.option(tag=53,
value=bytes([5])))
ack_pkt = packet.Packet()
ack_pkt.add_protocol(
ethernet.ethernet(ethertype=req_eth.ethertype,
dst=req_eth.src,
src=self.hw_addr))
ack_pkt.add_protocol(
ipv4.ipv4(dst=req_ipv4.dst,
src=self.dhcp_server,
proto=req_ipv4.proto))
ack_pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
ack_pkt.add_protocol(
dhcp.dhcp(op=2,
chaddr=req_eth.src,
siaddr=self.dhcp_server,
boot_file=req.boot_file,
yiaddr=self._cal_vm_ip(req),
xid=req.xid,
options=req.options))
self.logger.info("ASSEMBLED ACK: %s" % ack_pkt)
return ack_pkt
def test_serialize_with_auth_simple(self):
pkt = packet.Packet()
eth_pkt = ethernet.ethernet('08:00:27:d1:95:7c', '08:00:27:ed:54:41')
pkt.add_protocol(eth_pkt)
ip_pkt = ipv4.ipv4(src='192.168.57.2', dst='192.168.57.1', tos=192,
identification=3216, proto=inet.IPPROTO_UDP)
pkt.add_protocol(ip_pkt)
udp_pkt = udp.udp(49152, 3784)
pkt.add_protocol(udp_pkt)
auth_cls = bfd.SimplePassword(auth_key_id=2,
password=self.auth_keys[2])
bfd_pkt = bfd.bfd(ver=1, diag=bfd.BFD_DIAG_NO_DIAG,
flags=bfd.BFD_FLAG_AUTH_PRESENT,
state=bfd.BFD_STATE_DOWN, detect_mult=3, my_discr=1,
your_discr=0, desired_min_tx_interval=1000000,
required_min_rx_interval=1000000,
required_min_echo_rx_interval=0,
auth_cls=auth_cls)
pkt.add_protocol(bfd_pkt)
eq_(len(pkt.protocols), 4)
pkt.serialize()
eq_(pkt.data, self.data_auth_simple)
def frodeTest(self, msg, datapath, ofp, pkt):
# Time the execution
self.starttime = time.time()
allSwitches = self.getAllDatapaths()
# Loop through all switches
for sw in allSwitches:
print(
"==============================================================================="
)
print("Testing switch: ", sw.dp.id)
#if sw.dp.id is 1:
# remove catch rule from self, if any
self.removeCatchRuleByID(sw.dp.id)
# Install catch rules on neighbours
allNeighbours = self.getNeighborsByID(sw.dp.id)
for neigh in allNeighbours: # id
self.addCatchRuleByID(int(neigh, 16))
# Scrape and sort flowtable
flowtable = gather.getMatchData(sw.dp.id)
flowtable = sorted(flowtable, key=generator.sortKey, reverse=True)
# Loop through flow table entries
for entry in flowtable:
# Generate packet from match field and rules above
pkt = generator.packetFromMatch(entry, flowtable)
self.generateTime = time.time()
# add packet to list
entry["packet"] = {"ip": pkt.get_protocol(ipv4.ipv4())}
if entry["packet"]["ip"].proto is 6:
entry["packet"]["tcp"] = pkt.get_protocol(tcp.tcp())
elif entry["packet"]["ip"].proto is 17:
entry["packet"]["udp"] = pkt.get_protocol(udp.udp())
# is total overlap?
if pkt == -1:
# log and move on
entry["totalOverlap"] = True
self.totalOverlap += 1
# log some info about
# the entry & packet
break # ?
# is drop rule?
if (len(entry["actions"]) is 0 or re.search(
'CLEAR_ACTIONS', entry["actions"][0]) is not None):
# get match and send packet
self.checkDropRule(entry, pkt, sw)
# is unicast
else:
# get match and send packet
self.checkUnicastRule(entry, pkt, sw)
self.packetGenTime = self.generateTime - self.starttime
print("PACKET GEN TIME: ", format(self.packetGenTime, '.5f'))
def _set_redundancy(self, dpid, redundancy):
self.logger.info("Setting redundancy to: {}".format(redundancy))
datapath = get_datapath(self, dpid)
ofp = datapath.ofproto
ofp_parser = datapath.ofproto_parser
self.logger.info("Create OAM packet")
# pkt = copy.deepcopy(self.config_pkt)
pkt = packet.Packet()
pkt.add_protocol(
ethernet.ethernet(ethertype=ether_types.ETH_TYPE_IP,
dst='ff:ff:ff:ff:ff:ff',
src='00:00:00:00:00:0c'))
pkt.add_protocol(
ipv4.ipv4(dst="255.255.255.255",
src="0.0.0.0",
proto=in_proto.IPPROTO_UDP))
pkt.add_protocol(udp.udp(dst_port=common.UDP_PORT_OAM))
payload = struct.pack(">i", int(redundancy))
pkt.add_protocol(payload)
pkt.serialize()
data = pkt.data
in_port = ofp.OFPP_CONTROLLER
actions = [ofp_parser.OFPActionOutput(1)]
req = ofp_parser.OFPPacketOut(datapath, ofp.OFP_NO_BUFFER, in_port,
actions, data)
self.logger.info("Send OAM packet to encoder")
datapath.send_msg(req)
def handle_socket_msg(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)[0]
pkt_dns = DNS(self._pkt[-1])
print('----------------Sent query with ID', pkt_dns.id, pkt_dns)
if pkt_udp.dst_port == 53 or pkt_udp.src_port == 53:
#print 'A DNS query for controller is received'
if pkt_dns:
cs = self._controller.get_customers()
d_mac = cs[0].get_next_hop_mac()
pkt_dns.qr = 0
new_pkt = packet.Packet()
e = ethernet.ethernet(dst=cs[0].get_next_hop_mac(),
src=pkt_eth.src)
new_pkt.add_protocol(e)
new_pkt.add_protocol(
ipv4.ipv4(src=self._controller.get_ip(),
dst=cs[0].get_name_server(),
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=pkt_udp.dst_port,
dst_port=pkt_udp.src_port))
new_dns = DNS(rd=0,
id=pkt_dns.id,
qd=DNSQR(qname=pkt_dns.qd.qname),
ns=DNSRR(rrname=pkt_dns.ar.rrname,
type=1,
ttl=60000,
rdata=cs[0].get_name_server()))
new_pkt.add_protocol(new_dns)
new_pkt.serialize()
self.send_dns_packet(new_pkt, cs[0].get_datapath(),
cs[0].get_ingress_port())
def assemble_ack(self, pkt):
response_eth = pkt.get_protocol(ethernet.ethernet)
response_ipv4 = pkt.get_protocol(ipv4.ipv4)
response = pkt.get_protocol(dhcp.dhcp)
response.options.option_list.remove(
next(opt for opt in response.options.option_list if opt.tag == 53))
response.options.option_list.insert(0, dhcp.option(tag=51, value=''))
response.options.option_list.insert(0, dhcp.option(tag=53, value=""))
ack_pkt = packet.Packet()
ack_pkt.add_protocol(
ethernet.ethernet(ethertype=response_eth.ethertype,
dst=response_eth.src,
src=""))
ack_pkt.add_protocol(
ipv4.ipv4(dst=response_ipv4.dst,
src=self.dhcp_server,
proto=response_ipv4.proto))
ack_pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
ack_pkt.add_protocol(
dhcp.dhcp(op=2,
chaddr=response_eth.src,
siaddr="dhcp_server",
boot_file=response.boot_file,
yiaddr="ip_addr",
xid=response.xid,
options=response.options))
return ack_pkt
def new_udp_pkt(eth_dst, eth_src, ip_dst, ip_src, src_port, dst_port, size=0):
# pcap_pen = pcaplib.Writer(open('pkt.pcap', 'wb'))
# Creat an empty Packet instance
pkt = packet.Packet()
pkt.add_protocol(ethernet.ethernet(ethertype=0x0800, dst=eth_dst,
src=eth_src))
pkt.add_protocol(ipv4.ipv4(dst=ip_dst, src=ip_src, proto=17))
pkt.add_protocol(udp.udp(src_port=src_port, dst_port=dst_port))
# Check how many byte be used under layer 3
_pkt = copy.deepcopy(pkt)
_pkt.serialize()
_d = _pkt.data
# the max. packet size is 1500 byte
limited_size = 1500 - len(_d)
# if size larger than 1500 byte set limit size
if size >= limited_size:
size = limited_size
if size != 0:
payload = os.urandom(size)
# Add payload
pkt.add_protocol(payload)
# Packet serializing
pkt.serialize()
data = pkt.data
# pcap_pen.write_pkt(data)
return data
def assemble_ack(self, pkt, chaddr):
chaddr_yiaddr = self.get_ip(chaddr)
req_eth = pkt.get_protocol(ethernet.ethernet)
req_ipv4 = pkt.get_protocol(ipv4.ipv4)
req_udp = pkt.get_protocol(udp.udp)
req = pkt.get_protocol(dhcp.dhcp)
req.options.option_list.remove(
next(opt for opt in req.options.option_list if opt.tag == 53))
req.options.option_list.insert(
0, dhcp.option(tag=51, value=str.encode('8640')))
req.options.option_list.insert(
0, dhcp.option(tag=53, value=str.encode('\x05')))
ack_pkt = packet.Packet()
ack_pkt.add_protocol(
ethernet.ethernet(ethertype=req_eth.ethertype,
dst=req_eth.src,
src=self.hw_addr))
ack_pkt.add_protocol(
ipv4.ipv4(dst=req_ipv4.dst,
src=self.dhcp_server,
proto=req_ipv4.proto))
ack_pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
ack_pkt.add_protocol(
dhcp.dhcp(op=2,
chaddr=req_eth.src,
siaddr=self.dhcp_server,
boot_file=req.boot_file,
yiaddr=chaddr_yiaddr,
xid=req.xid,
options=req.options))
self.logger.debug("ASSEMBLED ACK")
return ack_pkt
def handle_packet(self):
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)[0]
"""
Handle DNS packet inside Controller. Each DNS packet carries with a udp packet. We used the DNS class of Scapy library to decode
DNS queries.
"""
pkt_dns = DNS(self._pkt[-1])
print('-------T-ID------------', self._controller.get_transaction_id())
if pkt_udp.dst_port == 53 and pkt_dns.qd.qtype == 1 and self._controller.get_transaction_id(
) is None:
self._controller.set_transaction_id(pkt_dns.id)
self._controller.set_port_number(pkt_udp.src_port)
print '-------------Sent query with ID------', pkt_dns.id
if pkt_dns:
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='00:00:00:00:0f:11'))
new_pkt.add_protocol(
ipv4.ipv4(src=self._controller.get_ip(),
dst=self._federation[0].get_ip(),
proto=17))
new_pkt.add_protocol(udp.udp(src_port=12345, dst_port=53))
new_pkt.add_protocol(self._pkt[-1])
new_pkt.serialize()
self.send_dns_query_to_controller(new_pkt)
def handle_packet(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)
dns = DNS(self._pkt[-1])
cs = self._controller.get_customers()
nsdomain = cs[0].get_ns_domain_name()
if dns.qr == 1 and dns.ar.rrname != cs[0].get_ns_domain_name():
dns.id = self._controller.get_transaction_id()
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='00:aa:bb:00:0f:11',
dst=cs[0].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(dst=cs[0].get_name_server(),
src=pkt_ip.src,
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=53,
dst_port=self._controller.get_port_number()))
new_pkt.add_protocol(dns)
self.send_dns_response_packet(new_pkt, cs[0].get_datapath(),
cs[0].get_ingress_port())
if dns.qr == 1 and cs[0].get_ns_domain_name() == dns.ar.rrname:
#print '----------I am calling another controller------------'
self.send_dns_response_to_controller(self._pkt)
def __init__(self, *args, **kwargs):
super(DPIController, self).__init__(*args, **kwargs)
self.tbl_num = self._service_manager.get_table_num(self.APP_NAME)
self.next_table = self._service_manager.get_next_table_num(
self.APP_NAME)
self.setup_type = kwargs['config']['setup_type']
self._datapath = None
self._dpi_enabled = kwargs['config']['dpi']['enabled']
self._mon_port = kwargs['config']['dpi']['mon_port']
self._mon_port_number = kwargs['config']['dpi']['mon_port_number']
self._idle_timeout = kwargs['config']['dpi']['idle_timeout']
self._bridge_name = kwargs['config']['bridge_name']
self._app_set_tbl_num = self._service_manager.INTERNAL_APP_SET_TABLE_NUM
self._imsi_set_tbl_num = \
self._service_manager.INTERNAL_IMSI_SET_TABLE_NUM
if self._dpi_enabled:
self._create_monitor_port()
tcp_pkt = packet.Packet()
tcp_pkt.add_protocol(
ethernet.ethernet(ethertype=ether_types.ETH_TYPE_IP))
tcp_pkt.add_protocol(ipv4.ipv4(proto=6))
tcp_pkt.add_protocol(tcp.tcp())
tcp_pkt.serialize()
self.tcp_pkt_data = tcp_pkt.data
udp_pkt = packet.Packet()
udp_pkt.add_protocol(
ethernet.ethernet(ethertype=ether_types.ETH_TYPE_IP))
udp_pkt.add_protocol(ipv4.ipv4(proto=17))
udp_pkt.add_protocol(udp.udp())
udp_pkt.serialize()
self.udp_pkt_data = udp_pkt.data
class Test_udp(unittest.TestCase):
""" Test case for udp
"""
src_port = 6431
dst_port = 8080
total_length = 65507
csum = 12345
u = udp(src_port, dst_port, total_length, csum)
buf = pack(udp._PACK_STR, src_port, dst_port, total_length, csum)
def setUp(self):
pass
def tearDown(self):
pass
def test_init(self):
eq_(self.src_port, self.u.src_port)
eq_(self.dst_port, self.u.dst_port)
eq_(self.total_length, self.u.total_length)
eq_(self.csum, self.u.csum)
def test_parser(self):
r1, r2 = self.u.parser(self.buf)
eq_(self.src_port, r1.src_port)
eq_(self.dst_port, r1.dst_port)
eq_(self.total_length, r1.total_length)
eq_(self.csum, r1.csum)
eq_(None, r2)
def test_serialize(self):
src_port = 6431
dst_port = 8080
total_length = 0
csum = 0
src_ip = int(netaddr.IPAddress('192.168.10.1'))
dst_ip = int(netaddr.IPAddress('192.168.100.1'))
prev = ipv4(4, 5, 0, 0, 0, 0, 0, 64, inet.IPPROTO_UDP, 0, src_ip,
dst_ip)
u = udp(src_port, dst_port, total_length, csum)
buf = u.serialize(bytearray(), prev)
res = struct.unpack(udp._PACK_STR, buf)
eq_(res[0], src_port)
eq_(res[1], dst_port)
eq_(res[2], struct.calcsize(udp._PACK_STR))
# checksum
ph = struct.pack('!IIBBH', src_ip, dst_ip, 0, 17, res[2])
d = ph + buf + bytearray()
s = packet_utils.checksum(d)
eq_(0, s)
@raises(Exception)
def test_malformed_udp(self):
m_short_buf = self.buf[1:udp._MIN_LEN]
udp.parser(m_short_buf)
def test_serialize(self):
src_port = 6431
dst_port = 8080
total_length = 0
csum = 0
src_ip = '192.168.10.1'
dst_ip = '192.168.100.1'
prev = ipv4(4, 5, 0, 0, 0, 0, 0, 64,
inet.IPPROTO_UDP, 0, src_ip, dst_ip)
u = udp(src_port, dst_port, total_length, csum)
buf = u.serialize(bytearray(), prev)
res = struct.unpack(udp._PACK_STR, buf)
eq_(res[0], src_port)
eq_(res[1], dst_port)
eq_(res[2], struct.calcsize(udp._PACK_STR))
# checksum
ph = struct.pack('!4s4sBBH',
addrconv.ipv4.text_to_bin(src_ip),
addrconv.ipv4.text_to_bin(dst_ip), 0, 17, res[2])
d = ph + buf + bytearray()
s = packet_utils.checksum(d)
eq_(0, s)
def assemble_ack(self, pkt):
req_eth = pkt.get_protocol(ethernet.ethernet)
req_ipv4 = pkt.get_protocol(ipv4.ipv4)
req_udp = pkt.get_protocol(udp.udp)
req = dhcp.dhcp.parser(pkt[3])
req[0].options.option_list.remove(
next(opt for opt in req[0].options.option_list if opt.tag == 53))
req[0].options.option_list.insert(0, dhcp.option(tag=51, value='8640'))
req[0].options.option_list.insert(
0, dhcp.option(tag=53, value='05'.decode('hex')))
ack_pkt = packet.Packet()
ack_pkt.add_protocol(
ethernet.ethernet(ethertype=req_eth.ethertype,
dst=req_eth.src,
src=self.hw_addr))
ack_pkt.add_protocol(
ipv4.ipv4(dst=req_ipv4.dst,
src=self.dhcp_server,
proto=req_ipv4.proto))
ack_pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
ack_pkt.add_protocol(
dhcp.dhcp(op=2,
chaddr=req_eth.src,
siaddr=self.dhcp_server,
boot_file=req[0].boot_file,
yiaddr=self.ip_addr,
xid=req[0].xid,
options=req[0].options))
self.logger.info("ASSEMBLED ACK: %s" % ack_pkt)
return ack_pkt
def handle_packet(self):
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)[0]
cs = self._controller.get_customers()
index1 = self._controller.get_current_customer_id()
dns = DNS(self._pkt[-1])
print('------UDP---------', index1, cs[int(index1)].get_next_hop_mac(),
self._controller.get_transaction_id())
if self._controller.get_destination_nat(
) is not None and self._controller.get_transaction_id() is not None:
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='10:00:00:00:10:ff',
dst=cs[int(index1)].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(src=pkt_ip.src,
dst=cs[int(index1)].get_name_server(),
proto=17))
new_pkt.add_protocol(
udp.udp(src_port=pkt_udp.src_port, dst_port=pkt_udp.dst_port))
new_pkt.add_protocol(self._pkt[-1])
print('---------okt--------', new_pkt)
new_pkt.serialize()
print(
'----------------The Number of Exchanged PACKETS between Controllers-----',
self._controller.get_packet_counter())
self.send_dns_packet(new_pkt, cs[int(index1)].get_datapath(),
cs[int(index1)].get_ingress_port())
elif self._controller.get_destination_nat() is None:
self.send_dns_response_to_controller(self._pkt)
def test_serialize(self):
pkt = packet.Packet()
eth_pkt = ethernet.ethernet('b0:a8:6e:18:b8:08', '64:87:88:e9:cb:c8')
pkt.add_protocol(eth_pkt)
ip_pkt = ipv4.ipv4(src='172.28.3.1',
dst='172.28.3.2',
tos=192,
identification=26697,
proto=inet.IPPROTO_UDP)
pkt.add_protocol(ip_pkt)
udp_pkt = udp.udp(49152, 3784)
pkt.add_protocol(udp_pkt)
bfd_pkt = bfd.bfd(ver=1,
diag=bfd.BFD_DIAG_CTRL_DETECT_TIME_EXPIRED,
state=bfd.BFD_STATE_UP,
detect_mult=3,
my_discr=6,
your_discr=7,
desired_min_tx_interval=60000,
required_min_rx_interval=60000,
required_min_echo_rx_interval=0)
pkt.add_protocol(bfd_pkt)
eq_(len(pkt.protocols), 4)
pkt.serialize()
eq_(pkt.data, self.data)
def new_udp_pkt(eth_dst, eth_src, ip_dst, ip_src, src_port, dst_port, size=0):
# pcap_pen = pcaplib.Writer(open('pkt.pcap', 'wb'))
# Creat an empty Packet instance
pkt = packet.Packet()
pkt.add_protocol(
ethernet.ethernet(ethertype=0x0800, dst=eth_dst, src=eth_src))
pkt.add_protocol(ipv4.ipv4(dst=ip_dst, src=ip_src, proto=17))
pkt.add_protocol(udp.udp(src_port=src_port, dst_port=dst_port))
# Check how many byte be used under layer 3
_pkt = copy.deepcopy(pkt)
_pkt.serialize()
_d = _pkt.data
# the max. packet size is 1500 byte
limited_size = 1500 - len(_d)
# if size larger than 1500 byte set limit size
if size >= limited_size:
size = limited_size
if size != 0:
payload = os.urandom(size)
# Add payload
pkt.add_protocol(payload)
# Packet serializing
pkt.serialize()
data = pkt.data
# pcap_pen.write_pkt(data)
return data
def _build_pkt(self, fields, ops):
pkt_out = packet.Packet()
pkt_ipv4 = pkt_out.get_protocol(ipv4.ipv4)
pkt_icmp = pkt_out.get_protocol(icmp.icmp)
def addIPv4(pkt_out, fields):
pkt_out.add_protocol(
ipv4.ipv4(dst=fields['dstip'],
src=fields['srcip'],
proto=fields['proto']))
return pkt_out
pkt_out.add_protocol(
ethernet.ethernet(ethertype=fields['ethtype'],
dst=fields['dstmac'],
src=fields['srcmac']))
# Add if ARP
if 'arp' in fields['ptype']:
pkt_out.add_protocol(
arp.arp(opcode=arp.ARP_REPLY,
src_mac=fields['srcmac'],
src_ip=fields['srcip'],
dst_mac=fields['dstmac'],
dst_ip=fields['dstip']))
# Add if IPv4
if 'ipv4' in fields['ptype']:
pkt_out = addIPv4(pkt_out, fields)
# Add if ICMP
if 'icmp' in fields['ptype']:
pkt_out = addIPv4(pkt_out, fields)
pkt_out.add_protocol(
icmp.icmp(type_=icmp.ICMP_ECHO_REPLY,
code=icmp.ICMP_ECHO_REPLY_CODE,
csum=0,
data=None))
# Add if UDP
if 'udp' in fields['ptype']:
pkt_out = addIPv4(pkt_out, fields)
pkt_out.add_protocol(
udp.udp(dst_port=fields['dstport'],
bits=fields['bits'],
option=fields['opt'],
src_port=fields['srcport']))
# Add if TCP
if 'tcp' in fields['ptype']:
pkt_out = addIPv4(pkt_out, fields)
pkt_out.add_protocol(
tcp.tcp(dst_port=fields['dstport'],
bits=fields['bits'],
option=fields['opt'],
src_port=fields['srcport']))
#Add covert channel information
if fields['com'] != None:
pkt_out.add_protocol(fields['com'])
#Send crafted packet
self._send_packet(fields['dp'], ops['newport'], pkt_out)
def make_packet(pkt_size, outer_vlan=0, inner_vlan=0, vni=0,
eth_src=None, eth_dst=None, udp_src_port=None,
udp_dst_port=None, eth_type=None,
ip_src=None, ip_dst=None, ip_proto=None):
ip_src = IP_SRC if ip_src is None else ip_src
ip_dst = IP_DST if ip_dst is None else ip_dst
ip_proto = IP_PROTO if ip_proto is None else ip_proto
eth_src = DL_SRC if eth_src is None else eth_src
eth_dst = DL_SRC if eth_dst is None else eth_dst
eth_type = ether.ETH_TYPE_IP if eth_type is None else eth_type
udp_src_port = UDP_SRC_PORT if udp_src_port is None else udp_src_port
udp_dst_port = UDP_DST_PORT if udp_dst_port is None else udp_dst_port
if outer_vlan or inner_vlan:
eth_type = ether.ETH_TYPE_8021Q
e = ethernet.ethernet(eth_dst, eth_src, eth_type)
i = ipv4.ipv4(total_length=0, src=ip_src, dst=ip_dst, proto=ip_proto,
ttl=1)
if vni:
udp_dst_port = 4789
u = udp.udp(src_port=udp_src_port, dst_port=udp_dst_port)
outer_len = 0
outer_tag = None
if outer_vlan:
outer_tag = vlan.vlan(vid=outer_vlan, ethertype=ether.ETH_TYPE_8021Q,
cfi=1)
outer_len = len(outer_tag)
inner_len = 0
inner_tag = None
if inner_vlan:
inner_tag = vlan.vlan(vid=inner_vlan, ethertype=ether.ETH_TYPE_8021Q,
cfi=1)
inner_len = len(inner_tag)
vxlan_len = 0
vxlan_tag = None
if vni:
vxlan_tag = vxlan.vxlan(vni)
vxlan_len = len(vxlan_tag)
payload_size = pkt_size - (len(e) + len(i) + len(u)
+ inner_len + outer_len + vxlan_len)
payload = bytearray(payload_size if payload_size > 0 else 0)
p = packet.Packet()
p.add_protocol(e)
if outer_tag:
p.add_protocol(outer_tag)
if inner_tag:
p.add_protocol(inner_tag)
p.add_protocol(i)
p.add_protocol(u)
if vxlan_tag:
p.add_protocol(vxlan_tag)
p.add_protocol(payload)
return p
def udp_packet_gen():
pkt = packet.Packet()
pkt.protocols.append(
ethernet.ethernet("ff:ff:ff:ff:ff:ff", "ff:ff:ff:ff:ff:ff", IPV4))
pkt.protocols.append(ipv4.ipv4(proto=UDP_PROTO))
pkt.protocols.append(udp.udp(0, 0))
return pkt
def create_dhcp_ack(self, dhcp_packet, dp, port, dst_ip="255.255.255.255"):
if self.temp_offered.get(dhcp_packet.xid) is None:
return
subnet_mask = self.space[dp.id].netmask
yiaddr = self.temp_offered[dhcp_packet.xid]["yiaddr"]
chaddr = self.temp_offered[dhcp_packet.xid]["chaddr"]
# add new or update existing dhcp bindings
# we remember only last used ip address
self.database[chaddr] = yiaddr
pkt = packet.Packet()
dhcp_ack_msg_type = b"\x05"
subnet_option = dhcp.option(
tag=dhcp.DHCP_SUBNET_MASK_OPT,
value=addrconv.ipv4.text_to_bin(subnet_mask),
)
time_option = dhcp.option(tag=dhcp.DHCP_IP_ADDR_LEASE_TIME_OPT,
value=bytearray(self.LEASE_TIME_ACK))
msg_option = dhcp.option(tag=dhcp.DHCP_MESSAGE_TYPE_OPT,
value=dhcp_ack_msg_type)
dhcp_server_option = dhcp.option(tag=dhcp.DHCP_SERVER_IDENTIFIER_OPT,
value=bytearray(self._ip_to_int()))
options = dhcp.options(option_list=[
msg_option,
time_option,
subnet_option,
dhcp_server_option,
])
hlen = dhcp_packet.hlen
dhcp_pkt = dhcp.dhcp(
op=dhcp.DHCP_BOOT_REPLY,
hlen=hlen,
chaddr=dhcp_packet.chaddr,
yiaddr=yiaddr,
siaddr=self.DHCP_SERVER_IP,
giaddr=dhcp_packet.giaddr,
xid=dhcp_packet.xid,
options=options,
)
pkt.add_protocol(
ethernet.ethernet(ethertype=ether.ETH_TYPE_IP,
dst=chaddr,
src=self.DHCP_SERVER_MAC))
pkt.add_protocol(
ipv4.ipv4(dst=dst_ip, src=self.DHCP_SERVER_IP, proto=17))
pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
pkt.add_protocol(dhcp_pkt)
pkt.serialize()
self.inject_packet(pkt, dp, port)
def relay_sip_message(self,
pkt,
datapath,
message_type="",
status_packet=True):
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
ip_pkt = pkt.get_protocol(ipv4.ipv4)
udp_pkt = pkt.get_protocol(udp.udp)
sport = udp_pkt.src_port
dport = udp_pkt.dst_port
sip_pkt = pkt.protocols[-1]
search = re.search(r'From.*<sip:{}(\d*)@(.*)'.format(self.base_number),
sip_pkt)
if hasattr(search, 'group'):
if status_packet:
dst_ext = search.group(1)
else:
src_ext = search.group(1)
search = re.search(r'To.*<sip:{}(\d*)@(.*)'.format(self.base_number),
sip_pkt)
if hasattr(search, 'group'):
if status_packet:
src_ext = search.group(1)
else:
dst_ext = search.group(1)
else:
pass #send error saying the called IP is outside the domain.
if not status_packet and dst_ext not in phone_ext_info.keys():
self.logger.info("Phone not registered.")
return # send error saying called IP is not registered.
self.logger.info(
'Source Extension: {}, Destination Extension: {}'.format(
src_ext, dst_ext))
pakt = packet.Packet()
pakt.add_protocol(
ethernet.ethernet(
dst=ip_to_mac[phone_ext_info[dst_ext]["Phone IP"]],
src=self.vmac,
ethertype=ether.ETH_TYPE_IP))
pakt.add_protocol(
ipv4.ipv4(dst=phone_ext_info[dst_ext]["Phone IP"],
src=self.vip,
proto=ip_pkt.proto))
pakt.add_protocol(udp.udp(dst_port=dport, src_port=sport))
pakt.add_protocol(sip_pkt)
pakt.serialize()
ring_out_dpid = phone_ext_info[dst_ext]["Phone OVS"]
ring_out_port = phone_ext_info[dst_ext]["OVS Port"]
actions = [parser.OFPActionOutput(ring_out_port)]
out = parser.OFPPacketOut(
datapath=self.dpid_to_datapath[ring_out_dpid],
in_port=ofproto.OFPP_ANY,
data=pakt.data,
actions=actions,
buffer_id=0xffffffff)
self.dpid_to_datapath[ring_out_dpid].send_msg(out)
def bfd_packet(src_mac,
dst_mac,
src_ip,
dst_ip,
ipv4_id,
src_port,
dst_port,
diag=0,
state=0,
flags=0,
detect_mult=0,
my_discr=0,
your_discr=0,
desired_min_tx_interval=0,
required_min_rx_interval=0,
required_min_echo_rx_interval=0,
auth_cls=None):
"""
Generate BFD packet with Ethernet/IPv4/UDP encapsulated.
"""
# Generate ethernet header first.
pkt = packet.Packet()
eth_pkt = ethernet.ethernet(dst_mac, src_mac, ETH_TYPE_IP)
pkt.add_protocol(eth_pkt)
# IPv4 encapsulation
# set ToS to 192 (Network control/CS6)
# set TTL to 255 (RFC5881 Section 5.)
ipv4_pkt = ipv4.ipv4(proto=inet.IPPROTO_UDP,
src=src_ip,
dst=dst_ip,
tos=192,
identification=ipv4_id,
ttl=255)
pkt.add_protocol(ipv4_pkt)
# UDP encapsulation
udp_pkt = udp.udp(src_port=src_port, dst_port=dst_port)
pkt.add_protocol(udp_pkt)
# BFD payload
bfd_pkt = bfd.bfd(
ver=1,
diag=diag,
state=state,
flags=flags,
detect_mult=detect_mult,
my_discr=my_discr,
your_discr=your_discr,
desired_min_tx_interval=desired_min_tx_interval,
required_min_rx_interval=required_min_rx_interval,
required_min_echo_rx_interval=required_min_echo_rx_interval,
auth_cls=auth_cls)
pkt.add_protocol(bfd_pkt)
pkt.serialize()
return pkt.data
def test_default_args(self):
prev = ipv4(proto=inet.IPPROTO_UDP)
u = udp()
buf = u.serialize(bytearray(), prev)
res = struct.unpack(udp._PACK_STR, buf)
eq_(res[0], 1)
eq_(res[1], 1)
eq_(res[2], udp._MIN_LEN)
def assemble_ack(self, pkt):
#self.semaphore.acquire()
#self.semaphore.release()
req_eth = pkt.get_protocol(ethernet.ethernet)
req_ipv4 = pkt.get_protocol(ipv4.ipv4)
req_udp = pkt.get_protocol(udp.udp)
req = pkt.get_protocol(dhcp.dhcp)
req.options.option_list.remove(
next(opt for opt in req.options.option_list if opt.tag == 53))
req.options.option_list.insert(
0, dhcp.option(tag=1, value=self.bin_netmask))
req.options.option_list.insert(
0, dhcp.option(tag=3, value=self.bin_server))
req.options.option_list.insert(0, dhcp.option(tag=6,
value=self.bin_dns))
# disc.options.option_list.insert(
# 0, dhcp.option(tag=12, value=self.hostname))
req.options.option_list.insert(
0, dhcp.option(tag=51, value=struct.pack('!I', self.release_time)))
req.options.option_list.insert(
0, dhcp.option(tag=53, value=struct.pack('!B', 5)))
# disc.options.option_list.insert(
# 0, dhcp.option(tag=54, value=self.hostname))
req.options.option_list.insert(
0,
dhcp.option(tag=58,
value=struct.pack('!I', self.release_time // 2)))
req.options.option_list.insert(
0,
dhcp.option(tag=59,
value=struct.pack('!I', self.release_time * 7 // 8)))
if req_eth.src not in self.ip_pool:
return
# print(req_eth.src,end=" ")
# print(self.ip_pool[req_eth.src][2], time.perf_counter())
self.ip_pool[req_eth.src][1] = time.perf_counter()
ack_pkt = packet.Packet()
ack_pkt.add_protocol(
ethernet.ethernet(ethertype=req_eth.ethertype,
dst=req_eth.src,
src=self.hw_addr))
ack_pkt.add_protocol(
ipv4.ipv4(dst=req_ipv4.dst,
src=self.dhcp_server,
proto=req_ipv4.proto))
ack_pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
ack_pkt.add_protocol(
dhcp.dhcp(op=2,
chaddr=req_eth.src,
siaddr=self.dhcp_server,
boot_file=req.boot_file,
yiaddr=self.ip_pool[req_eth.src][0],
xid=req.xid,
options=req.options))
self.host_check()
# self.logger.info("ASSEMBLED ACK: %s" % ack_pkt)
return ack_pkt
def assemble_ack(cls, pkt, datapath, port):
req_eth = pkt.get_protocol(ethernet.ethernet)
req_ipv4 = pkt.get_protocol(ipv4.ipv4)
req_udp = pkt.get_protocol(udp.udp)
req = pkt.get_protocol(dhcp.dhcp)
wanted_ip = cls.get_option_value(req, 50)
src = req_eth.src
got_ip = None
if src in cls.wan_leases[datapath]:
if wanted_ip != cls.wan_leases[datapath][src]:
cls.wan_pool.append(cls.wan_leases[datapath][src])
del cls.wan_leases[datapath][src]
else:
got_ip = cls.wan_leases[datapath][src]
if got_ip is None:
if src in cls.wan_offers[datapath]:
if wanted_ip != cls.wan_offers[datapath][src]:
cls.wan_pool.append(cls.wan_offers[datapath][src])
del cls.wan_offers[datapath][src]
else:
got_ip = cls.wan_offers[datapath][src]
if got_ip is None:
if wanted_ip in cls.wan_pool[datapath]:
cls.wan_pool[datapath].remove(wanted_ip)
got_ip = wanted_ip
if got_ip is None:
# cls.log.warn("%s asked for un-offered %s", src, wanted_ip)
# cls.nak(event) # nak
return
req.options.option_list.remove(next(opt for opt in req.options.option_list if opt.tag == 53))
req.options.option_list.insert(0, dhcp.option(tag=1, value=cls.bin_netmask))
req.options.option_list.insert(0, dhcp.option(tag=3, value=addrconv.ipv4.text_to_bin(cls.dhcp_server[datapath])))
req.options.option_list.insert(0, dhcp.option(tag=6, value=cls.bin_dns))
req.options.option_list.insert(0, dhcp.option(tag=51, value='8640'))
req.options.option_list.insert(0, dhcp.option(tag=53, value='05'.decode('hex')))
req.options.option_list.insert(0, dhcp.option(tag=54, value=addrconv.ipv4.text_to_bin(cls.dhcp_server[datapath])))
ack_pkt = packet.Packet()
ack_pkt.add_protocol(ethernet.ethernet(ethertype=req_eth.ethertype, dst=src, src=cls.hw_addr))
ack_pkt.add_protocol(ipv4.ipv4(dst=req_ipv4.dst, src=cls.dhcp_server[datapath], proto=req_ipv4.proto))
ack_pkt.add_protocol(udp.udp(src_port=67,dst_port=68))
ack_pkt.add_protocol(dhcp.dhcp(op=2, chaddr=src,
hlen=6, # salah di len
siaddr=cls.dhcp_server[datapath],
boot_file=req.boot_file,
yiaddr=wanted_ip,
xid=req.xid,
options=req.options))
# cls.logger.info("ASSEMBLED ACK: %s" % ack_pkt)
# print(wanted_ip, src, datapath, port)
cls.add_arp(wanted_ip, src, datapath, port)
return ack_pkt
def handle_packet(self):
pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
pkt_udp = self._pkt.get_protocols(udp.udp)
dns = DNS(self._pkt[-1])
cs = self._controller.get_customers()
for c in range(len(cs)):
if IPAddress(pkt_ip.src) in IPNetwork(
cs[c].get_private_ip_subnet()):
index = c
#print'---##################INEX#############',index
#self._controller.set_current_customer_id(index)
#index=self._controller.get_current_customer_id()
if pkt_udp is not None and self._pport is not None:
new_pkt = packet.Packet()
new_pkt.add_protocol(
ethernet.ethernet(src='10:00:00:00:10:ff',
dst=cs[index].get_next_hop_mac()))
new_pkt.add_protocol(
ipv4.ipv4(src='10.1.0.18',
dst=cs[index].get_name_server(),
proto=17))
#print '********index********',pkt_udp,'*******PORT********',self._pport,'######################'
new_pkt.add_protocol(udp.udp(src_port=53, dst_port=self._pport))
#print'---pkt is created---til udp'
#new_dns=DNS(rd=0,id=pkt_dns.id,qd=DNSQR(qname=pkt_dns.qd.qname),ns=DNSRR(rrname=pkt_dns.ar.rrname,type=1,ttl=60000,rdata=cs[index].get_name_server()))
dns = DNS(rd=0,
id=dns.id,
qr=1L,
qd=dns.qd,
ancount=1,
nscount=1,
arcount=1,
an=(DNSRR(rrname='ROOT-SERVER.',
type='A',
rclass='IN',
ttl=60000,
rdata='10.1.0.18')),
ns=(DNSRR(rrname='ROOT-SERVER.',
type='NS',
rclass='IN',
ttl=3600,
rdata='.')),
ar=DNSRR(rrname='ROOT-SERVER.',
type='A',
rclass='IN',
ttl=60000,
rdata='10.1.0.18'))
#print('---DNS fo . SENT----',dns)
new_pkt.add_protocol(dns)
new_pkt.serialize()
self.send_dns_packet(new_pkt, cs[index].get_datapath(),
cs[index].get_ingress_port())
self._pport = None
def bfd_packet(
src_mac,
dst_mac,
src_ip,
dst_ip,
ipv4_id,
src_port,
dst_port,
diag=0,
state=0,
flags=0,
detect_mult=0,
my_discr=0,
your_discr=0,
desired_min_tx_interval=0,
required_min_rx_interval=0,
required_min_echo_rx_interval=0,
auth_cls=None,
):
"""
Generate BFD packet with Ethernet/IPv4/UDP encapsulated.
"""
# Generate ethernet header first.
pkt = packet.Packet()
eth_pkt = ethernet.ethernet(dst_mac, src_mac, ETH_TYPE_IP)
pkt.add_protocol(eth_pkt)
# IPv4 encapsulation
# set ToS to 192 (Network control/CS6)
# set TTL to 255 (RFC5881 Section 5.)
ipv4_pkt = ipv4.ipv4(proto=inet.IPPROTO_UDP, src=src_ip, dst=dst_ip, tos=192, identification=ipv4_id, ttl=255)
pkt.add_protocol(ipv4_pkt)
# UDP encapsulation
udp_pkt = udp.udp(src_port=src_port, dst_port=dst_port)
pkt.add_protocol(udp_pkt)
# BFD payload
bfd_pkt = bfd.bfd(
ver=1,
diag=diag,
state=state,
flags=flags,
detect_mult=detect_mult,
my_discr=my_discr,
your_discr=your_discr,
desired_min_tx_interval=desired_min_tx_interval,
required_min_rx_interval=required_min_rx_interval,
required_min_echo_rx_interval=required_min_echo_rx_interval,
auth_cls=auth_cls,
)
pkt.add_protocol(bfd_pkt)
pkt.serialize()
return pkt.data
def create_dhcp_offer(self,
dhcp_packet,
dp,
port,
dst_ip="255.255.255.255"):
xid = dhcp_packet.xid # transaction id
chaddr = dhcp_packet.chaddr
yiaddr = None
previous_ip = self.database.get(chaddr)
if previous_ip:
if previous_ip in self.pools[dp.id]:
self.pools[dp.id].remove(previous_ip)
yiaddr = previous_ip
else:
yiaddr = self.pools[dp.id].pop(-1)
else:
yiaddr = self.pools[dp.id].pop(-1)
self.temp_offered[xid] = {"chaddr": chaddr, "yiaddr": yiaddr}
pkt = packet.Packet()
dhcp_offer_msg_type = b"\x02"
hlen = dhcp_packet.hlen
msg_option = dhcp.option(tag=dhcp.DHCP_MESSAGE_TYPE_OPT,
value=dhcp_offer_msg_type)
dhcp_server_option = dhcp.option(tag=dhcp.DHCP_SERVER_IDENTIFIER_OPT,
value=bytearray(self._ip_to_int()))
options = dhcp.options(option_list=[msg_option, dhcp_server_option])
pkt.add_protocol(
ethernet.ethernet(ethertype=ether.ETH_TYPE_IP,
dst=chaddr,
src=self.DHCP_SERVER_MAC))
pkt.add_protocol(
ipv4.ipv4(dst=dst_ip, src=self.DHCP_SERVER_IP, proto=17))
pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
pkt.add_protocol(
dhcp.dhcp(
hlen=hlen,
op=dhcp.DHCP_BOOT_REPLY,
yiaddr=yiaddr,
siaddr=self.DHCP_SERVER_IP,
xid=dhcp_packet.xid,
giaddr=dhcp_packet.giaddr,
chaddr=chaddr,
options=options,
))
pkt.serialize()
self.inject_packet(pkt, dp, port)
def test_reply_ttl_invalid_message_with_rate_limit(self):
pkt = packet.Packet()
pkt.add_protocol(ethernet.ethernet(dst='aa:bb:cc:dd:ee:ff'))
pkt.add_protocol(ipv4.ipv4(proto=in_proto.IPPROTO_UDP))
pkt.add_protocol(udp.udp())
pkt.serialize()
lswitch = l2.LogicalSwitch(
id='lswitch1',
topic='topic1',
unique_key=9,
version=1,
)
self.app.db_store.update(lswitch)
lrouter = l3.LogicalRouter(
id='lrouter1',
topic='topic1',
version=1,
unique_key=22,
ports=[
l3.LogicalRouterPort(
id='lrouter1-port1',
unique_key=55,
topic='topic1',
mac='aa:bb:cc:dd:ee:ff',
network='10.0.0.1/24',
lswitch='lswitch1',
),
],
)
self.app.db_store.update(lrouter)
event = ofp_event.EventOFPMsgBase(
msg=ofproto_parser.OFPPacketIn(
datapath=mock.Mock(),
reason=self.app.ofproto.OFPR_INVALID_TTL,
match=ofproto_parser.OFPMatch(
metadata=lswitch.unique_key,
reg5=lrouter.unique_key,
),
data=pkt.data,
)
)
with mock.patch("dragonflow.controller.common."
"icmp_error_generator.generate") as icmp_error:
for _ in range(self.app.conf.router_ttl_invalid_max_rate * 2):
self.app.packet_in_handler(event)
self.assertEqual(self.app.conf.router_ttl_invalid_max_rate,
icmp_error.call_count)
icmp_error.assert_called_with(icmp.ICMP_TIME_EXCEEDED,
icmp.ICMP_TTL_EXPIRED_CODE,
mock.ANY, "10.0.0.1", mock.ANY)
def _send_dhcp_packet(self, datapath, dhcp_pkt, port):
pkt = packet.Packet()
pkt.add_protocol(ethernet.ethernet
(src=self.dhcp_hw_addr, dst="ff:ff:ff:ff:ff:ff"))
pkt.add_protocol(ipv4.ipv4
(src=self.dhcp_addr, dst="255.255.255.255", proto=17))
pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
pkt.add_protocol(dhcp_pkt)
ofp_helper.send_packet(datapath, pkt, port)
def _get_tp_pkt(self, proto=IPPROTO_TCP, src_port=34567, dst_port=80):
pkt = packet.Packet()
pkt.add_protocol(ethernet.ethernet())
pkt.add_protocol(ipv4.ipv4(proto=proto))
if proto == IPPROTO_TCP:
pkt.add_protocol(tcp.tcp(src_port=src_port, dst_port=dst_port))
elif proto == IPPROTO_UDP:
pkt.add_protocol(udp.udp(src_port=src_port, dst_port=dst_port))
return pkt
def _create_dhcp_ack(self, pkt, dhcp_packet, lport):
pkt_ipv4 = pkt.get_protocol(ipv4.ipv4)
pkt_ethernet = pkt.get_protocol(ethernet.ethernet)
subnet = self._get_subnet_by_port(lport)
if subnet is None:
LOG.error(_LE("No subnet found for port <%s>") %
lport.get_id())
return
dns = self._get_dns_address_list_bin(subnet)
host_routes = self._get_host_routes_list_bin(subnet)
dhcp_server_address = str(self._get_dhcp_server_address(subnet))
gateway_address = self._get_port_gateway_address(subnet)
netmask_bin = self._get_port_netmask(subnet).packed
domain_name_bin = struct.pack('!256s', self.domain_name)
lease_time_bin = struct.pack('!I', self.lease_time)
option_list = [
dhcp.option(dhcp.DHCP_MESSAGE_TYPE_OPT, b'\x05', 1),
dhcp.option(dhcp.DHCP_SUBNET_MASK_OPT, netmask_bin, 4),
dhcp.option(dhcp.DHCP_GATEWAY_ADDR_OPT, gateway_address.packed, 4),
dhcp.option(dhcp.DHCP_IP_ADDR_LEASE_TIME_OPT,
lease_time_bin, 4),
dhcp.option(dhcp.DHCP_DNS_SERVER_ADDR_OPT, dns, len(dns)),
dhcp.option(DHCP_DOMAIN_NAME_OPT,
domain_name_bin,
len(self.domain_name)),
dhcp.option(DHCP_CLASSLESS_ROUTE, host_routes, len(host_routes))]
if self.advertise_mtu:
intreface_mtu = self._get_port_mtu(lport)
mtu_bin = struct.pack('!H', intreface_mtu)
option_list.append(dhcp.option(
DHCP_INTERFACE_MTU_OPT,
mtu_bin,
len(mtu_bin)))
options = dhcp.options(option_list=option_list)
dhcp_ack_pkt = ryu_packet.Packet()
dhcp_ack_pkt.add_protocol(ethernet.ethernet(
ethertype=ether.ETH_TYPE_IP,
dst=pkt_ethernet.src,
src=pkt_ethernet.dst))
dhcp_ack_pkt.add_protocol(ipv4.ipv4(dst=pkt_ipv4.src,
src=dhcp_server_address,
proto=pkt_ipv4.proto))
dhcp_ack_pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
dhcp_ack_pkt.add_protocol(dhcp.dhcp(op=2, chaddr=pkt_ethernet.src,
siaddr=dhcp_server_address,
boot_file=dhcp_packet.boot_file,
yiaddr=lport.get_ip(),
xid=dhcp_packet.xid,
options=options))
return dhcp_ack_pkt
def redefine_udp_packet(self, eth_src, eth_dst, ipv4_src, ipv4_dst, inport, outport, data):
ethertype = 0x800 # ether.ETH_TYPE_8021Q
eth_packet = ethernet.ethernet(eth_dst, eth_src, ethertype)
ip_packet = ipv4.ipv4(4, 5, 0, 0, 0, 0, 0, 255, 17, 0, ipv4_src, ipv4_dst)
udp_packet = udp.udp(inport, outport, 0, 0)
p = packet.Packet()
p.add_protocol(eth_packet)
p.add_protocol(ip_packet)
p.add_protocol(udp_packet)
p.add_protocol(data)
p.serialize()
return p
def _build_pkt(self, fields, ops):
pkt_out = packet.Packet()
pkt_ipv4 = pkt_out.get_protocol(ipv4.ipv4)
pkt_icmp = pkt_out.get_protocol(icmp.icmp)
def addIPv4(pkt_out, fields):
pkt_out.add_protocol(ipv4.ipv4(dst=fields['dstip'],
src=fields['srcip'],
proto=fields['proto']))
return pkt_out
pkt_out.add_protocol(ethernet.ethernet(ethertype=fields['ethtype'],
dst=fields['dstmac'],
src=fields['srcmac']))
# Add if ARP
if 'arp' in fields['ptype']:
pkt_out.add_protocol(arp.arp(opcode=arp.ARP_REPLY,
src_mac=fields['srcmac'],
src_ip=fields['srcip'],
dst_mac=fields['dstmac'],
dst_ip=fields['dstip']))
# Add if IPv4
if 'ipv4' in fields['ptype']:
pkt_out = addIPv4(pkt_out,fields)
# Add if ICMP
if 'icmp' in fields['ptype']:
pkt_out = addIPv4(pkt_out,fields)
pkt_out.add_protocol(icmp.icmp(type_=icmp.ICMP_ECHO_REPLY,
code=icmp.ICMP_ECHO_REPLY_CODE,
csum=0,
data=None))
# Add if UDP
if 'udp' in fields['ptype']:
pkt_out = addIPv4(pkt_out,fields)
pkt_out.add_protocol(udp.udp(dst_port=fields['dstport'],
bits=fields['bits'],option=fields['opt'],
src_port=fields['srcport']))
# Add if TCP
if 'tcp' in fields['ptype']:
pkt_out = addIPv4(pkt_out,fields)
pkt_out.add_protocol(tcp.tcp(dst_port=fields['dstport'],
bits=fields['bits'],option=fields['opt'],
src_port=fields['srcport']))
#Add covert channel information
if fields['com'] != None:
pkt_out.add_protocol(fields['com'])
#Send crafted packet
self._send_packet(fields['dp'], ops['newport'], pkt_out)
def assemble_offer(cls, pkt, datapath):
disc_eth = pkt.get_protocol(ethernet.ethernet)
disc_ipv4 = pkt.get_protocol(ipv4.ipv4)
disc_udp = pkt.get_protocol(udp.udp)
disc = pkt.get_protocol(dhcp.dhcp)
src = disc_eth.src
if src in cls.wan_leases[datapath]:
offer = cls.wan_leases[datapath][src]
del cls.wan_leases[datapath][src]
cls.wan_offers[datapath][src] = offer
else:
offer = cls.wan_offers[datapath].get(src)
if offer is None:
if len(cls.wan_pool[datapath]) == 0:
# cls.logger.error("Out of IP addresses")
# dhcp nak belum dibuat
# cls.nak(pkt)
return
offer = cls.wan_pool[datapath][0]
# jika request IP diminta belum dibuat
cls.wan_pool[datapath].remove(offer)
cls.wan_offers[datapath][src] = offer
yiaddr = offer
disc.options.option_list.remove(next(opt for opt in disc.options.option_list if opt.tag == 55))
disc.options.option_list.remove(next(opt for opt in disc.options.option_list if opt.tag == 53))
disc.options.option_list.remove(next(opt for opt in disc.options.option_list if opt.tag == 12))
disc.options.option_list.insert(0, dhcp.option(tag=1, value=cls.bin_netmask))
disc.options.option_list.insert(0, dhcp.option(tag=3, value=addrconv.ipv4.text_to_bin(cls.dhcp_server[datapath])))
disc.options.option_list.insert(0, dhcp.option(tag=6, value=cls.bin_dns))
# disc.options.option_list.insert(0, dhcp.option(tag=12, value=cls.hostname))
disc.options.option_list.insert(0, dhcp.option(tag=53, value='02'.decode('hex')))
disc.options.option_list.insert(0, dhcp.option(tag=54, value=addrconv.ipv4.text_to_bin(cls.dhcp_server[datapath])))
offer_pkt = packet.Packet()
offer_pkt.add_protocol(ethernet.ethernet(ethertype=disc_eth.ethertype, dst=src, src=cls.hw_addr))
offer_pkt.add_protocol(ipv4.ipv4(dst=disc_ipv4.dst, src=cls.dhcp_server[datapath], proto=disc_ipv4.proto))
offer_pkt.add_protocol(udp.udp(src_port=67,dst_port=68))
offer_pkt.add_protocol(dhcp.dhcp(op=2, chaddr=src,
hlen=6, # salah di len
siaddr=cls.dhcp_server[datapath],
boot_file=disc.boot_file,
yiaddr=yiaddr,
xid=disc.xid,
options=disc.options))
# cls.logger.info("ASSEMBLED OFFER: %s" % offer_pkt)
return offer_pkt
def _create_dhcp_offer(self, pkt, dhcp_packet, lport):
pkt_ipv4 = pkt.get_protocol(ipv4.ipv4)
pkt_ethernet = pkt.get_protocol(ethernet.ethernet)
subnet = self._get_subnet_by_port(lport)
if subnet is None:
LOG.error(_LE("No subnet found for port <%s>") %
lport.get_id())
return
dns = self._get_dns_address_list_bin(subnet)
dhcp_server_address = self._get_dhcp_server_address(subnet)
netmask_bin = self._get_port_netmask(subnet).packed
lease_time_bin = struct.pack('!I', self.lease_time)
gateway_address = self._get_port_gateway_address(subnet)
domain_name_bin = struct.pack('!256s', self.domain_name)
option_list = [
dhcp.option(dhcp.DHCP_MESSAGE_TYPE_OPT, b'\x02', 1),
dhcp.option(dhcp.DHCP_SUBNET_MASK_OPT, netmask_bin, 4),
dhcp.option(dhcp.DHCP_DNS_SERVER_ADDR_OPT, dns, len(dns)),
dhcp.option(dhcp.DHCP_IP_ADDR_LEASE_TIME_OPT,
lease_time_bin, 4),
dhcp.option(dhcp.DHCP_SERVER_IDENTIFIER_OPT,
dhcp_server_address.packed, 4),
dhcp.option(15, domain_name_bin, len(self.domain_name))]
if gateway_address:
option_list.append(dhcp.option(
dhcp.DHCP_GATEWAY_ADDR_OPT,
gateway_address.packed,
4))
options = dhcp.options(option_list=option_list)
dhcp_offer_pkt = ryu_packet.Packet()
dhcp_offer_pkt.add_protocol(ethernet.ethernet(
ethertype=ether.ETH_TYPE_IP,
dst=pkt_ethernet.src,
src=pkt_ethernet.dst))
dhcp_offer_pkt.add_protocol(ipv4.ipv4(dst=pkt_ipv4.src,
src=str(dhcp_server_address),
proto=pkt_ipv4.proto))
dhcp_offer_pkt.add_protocol(udp.udp(src_port=67, dst_port=68))
dhcp_offer_pkt.add_protocol(dhcp.dhcp(op=2, chaddr=pkt_ethernet.src,
siaddr=str(dhcp_server_address),
boot_file=dhcp_packet.boot_file,
yiaddr=lport.get_ip(),
xid=dhcp_packet.xid,
options=options))
return dhcp_offer_pkt
def build_udp(self):
#dst = '1' * 6
dst = '00:00:00:00:00:01'
src = '00:00:00:00:00:02'
ethertype = ether.ETH_TYPE_8021Q
e = ethernet.ethernet(dst, src, ethertype)
v = vlan.vlan(1, 1, 3, ether.ETH_TYPE_IP)
ip = ipv4.ipv4(4, 5, 0, 0, 0, 0, 0, 255, 17, 33, '192.168.1.1', '192.168.1.11')
u = udp.udp(12, 34, 0)
p = packet.Packet()
p.add_protocol(e)
p.add_protocol(v)
p.add_protocol(ip)
p.add_protocol(u)
#data content
p.add_protocol("123456789")
p.serialize()
return p
def _send_partial_response(self, host, port, msg):
"""Provide the metric and nexthop address for every RTE in msg. No
split horizon is performed. This is the "specific" case from RFC 2453
section 3.9.1."""
logger.info("send partial response")
for rt in msg.rtes:
matching_rt = self.get_route(rt.network.ip.exploded,
rt.network.netmask.exploded)
if not matching_rt:
rt.metric = RIPRouteEntry.MAX_METRIC
else:
rt.metric = matching_rt.metric
msg.hdr.cmd = RIPHeader.TYPE_RESPONSE
# send ofpacket out
in_port_no,port = self.sys.get_port_by_ip(src_iface_ip)
eth_src=port.mac_addr
eth_dest= '01:00:5e:00:00:09'
e = ethernet.ethernet(dst = eth_dst, src = eth_src,
ethertype = ether.ETH_TYPE_IP)
pkt_ipv4 = ipv4.ipv4(dst=str(host.exploded),
src=src_iface_ip,
proto=inet.IPPROTO_UDP)
udp_pkt = udp.udp(src_port=dst_port, dst_port=dst_port, total_length=0, csum=0)
datapath = self.sys.datapath
p = packet.Packet()
p.add_protocol(e)
p.add_protocol(pkt_ipv4)
p.add_protocol(udp_pkt)
#p.add_protocol(msg)
p.serialize()
p+=msg.serialize()
data = p.data
actions = [datapath.ofproto_parser.OFPActionOutput(in_port_no)]
out = datapath.ofproto_parser.OFPPacketOut(datapath=datapath,
buffer_id=datapath.ofproto.OFP_NO_BUFFER,
in_port=datapath.ofproto.OFPP_CONTROLLER,
actions=actions,
data=data)
datapath.send_msg(out)
def build_packet(self, dst_dpid, src_dpid, out_port):
#dst = '1' * 6
#dst = '00:00:00:00:00:01'
#src = '00:00:00:00:00:02'
ethertype = 0x07c3
dst = '00:00:00:00:00:01'
src = '00:00:00:00:00:02'
e = ethernet.ethernet(dst, src, ethertype)
ip = ipv4.ipv4(src='192.168.1.1', dst='192.168.1.11')
send_time = time.time()*100%100000
u = udp.udp(src_port=out_port,dst_port=send_time)
p = packet.Packet()
p.add_protocol(e)
p.add_protocol(ip)
p.add_protocol(u)
p.add_protocol(out_port)
p.add_protocol(time.time())
p.serialize()
return p
def assemble_ack(self, pkt):
req_eth = pkt.get_protocol(ethernet.ethernet)
req_ipv4 = pkt.get_protocol(ipv4.ipv4)
req_udp = pkt.get_protocol(udp.udp)
req = dhcp.dhcp.parser(pkt[3])
req[0].options.option_list.remove(next(opt for opt in req[0].options.option_list if opt.tag == 53))
req[0].options.option_list.insert(0, dhcp.option(tag=51, value='8640'))
req[0].options.option_list.insert(0, dhcp.option(tag=53, value='05'.decode('hex')))
ack_pkt = packet.Packet()
ack_pkt.add_protocol(ethernet.ethernet(ethertype=req_eth.ethertype, dst=req_eth.src, src=self.hw_addr))
ack_pkt.add_protocol(ipv4.ipv4(dst=req_ipv4.dst, src=self.dhcp_server, proto=req_ipv4.proto))
ack_pkt.add_protocol(udp.udp(src_port=67,dst_port=68))
ack_pkt.add_protocol(dhcp.dhcp(op=2, chaddr=req_eth.src,
siaddr=self.dhcp_server,
boot_file=req[0].boot_file,
yiaddr=self.ip_addr,
xid=req[0].xid,
options=req[0].options))
self.logger.info("ASSEMBLED ACK: %s" % ack_pkt)
return ack_pkt
def send_update(self, msg, src_iface_ip, dst_ip="224.0.0.9",
dst_port=None):
if not dst_port:
dst_port = self.port
# send ofpacket out
logger.info("send update from %s",src_iface_ip)
in_port_no,port = self.sys.get_port_by_ip(src_iface_ip)
eth_src=port.mac_addr
eth_dest= '01:00:5e:00:00:09'
e = ethernet.ethernet(dst = eth_dest, src = eth_src,
ethertype = ether.ETH_TYPE_IP)
pkt_ipv4 = ipv4.ipv4(dst=dst_ip,
src=src_iface_ip,
proto=inet.IPPROTO_UDP)
udp_pkt = udp.udp(src_port=dst_port, dst_port=dst_port, total_length=0, csum=0)
datapath = self.sys.datapath
p = packet.Packet()
p.add_protocol(e)
p.add_protocol(pkt_ipv4)
p.add_protocol(udp_pkt)
p.add_protocol(msg)
print vars(p)
p.serialize()
print p
#p+=msg
data = p.data
print in_port_no
actions = [datapath.ofproto_parser.OFPActionOutput(in_port_no)]
out = datapath.ofproto_parser.OFPPacketOut(datapath=datapath,
buffer_id=datapath.ofproto.OFP_NO_BUFFER,
in_port=datapath.ofproto.OFPP_CONTROLLER,
actions=actions,
data=data)
logger.info("sended packet")
datapath.send_msg(out)
def _respond_dhcp(self, datapath, port, pool,
pkt_ethernet, pkt_vlan, pkt_ip, pkt_udp, pkt_dhcp):
# DHCP message type code
options = dict()
for option in pkt_dhcp.options.option_list:
options[option.tag] = option.value
src = pkt_dhcp.chaddr
# RESPONSE MSG
pkt = packet.Packet()
pkt.add_protocol(ethernet.ethernet(ethertype=pkt_ethernet.ethertype,
dst=pkt_ethernet.src,
src='00:00:00:00:00:00'))
if pkt_vlan:
pkt.add_protocol(vlan.vlan(cfi=pkt_vlan.cfi,
ethertype=pkt_vlan.ethertype,
pcp=pkt_vlan.pcp,
vid=pkt_vlan.vid))
pkt.add_protocol(ipv4.ipv4(src=pkt_ip.dst, dst=pkt_ip.src, proto=in_proto.IPPROTO_UDP))
pkt.add_protocol(udp.udp(src_port=pkt_udp.dst_port, dst_port=pkt_udp.src_port))
# DISCOVER MSG
dhcp_msg_type = ord(options[dhcp.DHCP_MESSAGE_TYPE_OPT])
if dhcp_msg_type == dhcp.DHCP_DISCOVER:
msg_type = dhcp.DHCP_OFFER
if src in self.leases:
offer = self.leases[src]
del self.leases[src]
self.offers[src] = offer
else:
offer = self.offers.get(src)
if offer is None:
if len(pool) == 0:
LOG.error("Out of IP addresses")
msg_type = dhcp.DHCP_NAK
offer = pool[0]
if dhcp.DHCP_REQUESTED_IP_ADDR_OPT in options:
wanted_ip = IPAddr(addrconv.ipv4.bin_to_text(options[dhcp.DHCP_REQUESTED_IP_ADDR_OPT].value))
if wanted_ip in pool:
offer = wanted_ip
pool.remove(offer)
self.offers[src] = offer
wanted_opts = list()
if dhcp.DHCP_PARAMETER_REQUEST_LIST_OPT in options:
fmt = "s" * len(options[dhcp.DHCP_PARAMETER_REQUEST_LIST_OPT])
wanted_opt_set = struct.unpack(fmt, options[dhcp.DHCP_PARAMETER_REQUEST_LIST_OPT])
for i in wanted_opt_set:
wanted_opts.append(ord(i))
option_list = list()
option_list.append(dhcp.option(dhcp.DHCP_MESSAGE_TYPE_OPT, chr(msg_type), length=1))
if msg_type is not dhcp.DHCP_NAK:
if dhcp.DHCP_SUBNET_MASK_OPT in wanted_opts:
option_list.append(dhcp.option(dhcp.DHCP_SUBNET_MASK_OPT,
addrconv.ipv4.text_to_bin(self.subnet.toStr()),
length=4))
if dhcp.DHCP_GATEWAY_ADDR_OPT in wanted_opts and self.router_addr is not None:
option_list.append(dhcp.option(dhcp.DHCP_GATEWAY_ADDR_OPT,
addrconv.ipv4.text_to_bin(self.router_addr.toStr()),
length=4))
if dhcp.DHCP_DNS_SERVER_ADDR_OPT in wanted_opts and self.dns_addr is not None:
option_list.append(dhcp.option(dhcp.DHCP_DNS_SERVER_ADDR_OPT,
addrconv.ipv4.text_to_bin(self.dns_addr.toStr()),
length=4))
option_list.append(dhcp.option(dhcp.DHCP_IP_ADDR_LEASE_TIME_OPT,
chr(self.lease_time),
length=4))
option_list.append(dhcp.option(dhcp.DHCP_RENEWAL_TIME_OPT, chr(self.lease_time / 2), length=4))
option_list.append(dhcp.option(dhcp.DHCP_REBINDING_TIME_OPT, chr(self.lease_time * 7 / 8), length=4))
resp_options = dhcp.options(option_list=option_list)
pkt.add_protocol(dhcp.dhcp(op=self._MSG_TYPE_BOOT_REPLY, chaddr=pkt_dhcp.chaddr, options=resp_options,
xid=pkt_dhcp.xid, ciaddr=pkt_dhcp.ciaddr, yiaddr=offer.toStr(),
siaddr=self.ip_addr.toStr(), giaddr='0.0.0.0', sname='', boot_file=''))
# REQUEST MSG
if dhcp_msg_type == dhcp.DHCP_REQUEST:
msg_type = dhcp.DHCP_ACK
if dhcp.DHCP_REQUESTED_IP_ADDR_OPT not in options:
return
wanted_ip = IPAddr(addrconv.ipv4.bin_to_text(options[dhcp.DHCP_REQUESTED_IP_ADDR_OPT]))
got_ip = None
if src in self.leases:
if wanted_ip != self.leases[src]:
pool.append(self.leases[src])
del self.leases[src]
else:
got_ip = self.leases[src]
if got_ip is None:
if src in self.offers:
if wanted_ip != self.offers[src]:
pool.append(self.offers[src])
del self.offers[src]
else:
got_ip = self.offers[src]
if got_ip is None:
if wanted_ip in pool:
pool.remove(wanted_ip)
got_ip = wanted_ip
if got_ip is None:
LOG.warn("%s asked for un-offered %s", src, wanted_ip.toStr())
msg_type = dhcp.DHCP_NAK
wanted_opts = list()
if dhcp.DHCP_PARAMETER_REQUEST_LIST_OPT in options:
fmt = "s" * len(options[dhcp.DHCP_PARAMETER_REQUEST_LIST_OPT])
wanted_opt_set = struct.unpack(fmt, options[dhcp.DHCP_PARAMETER_REQUEST_LIST_OPT])
for i in wanted_opt_set:
wanted_opts.append(ord(i))
# DHCP options tag code
option_list = list()
option_list.append(dhcp.option(dhcp.DHCP_MESSAGE_TYPE_OPT, chr(msg_type), length=1))
if msg_type is not dhcp.DHCP_NAK:
if dhcp.DHCP_SUBNET_MASK_OPT in wanted_opts:
option_list.append(dhcp.option(dhcp.DHCP_SUBNET_MASK_OPT,
addrconv.ipv4.text_to_bin(self.subnet.toStr()),
length=4))
if dhcp.DHCP_GATEWAY_ADDR_OPT in wanted_opts and self.router_addr is not None:
option_list.append(dhcp.option(dhcp.DHCP_GATEWAY_ADDR_OPT,
addrconv.ipv4.text_to_bin(self.router_addr.toStr()),
length=4))
if dhcp.DHCP_DNS_SERVER_ADDR_OPT in wanted_opts and self.dns_addr is not None:
option_list.append(dhcp.option(dhcp.DHCP_DNS_SERVER_ADDR_OPT,
addrconv.ipv4.text_to_bin(self.dns_addr.toStr()),
length=4))
option_list.append(dhcp.option(dhcp.DHCP_IP_ADDR_LEASE_TIME_OPT,
chr(self.lease_time),
length=4))
option_list.append(dhcp.option(dhcp.DHCP_RENEWAL_TIME_OPT, chr(self.lease_time / 2), length=4))
option_list.append(dhcp.option(dhcp.DHCP_REBINDING_TIME_OPT, chr(self.lease_time * 7 / 8), length=4))
resp_options = dhcp.options(option_list=option_list)
pkt.add_protocol(dhcp.dhcp(op=self._MSG_TYPE_BOOT_REPLY, chaddr=pkt_dhcp.chaddr, options=resp_options,
xid=pkt_dhcp.xid, ciaddr=pkt_dhcp.ciaddr, yiaddr=wanted_ip.toStr(),
siaddr=self.ip_addr.toStr(), giaddr='0.0.0.0', sname='', boot_file=''))
# RELEASE MSG
if dhcp_msg_type == dhcp.DHCP_RELEASE:
if self.leases.get(src).toStr() != pkt_dhcp.ciaddr:
LOG.warn("%s tried to release unleased %s" % (src, pkt_dhcp.ciaddr))
return
del self.leases[src]
pool.append(pkt_dhcp.ciaddr)
LOG.info("%s released %s" % (src, pkt_dhcp.ciaddr))
self._send_dhcp_reply(datapath, port, pkt)
return True
def _build_pkt(self, fields, ops):
pkt_out = packet.Packet()
pkt_ipv4 = pkt_out.get_protocol(ipv4.ipv4)
pkt_icmp = pkt_out.get_protocol(icmp.icmp)
def addIPv4(pkt_out, fields):
pkt_out.add_protocol(ipv4.ipv4(dst=fields['dstip'],
version = 4,
header_length = 5,
tos = 0,
total_length = 0,
identification = fields['id'],
flags=0x02,
ttl = 63,
proto = fields['proto'],
csum = 0,
option = None,
src=fields['srcip']))
return pkt_out
def addARP(pkt_out,fields):
pkt_out.add_protocol(arp.arp(opcode=arp.ARP_REPLY,
src_mac=fields['srcmac'],
src_ip=fields['srcip'],
dst_mac=fields['dstmac'],
dst_ip=fields['dstip']))
return pkt_out
pkt_out.add_protocol(ethernet.ethernet(ethertype=fields['ethtype'],
dst=fields['dstmac'],
src=fields['srcmac']))
# Add if ARP
if 'arp' in fields['ptype']:
pkt_out.add_protocol(arp.arp(opcode=arp.ARP_REPLY,
src_mac=fields['srcmac'],
src_ip=fields['srcip'],
dst_mac=fields['dstmac'],
dst_ip=fields['dstip']))
# Add if IPv4
if 'ipv4' in fields['ptype']:
pkt_out = addIPv4(pkt_out,fields)
# Add if ICMP
if 'icmp' in fields['ptype']:
pkt_out = addIPv4(pkt_out,fields)
pkt_out.add_protocol(icmp.icmp(type_=icmp.ICMP_ECHO_REPLY,
code=icmp.ICMP_ECHO_REPLY_CODE,
csum=0,
data=None))
# Add if UDP
if 'udp' in fields['ptype']:
#pkt_out = addARP(pkt_out,fields)
pkt_out = addIPv4(pkt_out,fields)
pkt_out.add_protocol(udp.udp(dst_port=fields['dstport'],
csum = 0,
total_length = 0,
src_port=fields['srcport']))
# bits=fields['bits'],option=fields['opt'],
##
##
# Add if TCP
if 'tcp' in fields['ptype']:
pkt_out = addIPv4(pkt_out,fields)
pkt_out.add_protocol(tcp.tcp(dst_port=fields['dstport'],
bits=fields['bits'],option=fields['opt'],
src_port=fields['srcport']))
#Add covert channel information
if fields['com'] != None:
pkt_out.add_protocol(fields['com'])
#Send crafted packet
print "Packet out: \n"
print pkt_out
self._send_packet(fields['dp'], ops['newport'], pkt_out)