def setUp(self): super(TestArpResponder, self).setUp() self.topology = None self.policy = None try: self.topology = app_testing_objects.Topology( self.neutron, self.nb_api) subnet1 = self.topology.create_subnet(cidr='192.168.10.0/24') port1 = subnet1.create_port() port2 = subnet1.create_port() time.sleep(test_utils.DEFAULT_CMD_TIMEOUT) # Create policy arp_packet = self._create_arp_request( src_port=port1.port.get_logical_port(), dst_port=port2.port.get_logical_port(), ) send_arp_request = app_testing_objects.SendAction( subnet1.subnet_id, port1.port_id, str(arp_packet), ) ignore_action = app_testing_objects.IgnoreAction() log_action = app_testing_objects.LogAction() key1 = (subnet1.subnet_id, port1.port_id) port_policies = { key1: app_testing_objects.PortPolicy( rules=[ app_testing_objects.PortPolicyRule( # Detect arp replies app_testing_objects.RyuARPReplyFilter(), actions=[ log_action, app_testing_objects.StopSimulationAction() ] ), app_testing_objects.PortPolicyRule( # Ignore IPv6 packets app_testing_objects.RyuIPv6Filter(), actions=[ ignore_action ] ), ], default_action=app_testing_objects.RaiseAction( "Unexpected packet" ) ), } self.policy = app_testing_objects.Policy( initial_actions=[send_arp_request], port_policies=port_policies, unknown_port_action=ignore_action ) except Exception: if self.topology: self.topology.close() raise self.store(self.topology) self.store(self.policy)
def setUp(self): super(TestNeighborAdvertiser, self).setUp() self.topology = None self.policy = None # Disable Duplicate Address Detection requests from the interface self.dad_conf = utils.execute( ['sysctl', '-n', 'net.ipv6.conf.default.accept_dad']) utils.execute(['sysctl', '-w', 'net.ipv6.conf.default.accept_dad=0'], run_as_root=True) # Disable Router Solicitation requests from the interface self.router_solicit_conf = utils.execute( ['sysctl', '-n', 'net.ipv6.conf.default.router_solicitations']) utils.execute( ['sysctl', '-w', 'net.ipv6.conf.default.router_solicitations=0'], run_as_root=True) self.topology = app_testing_objects.Topology(self.neutron, self.nb_api) self.addCleanup(self.topology.close) subnet1 = self.topology.create_subnet(cidr='1111:1111:1111::/64') port1 = subnet1.create_port() port2 = subnet1.create_port() time.sleep(const.DEFAULT_RESOURCE_READY_TIMEOUT) # Create Neighbor Solicitation packet ns_packet = self._create_ns_request( src_port=port1.port.get_logical_port(), dst_port=port2.port.get_logical_port(), ) send_ns_request = app_testing_objects.SendAction( subnet1.subnet_id, port1.port_id, ns_packet, ) ignore_action = app_testing_objects.IgnoreAction() log_action = app_testing_objects.LogAction() key1 = (subnet1.subnet_id, port1.port_id) adv_filter = app_testing_objects.RyuNeighborAdvertisementFilter() port_policies = { key1: app_testing_objects.PortPolicy( rules=[ app_testing_objects.PortPolicyRule( # Detect advertisements adv_filter, actions=[ log_action, app_testing_objects.StopSimulationAction() ]), app_testing_objects.PortPolicyRule( # Filter local VM's Multicast requests app_testing_objects.RyuIpv6MulticastFilter(), actions=[ignore_action]) ], default_action=app_testing_objects.RaiseAction( "Unexpected packet")), } self.policy = app_testing_objects.Policy( initial_actions=[send_ns_request], port_policies=port_policies, unknown_port_action=ignore_action) self.addCleanup(self.policy.close)
def test_sfc(self): initial_packet = self._get_bytes( self._gen_ethernet() / self._gen_ipv4(proto=inet.IPPROTO_UDP) / self._gen_udp(src_port=SRC_PORT, dst_port=DST_PORT) / ('0' * 64)) final_packet = self._get_bytes( self._gen_ethernet() / self._gen_ipv4(proto=inet.IPPROTO_UDP) / self._gen_udp(src_port=SRC_PORT, dst_port=DST_PORT) / ('{len}'.format(len=len(self.layout)) * 64)) fc = self.store( objects.FlowClassifierTestObj(self.neutron, self.nb_api), ) fc.create({'logical_source_port': self.src_port.port.port_id}, ) pc = self._create_pc(fc, self.layout) time.sleep(_QUICK_RESOURCE_READY_TIMEOUT) dst_key = (self.subnet.subnet_id, self.dst_port.port_id) port_policies = { dst_key: app_testing_objects.PortPolicy( rules=[ app_testing_objects.PortPolicyRule( app_testing_objects.ExactMatchFilter(final_packet), actions=[app_testing_objects.StopSimulationAction()], ), ], default_action=app_testing_objects.IgnoreAction(), ), } port_policies.update(self._create_port_policies(pc)) policy = self.store( app_testing_objects.Policy( initial_actions=[ app_testing_objects.SendAction( self.subnet.subnet_id, self.src_port.port_id, initial_packet, ), ], port_policies=port_policies, unknown_port_action=app_testing_objects.LogAction()), ) policy.start(self.topology) policy.wait(10) if policy.exceptions: raise policy.exceptions[0]
def test_fc(self): fc = self.store( objects.FlowClassifierTestObj(self.neutron, self.nb_api), ) fc.create(self._fc_params) pc = self._create_pc(fc, [1]) time.sleep(_QUICK_RESOURCE_READY_TIMEOUT) dst_key = (self.subnet.subnet_id, self.dst_port.port_id) port_policies = { dst_key: app_testing_objects.PortPolicy( rules=[ app_testing_objects.PortPolicyRule( app_testing_objects.ExactMatchFilter( self._final_packet, ), actions=[app_testing_objects.StopSimulationAction()], ), ], default_action=app_testing_objects.IgnoreAction(), ), } port_policies.update(self._create_port_policies(pc)) policy = self.store( app_testing_objects.Policy( initial_actions=[ app_testing_objects.SendAction( self.subnet.subnet_id, self.src_port.port_id, self._initial_packet, ), ], port_policies=port_policies, unknown_port_action=app_testing_objects.LogAction()), ) policy.start(self.topology) policy.wait(10) if policy.exceptions: raise policy.exceptions[0]