Gitiles
Code Review Sign In
gerrit.opencord.org / cord-tester / 3e13f13c23bb19ecdf13c6867e2fb3f2f791e6e3 / . / src / test / utils / ACL.py
blob: b246de134429e7da441cb3feeda931d5b44c76f1 [file] [log] [blame]
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]1#
2# Copyright 2016-present Ciena Corporation
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16import json
17import requests
18import os,sys,time
19from scapy.all import *
A.R Karthickbe7768c2017-03-17 11:39:41 -0700[diff] [blame]20from CordTestUtils import get_mac, get_controller
21from OnosCtrl import OnosCtrl
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]22from OnosFlowCtrl import OnosFlowCtrl
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]23log.setLevel('INFO')
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]24
25conf.verb = 0 # Disable Scapy verbosity
26conf.checkIPaddr = 0 # Don't check response packets for matching destination IPs
27
28class ACLTest:
29
30 auth = ('karaf', 'karaf')
A R Karthick456e9cf2016-10-03 14:37:44 -0700[diff] [blame]31 controller = get_controller()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]32 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
33 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(controller, id)
34 clear_all_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
35 iface_create_onos_url = 'http://%s:8181/onos/v1/network/configuration' %(controller)
A R Karthicka337f4d2016-10-06 13:53:15 -0700[diff] [blame]36 device_id = 'of:' + get_mac()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]37 MAX_PORTS = 100
38
39 def __init__(self, ipv4Prefix ='v4', srcIp ='null', dstIp ='null', ipProto = 'null', dstTpPort = 0, action = 'null', ingress_iface = 1, egress_iface = 2,iface_num = 0, iface_name = 'null', iface_count = 0, iface_ip = 'null'):
40 self.ipv4Prefix = ipv4Prefix
41 self.srcIp = srcIp
42 self.ingress_iface = ingress_iface
43 self.egress_iface = egress_iface
44 self.dstIp = dstIp
45 self.ipProto = ipProto
46 self.dstTpPort = dstTpPort
47 self.action = action
48 self.iface_count = iface_count
49 self.iface_num = iface_num
50 self.iface_name = iface_name
51 self.iface_ip = iface_ip
A R Karthicka337f4d2016-10-06 13:53:15 -0700[diff] [blame]52 self.device_id = OnosCtrl.get_device_id()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]53
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]54 def adding_acl_rule(self, ipv4Prefix, srcIp, dstIp, ipProto ='null', dstTpPort='null', action= 'include',controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]55 '''This function is generating ACL json file and post to ONOS for creating a ACL rule'''
56 if ipv4Prefix is 'v4':
A R Karthick2b93d6a2016-09-06 15:19:09 -0700[diff] [blame]57 acl_dict = {}
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]58 if srcIp and dstIp and action:
59 acl_dict['srcIp'] = '{}'.format(srcIp)
60 acl_dict['dstIp'] = '{}'.format(dstIp)
61 acl_dict['action'] = '{}'.format(action)
62 if ipProto is not 'null':
63 acl_dict['ipProto'] = '{}'.format(ipProto)
64 if dstTpPort is not 'null':
65 acl_dict['dstTpPort'] = '{}'.format(dstTpPort)
66 json_data = json.dumps(acl_dict)
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]67 if controller is None:
68 # if controller ip is not passed, it will default controller ip
69 resp = requests.post(self.add_acl_rule_url, auth = self.auth, data = json_data)
70 else:
71 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
72 log.info('add_acl_rule_acl url is %s'%add_acl_rule_url)
73 resp = requests.post(add_acl_rule_url, auth = self.auth, data = json_data)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]74 return resp.ok, resp.status_code
75
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]76 def get_acl_rules(self,controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]77 '''This function is getting a ACL rules from ONOS with json formate'''
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]78 if controller is None:
79 resp = requests.get(self.add_acl_rule_url, auth = self.auth)
80 else:
81 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
82 log.info('get_acl_rule_url is %s'%add_acl_rule_url)
83 resp = requests.get(add_acl_rule_url, auth = self.auth)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]84 return resp
85
86 @classmethod
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]87 def remove_acl_rule(cls,id = None,controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]88 '''This function is delete one or all ACL rules in ONOS'''
89 if id is None:
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]90 if controller is None:
91 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(cls.controller)
92 else:
93 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]94 else:
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]95 if controller is None:
96 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(cls.controller, id)
97 else:
98 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(controller, id)
99 log.info('remove_acl_rule_url is %s'%remove_acl_rule_url)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]100 resp = requests.delete(remove_acl_rule_url, auth = cls.auth)
101 return resp.ok, resp.status_code
A R Karthick2b93d6a2016-09-06 15:19:09 -0700[diff] [blame]102
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]103 def generate_onos_interface_config(self,iface_num = 4, iface_name = 'null',iface_count = 1,iface_ip = '198.162.10.1'):
104 '''This function is generate interface config data in json format and post to ONOS for creating it '''
105 ''' To add interfaces on ONOS to test acl with trffic'''
106 num = 0
107 egress_host_list = []
108 interface_list = []
109 ip = iface_ip.split('/')[0]
110 start_iface_ip = ip.split('.')
111 start_ip = ( int(start_iface_ip[0]) << 24) | ( int(start_iface_ip[1]) << 16) | ( int(start_iface_ip[2]) << 8) | 0
112 end_ip = ( 200 << 24 ) | (168 << 16) | (10 << 8) | 0
113 ports_dict = { 'ports' : {} }
114 for n in xrange(start_ip, end_ip, 256):
115 port_map = ports_dict['ports']
116 port = iface_num if num < self.MAX_PORTS - 1 else self.MAX_PORTS - 1
117 device_port_key = '{0}/{1}'.format(self.device_id, port)
118 try:
119 interfaces = port_map[device_port_key]['interfaces']
120 except:
121 port_map[device_port_key] = { 'interfaces' : [] }
122 interfaces = port_map[device_port_key]['interfaces']
123 ip = n + 2
124 peer_ip = n + 1
125 ips = '%d.%d.%d.%d/%d'%( (ip >> 24) & 0xff, ( (ip >> 16) & 0xff ), ( (ip >> 8 ) & 0xff ), ip & 0xff, int(iface_ip.split('/')[1]))
126 peer = '%d.%d.%d.%d' % ( (peer_ip >> 24) & 0xff, ( ( peer_ip >> 16) & 0xff ), ( (peer_ip >> 8 ) & 0xff ), peer_ip & 0xff )
127 mac = RandMAC()._fix()
128 egress_host_list.append((peer, mac))
129 if num < self.MAX_PORTS - 1:
130 interface_dict = { 'name' : '{0}-{1}'.format(iface_name,port), 'ips': [ips], 'mac' : mac }
131 interfaces.append(interface_dict)
132 interface_list.append(interface_dict['name'])
133 else:
134 interfaces[0]['ips'].append(ips)
135 num += 1
136 if num == iface_count:
137 break
138 json_data = json.dumps(ports_dict)
139 resp = requests.post(self.iface_create_onos_url, auth = self.auth, data = json_data)
140 return resp.ok, resp.status_code, egress_host_list