blob: ccae5d5566354720f45c56c4702d7c3a775d24ff [file] [log] [blame]
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -07001#
2# Copyright 2016-present Ciena Corporation
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16import json
17import requests
18import os,sys,time
19from scapy.all import *
20from OnosCtrl import OnosCtrl, get_mac
21from OnosFlowCtrl import OnosFlowCtrl
22
23conf.verb = 0 # Disable Scapy verbosity
24conf.checkIPaddr = 0 # Don't check response packets for matching destination IPs
25
26class ACLTest:
27
28 auth = ('karaf', 'karaf')
A R Karthick2b93d6a2016-09-06 15:19:09 -070029 controller = OnosCtrl.get_controller()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070030 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
31 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(controller, id)
32 clear_all_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
33 iface_create_onos_url = 'http://%s:8181/onos/v1/network/configuration' %(controller)
34 device_id = 'of:' + get_mac('ovsbr0')
35 MAX_PORTS = 100
36
37 def __init__(self, ipv4Prefix ='v4', srcIp ='null', dstIp ='null', ipProto = 'null', dstTpPort = 0, action = 'null', ingress_iface = 1, egress_iface = 2,iface_num = 0, iface_name = 'null', iface_count = 0, iface_ip = 'null'):
38 self.ipv4Prefix = ipv4Prefix
39 self.srcIp = srcIp
40 self.ingress_iface = ingress_iface
41 self.egress_iface = egress_iface
42 self.dstIp = dstIp
43 self.ipProto = ipProto
44 self.dstTpPort = dstTpPort
45 self.action = action
46 self.iface_count = iface_count
47 self.iface_num = iface_num
48 self.iface_name = iface_name
49 self.iface_ip = iface_ip
50
51 def adding_acl_rule(self, ipv4Prefix, srcIp, dstIp, ipProto ='null', dstTpPort='null', action= 'include'):
52 '''This function is generating ACL json file and post to ONOS for creating a ACL rule'''
53 if ipv4Prefix is 'v4':
A R Karthick2b93d6a2016-09-06 15:19:09 -070054 acl_dict = {}
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070055 if srcIp and dstIp and action:
56 acl_dict['srcIp'] = '{}'.format(srcIp)
57 acl_dict['dstIp'] = '{}'.format(dstIp)
58 acl_dict['action'] = '{}'.format(action)
59 if ipProto is not 'null':
60 acl_dict['ipProto'] = '{}'.format(ipProto)
61 if dstTpPort is not 'null':
62 acl_dict['dstTpPort'] = '{}'.format(dstTpPort)
63 json_data = json.dumps(acl_dict)
64 resp = requests.post(self.add_acl_rule_url, auth = self.auth, data = json_data)
65 return resp.ok, resp.status_code
66
67 def get_acl_rules(self):
68 '''This function is getting a ACL rules from ONOS with json formate'''
69 resp = requests.get(self.add_acl_rule_url, auth = self.auth)
70 return resp
71
72 @classmethod
73 def remove_acl_rule(cls,id = None):
74 '''This function is delete one or all ACL rules in ONOS'''
75 if id is None:
76 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(cls.controller)
77 else:
78 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(cls.controller, id)
79 resp = requests.delete(remove_acl_rule_url, auth = cls.auth)
80 return resp.ok, resp.status_code
A R Karthick2b93d6a2016-09-06 15:19:09 -070081
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070082 def generate_onos_interface_config(self,iface_num = 4, iface_name = 'null',iface_count = 1,iface_ip = '198.162.10.1'):
83 '''This function is generate interface config data in json format and post to ONOS for creating it '''
84 ''' To add interfaces on ONOS to test acl with trffic'''
85 num = 0
86 egress_host_list = []
87 interface_list = []
88 ip = iface_ip.split('/')[0]
89 start_iface_ip = ip.split('.')
90 start_ip = ( int(start_iface_ip[0]) << 24) | ( int(start_iface_ip[1]) << 16) | ( int(start_iface_ip[2]) << 8) | 0
91 end_ip = ( 200 << 24 ) | (168 << 16) | (10 << 8) | 0
92 ports_dict = { 'ports' : {} }
93 for n in xrange(start_ip, end_ip, 256):
94 port_map = ports_dict['ports']
95 port = iface_num if num < self.MAX_PORTS - 1 else self.MAX_PORTS - 1
96 device_port_key = '{0}/{1}'.format(self.device_id, port)
97 try:
98 interfaces = port_map[device_port_key]['interfaces']
99 except:
100 port_map[device_port_key] = { 'interfaces' : [] }
101 interfaces = port_map[device_port_key]['interfaces']
102 ip = n + 2
103 peer_ip = n + 1
104 ips = '%d.%d.%d.%d/%d'%( (ip >> 24) & 0xff, ( (ip >> 16) & 0xff ), ( (ip >> 8 ) & 0xff ), ip & 0xff, int(iface_ip.split('/')[1]))
105 peer = '%d.%d.%d.%d' % ( (peer_ip >> 24) & 0xff, ( ( peer_ip >> 16) & 0xff ), ( (peer_ip >> 8 ) & 0xff ), peer_ip & 0xff )
106 mac = RandMAC()._fix()
107 egress_host_list.append((peer, mac))
108 if num < self.MAX_PORTS - 1:
109 interface_dict = { 'name' : '{0}-{1}'.format(iface_name,port), 'ips': [ips], 'mac' : mac }
110 interfaces.append(interface_dict)
111 interface_list.append(interface_dict['name'])
112 else:
113 interfaces[0]['ips'].append(ips)
114 num += 1
115 if num == iface_count:
116 break
117 json_data = json.dumps(ports_dict)
118 resp = requests.post(self.iface_create_onos_url, auth = self.auth, data = json_data)
119 return resp.ok, resp.status_code, egress_host_list
120