blob: ecb159e885ecdb75817c1a7ab56dd3d471f20793 [file] [log] [blame]
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -07001#
2# Copyright 2016-present Ciena Corporation
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16import json
17import requests
18import os,sys,time
A.R Karthick2e99c472017-03-22 19:13:51 -070019import logging
20logging.getLogger('scapy.runtime').setLevel(logging.ERROR)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070021from scapy.all import *
A.R Karthickbe7768c2017-03-17 11:39:41 -070022from CordTestUtils import get_mac, get_controller
23from OnosCtrl import OnosCtrl
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070024from OnosFlowCtrl import OnosFlowCtrl
ChetanGaonker689b3862016-10-17 16:25:01 -070025log.setLevel('INFO')
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070026
27conf.verb = 0 # Disable Scapy verbosity
28conf.checkIPaddr = 0 # Don't check response packets for matching destination IPs
29
30class ACLTest:
31
32 auth = ('karaf', 'karaf')
A R Karthick456e9cf2016-10-03 14:37:44 -070033 controller = get_controller()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070034 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
35 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(controller, id)
36 clear_all_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
37 iface_create_onos_url = 'http://%s:8181/onos/v1/network/configuration' %(controller)
A R Karthicka337f4d2016-10-06 13:53:15 -070038 device_id = 'of:' + get_mac()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070039 MAX_PORTS = 100
40
41 def __init__(self, ipv4Prefix ='v4', srcIp ='null', dstIp ='null', ipProto = 'null', dstTpPort = 0, action = 'null', ingress_iface = 1, egress_iface = 2,iface_num = 0, iface_name = 'null', iface_count = 0, iface_ip = 'null'):
42 self.ipv4Prefix = ipv4Prefix
43 self.srcIp = srcIp
44 self.ingress_iface = ingress_iface
45 self.egress_iface = egress_iface
46 self.dstIp = dstIp
47 self.ipProto = ipProto
48 self.dstTpPort = dstTpPort
49 self.action = action
50 self.iface_count = iface_count
51 self.iface_num = iface_num
52 self.iface_name = iface_name
53 self.iface_ip = iface_ip
A R Karthicka337f4d2016-10-06 13:53:15 -070054 self.device_id = OnosCtrl.get_device_id()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070055
ChetanGaonker689b3862016-10-17 16:25:01 -070056 def adding_acl_rule(self, ipv4Prefix, srcIp, dstIp, ipProto ='null', dstTpPort='null', action= 'include',controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070057 '''This function is generating ACL json file and post to ONOS for creating a ACL rule'''
58 if ipv4Prefix is 'v4':
A R Karthick2b93d6a2016-09-06 15:19:09 -070059 acl_dict = {}
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070060 if srcIp and dstIp and action:
61 acl_dict['srcIp'] = '{}'.format(srcIp)
62 acl_dict['dstIp'] = '{}'.format(dstIp)
63 acl_dict['action'] = '{}'.format(action)
64 if ipProto is not 'null':
65 acl_dict['ipProto'] = '{}'.format(ipProto)
66 if dstTpPort is not 'null':
67 acl_dict['dstTpPort'] = '{}'.format(dstTpPort)
68 json_data = json.dumps(acl_dict)
ChetanGaonker689b3862016-10-17 16:25:01 -070069 if controller is None:
70 # if controller ip is not passed, it will default controller ip
71 resp = requests.post(self.add_acl_rule_url, auth = self.auth, data = json_data)
72 else:
73 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
74 log.info('add_acl_rule_acl url is %s'%add_acl_rule_url)
75 resp = requests.post(add_acl_rule_url, auth = self.auth, data = json_data)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070076 return resp.ok, resp.status_code
77
ChetanGaonker689b3862016-10-17 16:25:01 -070078 def get_acl_rules(self,controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070079 '''This function is getting a ACL rules from ONOS with json formate'''
ChetanGaonker689b3862016-10-17 16:25:01 -070080 if controller is None:
81 resp = requests.get(self.add_acl_rule_url, auth = self.auth)
82 else:
83 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
84 log.info('get_acl_rule_url is %s'%add_acl_rule_url)
85 resp = requests.get(add_acl_rule_url, auth = self.auth)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070086 return resp
87
88 @classmethod
ChetanGaonker689b3862016-10-17 16:25:01 -070089 def remove_acl_rule(cls,id = None,controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070090 '''This function is delete one or all ACL rules in ONOS'''
91 if id is None:
ChetanGaonker689b3862016-10-17 16:25:01 -070092 if controller is None:
93 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(cls.controller)
94 else:
95 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -070096 else:
ChetanGaonker689b3862016-10-17 16:25:01 -070097 if controller is None:
98 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(cls.controller, id)
99 else:
100 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(controller, id)
101 log.info('remove_acl_rule_url is %s'%remove_acl_rule_url)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700102 resp = requests.delete(remove_acl_rule_url, auth = cls.auth)
103 return resp.ok, resp.status_code
A R Karthick2b93d6a2016-09-06 15:19:09 -0700104
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700105 def generate_onos_interface_config(self,iface_num = 4, iface_name = 'null',iface_count = 1,iface_ip = '198.162.10.1'):
106 '''This function is generate interface config data in json format and post to ONOS for creating it '''
107 ''' To add interfaces on ONOS to test acl with trffic'''
108 num = 0
109 egress_host_list = []
110 interface_list = []
111 ip = iface_ip.split('/')[0]
112 start_iface_ip = ip.split('.')
113 start_ip = ( int(start_iface_ip[0]) << 24) | ( int(start_iface_ip[1]) << 16) | ( int(start_iface_ip[2]) << 8) | 0
114 end_ip = ( 200 << 24 ) | (168 << 16) | (10 << 8) | 0
115 ports_dict = { 'ports' : {} }
116 for n in xrange(start_ip, end_ip, 256):
117 port_map = ports_dict['ports']
118 port = iface_num if num < self.MAX_PORTS - 1 else self.MAX_PORTS - 1
119 device_port_key = '{0}/{1}'.format(self.device_id, port)
120 try:
121 interfaces = port_map[device_port_key]['interfaces']
122 except:
123 port_map[device_port_key] = { 'interfaces' : [] }
124 interfaces = port_map[device_port_key]['interfaces']
125 ip = n + 2
126 peer_ip = n + 1
127 ips = '%d.%d.%d.%d/%d'%( (ip >> 24) & 0xff, ( (ip >> 16) & 0xff ), ( (ip >> 8 ) & 0xff ), ip & 0xff, int(iface_ip.split('/')[1]))
128 peer = '%d.%d.%d.%d' % ( (peer_ip >> 24) & 0xff, ( ( peer_ip >> 16) & 0xff ), ( (peer_ip >> 8 ) & 0xff ), peer_ip & 0xff )
129 mac = RandMAC()._fix()
130 egress_host_list.append((peer, mac))
131 if num < self.MAX_PORTS - 1:
132 interface_dict = { 'name' : '{0}-{1}'.format(iface_name,port), 'ips': [ips], 'mac' : mac }
133 interfaces.append(interface_dict)
134 interface_list.append(interface_dict['name'])
135 else:
136 interfaces[0]['ips'].append(ips)
137 num += 1
138 if num == iface_count:
139 break
140 json_data = json.dumps(ports_dict)
141 resp = requests.post(self.iface_create_onos_url, auth = self.auth, data = json_data)
142 return resp.ok, resp.status_code, egress_host_list