Gitiles
Code Review Sign In
gerrit.opencord.org / cord-tester / 73cfcee30de920427c88f16a3401e56f212ecac2 / . / src / test / utils / ACL.py
blob: 55333c4a75db58bfcd58f4eebe76bdca0ee6c3d5 [file] [log] [blame]
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]1#
2# Copyright 2016-present Ciena Corporation
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16import json
17import requests
18import os,sys,time
19from scapy.all import *
A R Karthick456e9cf2016-10-03 14:37:44 -0700[diff] [blame]20from OnosCtrl import OnosCtrl, get_mac, get_controller
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]21from OnosFlowCtrl import OnosFlowCtrl
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]22log.setLevel('INFO')
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]23
24conf.verb = 0 # Disable Scapy verbosity
25conf.checkIPaddr = 0 # Don't check response packets for matching destination IPs
26
27class ACLTest:
28
29 auth = ('karaf', 'karaf')
A R Karthick456e9cf2016-10-03 14:37:44 -0700[diff] [blame]30 controller = get_controller()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]31 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
32 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(controller, id)
33 clear_all_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
34 iface_create_onos_url = 'http://%s:8181/onos/v1/network/configuration' %(controller)
A R Karthicka337f4d2016-10-06 13:53:15 -0700[diff] [blame]35 device_id = 'of:' + get_mac()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]36 MAX_PORTS = 100
37
38 def __init__(self, ipv4Prefix ='v4', srcIp ='null', dstIp ='null', ipProto = 'null', dstTpPort = 0, action = 'null', ingress_iface = 1, egress_iface = 2,iface_num = 0, iface_name = 'null', iface_count = 0, iface_ip = 'null'):
39 self.ipv4Prefix = ipv4Prefix
40 self.srcIp = srcIp
41 self.ingress_iface = ingress_iface
42 self.egress_iface = egress_iface
43 self.dstIp = dstIp
44 self.ipProto = ipProto
45 self.dstTpPort = dstTpPort
46 self.action = action
47 self.iface_count = iface_count
48 self.iface_num = iface_num
49 self.iface_name = iface_name
50 self.iface_ip = iface_ip
A R Karthicka337f4d2016-10-06 13:53:15 -0700[diff] [blame]51 self.device_id = OnosCtrl.get_device_id()
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]52
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]53 def adding_acl_rule(self, ipv4Prefix, srcIp, dstIp, ipProto ='null', dstTpPort='null', action= 'include',controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]54 '''This function is generating ACL json file and post to ONOS for creating a ACL rule'''
55 if ipv4Prefix is 'v4':
A R Karthick2b93d6a2016-09-06 15:19:09 -0700[diff] [blame]56 acl_dict = {}
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]57 if srcIp and dstIp and action:
58 acl_dict['srcIp'] = '{}'.format(srcIp)
59 acl_dict['dstIp'] = '{}'.format(dstIp)
60 acl_dict['action'] = '{}'.format(action)
61 if ipProto is not 'null':
62 acl_dict['ipProto'] = '{}'.format(ipProto)
63 if dstTpPort is not 'null':
64 acl_dict['dstTpPort'] = '{}'.format(dstTpPort)
65 json_data = json.dumps(acl_dict)
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]66 if controller is None:
67 # if controller ip is not passed, it will default controller ip
68 resp = requests.post(self.add_acl_rule_url, auth = self.auth, data = json_data)
69 else:
70 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
71 log.info('add_acl_rule_acl url is %s'%add_acl_rule_url)
72 resp = requests.post(add_acl_rule_url, auth = self.auth, data = json_data)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]73 return resp.ok, resp.status_code
74
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]75 def get_acl_rules(self,controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]76 '''This function is getting a ACL rules from ONOS with json formate'''
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]77 if controller is None:
78 resp = requests.get(self.add_acl_rule_url, auth = self.auth)
79 else:
80 add_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
81 log.info('get_acl_rule_url is %s'%add_acl_rule_url)
82 resp = requests.get(add_acl_rule_url, auth = self.auth)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]83 return resp
84
85 @classmethod
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]86 def remove_acl_rule(cls,id = None,controller=None):
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]87 '''This function is delete one or all ACL rules in ONOS'''
88 if id is None:
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]89 if controller is None:
90 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(cls.controller)
91 else:
92 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules' %(controller)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]93 else:
ChetanGaonker689b3862016-10-17 16:25:01 -0700[diff] [blame]94 if controller is None:
95 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(cls.controller, id)
96 else:
97 remove_acl_rule_url = 'http://%s:8181/onos/v1/acl/rules/%s' %(controller, id)
98 log.info('remove_acl_rule_url is %s'%remove_acl_rule_url)
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]99 resp = requests.delete(remove_acl_rule_url, auth = cls.auth)
100 return resp.ok, resp.status_code
A R Karthick2b93d6a2016-09-06 15:19:09 -0700[diff] [blame]101
ChetanGaonkerf0dd5bb2016-07-28 16:22:06 -0700[diff] [blame]102 def generate_onos_interface_config(self,iface_num = 4, iface_name = 'null',iface_count = 1,iface_ip = '198.162.10.1'):
103 '''This function is generate interface config data in json format and post to ONOS for creating it '''
104 ''' To add interfaces on ONOS to test acl with trffic'''
105 num = 0
106 egress_host_list = []
107 interface_list = []
108 ip = iface_ip.split('/')[0]
109 start_iface_ip = ip.split('.')
110 start_ip = ( int(start_iface_ip[0]) << 24) | ( int(start_iface_ip[1]) << 16) | ( int(start_iface_ip[2]) << 8) | 0
111 end_ip = ( 200 << 24 ) | (168 << 16) | (10 << 8) | 0
112 ports_dict = { 'ports' : {} }
113 for n in xrange(start_ip, end_ip, 256):
114 port_map = ports_dict['ports']
115 port = iface_num if num < self.MAX_PORTS - 1 else self.MAX_PORTS - 1
116 device_port_key = '{0}/{1}'.format(self.device_id, port)
117 try:
118 interfaces = port_map[device_port_key]['interfaces']
119 except:
120 port_map[device_port_key] = { 'interfaces' : [] }
121 interfaces = port_map[device_port_key]['interfaces']
122 ip = n + 2
123 peer_ip = n + 1
124 ips = '%d.%d.%d.%d/%d'%( (ip >> 24) & 0xff, ( (ip >> 16) & 0xff ), ( (ip >> 8 ) & 0xff ), ip & 0xff, int(iface_ip.split('/')[1]))
125 peer = '%d.%d.%d.%d' % ( (peer_ip >> 24) & 0xff, ( ( peer_ip >> 16) & 0xff ), ( (peer_ip >> 8 ) & 0xff ), peer_ip & 0xff )
126 mac = RandMAC()._fix()
127 egress_host_list.append((peer, mac))
128 if num < self.MAX_PORTS - 1:
129 interface_dict = { 'name' : '{0}-{1}'.format(iface_name,port), 'ips': [ips], 'mac' : mac }
130 interfaces.append(interface_dict)
131 interface_list.append(interface_dict['name'])
132 else:
133 interfaces[0]['ips'].append(ips)
134 num += 1
135 if num == iface_count:
136 break
137 json_data = json.dumps(ports_dict)
138 resp = requests.post(self.iface_create_onos_url, auth = self.auth, data = json_data)
139 return resp.ok, resp.status_code, egress_host_list
140