Search in sources :

Example 1 with PROTOCOL_TCP

use of org.onlab.packet.IPv4.PROTOCOL_TCP in project onos by opennetworkinglab.

the class ReactiveForwarding method installRule.

// Install a rule forwarding the packet to the specified port.
private void installRule(PacketContext context, PortNumber portNumber, ReactiveForwardMetrics macMetrics) {
    // 
    // We don't support (yet) buffer IDs in the Flow Service so
    // packet out first.
    // 
    Ethernet inPkt = context.inPacket().parsed();
    TrafficSelector.Builder selectorBuilder = DefaultTrafficSelector.builder();
    // If PacketOutOnly or ARP packet than forward directly to output port
    if (packetOutOnly || inPkt.getEtherType() == Ethernet.TYPE_ARP) {
        packetOut(context, portNumber, macMetrics);
        return;
    }
    // 
    if (matchDstMacOnly) {
        selectorBuilder.matchEthDst(inPkt.getDestinationMAC());
    } else {
        selectorBuilder.matchInPort(context.inPacket().receivedFrom().port()).matchEthSrc(inPkt.getSourceMAC()).matchEthDst(inPkt.getDestinationMAC());
        // If configured Match Vlan ID
        if (matchVlanId && inPkt.getVlanID() != Ethernet.VLAN_UNTAGGED) {
            selectorBuilder.matchVlanId(VlanId.vlanId(inPkt.getVlanID()));
        }
        // 
        if (matchIpv4Address && inPkt.getEtherType() == Ethernet.TYPE_IPV4) {
            IPv4 ipv4Packet = (IPv4) inPkt.getPayload();
            byte ipv4Protocol = ipv4Packet.getProtocol();
            Ip4Prefix matchIp4SrcPrefix = Ip4Prefix.valueOf(ipv4Packet.getSourceAddress(), Ip4Prefix.MAX_MASK_LENGTH);
            Ip4Prefix matchIp4DstPrefix = Ip4Prefix.valueOf(ipv4Packet.getDestinationAddress(), Ip4Prefix.MAX_MASK_LENGTH);
            selectorBuilder.matchEthType(Ethernet.TYPE_IPV4).matchIPSrc(matchIp4SrcPrefix).matchIPDst(matchIp4DstPrefix);
            if (matchIpv4Dscp) {
                byte dscp = ipv4Packet.getDscp();
                byte ecn = ipv4Packet.getEcn();
                selectorBuilder.matchIPDscp(dscp).matchIPEcn(ecn);
            }
            if (matchTcpUdpPorts && ipv4Protocol == IPv4.PROTOCOL_TCP) {
                TCP tcpPacket = (TCP) ipv4Packet.getPayload();
                selectorBuilder.matchIPProtocol(ipv4Protocol).matchTcpSrc(TpPort.tpPort(tcpPacket.getSourcePort())).matchTcpDst(TpPort.tpPort(tcpPacket.getDestinationPort()));
            }
            if (matchTcpUdpPorts && ipv4Protocol == IPv4.PROTOCOL_UDP) {
                UDP udpPacket = (UDP) ipv4Packet.getPayload();
                selectorBuilder.matchIPProtocol(ipv4Protocol).matchUdpSrc(TpPort.tpPort(udpPacket.getSourcePort())).matchUdpDst(TpPort.tpPort(udpPacket.getDestinationPort()));
            }
            if (matchIcmpFields && ipv4Protocol == IPv4.PROTOCOL_ICMP) {
                ICMP icmpPacket = (ICMP) ipv4Packet.getPayload();
                selectorBuilder.matchIPProtocol(ipv4Protocol).matchIcmpType(icmpPacket.getIcmpType()).matchIcmpCode(icmpPacket.getIcmpCode());
            }
        }
        // 
        if (matchIpv6Address && inPkt.getEtherType() == Ethernet.TYPE_IPV6) {
            IPv6 ipv6Packet = (IPv6) inPkt.getPayload();
            byte ipv6NextHeader = ipv6Packet.getNextHeader();
            Ip6Prefix matchIp6SrcPrefix = Ip6Prefix.valueOf(ipv6Packet.getSourceAddress(), Ip6Prefix.MAX_MASK_LENGTH);
            Ip6Prefix matchIp6DstPrefix = Ip6Prefix.valueOf(ipv6Packet.getDestinationAddress(), Ip6Prefix.MAX_MASK_LENGTH);
            selectorBuilder.matchEthType(Ethernet.TYPE_IPV6).matchIPv6Src(matchIp6SrcPrefix).matchIPv6Dst(matchIp6DstPrefix);
            if (matchIpv6FlowLabel) {
                selectorBuilder.matchIPv6FlowLabel(ipv6Packet.getFlowLabel());
            }
            if (matchTcpUdpPorts && ipv6NextHeader == IPv6.PROTOCOL_TCP) {
                TCP tcpPacket = (TCP) ipv6Packet.getPayload();
                selectorBuilder.matchIPProtocol(ipv6NextHeader).matchTcpSrc(TpPort.tpPort(tcpPacket.getSourcePort())).matchTcpDst(TpPort.tpPort(tcpPacket.getDestinationPort()));
            }
            if (matchTcpUdpPorts && ipv6NextHeader == IPv6.PROTOCOL_UDP) {
                UDP udpPacket = (UDP) ipv6Packet.getPayload();
                selectorBuilder.matchIPProtocol(ipv6NextHeader).matchUdpSrc(TpPort.tpPort(udpPacket.getSourcePort())).matchUdpDst(TpPort.tpPort(udpPacket.getDestinationPort()));
            }
            if (matchIcmpFields && ipv6NextHeader == IPv6.PROTOCOL_ICMP6) {
                ICMP6 icmp6Packet = (ICMP6) ipv6Packet.getPayload();
                selectorBuilder.matchIPProtocol(ipv6NextHeader).matchIcmpv6Type(icmp6Packet.getIcmpType()).matchIcmpv6Code(icmp6Packet.getIcmpCode());
            }
        }
    }
    TrafficTreatment treatment;
    if (inheritFlowTreatment) {
        treatment = context.treatmentBuilder().setOutput(portNumber).build();
    } else {
        treatment = DefaultTrafficTreatment.builder().setOutput(portNumber).build();
    }
    ForwardingObjective forwardingObjective = DefaultForwardingObjective.builder().withSelector(selectorBuilder.build()).withTreatment(treatment).withPriority(flowPriority).withFlag(ForwardingObjective.Flag.VERSATILE).fromApp(appId).makeTemporary(flowTimeout).add();
    flowObjectiveService.forward(context.inPacket().receivedFrom().deviceId(), forwardingObjective);
    forwardPacket(macMetrics);
    // 
    if (packetOutOfppTable) {
        packetOut(context, PortNumber.TABLE, macMetrics);
    } else {
        packetOut(context, portNumber, macMetrics);
    }
}
Also used : TCP(org.onlab.packet.TCP) UDP(org.onlab.packet.UDP) IPv6(org.onlab.packet.IPv6) IPv4(org.onlab.packet.IPv4) ForwardingObjective(org.onosproject.net.flowobjective.ForwardingObjective) DefaultForwardingObjective(org.onosproject.net.flowobjective.DefaultForwardingObjective) DefaultTrafficTreatment(org.onosproject.net.flow.DefaultTrafficTreatment) TrafficTreatment(org.onosproject.net.flow.TrafficTreatment) Ip6Prefix(org.onlab.packet.Ip6Prefix) Ethernet(org.onlab.packet.Ethernet) TrafficSelector(org.onosproject.net.flow.TrafficSelector) DefaultTrafficSelector(org.onosproject.net.flow.DefaultTrafficSelector) Ip4Prefix(org.onlab.packet.Ip4Prefix) ICMP6(org.onlab.packet.ICMP6) ICMP(org.onlab.packet.ICMP)

Example 2 with PROTOCOL_TCP

use of org.onlab.packet.IPv4.PROTOCOL_TCP in project onos by opennetworkinglab.

the class OpenstackRoutingSnatHandler method packetOut.

private void packetOut(Ethernet ethPacketIn, DeviceId srcDevice, int patPort, IpAddress externalIp, ExternalPeerRouter externalPeerRouter) {
    IPv4 iPacket = (IPv4) ethPacketIn.getPayload();
    switch(iPacket.getProtocol()) {
        case IPv4.PROTOCOL_TCP:
            iPacket.setPayload(buildPacketOutTcp(iPacket, patPort));
            break;
        case IPv4.PROTOCOL_UDP:
            iPacket.setPayload(buildPacketOutUdp(iPacket, patPort));
            break;
        default:
            log.trace("Temporally, this method can process UDP and TCP protocol.");
            return;
    }
    iPacket.setSourceAddress(externalIp.toString());
    iPacket.resetChecksum();
    iPacket.setParent(ethPacketIn);
    ethPacketIn.setSourceMACAddress(DEFAULT_GATEWAY_MAC);
    ethPacketIn.setDestinationMACAddress(externalPeerRouter.macAddress());
    ethPacketIn.setPayload(iPacket);
    if (!externalPeerRouter.vlanId().equals(VlanId.NONE)) {
        ethPacketIn.setVlanID(externalPeerRouter.vlanId().toShort());
    }
    ethPacketIn.resetChecksum();
    OpenstackNode srcNode = osNodeService.node(srcDevice);
    if (srcNode == null) {
        final String error = String.format("Cannot find openstack node for %s", srcDevice);
        throw new IllegalStateException(error);
    }
    TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder();
    packetService.emit(new DefaultOutboundPacket(srcDevice, tBuilder.setOutput(srcNode.uplinkPortNum()).build(), ByteBuffer.wrap(ethPacketIn.serialize())));
}
Also used : IPv4(org.onlab.packet.IPv4) DefaultOutboundPacket(org.onosproject.net.packet.DefaultOutboundPacket) OpenstackNode(org.onosproject.openstacknode.api.OpenstackNode) DefaultTrafficTreatment(org.onosproject.net.flow.DefaultTrafficTreatment) TrafficTreatment(org.onosproject.net.flow.TrafficTreatment)

Example 3 with PROTOCOL_TCP

use of org.onlab.packet.IPv4.PROTOCOL_TCP in project onos by opennetworkinglab.

the class OpenstackRoutingSnatHandler method setStatelessSnatUpstreamRules.

private void setStatelessSnatUpstreamRules(String segmentId, Type networkType, IpAddress externalIp, ExternalPeerRouter externalPeerRouter, TpPort patPort, InboundPacket packetIn) {
    IPv4 iPacket = (IPv4) packetIn.parsed().getPayload();
    TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder().matchEthType(Ethernet.TYPE_IPV4).matchIPProtocol(iPacket.getProtocol()).matchIPSrc(IpPrefix.valueOf(iPacket.getSourceAddress(), VM_PREFIX)).matchIPDst(IpPrefix.valueOf(iPacket.getDestinationAddress(), VM_PREFIX));
    TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder();
    switch(networkType) {
        case VXLAN:
        case GRE:
        case GENEVE:
            sBuilder.matchTunnelId(Long.parseLong(segmentId));
            break;
        case VLAN:
            sBuilder.matchVlanId(VlanId.vlanId(segmentId));
            tBuilder.popVlan();
            break;
        default:
            final String error = String.format("%s %s", ERR_UNSUPPORTED_NET_TYPE, networkType.toString());
            throw new IllegalStateException(error);
    }
    switch(iPacket.getProtocol()) {
        case IPv4.PROTOCOL_TCP:
            TCP tcpPacket = (TCP) iPacket.getPayload();
            sBuilder.matchTcpSrc(TpPort.tpPort(tcpPacket.getSourcePort())).matchTcpDst(TpPort.tpPort(tcpPacket.getDestinationPort()));
            tBuilder.setTcpSrc(patPort).setEthDst(externalPeerRouter.macAddress());
            break;
        case IPv4.PROTOCOL_UDP:
            UDP udpPacket = (UDP) iPacket.getPayload();
            sBuilder.matchUdpSrc(TpPort.tpPort(udpPacket.getSourcePort())).matchUdpDst(TpPort.tpPort(udpPacket.getDestinationPort()));
            tBuilder.setUdpSrc(patPort).setEthDst(externalPeerRouter.macAddress());
            break;
        default:
            log.debug("Unsupported IPv4 protocol {}");
            break;
    }
    if (!externalPeerRouter.vlanId().equals(VlanId.NONE)) {
        tBuilder.pushVlan().setVlanId(externalPeerRouter.vlanId());
    }
    tBuilder.setIpSrc(externalIp);
    osNodeService.completeNodes(GATEWAY).forEach(gNode -> {
        TrafficTreatment.Builder tmpBuilder = DefaultTrafficTreatment.builder(tBuilder.build());
        tmpBuilder.setOutput(gNode.uplinkPortNum());
        osFlowRuleService.setRule(appId, gNode.intgBridge(), sBuilder.build(), tmpBuilder.build(), PRIORITY_SNAT_RULE, GW_COMMON_TABLE, true);
    });
}
Also used : TCP(org.onlab.packet.TCP) UDP(org.onlab.packet.UDP) IPv4(org.onlab.packet.IPv4) TrafficSelector(org.onosproject.net.flow.TrafficSelector) DefaultTrafficSelector(org.onosproject.net.flow.DefaultTrafficSelector) DefaultTrafficTreatment(org.onosproject.net.flow.DefaultTrafficTreatment) TrafficTreatment(org.onosproject.net.flow.TrafficTreatment)

Example 4 with PROTOCOL_TCP

use of org.onlab.packet.IPv4.PROTOCOL_TCP in project onos by opennetworkinglab.

the class OpenstackAddAclCommand method doExecute.

@Override
protected void doExecute() {
    OpenstackFlowRuleService flowRuleService = get(OpenstackFlowRuleService.class);
    CoreService coreService = get(CoreService.class);
    ApplicationId appId = coreService.getAppId(OPENSTACK_NETWORKING_APP_ID);
    InstancePortService instancePortService = get(InstancePortService.class);
    IpAddress srcIpAddress;
    IpAddress dstIpAddress;
    try {
        srcIpAddress = IpAddress.valueOf(srcIpStr);
        dstIpAddress = IpAddress.valueOf(dstIpStr);
    } catch (IllegalArgumentException e) {
        log.error("IllegalArgumentException occurred because of {}", e);
        return;
    }
    TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder().matchEthType(Ethernet.TYPE_IPV4).matchIPSrc(srcIpAddress.toIpPrefix()).matchIPDst(dstIpAddress.toIpPrefix());
    TrafficTreatment treatment = DefaultTrafficTreatment.builder().drop().build();
    if (srcPort != 0 || dstPort != 0) {
        sBuilder.matchIPProtocol(IPv4.PROTOCOL_TCP);
        if (srcPort != 0) {
            sBuilder.matchTcpSrc(TpPort.tpPort(srcPort));
        }
        if (dstPort != 0) {
            sBuilder.matchTcpDst(TpPort.tpPort(dstPort));
        }
    }
    log.info("Deny the packet from srcIp: {}, dstPort: {} to dstIp: {}, dstPort: {}", srcIpAddress.toString(), srcPort, dstIpAddress.toString(), dstPort);
    Optional<InstancePort> instancePort = instancePortService.instancePorts().stream().filter(port -> port.ipAddress().toString().equals(dstIpStr)).findAny();
    if (!instancePort.isPresent()) {
        log.info("Instance port that matches with the given dst ip address isn't present {}");
        return;
    }
    flowRuleService.setRule(appId, instancePort.get().deviceId(), sBuilder.build(), treatment, PRIORITY_FORCED_ACL_RULE, DHCP_TABLE, true);
}
Also used : TpPort(org.onlab.packet.TpPort) TrafficTreatment(org.onosproject.net.flow.TrafficTreatment) PRIORITY_FORCED_ACL_RULE(org.onosproject.openstacknetworking.api.Constants.PRIORITY_FORCED_ACL_RULE) OpenstackFlowRuleService(org.onosproject.openstacknetworking.api.OpenstackFlowRuleService) DHCP_TABLE(org.onosproject.openstacknetworking.api.Constants.DHCP_TABLE) CoreService(org.onosproject.core.CoreService) InstancePort(org.onosproject.openstacknetworking.api.InstancePort) Argument(org.apache.karaf.shell.api.action.Argument) AbstractShellCommand.get(org.onosproject.cli.AbstractShellCommand.get) DefaultTrafficTreatment(org.onosproject.net.flow.DefaultTrafficTreatment) Command(org.apache.karaf.shell.api.action.Command) Ethernet(org.onlab.packet.Ethernet) AbstractShellCommand(org.onosproject.cli.AbstractShellCommand) IPv4(org.onlab.packet.IPv4) TrafficSelector(org.onosproject.net.flow.TrafficSelector) OPENSTACK_NETWORKING_APP_ID(org.onosproject.openstacknetworking.api.Constants.OPENSTACK_NETWORKING_APP_ID) Service(org.apache.karaf.shell.api.action.lifecycle.Service) ApplicationId(org.onosproject.core.ApplicationId) Optional(java.util.Optional) DefaultTrafficSelector(org.onosproject.net.flow.DefaultTrafficSelector) IpAddress(org.onlab.packet.IpAddress) InstancePortService(org.onosproject.openstacknetworking.api.InstancePortService) InstancePortService(org.onosproject.openstacknetworking.api.InstancePortService) OpenstackFlowRuleService(org.onosproject.openstacknetworking.api.OpenstackFlowRuleService) InstancePort(org.onosproject.openstacknetworking.api.InstancePort) CoreService(org.onosproject.core.CoreService) TrafficSelector(org.onosproject.net.flow.TrafficSelector) DefaultTrafficSelector(org.onosproject.net.flow.DefaultTrafficSelector) IpAddress(org.onlab.packet.IpAddress) ApplicationId(org.onosproject.core.ApplicationId) TrafficTreatment(org.onosproject.net.flow.TrafficTreatment) DefaultTrafficTreatment(org.onosproject.net.flow.DefaultTrafficTreatment)

Example 5 with PROTOCOL_TCP

use of org.onlab.packet.IPv4.PROTOCOL_TCP in project onos by opennetworkinglab.

the class OpenstackRemoveAclCommand method doExecute.

@Override
protected void doExecute() {
    OpenstackFlowRuleService flowRuleService = get(OpenstackFlowRuleService.class);
    CoreService coreService = get(CoreService.class);
    ApplicationId appId = coreService.getAppId(OPENSTACK_NETWORKING_APP_ID);
    InstancePortService instancePortService = get(InstancePortService.class);
    IpAddress srcIpAddress = null;
    IpAddress dstIpAddress = null;
    try {
        srcIpAddress = IpAddress.valueOf(srcIpStr);
        dstIpAddress = IpAddress.valueOf(dstIpStr);
    } catch (IllegalArgumentException e) {
        log.error("IllegalArgumentException occurred because of {}", e);
        return;
    }
    TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder().matchEthType(Ethernet.TYPE_IPV4).matchIPSrc(srcIpAddress.toIpPrefix()).matchIPDst(dstIpAddress.toIpPrefix());
    TrafficTreatment treatment = DefaultTrafficTreatment.builder().drop().build();
    if (srcPort != 0 || dstPort != 0) {
        sBuilder.matchIPProtocol(IPv4.PROTOCOL_TCP);
        if (srcPort != 0) {
            sBuilder.matchTcpSrc(TpPort.tpPort(srcPort));
        }
        if (dstPort != 0) {
            sBuilder.matchTcpDst(TpPort.tpPort(dstPort));
        }
    }
    log.info("Deny the packet from srcIp: {}, dstPort: {} to dstIp: {}, dstPort: {}", srcIpAddress.toString(), srcPort, dstIpAddress.toString(), dstPort);
    Optional<InstancePort> instancePort = instancePortService.instancePorts().stream().filter(port -> port.ipAddress().toString().equals(dstIpStr)).findAny();
    if (!instancePort.isPresent()) {
        log.info("Instance port that matches with the given dst ip address isn't present {}");
        return;
    }
    flowRuleService.setRule(appId, instancePort.get().deviceId(), sBuilder.build(), treatment, PRIORITY_FORCED_ACL_RULE, DHCP_TABLE, false);
}
Also used : TpPort(org.onlab.packet.TpPort) TrafficTreatment(org.onosproject.net.flow.TrafficTreatment) PRIORITY_FORCED_ACL_RULE(org.onosproject.openstacknetworking.api.Constants.PRIORITY_FORCED_ACL_RULE) OpenstackFlowRuleService(org.onosproject.openstacknetworking.api.OpenstackFlowRuleService) DHCP_TABLE(org.onosproject.openstacknetworking.api.Constants.DHCP_TABLE) CoreService(org.onosproject.core.CoreService) InstancePort(org.onosproject.openstacknetworking.api.InstancePort) Argument(org.apache.karaf.shell.api.action.Argument) AbstractShellCommand.get(org.onosproject.cli.AbstractShellCommand.get) DefaultTrafficTreatment(org.onosproject.net.flow.DefaultTrafficTreatment) Command(org.apache.karaf.shell.api.action.Command) Ethernet(org.onlab.packet.Ethernet) AbstractShellCommand(org.onosproject.cli.AbstractShellCommand) IPv4(org.onlab.packet.IPv4) TrafficSelector(org.onosproject.net.flow.TrafficSelector) OPENSTACK_NETWORKING_APP_ID(org.onosproject.openstacknetworking.api.Constants.OPENSTACK_NETWORKING_APP_ID) Service(org.apache.karaf.shell.api.action.lifecycle.Service) ApplicationId(org.onosproject.core.ApplicationId) Optional(java.util.Optional) DefaultTrafficSelector(org.onosproject.net.flow.DefaultTrafficSelector) IpAddress(org.onlab.packet.IpAddress) InstancePortService(org.onosproject.openstacknetworking.api.InstancePortService) InstancePortService(org.onosproject.openstacknetworking.api.InstancePortService) OpenstackFlowRuleService(org.onosproject.openstacknetworking.api.OpenstackFlowRuleService) InstancePort(org.onosproject.openstacknetworking.api.InstancePort) CoreService(org.onosproject.core.CoreService) TrafficSelector(org.onosproject.net.flow.TrafficSelector) DefaultTrafficSelector(org.onosproject.net.flow.DefaultTrafficSelector) IpAddress(org.onlab.packet.IpAddress) ApplicationId(org.onosproject.core.ApplicationId) TrafficTreatment(org.onosproject.net.flow.TrafficTreatment) DefaultTrafficTreatment(org.onosproject.net.flow.DefaultTrafficTreatment)

Aggregations

IPv4 (org.onlab.packet.IPv4)6 DefaultTrafficTreatment (org.onosproject.net.flow.DefaultTrafficTreatment)6 TrafficTreatment (org.onosproject.net.flow.TrafficTreatment)6 DefaultTrafficSelector (org.onosproject.net.flow.DefaultTrafficSelector)5 TrafficSelector (org.onosproject.net.flow.TrafficSelector)5 Ethernet (org.onlab.packet.Ethernet)3 IpAddress (org.onlab.packet.IpAddress)3 TCP (org.onlab.packet.TCP)3 UDP (org.onlab.packet.UDP)3 Optional (java.util.Optional)2 Argument (org.apache.karaf.shell.api.action.Argument)2 Command (org.apache.karaf.shell.api.action.Command)2 Service (org.apache.karaf.shell.api.action.lifecycle.Service)2 TpPort (org.onlab.packet.TpPort)2 AbstractShellCommand (org.onosproject.cli.AbstractShellCommand)2 AbstractShellCommand.get (org.onosproject.cli.AbstractShellCommand.get)2 ApplicationId (org.onosproject.core.ApplicationId)2 CoreService (org.onosproject.core.CoreService)2 DHCP_TABLE (org.onosproject.openstacknetworking.api.Constants.DHCP_TABLE)2 OPENSTACK_NETWORKING_APP_ID (org.onosproject.openstacknetworking.api.Constants.OPENSTACK_NETWORKING_APP_ID)2