use of org.onlab.packet.IpAddress in project trellis-control by opennetworkinglab.
the class IpHandler method addToPacketBuffer.
/**
* Adds the IP packet to a buffer.
* The packets are forwarded to corresponding destination when the destination
* MAC address is known via ARP response.
*
* @param ipPacket IP packet to add to the buffer
*/
public void addToPacketBuffer(IPv4 ipPacket) {
// Better not buffer TCP packets due to out-of-order packet transfer
if (ipPacket.getProtocol() == IPv4.PROTOCOL_TCP) {
return;
}
IpAddress destIpAddress = IpAddress.valueOf(ipPacket.getDestinationAddress());
enqueuePacket(ipPacket, destIpAddress);
}
use of org.onlab.packet.IpAddress in project trellis-control by opennetworkinglab.
the class McastRoleListCommand method doExecute.
@Override
protected void doExecute() {
// Verify mcast group
IpAddress mcastGroup = null;
// We want to use source cp only for a specific group
ConnectPoint sourcecp = null;
if (!isNullOrEmpty(gAddr)) {
mcastGroup = IpAddress.valueOf(gAddr);
if (!isNullOrEmpty(source)) {
sourcecp = ConnectPoint.deviceConnectPoint(source);
}
}
// Get SR service, the roles and the groups
SegmentRoutingService srService = get(SegmentRoutingService.class);
Map<McastRoleStoreKey, McastRole> keyToRole = srService.getMcastRoles(mcastGroup, sourcecp);
Set<IpAddress> mcastGroups = keyToRole.keySet().stream().map(McastRoleStoreKey::mcastIp).collect(Collectors.toSet());
// Print the trees for each group
mcastGroups.forEach(group -> {
// Create a new map for the group
Map<ConnectPoint, Multimap<McastRole, DeviceId>> roleDeviceIdMap = Maps.newHashMap();
keyToRole.entrySet().stream().filter(entry -> entry.getKey().mcastIp().equals(group)).forEach(entry -> roleDeviceIdMap.compute(entry.getKey().source(), (gsource, map) -> {
map = map == null ? ArrayListMultimap.create() : map;
map.put(entry.getValue(), entry.getKey().deviceId());
return map;
}));
roleDeviceIdMap.forEach((gsource, map) -> {
// Print the map
printMcastRole(group, gsource, map.get(McastRole.INGRESS), map.get(McastRole.TRANSIT), map.get(McastRole.EGRESS));
});
});
}
use of org.onlab.packet.IpAddress in project ddosdn by ssulca.
the class Connection method run.
/**
* Metodo run. Efectúa el procesamiento de la alerta recibida y llama al
* firewall.
*/
@Override
public void run() {
DataInputStream dataInputSock;
PrintWriter dataOutputSock;
Alertpkt alertMessage;
AttackType attackType;
// Devices where are written rules
Set<DeviceId> deviceIdSet;
String ipCliSocket;
IpAddress ipTopoNet;
String description;
// Para leer lo que envía cliente.
try {
// Ahora lee de manera completa buffersize
dataInputSock = new DataInputStream(clientSocket.getInputStream());
dataOutputSock = new PrintWriter(clientSocket.getOutputStream(), true);
// Get Ip Client
ipCliSocket = ((InetSocketAddress) clientSocket.getRemoteSocketAddress()).getAddress().toString();
if (clientSocket.isClosed()) {
log.error("Socket cliente cerrado.");
}
log.info("::::Authentication::::");
// /////////////////////// AUTHENTICATION //////////////////////////////
ipTopoNet = authenticateHandShake(dataInputSock);
if (ipTopoNet == null) {
log.error("Authentication Fail");
dataOutputSock.println(MESG_FAIL);
// Cierro buffer.
dataInputSock.close();
// Cierro buffer.
dataOutputSock.close();
clientSocket.close();
return;
} else {
log.info("Authentication Success Ip: {}", ipTopoNet.toString());
dataOutputSock.write(MESG_OK);
}
log.info("::::Ready to Read Alerts::::");
// /////////////////////// READ ALERTS //////////////////////////////
while (!Thread.currentThread().isInterrupted() && clientSocket.isConnected() && !clientSocket.isClosed()) {
while (dataInputSock.available() <= 0) {
sleep(TIME_SLEEP);
// Chequeo de error o sobrepasó timeout.
if (dataOutputSock.checkError()) {
log.info("SocketListener: server and socket connect is lost...");
// Cierro buffer.
dataInputSock.close();
// Cierro buffer.
dataOutputSock.close();
// Cierro socket cliente.
clientSocket.close();
clientSocket = null;
return;
}
// if
}
// while (dataInputSock.available() <= 0)
log.info("Msg recived from {}", ipCliSocket);
// Leer y procesar resultado.
alertMessage = recognizeAlert(dataInputSock);
if (alertMessage != null) {
// Registro de Alerta
registerAlert(alertMessage);
// Proceso si es un ataque.
attackType = firewall.isAttack(alertMessage.getEvent().getSigId(), alertMessage.getPackageBin().getSourceIP());
switch(attackType) {
case // Ataque a los servidores. No incluye smurf attack.
FLOOD:
// Encuentro los OVS mas cercanos a la IP del host atacante.
deviceIdSet = firewall.findSwitchConnectedToHost(alertMessage.getPackageBin().getSourceIP());
// Set en dichos OVS las reglas de drop correspondientes.
description = "[" + AttackType.FLOOD + ":" + ipTopoNet.getIp4Address() + "] " + alertMessage.toString();
firewall.defAttack(deviceIdSet, alertMessage, description);
break;
case // Smurf Attack to servers.
SMURF:
// Encuentro todos los OVS de la red.
deviceIdSet = firewall.getAllSwitch();
// Set en todos los OVS las reglas de drop correspondientes.
description = "[" + AttackType.SMURF + ":" + ipTopoNet.getIp4Address() + "] " + alertMessage.toString();
firewall.defSmurfAttack(deviceIdSet, alertMessage.getPackageBin().getSourceIP(), alertMessage.getPackageBin().getDstIP(), description);
break;
case NO_RECOGNISED:
log.info("Alert: {}", AttackType.NO_RECOGNISED.toString());
default:
break;
}
log.info(ALERT_FORMAT, alertMessage.getEvent().getSigGen(), alertMessage.getEvent().getSigId(), alertMessage.getAlertMsg(), alertMessage.getPackageBin().getSourceIP(), alertMessage.getPackageBin().getDstIP());
} else {
log.error("Connection: Error read Alertpkt or Invalid Message from IDS.");
}
}
// while (!Thread.currentThread().isInterrupted())
} catch (IOException e) {
log.error("{}, ClieteSocket create error I/O, ", AppError.NO_SUCH);
return;
} catch (Exception e) {
log.error("{}, SocketListener: Exception = {}", AppError.UNKNOWN, e.toString());
try {
// Cierro socket cliente.
clientSocket.close();
} catch (IOException exp) {
log.error("{} SocketListener: Exception close socket ", AppError.NO_SUCH);
}
clientSocket = null;
return;
}
try {
if (clientSocket != null) {
// Cierro buffer.
dataInputSock.close();
// Cierro buffer.
dataOutputSock.close();
clientSocket.close();
clientSocket = null;
log.info("SocketListener: stop(): Client Socket close() is done...");
}
} catch (IOException e) {
log.error("{} stop(): Server Socket closing error", AppError.NO_SUCH);
}
}
use of org.onlab.packet.IpAddress in project ddosdn by ssulca.
the class IdsResources method delIpAddres.
/**
* Del addres from IP
* @param ip4AddrString, String ip Addres
* @return true, if it is removed, false if it is not removed
*/
public synchronized boolean delIpAddres(String ip4AddrString) {
IpAddress ipAddres;
writeLock.lock();
try {
ipAddres = IpAddress.valueOf(ip4AddrString);
return this.ipAddressSet.remove(ipAddres);
} catch (IllegalArgumentException e) {
log.error("Add IDS ip: Argument not valid :{}", ip4AddrString);
return false;
} catch (Exception e) {
log.error("{}", AppError.CONCURRENT_ERROR);
return false;
} finally {
writeLock.unlock();
}
}
use of org.onlab.packet.IpAddress in project ddosdn by ssulca.
the class IdsResources method addIpAddres.
/**
* Add IDS ip addres
* @param ip4AddrString String ip Addres
* @return true, if it is added, false if it is not added
*/
public synchronized boolean addIpAddres(String ip4AddrString) {
IpAddress ipAddres;
writeLock.lock();
try {
ipAddres = IpAddress.valueOf(ip4AddrString);
return this.ipAddressSet.add(ipAddres);
} catch (IllegalArgumentException e) {
log.error("Add IDS ip: Argument not valid :{}", ip4AddrString);
return false;
} catch (Exception e) {
log.error("{}", AppError.CONCURRENT_ERROR);
return false;
} finally {
writeLock.unlock();
}
}
Aggregations