Search in sources :

Example 16 with IpAddress

use of org.onlab.packet.IpAddress in project trellis-control by opennetworkinglab.

the class IpHandler method addToPacketBuffer.

/**
 * Adds the IP packet to a buffer.
 * The packets are forwarded to corresponding destination when the destination
 * MAC address is known via ARP response.
 *
 * @param ipPacket IP packet to add to the buffer
 */
public void addToPacketBuffer(IPv4 ipPacket) {
    // Better not buffer TCP packets due to out-of-order packet transfer
    if (ipPacket.getProtocol() == IPv4.PROTOCOL_TCP) {
        return;
    }
    IpAddress destIpAddress = IpAddress.valueOf(ipPacket.getDestinationAddress());
    enqueuePacket(ipPacket, destIpAddress);
}
Also used : IpAddress(org.onlab.packet.IpAddress)

Example 17 with IpAddress

use of org.onlab.packet.IpAddress in project trellis-control by opennetworkinglab.

the class McastRoleListCommand method doExecute.

@Override
protected void doExecute() {
    // Verify mcast group
    IpAddress mcastGroup = null;
    // We want to use source cp only for a specific group
    ConnectPoint sourcecp = null;
    if (!isNullOrEmpty(gAddr)) {
        mcastGroup = IpAddress.valueOf(gAddr);
        if (!isNullOrEmpty(source)) {
            sourcecp = ConnectPoint.deviceConnectPoint(source);
        }
    }
    // Get SR service, the roles and the groups
    SegmentRoutingService srService = get(SegmentRoutingService.class);
    Map<McastRoleStoreKey, McastRole> keyToRole = srService.getMcastRoles(mcastGroup, sourcecp);
    Set<IpAddress> mcastGroups = keyToRole.keySet().stream().map(McastRoleStoreKey::mcastIp).collect(Collectors.toSet());
    // Print the trees for each group
    mcastGroups.forEach(group -> {
        // Create a new map for the group
        Map<ConnectPoint, Multimap<McastRole, DeviceId>> roleDeviceIdMap = Maps.newHashMap();
        keyToRole.entrySet().stream().filter(entry -> entry.getKey().mcastIp().equals(group)).forEach(entry -> roleDeviceIdMap.compute(entry.getKey().source(), (gsource, map) -> {
            map = map == null ? ArrayListMultimap.create() : map;
            map.put(entry.getValue(), entry.getKey().deviceId());
            return map;
        }));
        roleDeviceIdMap.forEach((gsource, map) -> {
            // Print the map
            printMcastRole(group, gsource, map.get(McastRole.INGRESS), map.get(McastRole.TRANSIT), map.get(McastRole.EGRESS));
        });
    });
}
Also used : SegmentRoutingService(org.onosproject.segmentrouting.SegmentRoutingService) ArrayListMultimap(com.google.common.collect.ArrayListMultimap) McastRoleStoreKey(org.onosproject.segmentrouting.mcast.McastRoleStoreKey) McastGroupCompleter(org.onosproject.mcast.cli.McastGroupCompleter) Collection(java.util.Collection) Set(java.util.Set) Strings.isNullOrEmpty(com.google.common.base.Strings.isNullOrEmpty) Multimap(com.google.common.collect.Multimap) Maps(com.google.common.collect.Maps) Collectors(java.util.stream.Collectors) Command(org.apache.karaf.shell.api.action.Command) ConnectPoint(org.onosproject.net.ConnectPoint) AbstractShellCommand(org.onosproject.cli.AbstractShellCommand) SegmentRoutingService(org.onosproject.segmentrouting.SegmentRoutingService) ConnectPointCompleter(org.onosproject.cli.net.ConnectPointCompleter) Map(java.util.Map) Service(org.apache.karaf.shell.api.action.lifecycle.Service) Completion(org.apache.karaf.shell.api.action.Completion) Option(org.apache.karaf.shell.api.action.Option) DeviceId(org.onosproject.net.DeviceId) IpAddress(org.onlab.packet.IpAddress) McastRole(org.onosproject.segmentrouting.mcast.McastRole) ArrayListMultimap(com.google.common.collect.ArrayListMultimap) Multimap(com.google.common.collect.Multimap) McastRoleStoreKey(org.onosproject.segmentrouting.mcast.McastRoleStoreKey) IpAddress(org.onlab.packet.IpAddress) ConnectPoint(org.onosproject.net.ConnectPoint) McastRole(org.onosproject.segmentrouting.mcast.McastRole)

Example 18 with IpAddress

use of org.onlab.packet.IpAddress in project ddosdn by ssulca.

the class Connection method run.

/**
 * Metodo run. Efectúa el procesamiento de la alerta recibida y llama al
 * firewall.
 */
@Override
public void run() {
    DataInputStream dataInputSock;
    PrintWriter dataOutputSock;
    Alertpkt alertMessage;
    AttackType attackType;
    // Devices where are written rules
    Set<DeviceId> deviceIdSet;
    String ipCliSocket;
    IpAddress ipTopoNet;
    String description;
    // Para leer lo que envía cliente.
    try {
        // Ahora lee de manera completa buffersize
        dataInputSock = new DataInputStream(clientSocket.getInputStream());
        dataOutputSock = new PrintWriter(clientSocket.getOutputStream(), true);
        // Get Ip Client
        ipCliSocket = ((InetSocketAddress) clientSocket.getRemoteSocketAddress()).getAddress().toString();
        if (clientSocket.isClosed()) {
            log.error("Socket cliente cerrado.");
        }
        log.info("::::Authentication::::");
        // /////////////////////// AUTHENTICATION //////////////////////////////
        ipTopoNet = authenticateHandShake(dataInputSock);
        if (ipTopoNet == null) {
            log.error("Authentication Fail");
            dataOutputSock.println(MESG_FAIL);
            // Cierro buffer.
            dataInputSock.close();
            // Cierro buffer.
            dataOutputSock.close();
            clientSocket.close();
            return;
        } else {
            log.info("Authentication Success Ip: {}", ipTopoNet.toString());
            dataOutputSock.write(MESG_OK);
        }
        log.info("::::Ready to Read Alerts::::");
        // /////////////////////// READ ALERTS //////////////////////////////
        while (!Thread.currentThread().isInterrupted() && clientSocket.isConnected() && !clientSocket.isClosed()) {
            while (dataInputSock.available() <= 0) {
                sleep(TIME_SLEEP);
                // Chequeo de error o sobrepasó timeout.
                if (dataOutputSock.checkError()) {
                    log.info("SocketListener: server and socket connect is lost...");
                    // Cierro buffer.
                    dataInputSock.close();
                    // Cierro buffer.
                    dataOutputSock.close();
                    // Cierro socket cliente.
                    clientSocket.close();
                    clientSocket = null;
                    return;
                }
            // if
            }
            // while (dataInputSock.available() <= 0)
            log.info("Msg recived from {}", ipCliSocket);
            // Leer y procesar resultado.
            alertMessage = recognizeAlert(dataInputSock);
            if (alertMessage != null) {
                // Registro de Alerta
                registerAlert(alertMessage);
                // Proceso si es un ataque.
                attackType = firewall.isAttack(alertMessage.getEvent().getSigId(), alertMessage.getPackageBin().getSourceIP());
                switch(attackType) {
                    case // Ataque a los servidores. No incluye smurf attack.
                    FLOOD:
                        // Encuentro los OVS mas cercanos a la IP del host atacante.
                        deviceIdSet = firewall.findSwitchConnectedToHost(alertMessage.getPackageBin().getSourceIP());
                        // Set en dichos OVS las reglas de drop correspondientes.
                        description = "[" + AttackType.FLOOD + ":" + ipTopoNet.getIp4Address() + "] " + alertMessage.toString();
                        firewall.defAttack(deviceIdSet, alertMessage, description);
                        break;
                    case // Smurf Attack to servers.
                    SMURF:
                        // Encuentro todos los OVS de la red.
                        deviceIdSet = firewall.getAllSwitch();
                        // Set en todos los OVS las reglas de drop correspondientes.
                        description = "[" + AttackType.SMURF + ":" + ipTopoNet.getIp4Address() + "] " + alertMessage.toString();
                        firewall.defSmurfAttack(deviceIdSet, alertMessage.getPackageBin().getSourceIP(), alertMessage.getPackageBin().getDstIP(), description);
                        break;
                    case NO_RECOGNISED:
                        log.info("Alert: {}", AttackType.NO_RECOGNISED.toString());
                    default:
                        break;
                }
                log.info(ALERT_FORMAT, alertMessage.getEvent().getSigGen(), alertMessage.getEvent().getSigId(), alertMessage.getAlertMsg(), alertMessage.getPackageBin().getSourceIP(), alertMessage.getPackageBin().getDstIP());
            } else {
                log.error("Connection: Error read Alertpkt or Invalid Message from IDS.");
            }
        }
    // while (!Thread.currentThread().isInterrupted())
    } catch (IOException e) {
        log.error("{}, ClieteSocket create error I/O, ", AppError.NO_SUCH);
        return;
    } catch (Exception e) {
        log.error("{}, SocketListener: Exception = {}", AppError.UNKNOWN, e.toString());
        try {
            // Cierro socket cliente.
            clientSocket.close();
        } catch (IOException exp) {
            log.error("{} SocketListener: Exception close socket ", AppError.NO_SUCH);
        }
        clientSocket = null;
        return;
    }
    try {
        if (clientSocket != null) {
            // Cierro buffer.
            dataInputSock.close();
            // Cierro buffer.
            dataOutputSock.close();
            clientSocket.close();
            clientSocket = null;
            log.info("SocketListener: stop(): Client Socket close() is done...");
        }
    } catch (IOException e) {
        log.error("{} stop(): Server Socket closing error", AppError.NO_SUCH);
    }
}
Also used : DeviceId(org.onosproject.net.DeviceId) InetSocketAddress(java.net.InetSocketAddress) AttackType(org.gstesis.mitigation.app.firewall.AttackType) IpAddress(org.onlab.packet.IpAddress) IOException(java.io.IOException) DataInputStream(java.io.DataInputStream) Alertpkt(org.gstesis.mitigation.app.alert.Alertpkt) IOException(java.io.IOException) PrintWriter(java.io.PrintWriter)

Example 19 with IpAddress

use of org.onlab.packet.IpAddress in project ddosdn by ssulca.

the class IdsResources method delIpAddres.

/**
 * Del addres from IP
 * @param ip4AddrString, String ip Addres
 * @return true, if it is removed, false if it is not removed
 */
public synchronized boolean delIpAddres(String ip4AddrString) {
    IpAddress ipAddres;
    writeLock.lock();
    try {
        ipAddres = IpAddress.valueOf(ip4AddrString);
        return this.ipAddressSet.remove(ipAddres);
    } catch (IllegalArgumentException e) {
        log.error("Add IDS ip: Argument not valid :{}", ip4AddrString);
        return false;
    } catch (Exception e) {
        log.error("{}", AppError.CONCURRENT_ERROR);
        return false;
    } finally {
        writeLock.unlock();
    }
}
Also used : IpAddress(org.onlab.packet.IpAddress)

Example 20 with IpAddress

use of org.onlab.packet.IpAddress in project ddosdn by ssulca.

the class IdsResources method addIpAddres.

/**
 * Add IDS ip addres
 * @param ip4AddrString String ip Addres
 * @return true, if it is added, false if it is not added
 */
public synchronized boolean addIpAddres(String ip4AddrString) {
    IpAddress ipAddres;
    writeLock.lock();
    try {
        ipAddres = IpAddress.valueOf(ip4AddrString);
        return this.ipAddressSet.add(ipAddres);
    } catch (IllegalArgumentException e) {
        log.error("Add IDS ip: Argument not valid :{}", ip4AddrString);
        return false;
    } catch (Exception e) {
        log.error("{}", AppError.CONCURRENT_ERROR);
        return false;
    } finally {
        writeLock.unlock();
    }
}
Also used : IpAddress(org.onlab.packet.IpAddress)

Aggregations

IpAddress (org.onlab.packet.IpAddress)288 MacAddress (org.onlab.packet.MacAddress)63 VlanId (org.onlab.packet.VlanId)52 ConnectPoint (org.onosproject.net.ConnectPoint)48 Set (java.util.Set)46 DeviceId (org.onosproject.net.DeviceId)44 Logger (org.slf4j.Logger)40 Test (org.junit.Test)37 Collectors (java.util.stream.Collectors)36 Ethernet (org.onlab.packet.Ethernet)36 IpPrefix (org.onlab.packet.IpPrefix)36 HostId (org.onosproject.net.HostId)33 Host (org.onosproject.net.Host)32 Optional (java.util.Optional)30 HostLocation (org.onosproject.net.HostLocation)30 LoggerFactory (org.slf4j.LoggerFactory)30 ApplicationId (org.onosproject.core.ApplicationId)29 CoreService (org.onosproject.core.CoreService)29 TrafficTreatment (org.onosproject.net.flow.TrafficTreatment)29 JsonNode (com.fasterxml.jackson.databind.JsonNode)28