use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.
the class AaaSupplicantMachineStatsManager method getSupplicantStats.
@Override
public AaaSupplicantMachineStats getSupplicantStats(Object obj) {
StateMachine stateMachine = null;
AaaSupplicantMachineStats stats = new AaaSupplicantMachineStats();
try {
stateMachine = (StateMachine) obj;
} catch (ClassCastException e) {
log.debug("casting exception detected for StateMachine.");
return null;
}
log.debug("capturing supplicant machine stat from authentication session");
stats.setTotalPacketsSent(stateMachine.totalPacketsSent());
stats.setTotalPacketsRecieved(stateMachine.totalPacketsReceived());
stats.setTotalFramesSent(stateMachine.totalPacketsSent());
stats.setTotalFramesReceived(stateMachine.totalPacketsReceived());
stats.setSrcMacAddress(stateMachine.supplicantAddress() == null ? "" : stateMachine.supplicantAddress().toString());
stats.setSessionName(stateMachine.username() == null ? "" : new String(stateMachine.username()));
stats.setSessionId(stateMachine.sessionId());
stats.setSessionDuration(System.currentTimeMillis() - stateMachine.sessionStartTime());
stats.setEapolType(stateMachine.eapolType());
stats.setSessionTerminateReason(stateMachine.getSessionTerminateReason());
log.trace("EapolType" + " - " + stats.getEapolType());
log.trace("SessionDuration" + " - " + stats.getSessionDuration());
log.trace("SessionId" + " - " + stats.getSessionId());
log.trace("SessionName" + " - " + stats.getSessionName());
log.trace("SessionTerminateReason" + " - " + stats.getSessionTerminateReason());
log.trace("SrcMacAddress" + " - " + stats.getSrcMacAddress());
log.trace("TotalFramesReceived" + " - " + stats.getTotalFramesReceived());
log.trace("TotalFramesSent" + " - " + stats.getTotalFramesSent());
log.trace("TotalOctetRecieved" + " - " + stats.getTotalOctetRecieved());
log.trace("TotalOctetSent" + " - " + stats.getTotalOctetSent());
log.trace("TotalPacketsSent" + " - " + stats.getTotalPacketsSent());
log.trace("TotalOctetRecieved" + " - " + stats.getTotalOctetRecieved());
return stats;
}
use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.
the class AaaShowPerMachineCountersCommand method doExecute.
@Override
protected void doExecute() {
String sessionId = deviceId + portNumber;
AaaMachineStatisticsService aaaMachineStatsManager = get(AaaMachineStatisticsService.class);
AuthenticationService aaaManager = get(AuthenticationService.class);
AaaSupplicantMachineStats aaaSupplicantMachineStats = aaaManager.getSupplicantMachineStats(sessionId);
if (aaaSupplicantMachineStats != null) {
print("%30s %10d\n", "SessionDuration", aaaSupplicantMachineStats.getSessionDuration());
print("%30s %10d\n", "TotalOctetRecieved", aaaSupplicantMachineStats.getTotalOctetRecieved());
print("%30s %10d\n", "TotalFramesReceived", aaaSupplicantMachineStats.getTotalFramesReceived());
print("%30s %10d\n", "TotalFramesSent", aaaSupplicantMachineStats.getTotalFramesSent());
print("%30s %10d\n", "TotalOctetSent", aaaSupplicantMachineStats.getTotalOctetSent());
print("%30s %10d\n", "TotalPacketsRecieved", aaaSupplicantMachineStats.getTotalPacketsRecieved());
print("%30s %10d\n", "TotalPacketsSent", aaaSupplicantMachineStats.getTotalPacketsSent());
} else {
print("No such Device Found");
}
}
use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.
the class AaaManager method handleStateMachineTimeout.
private void handleStateMachineTimeout(ConnectPoint supplicantConnectPoint) {
StateMachine stateMachine = stateMachines.remove(supplicantConnectPoint.toString());
// pushing captured machine stats to kafka
stateMachine.setSessionTerminateReason("Time out");
AaaSupplicantMachineStats obj = aaaSupplicantStatsManager.getSupplicantStats(stateMachine);
aaaSupplicantStatsManager.getMachineStatsDelegate().notify(new AaaMachineStatisticsEvent(AaaMachineStatisticsEvent.Type.STATS_UPDATE, obj));
if (stateMachine.state() == StateMachine.STATE_PENDING && stateMachine.isWaitingForRadiusResponse()) {
aaaStatisticsManager.getAaaStats().increaseTimedOutPackets();
}
StateMachine.deleteStateMachineMapping(stateMachine);
}
use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.
the class AaaManager method handleRadiusPacket.
/**
* Handles RADIUS packets.
*
* @param radiusPacket RADIUS packet coming from the RADIUS server.
*/
public void handleRadiusPacket(RADIUS radiusPacket) {
if (log.isTraceEnabled()) {
log.trace("Received RADIUS packet {} with identifier {}", radiusPacket, radiusPacket.getIdentifier() & 0xff);
}
if (radiusOperationalStatusService.isRadiusResponseForOperationalStatus(radiusPacket.getIdentifier())) {
if (log.isTraceEnabled()) {
log.trace("Handling operational status RADIUS packet {} with identifier {}", radiusPacket, radiusPacket.getIdentifier() & 0xff);
}
radiusOperationalStatusService.handleRadiusPacketForOperationalStatus(radiusPacket);
return;
}
if (log.isTraceEnabled()) {
log.trace("Handling actual RADIUS packet for supplicant {} with identifier {}", radiusPacket, radiusPacket.getIdentifier() & 0xff);
}
RequestIdentifier identifier = RequestIdentifier.of(radiusPacket.getIdentifier());
String sessionId = idManager.getSessionId(identifier);
if (sessionId == null) {
log.error("Invalid packet identifier {}, could not find corresponding " + "state machine ... exiting", radiusPacket.getIdentifier());
aaaStatisticsManager.getAaaStats().incrementNumberOfSessionsExpired();
aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
return;
}
idManager.releaseIdentifier(identifier);
StateMachine stateMachine = stateMachines.get(sessionId);
if (stateMachine == null) {
log.error("Invalid packet identifier {}, could not find corresponding " + "state machine ... exiting", radiusPacket.getIdentifier());
aaaStatisticsManager.getAaaStats().incrementNumberOfSessionsExpired();
aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
return;
}
// instance of StateMachine using the sessionId for updating machine stats
StateMachine machineStats = stateMachines.get(stateMachine.sessionId());
EAP eapPayload;
Ethernet eth;
checkReceivedPacketForValidValidator(radiusPacket, stateMachine.requestAuthenticator());
// increasing packets and octets received from server
machineStats.incrementTotalPacketsReceived();
try {
machineStats.incrementTotalOctetReceived(radiusPacket.decapsulateMessage().getLength());
} catch (DeserializationException e) {
log.error(e.getMessage());
return;
}
if (outPacketSet.contains(radiusPacket.getIdentifier())) {
aaaStatisticsManager.getAaaStats().increaseOrDecreasePendingRequests(false);
outPacketSet.remove(new Byte(radiusPacket.getIdentifier()));
}
MacAddress dstMac = stateMachine.supplicantAddress();
ConnectPoint supplicantCp = stateMachine.supplicantConnectpoint();
switch(radiusPacket.getCode()) {
case RADIUS.RADIUS_CODE_ACCESS_CHALLENGE:
log.debug("RADIUS packet: RADIUS_CODE_ACCESS_CHALLENGE for dev/port: {}/{} " + "with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
RADIUSAttribute radiusAttrState = radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_STATE);
byte[] challengeState = null;
if (radiusAttrState != null) {
challengeState = radiusAttrState.getValue();
}
try {
eapPayload = radiusPacket.decapsulateMessage();
eth = buildEapolResponse(stateMachine.supplicantAddress(), MacAddress.valueOf(nasMacAddress), stateMachine.vlanId(), EAPOL.EAPOL_PACKET, eapPayload, stateMachine.priorityCode());
stateMachine.setChallengeInfo(eapPayload.getIdentifier(), challengeState);
} catch (DeserializationException e) {
log.error(e.getMessage());
break;
}
log.debug("Send EAP challenge response to supplicant on dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint(), true);
aaaStatisticsManager.getAaaStats().increaseChallengeResponsesRx();
outPacketSupp.add(eapPayload.getIdentifier());
aaaStatisticsManager.getAaaStats().incrementPendingReqSupp();
// increasing packets send to server
machineStats.incrementTotalPacketsSent();
machineStats.incrementTotalOctetSent(eapPayload.getLength());
break;
case RADIUS.RADIUS_CODE_ACCESS_ACCEPT:
log.debug("RADIUS packet: RADIUS_CODE_ACCESS_ACCEPT for dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
// send an EAPOL - Success to the supplicant.
byte[] eapMessageSuccess = radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_EAP_MESSAGE).getValue();
try {
eapPayload = EAP.deserializer().deserialize(eapMessageSuccess, 0, eapMessageSuccess.length);
} catch (DeserializationException e) {
log.error(e.getMessage());
break;
}
eth = buildEapolResponse(stateMachine.supplicantAddress(), MacAddress.valueOf(nasMacAddress), stateMachine.vlanId(), EAPOL.EAPOL_PACKET, eapPayload, stateMachine.priorityCode());
log.info("Send EAP success message to supplicant on dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint(), false);
aaaStatisticsManager.getAaaStats().incrementEapolAuthSuccessTrans();
stateMachine.authorizeAccess();
aaaStatisticsManager.getAaaStats().increaseAcceptResponsesRx();
// increasing packets send to server
machineStats.incrementTotalPacketsSent();
machineStats.incrementTotalOctetSent(eapPayload.getLength());
break;
case RADIUS.RADIUS_CODE_ACCESS_REJECT:
log.debug("RADIUS packet: RADIUS_CODE_ACCESS_REJECT for dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
// send an EAPOL - Failure to the supplicant.
byte[] eapMessageFailure;
eapPayload = new EAP();
RADIUSAttribute radiusAttrEap = radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_EAP_MESSAGE);
if (radiusAttrEap == null) {
eapPayload.setCode(EAP.FAILURE);
eapPayload.setIdentifier(stateMachine.challengeIdentifier());
eapPayload.setLength(EAP.EAP_HDR_LEN_SUC_FAIL);
} else {
eapMessageFailure = radiusAttrEap.getValue();
try {
eapPayload = EAP.deserializer().deserialize(eapMessageFailure, 0, eapMessageFailure.length);
} catch (DeserializationException e) {
log.error(e.getMessage());
break;
}
}
eth = buildEapolResponse(stateMachine.supplicantAddress(), MacAddress.valueOf(nasMacAddress), stateMachine.vlanId(), EAPOL.EAPOL_PACKET, eapPayload, stateMachine.priorityCode());
log.warn("Send EAP failure message to supplicant on dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, stateMachine.challengeIdentifier() & 0xff);
sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint(), false);
aaaStatisticsManager.getAaaStats().incrementEapolauthFailureTrans();
stateMachine.denyAccess();
aaaStatisticsManager.getAaaStats().increaseRejectResponsesRx();
// increasing packets send to server
machineStats.incrementTotalPacketsSent();
machineStats.incrementTotalOctetSent(eapPayload.getLength());
// pushing machine stats to kafka
AaaSupplicantMachineStats machineObj = aaaSupplicantStatsManager.getSupplicantStats(machineStats);
aaaSupplicantStatsManager.getMachineStatsDelegate().notify(new AaaMachineStatisticsEvent(AaaMachineStatisticsEvent.Type.STATS_UPDATE, machineObj));
break;
default:
log.warn("Unknown RADIUS message received with code: {} for dev/port: {}/{}" + " with MacAddress {} and Identifier {}", radiusPacket.getCode(), supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
aaaStatisticsManager.getAaaStats().increaseUnknownTypeRx();
// increasing packets received to server
machineStats.incrementTotalPacketsReceived();
try {
machineStats.incrementTotalOctetReceived(radiusPacket.decapsulateMessage().getLength());
} catch (DeserializationException e) {
log.error(e.getMessage());
break;
}
}
aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
}
Aggregations