Search in sources :

Example 1 with AaaSupplicantMachineStats

use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.

the class AaaSupplicantMachineStatsManager method getSupplicantStats.

@Override
public AaaSupplicantMachineStats getSupplicantStats(Object obj) {
    StateMachine stateMachine = null;
    AaaSupplicantMachineStats stats = new AaaSupplicantMachineStats();
    try {
        stateMachine = (StateMachine) obj;
    } catch (ClassCastException e) {
        log.debug("casting exception detected for StateMachine.");
        return null;
    }
    log.debug("capturing supplicant machine stat from authentication session");
    stats.setTotalPacketsSent(stateMachine.totalPacketsSent());
    stats.setTotalPacketsRecieved(stateMachine.totalPacketsReceived());
    stats.setTotalFramesSent(stateMachine.totalPacketsSent());
    stats.setTotalFramesReceived(stateMachine.totalPacketsReceived());
    stats.setSrcMacAddress(stateMachine.supplicantAddress() == null ? "" : stateMachine.supplicantAddress().toString());
    stats.setSessionName(stateMachine.username() == null ? "" : new String(stateMachine.username()));
    stats.setSessionId(stateMachine.sessionId());
    stats.setSessionDuration(System.currentTimeMillis() - stateMachine.sessionStartTime());
    stats.setEapolType(stateMachine.eapolType());
    stats.setSessionTerminateReason(stateMachine.getSessionTerminateReason());
    log.trace("EapolType" + " - " + stats.getEapolType());
    log.trace("SessionDuration" + " - " + stats.getSessionDuration());
    log.trace("SessionId" + " - " + stats.getSessionId());
    log.trace("SessionName" + " - " + stats.getSessionName());
    log.trace("SessionTerminateReason" + " - " + stats.getSessionTerminateReason());
    log.trace("SrcMacAddress" + " - " + stats.getSrcMacAddress());
    log.trace("TotalFramesReceived" + " - " + stats.getTotalFramesReceived());
    log.trace("TotalFramesSent" + " - " + stats.getTotalFramesSent());
    log.trace("TotalOctetRecieved" + " - " + stats.getTotalOctetRecieved());
    log.trace("TotalOctetSent" + " - " + stats.getTotalOctetSent());
    log.trace("TotalPacketsSent" + " - " + stats.getTotalPacketsSent());
    log.trace("TotalOctetRecieved" + " - " + stats.getTotalOctetRecieved());
    return stats;
}
Also used : AaaSupplicantMachineStats(org.opencord.aaa.AaaSupplicantMachineStats)

Example 2 with AaaSupplicantMachineStats

use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.

the class AaaShowPerMachineCountersCommand method doExecute.

@Override
protected void doExecute() {
    String sessionId = deviceId + portNumber;
    AaaMachineStatisticsService aaaMachineStatsManager = get(AaaMachineStatisticsService.class);
    AuthenticationService aaaManager = get(AuthenticationService.class);
    AaaSupplicantMachineStats aaaSupplicantMachineStats = aaaManager.getSupplicantMachineStats(sessionId);
    if (aaaSupplicantMachineStats != null) {
        print("%30s %10d\n", "SessionDuration", aaaSupplicantMachineStats.getSessionDuration());
        print("%30s %10d\n", "TotalOctetRecieved", aaaSupplicantMachineStats.getTotalOctetRecieved());
        print("%30s %10d\n", "TotalFramesReceived", aaaSupplicantMachineStats.getTotalFramesReceived());
        print("%30s %10d\n", "TotalFramesSent", aaaSupplicantMachineStats.getTotalFramesSent());
        print("%30s %10d\n", "TotalOctetSent", aaaSupplicantMachineStats.getTotalOctetSent());
        print("%30s %10d\n", "TotalPacketsRecieved", aaaSupplicantMachineStats.getTotalPacketsRecieved());
        print("%30s %10d\n", "TotalPacketsSent", aaaSupplicantMachineStats.getTotalPacketsSent());
    } else {
        print("No such Device Found");
    }
}
Also used : AaaSupplicantMachineStats(org.opencord.aaa.AaaSupplicantMachineStats) AaaMachineStatisticsService(org.opencord.aaa.AaaMachineStatisticsService) AuthenticationService(org.opencord.aaa.AuthenticationService)

Example 3 with AaaSupplicantMachineStats

use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.

the class AaaManager method handleStateMachineTimeout.

private void handleStateMachineTimeout(ConnectPoint supplicantConnectPoint) {
    StateMachine stateMachine = stateMachines.remove(supplicantConnectPoint.toString());
    // pushing captured machine stats to kafka
    stateMachine.setSessionTerminateReason("Time out");
    AaaSupplicantMachineStats obj = aaaSupplicantStatsManager.getSupplicantStats(stateMachine);
    aaaSupplicantStatsManager.getMachineStatsDelegate().notify(new AaaMachineStatisticsEvent(AaaMachineStatisticsEvent.Type.STATS_UPDATE, obj));
    if (stateMachine.state() == StateMachine.STATE_PENDING && stateMachine.isWaitingForRadiusResponse()) {
        aaaStatisticsManager.getAaaStats().increaseTimedOutPackets();
    }
    StateMachine.deleteStateMachineMapping(stateMachine);
}
Also used : AaaSupplicantMachineStats(org.opencord.aaa.AaaSupplicantMachineStats) AaaMachineStatisticsEvent(org.opencord.aaa.AaaMachineStatisticsEvent)

Example 4 with AaaSupplicantMachineStats

use of org.opencord.aaa.AaaSupplicantMachineStats in project aaa by opencord.

the class AaaManager method handleRadiusPacket.

/**
 * Handles RADIUS packets.
 *
 * @param radiusPacket RADIUS packet coming from the RADIUS server.
 */
public void handleRadiusPacket(RADIUS radiusPacket) {
    if (log.isTraceEnabled()) {
        log.trace("Received RADIUS packet {} with identifier {}", radiusPacket, radiusPacket.getIdentifier() & 0xff);
    }
    if (radiusOperationalStatusService.isRadiusResponseForOperationalStatus(radiusPacket.getIdentifier())) {
        if (log.isTraceEnabled()) {
            log.trace("Handling operational status RADIUS packet {} with identifier {}", radiusPacket, radiusPacket.getIdentifier() & 0xff);
        }
        radiusOperationalStatusService.handleRadiusPacketForOperationalStatus(radiusPacket);
        return;
    }
    if (log.isTraceEnabled()) {
        log.trace("Handling actual RADIUS packet for supplicant {} with identifier {}", radiusPacket, radiusPacket.getIdentifier() & 0xff);
    }
    RequestIdentifier identifier = RequestIdentifier.of(radiusPacket.getIdentifier());
    String sessionId = idManager.getSessionId(identifier);
    if (sessionId == null) {
        log.error("Invalid packet identifier {}, could not find corresponding " + "state machine ... exiting", radiusPacket.getIdentifier());
        aaaStatisticsManager.getAaaStats().incrementNumberOfSessionsExpired();
        aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
        return;
    }
    idManager.releaseIdentifier(identifier);
    StateMachine stateMachine = stateMachines.get(sessionId);
    if (stateMachine == null) {
        log.error("Invalid packet identifier {}, could not find corresponding " + "state machine ... exiting", radiusPacket.getIdentifier());
        aaaStatisticsManager.getAaaStats().incrementNumberOfSessionsExpired();
        aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
        return;
    }
    // instance of StateMachine using the sessionId for updating machine stats
    StateMachine machineStats = stateMachines.get(stateMachine.sessionId());
    EAP eapPayload;
    Ethernet eth;
    checkReceivedPacketForValidValidator(radiusPacket, stateMachine.requestAuthenticator());
    // increasing packets and octets received from server
    machineStats.incrementTotalPacketsReceived();
    try {
        machineStats.incrementTotalOctetReceived(radiusPacket.decapsulateMessage().getLength());
    } catch (DeserializationException e) {
        log.error(e.getMessage());
        return;
    }
    if (outPacketSet.contains(radiusPacket.getIdentifier())) {
        aaaStatisticsManager.getAaaStats().increaseOrDecreasePendingRequests(false);
        outPacketSet.remove(new Byte(radiusPacket.getIdentifier()));
    }
    MacAddress dstMac = stateMachine.supplicantAddress();
    ConnectPoint supplicantCp = stateMachine.supplicantConnectpoint();
    switch(radiusPacket.getCode()) {
        case RADIUS.RADIUS_CODE_ACCESS_CHALLENGE:
            log.debug("RADIUS packet: RADIUS_CODE_ACCESS_CHALLENGE for dev/port: {}/{} " + "with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
            RADIUSAttribute radiusAttrState = radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_STATE);
            byte[] challengeState = null;
            if (radiusAttrState != null) {
                challengeState = radiusAttrState.getValue();
            }
            try {
                eapPayload = radiusPacket.decapsulateMessage();
                eth = buildEapolResponse(stateMachine.supplicantAddress(), MacAddress.valueOf(nasMacAddress), stateMachine.vlanId(), EAPOL.EAPOL_PACKET, eapPayload, stateMachine.priorityCode());
                stateMachine.setChallengeInfo(eapPayload.getIdentifier(), challengeState);
            } catch (DeserializationException e) {
                log.error(e.getMessage());
                break;
            }
            log.debug("Send EAP challenge response to supplicant on dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
            sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint(), true);
            aaaStatisticsManager.getAaaStats().increaseChallengeResponsesRx();
            outPacketSupp.add(eapPayload.getIdentifier());
            aaaStatisticsManager.getAaaStats().incrementPendingReqSupp();
            // increasing packets send to server
            machineStats.incrementTotalPacketsSent();
            machineStats.incrementTotalOctetSent(eapPayload.getLength());
            break;
        case RADIUS.RADIUS_CODE_ACCESS_ACCEPT:
            log.debug("RADIUS packet: RADIUS_CODE_ACCESS_ACCEPT for dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
            // send an EAPOL - Success to the supplicant.
            byte[] eapMessageSuccess = radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_EAP_MESSAGE).getValue();
            try {
                eapPayload = EAP.deserializer().deserialize(eapMessageSuccess, 0, eapMessageSuccess.length);
            } catch (DeserializationException e) {
                log.error(e.getMessage());
                break;
            }
            eth = buildEapolResponse(stateMachine.supplicantAddress(), MacAddress.valueOf(nasMacAddress), stateMachine.vlanId(), EAPOL.EAPOL_PACKET, eapPayload, stateMachine.priorityCode());
            log.info("Send EAP success message to supplicant on dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
            sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint(), false);
            aaaStatisticsManager.getAaaStats().incrementEapolAuthSuccessTrans();
            stateMachine.authorizeAccess();
            aaaStatisticsManager.getAaaStats().increaseAcceptResponsesRx();
            // increasing packets send to server
            machineStats.incrementTotalPacketsSent();
            machineStats.incrementTotalOctetSent(eapPayload.getLength());
            break;
        case RADIUS.RADIUS_CODE_ACCESS_REJECT:
            log.debug("RADIUS packet: RADIUS_CODE_ACCESS_REJECT for dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
            // send an EAPOL - Failure to the supplicant.
            byte[] eapMessageFailure;
            eapPayload = new EAP();
            RADIUSAttribute radiusAttrEap = radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_EAP_MESSAGE);
            if (radiusAttrEap == null) {
                eapPayload.setCode(EAP.FAILURE);
                eapPayload.setIdentifier(stateMachine.challengeIdentifier());
                eapPayload.setLength(EAP.EAP_HDR_LEN_SUC_FAIL);
            } else {
                eapMessageFailure = radiusAttrEap.getValue();
                try {
                    eapPayload = EAP.deserializer().deserialize(eapMessageFailure, 0, eapMessageFailure.length);
                } catch (DeserializationException e) {
                    log.error(e.getMessage());
                    break;
                }
            }
            eth = buildEapolResponse(stateMachine.supplicantAddress(), MacAddress.valueOf(nasMacAddress), stateMachine.vlanId(), EAPOL.EAPOL_PACKET, eapPayload, stateMachine.priorityCode());
            log.warn("Send EAP failure message to supplicant on dev/port: {}/{}" + " with MacAddress {} and Identifier {}", supplicantCp.deviceId(), supplicantCp.port(), dstMac, stateMachine.challengeIdentifier() & 0xff);
            sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint(), false);
            aaaStatisticsManager.getAaaStats().incrementEapolauthFailureTrans();
            stateMachine.denyAccess();
            aaaStatisticsManager.getAaaStats().increaseRejectResponsesRx();
            // increasing packets send to server
            machineStats.incrementTotalPacketsSent();
            machineStats.incrementTotalOctetSent(eapPayload.getLength());
            // pushing machine stats to kafka
            AaaSupplicantMachineStats machineObj = aaaSupplicantStatsManager.getSupplicantStats(machineStats);
            aaaSupplicantStatsManager.getMachineStatsDelegate().notify(new AaaMachineStatisticsEvent(AaaMachineStatisticsEvent.Type.STATS_UPDATE, machineObj));
            break;
        default:
            log.warn("Unknown RADIUS message received with code: {} for dev/port: {}/{}" + " with MacAddress {} and Identifier {}", radiusPacket.getCode(), supplicantCp.deviceId(), supplicantCp.port(), dstMac, radiusPacket.getIdentifier() & 0xff);
            aaaStatisticsManager.getAaaStats().increaseUnknownTypeRx();
            // increasing packets received to server
            machineStats.incrementTotalPacketsReceived();
            try {
                machineStats.incrementTotalOctetReceived(radiusPacket.decapsulateMessage().getLength());
            } catch (DeserializationException e) {
                log.error(e.getMessage());
                break;
            }
    }
    aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
}
Also used : AaaMachineStatisticsEvent(org.opencord.aaa.AaaMachineStatisticsEvent) MacAddress(org.onlab.packet.MacAddress) RADIUSAttribute(org.onlab.packet.RADIUSAttribute) ConnectPoint(org.onosproject.net.ConnectPoint) DeserializationException(org.onlab.packet.DeserializationException) EAP(org.onlab.packet.EAP) Ethernet(org.onlab.packet.Ethernet) AaaSupplicantMachineStats(org.opencord.aaa.AaaSupplicantMachineStats)

Aggregations

AaaSupplicantMachineStats (org.opencord.aaa.AaaSupplicantMachineStats)4 AaaMachineStatisticsEvent (org.opencord.aaa.AaaMachineStatisticsEvent)2 DeserializationException (org.onlab.packet.DeserializationException)1 EAP (org.onlab.packet.EAP)1 Ethernet (org.onlab.packet.Ethernet)1 MacAddress (org.onlab.packet.MacAddress)1 RADIUSAttribute (org.onlab.packet.RADIUSAttribute)1 ConnectPoint (org.onosproject.net.ConnectPoint)1 AaaMachineStatisticsService (org.opencord.aaa.AaaMachineStatisticsService)1 AuthenticationService (org.opencord.aaa.AuthenticationService)1