diff --git a/scripts/base/frameworks/openflow/plugins/__load__.bro b/scripts/base/frameworks/openflow/plugins/__load__.bro index c45aa9544e..bf83a61648 100644 --- a/scripts/base/frameworks/openflow/plugins/__load__.bro +++ b/scripts/base/frameworks/openflow/plugins/__load__.bro @@ -1 +1,2 @@ -@load ./ryu \ No newline at end of file +@load ./ryu +@load ./log diff --git a/scripts/base/frameworks/openflow/plugins/log.bro b/scripts/base/frameworks/openflow/plugins/log.bro new file mode 100644 index 0000000000..0914654e06 --- /dev/null +++ b/scripts/base/frameworks/openflow/plugins/log.bro @@ -0,0 +1,59 @@ +##! OpenFlow module that outputs flow-modification commands +##! to a Bro log file. + +module OpenFlow; + +@load base/frameworks/openflow +@load base/frameworks/logging + +export { + redef enum Plugin += { + LOG, + }; + + ## Log controller constructor. + ## + ## dpid: OpenFlow switch datapath id. + ## + ## Returns: OpenFlow::Controller record + global log_new: function(dpid: count): OpenFlow::Controller; + + redef record ControllerState += { + ## OpenFlow switch datapath id. + log_dpid: count &optional; + }; + + ## The record type which contains column fields of the OpenFlow log. + type Info: record { + ## Network time + ts: time &log; + ## OpenFlow switch datapath id + dpid: count &log; + ## OpenFlow match fields + match: ofp_match &log; + ## OpenFlow modify flow entry message + flow_mod: ofp_flow_mod &log; + }; + + ## Event that can be handled to access the :bro:type:`OpenFlow::Info` + ## record as it is sent on to the logging framework. + global log_openflow: event(rec: Info); +} + +event bro_init() &priority=5 + { + Log::create_stream(LOG, [$columns=Info, $ev=log_openflow, $path="openflow"]); + } + +function log_flow_mod(state: OpenFlow::ControllerState, match: ofp_match, flow_mod: OpenFlow::ofp_flow_mod): bool + { + Log::write(LOG, [$ts=network_time(), $dpid=state$log_dpid, $match=match, $flow_mod=flow_mod]); + + return T; + } + +function log_new(dpid: count): OpenFlow::Controller + { + return [$state=[$log_dpid=dpid, $_plugin=OpenFlow::LOG], + $flow_mod=log_flow_mod, $flow_clear=ryu_flow_clear]; + } diff --git a/scripts/base/frameworks/openflow/types.bro b/scripts/base/frameworks/openflow/types.bro index e979ec75a5..a70bfb345c 100644 --- a/scripts/base/frameworks/openflow/types.bro +++ b/scripts/base/frameworks/openflow/types.bro @@ -49,7 +49,7 @@ export { tp_src: port &optional; # TCP/UDP destination port. tp_dst: port &optional; - }; + } &log; ## Openflow flow_mod definition, describing the action to perform. type ofp_flow_mod: record { @@ -76,7 +76,7 @@ export { flags: count &default=0; ## Output ports to send data to. out_ports: vector of count &default=vector(); - }; + } &log; # Functionality using this is currently not implemented. At all. # ## Body of reply to OFPST_FLOW request. diff --git a/testing/btest/Baseline/scripts.base.frameworks.openflow.log-basic/openflow.log b/testing/btest/Baseline/scripts.base.frameworks.openflow.log-basic/openflow.log new file mode 100644 index 0000000000..99562536fd --- /dev/null +++ b/testing/btest/Baseline/scripts.base.frameworks.openflow.log-basic/openflow.log @@ -0,0 +1,12 @@ +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path openflow +#open 2015-04-13-19-54-15 +#fields ts dpid match.in_port match.dl_src match.dl_dst match.dl_vlan match.dl_vlan_pcp match.dl_type match.nw_tos match.nw_proto match.nw_src match.nw_dst match.tp_src match.tp_dst flow_mod.cookie flow_mod.table_id flow_mod.command flow_mod.idle_timeout flow_mod.hard_timeout flow_mod.priority flow_mod.out_group flow_mod.flags flow_mod.out_ports +#types time count count string string count count count count count addr addr port port count count enum count count count count count vector[count] +0.000000 42 - - - - - - - - - - - - 1 - OpenFlow::OFPFC_ADD 0 0 0 - 0 3,7 +1254722767.875996 42 - - - - - 2048 - 6 10.10.1.4 74.53.140.153 1470 25 42 - OpenFlow::OFPFC_ADD 30 0 5 - 0 (empty) +1254722767.875996 42 - - - - - 2048 - 6 74.53.140.153 10.10.1.4 25 25 42 - OpenFlow::OFPFC_ADD 30 0 5 - 0 (empty) +#close 2015-04-13-19-54-15 diff --git a/testing/btest/scripts/base/frameworks/openflow/log-basic.bro b/testing/btest/scripts/base/frameworks/openflow/log-basic.bro new file mode 100644 index 0000000000..ea18acb8ce --- /dev/null +++ b/testing/btest/scripts/base/frameworks/openflow/log-basic.bro @@ -0,0 +1,30 @@ +# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT +# @TEST-EXEC: btest-diff openflow.log + +@load base/protocols/conn +@load base/frameworks/openflow + +global of_controller: OpenFlow::Controller; + +event bro_init() + { + of_controller = OpenFlow::log_new(42); + + OpenFlow::flow_mod(of_controller, [], [$cookie=1, $command=OpenFlow::OFPFC_ADD, $out_ports=vector(3, 7)]); + } + +event connection_established(c: connection) + { + local match = OpenFlow::match_conn(c$id); + local match_rev = OpenFlow::match_conn(c$id, T); + + local flow_mod: OpenFlow::ofp_flow_mod = [ + $cookie=42, + $command=OpenFlow::OFPFC_ADD, + $idle_timeout=30, + $priority=5 + ]; + + OpenFlow::flow_mod(of_controller, match, flow_mod); + OpenFlow::flow_mod(of_controller, match_rev, flow_mod); + }