mirror of
https://github.com/zeek/zeek.git
synced 2025-10-09 10:08:20 +00:00
add really simple log output plugin for openflow.
This commit is contained in:
Johanna Amann
parent
46058d0b02
commit
21b78b7d92
5 changed files with 105 additions and 3 deletions
|
|
@ -1 +1,2 @@
|
||||||
@load ./ryu
|
@load ./ryu
|
||||||
|
@load ./log
|
||||||
|
|
|
||||||
59
scripts/base/frameworks/openflow/plugins/log.bro
Normal file
59
scripts/base/frameworks/openflow/plugins/log.bro
Normal file
|
|
@ -0,0 +1,59 @@
|
||||||
|
##! OpenFlow module that outputs flow-modification commands
|
||||||
|
##! to a Bro log file.
|
||||||
|
|
||||||
|
module OpenFlow;
|
||||||
|
|
||||||
|
@load base/frameworks/openflow
|
||||||
|
@load base/frameworks/logging
|
||||||
|
|
||||||
|
export {
|
||||||
|
redef enum Plugin += {
|
||||||
|
LOG,
|
||||||
|
};
|
||||||
|
|
||||||
|
## Log controller constructor.
|
||||||
|
##
|
||||||
|
## dpid: OpenFlow switch datapath id.
|
||||||
|
##
|
||||||
|
## Returns: OpenFlow::Controller record
|
||||||
|
global log_new: function(dpid: count): OpenFlow::Controller;
|
||||||
|
|
||||||
|
redef record ControllerState += {
|
||||||
|
## OpenFlow switch datapath id.
|
||||||
|
log_dpid: count &optional;
|
||||||
|
};
|
||||||
|
|
||||||
|
## The record type which contains column fields of the OpenFlow log.
|
||||||
|
type Info: record {
|
||||||
|
## Network time
|
||||||
|
ts: time &log;
|
||||||
|
## OpenFlow switch datapath id
|
||||||
|
dpid: count &log;
|
||||||
|
## OpenFlow match fields
|
||||||
|
match: ofp_match &log;
|
||||||
|
## OpenFlow modify flow entry message
|
||||||
|
flow_mod: ofp_flow_mod &log;
|
||||||
|
};
|
||||||
|
|
||||||
|
## Event that can be handled to access the :bro:type:`OpenFlow::Info`
|
||||||
|
## record as it is sent on to the logging framework.
|
||||||
|
global log_openflow: event(rec: Info);
|
||||||
|
}
|
||||||
|
|
||||||
|
event bro_init() &priority=5
|
||||||
|
{
|
||||||
|
Log::create_stream(LOG, [$columns=Info, $ev=log_openflow, $path="openflow"]);
|
||||||
|
}
|
||||||
|
|
||||||
|
function log_flow_mod(state: OpenFlow::ControllerState, match: ofp_match, flow_mod: OpenFlow::ofp_flow_mod): bool
|
||||||
|
{
|
||||||
|
Log::write(LOG, [$ts=network_time(), $dpid=state$log_dpid, $match=match, $flow_mod=flow_mod]);
|
||||||
|
|
||||||
|
return T;
|
||||||
|
}
|
||||||
|
|
||||||
|
function log_new(dpid: count): OpenFlow::Controller
|
||||||
|
{
|
||||||
|
return [$state=[$log_dpid=dpid, $_plugin=OpenFlow::LOG],
|
||||||
|
$flow_mod=log_flow_mod, $flow_clear=ryu_flow_clear];
|
||||||
|
}
|
||||||
|
|
@ -49,7 +49,7 @@ export {
|
||||||
tp_src: port &optional;
|
tp_src: port &optional;
|
||||||
# TCP/UDP destination port.
|
# TCP/UDP destination port.
|
||||||
tp_dst: port &optional;
|
tp_dst: port &optional;
|
||||||
};
|
} &log;
|
||||||
|
|
||||||
## Openflow flow_mod definition, describing the action to perform.
|
## Openflow flow_mod definition, describing the action to perform.
|
||||||
type ofp_flow_mod: record {
|
type ofp_flow_mod: record {
|
||||||
|
|
@ -76,7 +76,7 @@ export {
|
||||||
flags: count &default=0;
|
flags: count &default=0;
|
||||||
## Output ports to send data to.
|
## Output ports to send data to.
|
||||||
out_ports: vector of count &default=vector();
|
out_ports: vector of count &default=vector();
|
||||||
};
|
} &log;
|
||||||
|
|
||||||
# Functionality using this is currently not implemented. At all.
|
# Functionality using this is currently not implemented. At all.
|
||||||
# ## Body of reply to OFPST_FLOW request.
|
# ## Body of reply to OFPST_FLOW request.
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,12 @@
|
||||||
|
#separator \x09
|
||||||
|
#set_separator ,
|
||||||
|
#empty_field (empty)
|
||||||
|
#unset_field -
|
||||||
|
#path openflow
|
||||||
|
#open 2015-04-13-19-54-15
|
||||||
|
#fields ts dpid match.in_port match.dl_src match.dl_dst match.dl_vlan match.dl_vlan_pcp match.dl_type match.nw_tos match.nw_proto match.nw_src match.nw_dst match.tp_src match.tp_dst flow_mod.cookie flow_mod.table_id flow_mod.command flow_mod.idle_timeout flow_mod.hard_timeout flow_mod.priority flow_mod.out_group flow_mod.flags flow_mod.out_ports
|
||||||
|
#types time count count string string count count count count count addr addr port port count count enum count count count count count vector[count]
|
||||||
|
0.000000 42 - - - - - - - - - - - - 1 - OpenFlow::OFPFC_ADD 0 0 0 - 0 3,7
|
||||||
|
1254722767.875996 42 - - - - - 2048 - 6 10.10.1.4 74.53.140.153 1470 25 42 - OpenFlow::OFPFC_ADD 30 0 5 - 0 (empty)
|
||||||
|
1254722767.875996 42 - - - - - 2048 - 6 74.53.140.153 10.10.1.4 25 25 42 - OpenFlow::OFPFC_ADD 30 0 5 - 0 (empty)
|
||||||
|
#close 2015-04-13-19-54-15
|
||||||
30
testing/btest/scripts/base/frameworks/openflow/log-basic.bro
Normal file
30
testing/btest/scripts/base/frameworks/openflow/log-basic.bro
Normal file
|
|
@ -0,0 +1,30 @@
|
||||||
|
# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
|
||||||
|
# @TEST-EXEC: btest-diff openflow.log
|
||||||
|
|
||||||
|
@load base/protocols/conn
|
||||||
|
@load base/frameworks/openflow
|
||||||
|
|
||||||
|
global of_controller: OpenFlow::Controller;
|
||||||
|
|
||||||
|
event bro_init()
|
||||||
|
{
|
||||||
|
of_controller = OpenFlow::log_new(42);
|
||||||
|
|
||||||
|
OpenFlow::flow_mod(of_controller, [], [$cookie=1, $command=OpenFlow::OFPFC_ADD, $out_ports=vector(3, 7)]);
|
||||||
|
}
|
||||||
|
|
||||||
|
event connection_established(c: connection)
|
||||||
|
{
|
||||||
|
local match = OpenFlow::match_conn(c$id);
|
||||||
|
local match_rev = OpenFlow::match_conn(c$id, T);
|
||||||
|
|
||||||
|
local flow_mod: OpenFlow::ofp_flow_mod = [
|
||||||
|
$cookie=42,
|
||||||
|
$command=OpenFlow::OFPFC_ADD,
|
||||||
|
$idle_timeout=30,
|
||||||
|
$priority=5
|
||||||
|
];
|
||||||
|
|
||||||
|
OpenFlow::flow_mod(of_controller, match, flow_mod);
|
||||||
|
OpenFlow::flow_mod(of_controller, match_rev, flow_mod);
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue