mirror of
https://github.com/zeek/zeek.git
synced 2025-10-09 01:58:20 +00:00
add really simple log output plugin for openflow.
This commit is contained in:
Johanna Amann
parent
46058d0b02
commit
21b78b7d92
5 changed files with 105 additions and 3 deletions
|
|
@ -1 +1,2 @@
|
|||
@load ./ryu
|
||||
@load ./ryu
|
||||
@load ./log
|
||||
|
|
|
|||
59
scripts/base/frameworks/openflow/plugins/log.bro
Normal file
59
scripts/base/frameworks/openflow/plugins/log.bro
Normal file
|
|
@ -0,0 +1,59 @@
|
|||
##! OpenFlow module that outputs flow-modification commands
|
||||
##! to a Bro log file.
|
||||
|
||||
module OpenFlow;
|
||||
|
||||
@load base/frameworks/openflow
|
||||
@load base/frameworks/logging
|
||||
|
||||
export {
|
||||
redef enum Plugin += {
|
||||
LOG,
|
||||
};
|
||||
|
||||
## Log controller constructor.
|
||||
##
|
||||
## dpid: OpenFlow switch datapath id.
|
||||
##
|
||||
## Returns: OpenFlow::Controller record
|
||||
global log_new: function(dpid: count): OpenFlow::Controller;
|
||||
|
||||
redef record ControllerState += {
|
||||
## OpenFlow switch datapath id.
|
||||
log_dpid: count &optional;
|
||||
};
|
||||
|
||||
## The record type which contains column fields of the OpenFlow log.
|
||||
type Info: record {
|
||||
## Network time
|
||||
ts: time &log;
|
||||
## OpenFlow switch datapath id
|
||||
dpid: count &log;
|
||||
## OpenFlow match fields
|
||||
match: ofp_match &log;
|
||||
## OpenFlow modify flow entry message
|
||||
flow_mod: ofp_flow_mod &log;
|
||||
};
|
||||
|
||||
## Event that can be handled to access the :bro:type:`OpenFlow::Info`
|
||||
## record as it is sent on to the logging framework.
|
||||
global log_openflow: event(rec: Info);
|
||||
}
|
||||
|
||||
event bro_init() &priority=5
|
||||
{
|
||||
Log::create_stream(LOG, [$columns=Info, $ev=log_openflow, $path="openflow"]);
|
||||
}
|
||||
|
||||
function log_flow_mod(state: OpenFlow::ControllerState, match: ofp_match, flow_mod: OpenFlow::ofp_flow_mod): bool
|
||||
{
|
||||
Log::write(LOG, [$ts=network_time(), $dpid=state$log_dpid, $match=match, $flow_mod=flow_mod]);
|
||||
|
||||
return T;
|
||||
}
|
||||
|
||||
function log_new(dpid: count): OpenFlow::Controller
|
||||
{
|
||||
return [$state=[$log_dpid=dpid, $_plugin=OpenFlow::LOG],
|
||||
$flow_mod=log_flow_mod, $flow_clear=ryu_flow_clear];
|
||||
}
|
||||
|
|
@ -49,7 +49,7 @@ export {
|
|||
tp_src: port &optional;
|
||||
# TCP/UDP destination port.
|
||||
tp_dst: port &optional;
|
||||
};
|
||||
} &log;
|
||||
|
||||
## Openflow flow_mod definition, describing the action to perform.
|
||||
type ofp_flow_mod: record {
|
||||
|
|
@ -76,7 +76,7 @@ export {
|
|||
flags: count &default=0;
|
||||
## Output ports to send data to.
|
||||
out_ports: vector of count &default=vector();
|
||||
};
|
||||
} &log;
|
||||
|
||||
# Functionality using this is currently not implemented. At all.
|
||||
# ## Body of reply to OFPST_FLOW request.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,12 @@
|
|||
#separator \x09
|
||||
#set_separator ,
|
||||
#empty_field (empty)
|
||||
#unset_field -
|
||||
#path openflow
|
||||
#open 2015-04-13-19-54-15
|
||||
#fields ts dpid match.in_port match.dl_src match.dl_dst match.dl_vlan match.dl_vlan_pcp match.dl_type match.nw_tos match.nw_proto match.nw_src match.nw_dst match.tp_src match.tp_dst flow_mod.cookie flow_mod.table_id flow_mod.command flow_mod.idle_timeout flow_mod.hard_timeout flow_mod.priority flow_mod.out_group flow_mod.flags flow_mod.out_ports
|
||||
#types time count count string string count count count count count addr addr port port count count enum count count count count count vector[count]
|
||||
0.000000 42 - - - - - - - - - - - - 1 - OpenFlow::OFPFC_ADD 0 0 0 - 0 3,7
|
||||
1254722767.875996 42 - - - - - 2048 - 6 10.10.1.4 74.53.140.153 1470 25 42 - OpenFlow::OFPFC_ADD 30 0 5 - 0 (empty)
|
||||
1254722767.875996 42 - - - - - 2048 - 6 74.53.140.153 10.10.1.4 25 25 42 - OpenFlow::OFPFC_ADD 30 0 5 - 0 (empty)
|
||||
#close 2015-04-13-19-54-15
|
||||
30
testing/btest/scripts/base/frameworks/openflow/log-basic.bro
Normal file
30
testing/btest/scripts/base/frameworks/openflow/log-basic.bro
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
|
||||
# @TEST-EXEC: btest-diff openflow.log
|
||||
|
||||
@load base/protocols/conn
|
||||
@load base/frameworks/openflow
|
||||
|
||||
global of_controller: OpenFlow::Controller;
|
||||
|
||||
event bro_init()
|
||||
{
|
||||
of_controller = OpenFlow::log_new(42);
|
||||
|
||||
OpenFlow::flow_mod(of_controller, [], [$cookie=1, $command=OpenFlow::OFPFC_ADD, $out_ports=vector(3, 7)]);
|
||||
}
|
||||
|
||||
event connection_established(c: connection)
|
||||
{
|
||||
local match = OpenFlow::match_conn(c$id);
|
||||
local match_rev = OpenFlow::match_conn(c$id, T);
|
||||
|
||||
local flow_mod: OpenFlow::ofp_flow_mod = [
|
||||
$cookie=42,
|
||||
$command=OpenFlow::OFPFC_ADD,
|
||||
$idle_timeout=30,
|
||||
$priority=5
|
||||
];
|
||||
|
||||
OpenFlow::flow_mod(of_controller, match, flow_mod);
|
||||
OpenFlow::flow_mod(of_controller, match_rev, flow_mod);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue