diff --git a/scripts/base/frameworks/netcontrol/cluster.bro b/scripts/base/frameworks/netcontrol/cluster.bro index 880736c8ed..9cdaa30d2d 100644 --- a/scripts/base/frameworks/netcontrol/cluster.bro +++ b/scripts/base/frameworks/netcontrol/cluster.bro @@ -64,3 +64,34 @@ event NetControl::cluster_netcontrol_remove_rule(id: string) remove_rule_impl(id); } @endif + +@if ( Cluster::local_node_type() == Cluster::MANAGER ) +event rule_expire(r: Rule, p: PluginState) &priority=-5 + { + rule_expire_impl(r, p); + } + +event rule_added(r: Rule, p: PluginState, msg: string &default="") &priority=5 + { + rule_added_impl(r, p, msg); + + if ( r?$expire && ! p$plugin$can_expire ) + schedule r$expire { rule_expire(r, p) }; + } + +event rule_removed(r: Rule, p: PluginState, msg: string &default="") &priority=-5 + { + rule_removed_impl(r, p, msg); + } + +event rule_timeout(r: Rule, i: FlowInfo, p: PluginState) &priority=-5 + { + rule_timeout_impl(r, i, p); + } + +event rule_error(r: Rule, p: PluginState, msg: string &default="") &priority=-5 + { + rule_error_impl(r, p, msg); + } +@endif + diff --git a/scripts/base/frameworks/netcontrol/main.bro b/scripts/base/frameworks/netcontrol/main.bro index fd32b4ec64..cdbc60541e 100644 --- a/scripts/base/frameworks/netcontrol/main.bro +++ b/scripts/base/frameworks/netcontrol/main.bro @@ -116,7 +116,7 @@ export { ## t: how long to leave the quarantine in place ## ## Returns: Vector of inserted rules on success, empty list on failure. - global quarantine_host: function(infected: addr, dns: addr, quarantine: addr, t: interval, location: string) : vector of string; + global quarantine_host: function(infected: addr, dns: addr, quarantine: addr, t: interval, location: string &default="") : vector of string; ## Flushes all state. global clear: function(); @@ -197,7 +197,7 @@ export { ## r: The rule to be added global NetControl::rule_policy: hook(r: Rule); - ## Type of an entry in the PACF log. + ## Type of an entry in the NetControl log. type InfoCategory: enum { ## A log entry reflecting a framework message. MESSAGE, @@ -207,7 +207,7 @@ export { RULE }; - ## State of an entry in the PACF log. + ## State of an entry in the NetControl log. type InfoState: enum { REQUESTED, SUCCEEDED, @@ -216,10 +216,12 @@ export { TIMEOUT, }; - ## The record type which contains column fields of the PACF log. + ## The record type which contains column fields of the NetControl log. type Info: record { ## Time at which the recorded activity occurred. ts: time &log; + ## ID of the rule; unique during each Bro run + rule_id: string &log &optional; ## Type of the log entry. category: InfoCategory &log &optional; ## The command the log entry is about. @@ -234,14 +236,24 @@ export { entity_type: string &log &optional; ## String describing the entity the log entry is about. entity: string &log &optional; + ## String describing the optional modification of the entry (e.h. redirect) + mod: string &log &optional; ## String with an additional message. msg: string &log &optional; - ## Logcation where the underlying action was triggered. + ## Number describing the priority of the log entry + priority: int &log &optional; + ## Expiry time of the log entry + expire: interval &log &optional; + ## Location where the underlying action was triggered. location: string &log &optional; ## Plugin triggering the log entry. plugin: string &log &optional; }; +# type ShuntInfo: record { +# ## Time at which the recorded activity occurred. +# ts: time &log; + ## Event that can be handled to access the :bro:type:`NetControl::Info` ## record as it is sent on to the logging framework. global log_netcontrol: event(rec: Info); @@ -262,6 +274,7 @@ global id_to_cids: table[string] of set[count]; # id to cid event bro_init() &priority=5 { Log::create_stream(NetControl::LOG, [$columns=Info, $ev=log_netcontrol, $path="netcontrol"]); +# Log::create_stream(NetControl::SHUNT, [$columns=ShuntInfo, $ev=log_netcontrol_shung, $path="netcontrol_shunt"]); } function entity_to_info(info: Info, e: Entity) @@ -284,6 +297,8 @@ function entity_to_info(info: Info, e: Entity) local ffrom_port = "*"; local fto_ip = "*"; local fto_port = "*"; + local ffrom_mac = "*"; + local fto_mac = "*"; if ( e$flow?$src_h ) ffrom_ip = cat(e$flow$src_h); if ( e$flow?$src_p ) @@ -295,6 +310,15 @@ function entity_to_info(info: Info, e: Entity) info$entity = fmt("%s/%s->%s/%s", ffrom_ip, ffrom_port, fto_ip, fto_port); + if ( e$flow?$src_m || e$flow?$dst_m ) + { + if ( e$flow?$src_m ) + ffrom_mac = e$flow$src_m; + if ( e$flow?$dst_m ) + fto_mac = e$flow$dst_m; + + info$entity = fmt("%s (%s->%s)", info$entity, ffrom_mac, fto_mac); + } break; case MAC: @@ -311,10 +335,46 @@ function rule_to_info(info: Info, r: Rule) { info$action = fmt("%s", r$ty); info$target = r$target; + info$rule_id = r$id; + info$expire = r$expire; + info$priority = r$priority; - if ( r?$location ) + if ( r?$location && r$location != "" ) info$location = r$location; + if ( r$ty == REDIRECT ) + info$mod = fmt("-> %d", r$out_port); + + if ( r$ty == MODIFY ) + { + local mfrom_ip = "_"; + local mfrom_port = "_"; + local mto_ip = "_"; + local mto_port = "_"; + local mfrom_mac = "_"; + local mto_mac = "_"; + if ( r$mod?$src_h ) + mfrom_ip = cat(r$mod$src_h); + if ( r$mod?$src_p ) + mfrom_port = fmt("%d", r$mod$src_p); + if ( r$mod?$dst_h ) + mto_ip = cat(r$mod$dst_h); + if ( r$mod?$dst_p ) + mto_port = fmt("%d", r$mod$dst_p); + + if ( r$mod?$src_m ) + mfrom_mac = r$mod$src_m; + if ( r$mod?$dst_m ) + mto_mac = r$mod$dst_m; + + info$mod = fmt("Src: %s/%s (%s) Dst: %s/%s (%s)", + mfrom_ip, mfrom_port, mfrom_mac, mto_ip, mto_port, mto_mac); + + if ( r$mod?$redirect_port ) + info$mod = fmt("%s -> %d", info$mod, r$mod$redirect_port); + + } + entity_to_info(info, r$entity); } @@ -328,13 +388,15 @@ function log_error(msg: string, p: PluginState) Log::write(LOG, [$ts=network_time(), $category=ERROR, $msg=msg, $plugin=p$plugin$name(p)]); } -function log_rule(r: Rule, cmd: string, state: InfoState, p: PluginState) +function log_rule(r: Rule, cmd: string, state: InfoState, p: PluginState, msg: string &default="") { local info: Info = [$ts=network_time()]; info$category = RULE; info$cmd = cmd; info$state = state; info$plugin = p$plugin$name(p); + if ( msg != "" ) + info$msg = msg; rule_to_info(info, r); @@ -415,7 +477,7 @@ function redirect_flow(f: flow_id, out_port: count, t: interval, location: strin $dst_p=f$dst_p ); local e: Entity = [$ty=FLOW, $flow=flow]; - local r: Rule = [$ty=REDIRECT, $target=FORWARD, $entity=e, $expire=t, $location=location, $c=out_port]; + local r: Rule = [$ty=REDIRECT, $target=FORWARD, $entity=e, $expire=t, $location=location, $out_port=out_port]; return add_rule(r); } @@ -559,7 +621,7 @@ function remove_rule_impl(id: string) : bool return success; } -event rule_expire(r: Rule, p: PluginState) +function rule_expire_impl(r: Rule, p: PluginState) &priority=-5 { if ( [r$id,r$cid] !in rules ) # Removed already. @@ -569,41 +631,54 @@ event rule_expire(r: Rule, p: PluginState) remove_single_rule(r$id, r$cid); } -event rule_added(r: Rule, p: PluginState, msg: string &default="") +function rule_added_impl(r: Rule, p: PluginState, msg: string &default="") { - log_rule(r, "ADD", SUCCEEDED, p); + log_rule(r, "ADD", SUCCEEDED, p, msg); rules[r$id,r$cid] = r; if ( r$id !in id_to_cids ) id_to_cids[r$id] = set(); add id_to_cids[r$id][r$cid]; - - if ( r?$expire && ! p$plugin$can_expire ) - schedule r$expire { rule_expire(r, p) }; } -event rule_removed(r: Rule, p: PluginState, msg: string &default="") +function rule_removed_impl(r: Rule, p: PluginState, msg: string &default="") + { + if ( [r$id,r$cid] !in rules ) + { + log_rule_error(r, "Removal of non-existing rule", p); + return; + } + + delete rules[r$id,r$cid]; + delete id_to_cids[r$id][r$cid]; + if ( |id_to_cids[r$id]| == 0 ) + delete id_to_cids[r$id]; + + log_rule(r, "REMOVE", SUCCEEDED, p, msg); + } + +function rule_timeout_impl(r: Rule, i: FlowInfo, p: PluginState) { delete rules[r$id,r$cid]; delete id_to_cids[r$id][r$cid]; if ( |id_to_cids[r$id]| == 0 ) delete id_to_cids[r$id]; - log_rule(r, "REMOVE", SUCCEEDED, p); + local msg = ""; + if ( i?$packet_count ) + msg = fmt("Packets: %d", i$packet_count); + if ( i?$byte_count ) + { + if ( msg != "" ) + msg = msg + " "; + msg = fmt("%sBytes: %s", msg, i$byte_count); + } + + log_rule(r, "EXPIRE", TIMEOUT, p, msg); } -event rule_timeout(r: Rule, i: FlowInfo, p: PluginState) - { - delete rules[r$id,r$cid]; - delete id_to_cids[r$id][r$cid]; - if ( |id_to_cids[r$id]| == 0 ) - delete id_to_cids[r$id]; - - log_rule(r, "EXPIRE", TIMEOUT, p); - } - -event rule_error(r: Rule, p: PluginState, msg: string &default="") +function rule_error_impl(r: Rule, p: PluginState, msg: string &default="") { log_rule_error(r, msg, p); # errors can occur during deletion. Since this probably means we wo't hear diff --git a/scripts/base/frameworks/netcontrol/non-cluster.bro b/scripts/base/frameworks/netcontrol/non-cluster.bro index c94e4c9e08..8e08ebe436 100644 --- a/scripts/base/frameworks/netcontrol/non-cluster.bro +++ b/scripts/base/frameworks/netcontrol/non-cluster.bro @@ -16,3 +16,32 @@ function remove_rule(id: string) : bool { return remove_rule_impl(id); } + +event rule_expire(r: Rule, p: PluginState) &priority=-5 + { + rule_expire_impl(r, p); + } + +event rule_added(r: Rule, p: PluginState, msg: string &default="") &priority=5 + { + rule_added_impl(r, p, msg); + + if ( r?$expire && ! p$plugin$can_expire ) + schedule r$expire { rule_expire(r, p) }; + } + +event rule_removed(r: Rule, p: PluginState, msg: string &default="") &priority=-5 + { + rule_removed_impl(r, p, msg); + } + +event rule_timeout(r: Rule, i: FlowInfo, p: PluginState) &priority=-5 + { + rule_timeout_impl(r, i, p); + } + +event rule_error(r: Rule, p: PluginState, msg: string &default="") &priority=-5 + { + rule_error_impl(r, p, msg); + } + diff --git a/scripts/base/frameworks/netcontrol/plugins/acld.bro b/scripts/base/frameworks/netcontrol/plugins/acld.bro index 9b393f6bf9..779c3eabd0 100644 --- a/scripts/base/frameworks/netcontrol/plugins/acld.bro +++ b/scripts/base/frameworks/netcontrol/plugins/acld.bro @@ -99,7 +99,7 @@ event NetControl::acld_rule_error(id: count, r: Rule, msg: string) function acld_name(p: PluginState) : string { - return fmt("PACF acld plugin - using broker topic %s", p$acld_config$acld_topic); + return fmt("Acld-%s", p$acld_config$acld_topic); } # check that subnet specifies an addr diff --git a/scripts/base/frameworks/netcontrol/plugins/broker.bro b/scripts/base/frameworks/netcontrol/plugins/broker.bro index 959218ca3a..592c112ecc 100644 --- a/scripts/base/frameworks/netcontrol/plugins/broker.bro +++ b/scripts/base/frameworks/netcontrol/plugins/broker.bro @@ -89,7 +89,7 @@ event NetControl::broker_rule_timeout(id: count, r: Rule, i: FlowInfo) function broker_name(p: PluginState) : string { - return fmt("PACF Broker plugin - topic %s", p$broker_topic); + return fmt("Broker-%s", p$broker_topic); } function broker_add_rule_fun(p: PluginState, r: Rule) : bool diff --git a/scripts/base/frameworks/netcontrol/plugins/debug.bro b/scripts/base/frameworks/netcontrol/plugins/debug.bro index 0e42b166c0..015b7083fc 100644 --- a/scripts/base/frameworks/netcontrol/plugins/debug.bro +++ b/scripts/base/frameworks/netcontrol/plugins/debug.bro @@ -4,7 +4,7 @@ module NetControl; export { - ## Instantiates a debug plugin for the PACF framework. The debug + ## Instantiates a debug plugin for the NetControl framework. The debug ## plugin simply logs the operations it receives. ## ## do_something: If true, the plugin will claim it supports all operations; if diff --git a/scripts/base/frameworks/netcontrol/plugins/openflow.bro b/scripts/base/frameworks/netcontrol/plugins/openflow.bro index a9d3aad2ef..9cdc79b0ea 100644 --- a/scripts/base/frameworks/netcontrol/plugins/openflow.bro +++ b/scripts/base/frameworks/netcontrol/plugins/openflow.bro @@ -41,7 +41,7 @@ export { ## buildup for quite a while if keeping this around... const openflow_flow_timeout = 24hrs &redef; - ## Instantiates an openflow plugin for the PACF framework. + ## Instantiates an openflow plugin for the NetControl framework. global create_openflow: function(controller: OpenFlow::Controller, config: OfConfig &default=[]) : PluginState; } @@ -62,7 +62,7 @@ global of_flows: table[count] of OfTable &create_expire=openflow_flow_timeout; function openflow_name(p: PluginState) : string { - return fmt("Openflow - %s", p$of_controller$describe(p$of_controller$state)); + return fmt("Openflow-%s", p$of_controller$describe(p$of_controller$state)); } function openflow_check_rule(p: PluginState, r: Rule) : bool @@ -256,7 +256,7 @@ function openflow_rule_to_flow_mod(p: PluginState, r: Rule) : OpenFlow::ofp_flow else if ( r$ty == REDIRECT ) { # redirect to port c - flow_mod$actions$out_ports = vector(r$c); + flow_mod$actions$out_ports = vector(r$out_port); } else { diff --git a/scripts/base/frameworks/netcontrol/plugins/packetfilter.bro b/scripts/base/frameworks/netcontrol/plugins/packetfilter.bro index 2c532e4009..d3fae6c8c7 100644 --- a/scripts/base/frameworks/netcontrol/plugins/packetfilter.bro +++ b/scripts/base/frameworks/netcontrol/plugins/packetfilter.bro @@ -1,4 +1,4 @@ -# PACF plugin for the PacketFilter handling that comes with +# NetControl plugin for the PacketFilter handling that comes with # Bro. Since the PacketFilter in Bro is quite limited in scope # and can only add/remove filters for addresses, this is quite # limited in scope at the moment. @@ -67,7 +67,7 @@ function packetfilter_remove_rule(p: PluginState, r: Rule) : bool { if ( ! packetfilter_check_rule(r) ) return F; - + local e = r$entity; if ( e$ty == ADDRESS ) { @@ -92,7 +92,7 @@ function packetfilter_remove_rule(p: PluginState, r: Rule) : bool function packetfilter_name(p: PluginState) : string { - return "PACF plugin for the Bro packetfilter"; + return "Packetfilter"; } global packetfilter_plugin = Plugin( diff --git a/scripts/base/frameworks/netcontrol/types.bro b/scripts/base/frameworks/netcontrol/types.bro index cb130c291b..a593c59f22 100644 --- a/scripts/base/frameworks/netcontrol/types.bro +++ b/scripts/base/frameworks/netcontrol/types.bro @@ -89,10 +89,7 @@ export { priority: int &default=default_priority; ##< Priority if multiple rules match an entity (larger value is higher priority). location: string &optional; ##< Optional string describing where/what installed the rule. - c: count &optional; ##< Argument for rule types requiring an count argument. - i: int &optional; ##< Argument for rule types requiring an integer argument. - d: double &optional; ##< Argument for rule types requiring a double argument. - s: string &optional; ##< Argument for rule types requiring a string argument. + out_port: count &optional; ##< Argument for bro:id:`REDIRECT` rules. mod: FlowMod &optional; ##< Argument for :bro:id:`MODIFY` rules. id: string &default=""; ##< Internally determined unique ID for this rule. Will be set when added. diff --git a/scripts/base/frameworks/openflow/plugins/broker.bro b/scripts/base/frameworks/openflow/plugins/broker.bro index cd7b9fecd9..dcb3d7d5a2 100644 --- a/scripts/base/frameworks/openflow/plugins/broker.bro +++ b/scripts/base/frameworks/openflow/plugins/broker.bro @@ -38,7 +38,7 @@ export { function broker_describe(state: ControllerState): string { - return fmt("Broker Plugin - %s:%d - DPID: %d", state$broker_host, state$broker_port, state$broker_dpid); + return fmt("Broker-%s:%d-%d", state$broker_host, state$broker_port, state$broker_dpid); } function broker_flow_mod_fun(state: ControllerState, match: ofp_match, flow_mod: OpenFlow::ofp_flow_mod): bool diff --git a/scripts/base/frameworks/openflow/plugins/log.bro b/scripts/base/frameworks/openflow/plugins/log.bro index 5a50168a01..79cbce5fc9 100644 --- a/scripts/base/frameworks/openflow/plugins/log.bro +++ b/scripts/base/frameworks/openflow/plugins/log.bro @@ -62,7 +62,7 @@ function log_flow_mod(state: ControllerState, match: ofp_match, flow_mod: OpenFl function log_describe(state: ControllerState): string { - return fmt("OpenFlog Log Plugin - DPID %d", state$log_dpid); + return fmt("Log-%d", state$log_dpid); } function log_new(dpid: count, success_event: bool &default=T): OpenFlow::Controller diff --git a/scripts/base/frameworks/openflow/plugins/ryu.bro b/scripts/base/frameworks/openflow/plugins/ryu.bro index e6c5309bef..8b0d368683 100644 --- a/scripts/base/frameworks/openflow/plugins/ryu.bro +++ b/scripts/base/frameworks/openflow/plugins/ryu.bro @@ -173,7 +173,7 @@ function ryu_flow_clear(state: OpenFlow::ControllerState): bool function ryu_describe(state: ControllerState): string { - return fmt("Ryu Plugin - http://%s:%d - DPID: %d", state$ryu_host, state$ryu_port, state$ryu_dpid); + return fmt("Ryu-%d-http://%s:%d", state$ryu_dpid, state$ryu_host, state$ryu_port); } # Ryu controller constructor diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/recv.recv.out b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/recv.recv.out index db2859c4b5..f17d8fad9f 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/recv.recv.out +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/recv.recv.out @@ -1,7 +1,7 @@ BrokerComm::incoming_connection_established -add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=, dst_h=74.53.140.153/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1], [command=blockhosthost, cookie=2, arg=10.10.1.4 74.53.140.153, comment=here] -add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1], [command=droptcpport, cookie=3, arg=25, comment=here] -add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1], [command=drop, cookie=4, arg=10.10.1.4/32, comment=] -remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=, dst_h=74.53.140.153/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1], [command=restorehosthost, cookie=2, arg=10.10.1.4 74.53.140.153, comment=here] -remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1], [command=restoretcpport, cookie=3, arg=25, comment=here] -remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1], [command=restore, cookie=4, arg=10.10.1.4/32, comment=] +add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.18.50/32, src_p=, dst_h=74.125.239.97/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, out_port=, mod=, id=2, cid=2, _plugin_id=1], [command=blockhosthost, cookie=2, arg=192.168.18.50 74.125.239.97, comment=here] +add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=443/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=there, out_port=, mod=, id=3, cid=3, _plugin_id=1], [command=droptcpport, cookie=3, arg=443, comment=there] +add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=4, cid=4, _plugin_id=1], [command=drop, cookie=4, arg=192.168.18.50/32, comment=] +remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.18.50/32, src_p=, dst_h=74.125.239.97/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, out_port=, mod=, id=2, cid=2, _plugin_id=1], [command=restorehosthost, cookie=2, arg=192.168.18.50 74.125.239.97, comment=here] +remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=443/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=there, out_port=, mod=, id=3, cid=3, _plugin_id=1], [command=restoretcpport, cookie=3, arg=443, comment=there] +remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=4, cid=4, _plugin_id=1], [command=restore, cookie=4, arg=192.168.18.50/32, comment=] diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/send.send.out b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/send.send.out index b823dd0aee..edb28710a4 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/send.send.out +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/send.send.out @@ -1,7 +1,7 @@ BrokerComm::outgoing_connection_established, 127.0.0.1, 9999/tcp -rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=, dst_h=74.53.140.153/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1] -rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=, dst_h=74.53.140.153/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1] +rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.18.50/32, src_p=, dst_h=74.125.239.97/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, out_port=, mod=, id=2, cid=2, _plugin_id=1] +rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=443/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=there, out_port=, mod=, id=3, cid=3, _plugin_id=1] +rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=4, cid=4, _plugin_id=1] +rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.18.50/32, src_p=, dst_h=74.125.239.97/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=here, out_port=, mod=, id=2, cid=2, _plugin_id=1] +rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=443/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=there, out_port=, mod=, id=3, cid=3, _plugin_id=1] +rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=4, cid=4, _plugin_id=1] diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/manager-1.netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/manager-1.netcontrol.log index 2007630489..fe29252480 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/manager-1.netcontrol.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/manager-1.netcontrol.log @@ -3,30 +3,24 @@ #empty_field (empty) #unset_field - #path netcontrol -#open 2015-07-08-19-33-09 -#fields ts category cmd state action target entity_type entity msg location plugin -#types time enum string enum string enum string string string string string -1436383989.876677 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All -1436383992.255152 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436383992.255152 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436383992.255152 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436383992.255152 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436383994.376366 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436383994.376366 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436383994.376366 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436383994.376366 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436383991.768500 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436383991.768500 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436383993.849722 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436383993.849722 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436383993.813850 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436383993.813850 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -#close 2015-07-08-19-33-22 +#open 2016-02-12-00-47-14 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +1455238034.228329 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All +1455238036.276570 worker-1:2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1455238036.276570 worker-1:3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238036.276570 worker-1:2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1455238036.276570 worker-1:3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238038.340995 worker-2:2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1455238038.340995 worker-2:3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238038.340995 worker-2:2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1455238038.340995 worker-2:3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238038.865312 worker-1:3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238038.865312 worker-2:3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238038.865312 worker-1:2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1455238038.865312 worker-2:2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1455238038.865312 worker-1:3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238038.865312 worker-2:3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1455238038.865312 worker-1:2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1455238038.865312 worker-2:2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +#close 2016-02-12-00-47-18 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-1..stdout b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-1..stdout deleted file mode 100644 index 52871d66f0..0000000000 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-1..stdout +++ /dev/null @@ -1,4 +0,0 @@ -Rule added, worker-1:2, 2 -Rule added, worker-1:3, 3 -Rule added, worker-2:2, 4 -Rule added, worker-2:3, 5 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-2..stdout b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-2..stdout deleted file mode 100644 index 938eac9557..0000000000 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-2..stdout +++ /dev/null @@ -1,2 +0,0 @@ -Rule added, worker-2:2, 4 -Rule added, worker-2:3, 5 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/.stdout b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/.stdout index 0964f600f4..4322b62392 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/.stdout +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/.stdout @@ -1,9 +1,21 @@ netcontrol debug (Debug-All): init -netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=15.0 secs, priority=0, location=, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -netcontrol debug (Debug-All): add_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=15.0 secs, priority=5, location=, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1] -netcontrol debug (Debug-All): add_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, c=5, i=, d=, s=, mod=, id=5, cid=5, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=15.0 secs, priority=5, location=, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=15.0 secs, priority=0, location=, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, c=5, i=, d=, s=, mod=, id=5, cid=5, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=1.1.2.2/32, mac=], expire=15.0 secs, priority=0, location=Hi there, out_port=, mod=, id=3, cid=3, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=1.2.3.4/32, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=, id=4, cid=4, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, out_port=5, mod=, id=5, cid=5, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=127.0.0.2/32, src_p=, dst_h=, dst_p=, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=0, location=, out_port=, mod=, id=6, cid=6, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=127.0.0.2/32, src_p=, dst_h=8.8.8.8/32, dst_p=53/udp, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=[src_h=, src_p=, dst_h=127.0.0.3, dst_p=, src_m=, dst_m=, redirect_port=], id=7, cid=7, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=8.8.8.8/32, src_p=53/udp, dst_h=127.0.0.2/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=[src_h=8.8.8.8, src_p=, dst_h=, dst_p=, src_m=, dst_m=, redirect_port=], id=8, cid=8, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=127.0.0.2/32, src_p=, dst_h=127.0.0.3/32, dst_p=80/tcp, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=, id=9, cid=9, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::MAC, conn=, flow=, ip=, mac=FF:FF:FF:FF:FF:FF], expire=15.0 secs, priority=0, location=, out_port=, mod=, id=10, cid=10, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=, src_m=FF:FF:FF:FF:FF:FF, dst_m=], ip=, mac=], expire=15.0 secs, priority=0, location=, out_port=, mod=, id=11, cid=11, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=127.0.0.2/32, src_p=, dst_h=8.8.8.8/32, dst_p=53/udp, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=[src_h=, src_p=, dst_h=127.0.0.3, dst_p=, src_m=, dst_m=, redirect_port=], id=7, cid=7, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=8.8.8.8/32, src_p=53/udp, dst_h=127.0.0.2/32, dst_p=, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=[src_h=8.8.8.8, src_p=, dst_h=, dst_p=, src_m=, dst_m=, redirect_port=], id=8, cid=8, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=1.1.2.2/32, mac=], expire=15.0 secs, priority=0, location=Hi there, out_port=, mod=, id=3, cid=3, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=127.0.0.2/32, src_p=, dst_h=127.0.0.3/32, dst_p=80/tcp, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=, id=9, cid=9, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=, src_p=, dst_h=, dst_p=, src_m=FF:FF:FF:FF:FF:FF, dst_m=], ip=, mac=], expire=15.0 secs, priority=0, location=, out_port=, mod=, id=11, cid=11, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=127.0.0.2/32, src_p=, dst_h=, dst_p=, src_m=, dst_m=], ip=, mac=], expire=15.0 secs, priority=0, location=, out_port=, mod=, id=6, cid=6, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::MAC, conn=, flow=, ip=, mac=FF:FF:FF:FF:FF:FF], expire=15.0 secs, priority=0, location=, out_port=, mod=, id=10, cid=10, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=1.2.3.4/32, mac=], expire=15.0 secs, priority=5, location=, out_port=, mod=, id=4, cid=4, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, out_port=5, mod=, id=5, cid=5, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=, dst_m=], ip=, mac=], expire=30.0 secs, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/netcontrol.log index 379eb0845b..ebeb4a59ee 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/netcontrol.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/netcontrol.log @@ -2,25 +2,49 @@ #set_separator , #empty_field (empty) #unset_field - -#path pacf -#open 2015-06-01-22-57-07 -#fields ts category cmd state action target entity_type entity msg location plugin -#types time enum string enum string enum string string string string string -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -#close 2015-06-01-22-57-07 +#path netcontrol +#open 2016-02-12-00-21-34 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +1455236494.855016 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All +1455236494.855016 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All +1455236494.855016 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All +1455236494.855016 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All +1455236494.855016 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All +1455236494.855016 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All +1455236494.855016 7 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 8 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 9 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All +1455236494.855016 10 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All +1455236494.855016 11 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All +1455236494.855016 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All +1455236494.855016 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All +1455236494.855016 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All +1455236494.855016 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All +1455236494.855016 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All +1455236494.855016 7 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 8 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 9 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All +1455236494.855016 10 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All +1455236494.855016 11 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All +1455236494.855016 7 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 8 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All +1455236494.855016 9 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All +1455236494.855016 11 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All +1455236494.855016 6 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All +1455236494.855016 10 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All +1455236494.855016 4 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All +1455236494.855016 5 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All +1455236494.855016 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All +1455236494.855016 7 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 8 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All +1455236494.855016 3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All +1455236494.855016 9 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All +1455236494.855016 11 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All +1455236494.855016 6 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All +1455236494.855016 10 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All +1455236494.855016 4 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All +1455236494.855016 5 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All +1455236494.855016 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All +#close 2016-02-12-00-21-34 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/recv.recv.out b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/recv.recv.out index 1d97db6024..c6d61a3a14 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/recv.recv.out +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/recv.recv.out @@ -1,5 +1,5 @@ BrokerComm::incoming_connection_established -add_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -remove_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] +add_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] +add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=3, cid=3, _plugin_id=1] +remove_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] +remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=3, cid=3, _plugin_id=1] diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.netcontrol.log new file mode 100644 index 0000000000..a44788e7b1 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.netcontrol.log @@ -0,0 +1,20 @@ +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path netcontrol +#open 2016-02-12-03-43-39 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Broker-bro/event/netcontroltest +1455248619.521854 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521854 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 2 NetControl::RULE EXPIRE NetControl::TIMEOUT NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 2 NetControl::ERROR - - NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - Removal of non-existing rule 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 3 NetControl::RULE EXPIRE NetControl::TIMEOUT NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest +1455248619.521886 3 NetControl::ERROR - - NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Removal of non-existing rule 0 36000.000000 - Broker-bro/event/netcontroltest +#close 2016-02-12-03-43-39 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.send.out b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.send.out index 826819877b..65f523ea94 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.send.out +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.send.out @@ -1,7 +1,7 @@ BrokerComm::outgoing_connection_established, 127.0.0.1, 9999/tcp -rule added, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -rule timeout, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1], [duration=, packet_count=, byte_count=] -rule removed, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -rule timeout, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1], [duration=, packet_count=, byte_count=] -rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] +rule added, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] +rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=3, cid=3, _plugin_id=1] +rule timeout, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1], [duration=, packet_count=, byte_count=] +rule removed, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=, dst_m=], ip=, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] +rule timeout, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=3, cid=3, _plugin_id=1], [duration=, packet_count=, byte_count=] +rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=36000.0, priority=0, location=, out_port=, mod=, id=3, cid=3, _plugin_id=1] diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/.stdout b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/.stdout index 2570a5edc1..17c390799f 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/.stdout +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/.stdout @@ -1,11 +1,11 @@ netcontrol debug (Debug-All): init -netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=10.0 mins, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1] -netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=5, cid=5, _plugin_id=1] -netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=6, cid=6, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=10.0 mins, priority=0, location=, c=, i=, d=, s=, mod=, id=2, cid=2, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=3, cid=3, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=4, cid=4, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=6, cid=6, _plugin_id=1] -netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=10.10.1.4/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=, i=, d=, s=, mod=, id=5, cid=5, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=10.0 mins, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=3, cid=3, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=4, cid=4, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=5, cid=5, _plugin_id=1] +netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=6, cid=6, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=10.0 mins, priority=0, location=, out_port=, mod=, id=2, cid=2, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=3, cid=3, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=4, cid=4, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=6, cid=6, _plugin_id=1] +netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=, flow=, ip=192.168.18.50/32, mac=], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=, mod=, id=5, cid=5, _plugin_id=1] diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/netcontrol.log index dff4c85769..ceb8f0e3c4 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/netcontrol.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/netcontrol.log @@ -2,29 +2,29 @@ #set_separator , #empty_field (empty) #unset_field - -#path pacf -#open 2015-06-02-22-02-42 -#fields ts category cmd state action target entity_type entity msg location plugin -#types time enum string enum string enum string string string string string -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All -#close 2015-06-02-22-02-42 +#path netcontrol +#open 2016-02-12-03-24-03 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All +1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All +1398529018.678276 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All +1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All +1398529018.678276 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +1398529018.678276 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All +1398529018.678276 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All +1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All +1398529018.678276 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +1398529018.678276 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All +1398529020.164464 3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 4 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 6 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 5 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All +1398529020.164464 3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 4 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 6 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +1398529020.164464 5 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All +#close 2016-02-12-03-24-03 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.hook/netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.hook/netcontrol.log index 2f39a2623f..e98ec69983 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.hook/netcontrol.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.hook/netcontrol.log @@ -3,16 +3,16 @@ #empty_field (empty) #unset_field - #path netcontrol -#open 2015-07-08-19-33-47 -#fields ts category cmd state action target entity_type entity msg location plugin -#types time enum string enum string enum string string string string string -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All -#close 2015-07-08-19-33-48 +#open 2016-02-12-03-22-09 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All +1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1398529018.678276 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1398529018.678276 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529020.164464 5 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529020.164464 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1398529020.164464 5 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529020.164464 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +#close 2016-02-12-03-22-09 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.multiple/netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.multiple/netcontrol.log index f2d13a8251..40e6c0e82d 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.multiple/netcontrol.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.multiple/netcontrol.log @@ -2,35 +2,35 @@ #set_separator , #empty_field (empty) #unset_field - -#path pacf -#open 2015-06-02-19-34-04 -#fields ts category cmd state action target entity_type entity msg location plugin -#types time enum string enum string enum string string string string string -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 10 - Debug-All -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 10 - Openflow - OpenFlog Log Plugin - DPID 42 -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All -#close 2015-06-02-19-34-04 +#path netcontrol +#open 2016-02-12-03-43-55 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 10 - - - Debug-All +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 10 - - - Openflow-Log-42 +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All +1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Openflow-Log-42 +1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Openflow-Log-42 +1398529018.678276 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All +1398529018.678276 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Openflow-Log-42 +1398529018.678276 8 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529018.678276 8 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Openflow-Log-42 +1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1398529018.678276 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All +1398529018.678276 8 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Openflow-Log-42 +1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Openflow-Log-42 +1398529018.678276 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Openflow-Log-42 +1398529018.678276 8 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Openflow-Log-42 +1398529020.164464 4 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1398529020.164464 6 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All +1398529020.164464 8 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529020.164464 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +1398529020.164464 4 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All +1398529020.164464 6 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All +1398529020.164464 8 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All +1398529020.164464 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All +#close 2016-02-12-03-43-55 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.openflow/netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.openflow/netcontrol.log index bd774345d9..c31024e8d9 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.openflow/netcontrol.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.openflow/netcontrol.log @@ -3,20 +3,20 @@ #empty_field (empty) #unset_field - #path netcontrol -#open 2016-02-11-21-07-34 -#fields ts category cmd state action target entity_type entity msg location plugin -#types time enum string enum string enum string string string string string -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831787.861602 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831787.861602 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831787.861602 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831787.861602 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831799.610433 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831799.610433 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831799.610433 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1437831799.610433 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -#close 2016-02-11-21-07-34 +#open 2016-02-12-03-44-04 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Openflow-Log-42 +1254722767.875996 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 30.000000 - Openflow-Log-42 +1254722767.875996 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 15.000000 - Openflow-Log-42 +1254722767.875996 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 30.000000 - Openflow-Log-42 +1254722767.875996 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 15.000000 - Openflow-Log-42 +1437831787.861602 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - - 0 30.000000 - Openflow-Log-42 +1437831787.861602 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42 +1437831787.861602 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - - 0 30.000000 - Openflow-Log-42 +1437831787.861602 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42 +1437831799.610433 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - - 0 30.000000 - Openflow-Log-42 +1437831799.610433 7 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42 +1437831799.610433 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - - 0 30.000000 - Openflow-Log-42 +1437831799.610433 7 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42 +#close 2016-02-12-03-44-04 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.packetfilter/conn.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.packetfilter/conn.log index 1f51ecc2fd..f4674275e9 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.packetfilter/conn.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.packetfilter/conn.log @@ -3,10 +3,12 @@ #empty_field (empty) #unset_field - #path conn -#open 2015-05-12-22-11-25 +#open 2016-02-12-03-18-52 #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents #types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] 1254722767.492060 CXWv6p3arKYeMETxOg 10.10.1.4 56166 10.10.1.1 53 udp dns 0.034025 34 100 SF - - 0 Dd 1 62 1 128 (empty) -1254722767.529046 CjhGID4nQcgTWjvg4c 10.10.1.4 1470 74.53.140.153 25 tcp - 0.346950 0 0 S1 - - 0 Sh 1 48 1 48 (empty) 1254722776.690444 CCvvfg3TEfuqmmG4bh 10.10.1.20 138 10.10.1.255 138 udp - - - - S0 - - 0 D 1 229 0 0 (empty) -#close 2015-05-12-22-11-25 +1254722767.529046 CjhGID4nQcgTWjvg4c 10.10.1.4 1470 74.53.140.153 25 tcp - 0.346950 0 0 S1 - - 0 Sh 1 48 1 48 (empty) +1437831787.856895 CRJuHdVW0XPVINV8a 192.168.133.100 49648 192.168.133.102 25 tcp - 0.004707 0 0 S1 - - 0 Sh 1 64 1 60 (empty) +1437831776.764391 CsRx2w45OKnoww6xl4 192.168.133.100 49285 66.196.121.26 5050 tcp - 0.343008 41 0 OTH - - 0 Da 1 93 1 52 (empty) +#close 2016-02-12-03-18-52 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/netcontrol.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/netcontrol.log index 74f45e41ec..2a68c2a4b3 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/netcontrol.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/netcontrol.log @@ -3,16 +3,16 @@ #empty_field (empty) #unset_field - #path netcontrol -#open 2015-07-08-19-33-55 -#fields ts category cmd state action target entity_type entity msg location plugin -#types time enum string enum string enum string string string string string -0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->*/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->8.8.8.8/32/53 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->10.10.1.4/32/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->192.169.18.1/32/80 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->*/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->8.8.8.8/32/53 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->10.10.1.4/32/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->192.169.18.1/32/80 - (empty) Openflow - OpenFlog Log Plugin - DPID 42 -#close 2015-07-08-19-33-55 +#open 2016-02-12-03-44-17 +#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin +#types time string enum string enum string enum string string string string int interval string string +0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Openflow-Log-42 +1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->*/* - - 0 36000.000000 - Openflow-Log-42 +1398529018.678276 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 192.169.18.1/_ (_) - 5 36000.000000 - Openflow-Log-42 +1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->192.168.18.50/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 36000.000000 - Openflow-Log-42 +1398529018.678276 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->192.169.18.1/32/80 - - 5 36000.000000 - Openflow-Log-42 +1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->*/* - - 0 36000.000000 - Openflow-Log-42 +1398529018.678276 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 192.169.18.1/_ (_) - 5 36000.000000 - Openflow-Log-42 +1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->192.168.18.50/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 36000.000000 - Openflow-Log-42 +1398529018.678276 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->192.169.18.1/32/80 - - 5 36000.000000 - Openflow-Log-42 +#close 2016-02-12-03-44-17 diff --git a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/openflow.log b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/openflow.log index 1b4081a31d..64d6cabaf5 100644 --- a/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/openflow.log +++ b/testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/openflow.log @@ -3,11 +3,11 @@ #empty_field (empty) #unset_field - #path openflow -#open 2015-06-04-23-21-03 +#open 2016-02-12-03-28-52 #fields ts dpid match.in_port match.dl_src match.dl_dst match.dl_vlan match.dl_vlan_pcp match.dl_type match.nw_tos match.nw_proto match.nw_src match.nw_dst match.tp_src match.tp_dst flow_mod.cookie flow_mod.table_id flow_mod.command flow_mod.idle_timeout flow_mod.hard_timeout flow_mod.priority flow_mod.out_port flow_mod.out_group flow_mod.flags flow_mod.actions.out_ports flow_mod.actions.vlan_vid flow_mod.actions.vlan_pcp flow_mod.actions.vlan_strip flow_mod.actions.dl_src flow_mod.actions.dl_dst flow_mod.actions.nw_tos flow_mod.actions.nw_src flow_mod.actions.nw_dst flow_mod.actions.tp_src flow_mod.actions.tp_dst #types time count count string string count count count count count subnet subnet count count count count enum count count count count count count vector[count] count count bool string string count addr addr count count -1254722767.875996 42 - - - - - 2048 - - 10.10.1.4/32 - - - 4398046511108 - OpenFlow::OFPFC_ADD 0 36000 0 - - 1 (empty) - - F - - - - - - - -1254722767.875996 42 - - - - - 2048 - 17 10.10.1.4/32 8.8.8.8/32 - 53 4398046511110 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - 192.169.18.1 - - -1254722767.875996 42 - - - - - 2048 - 17 8.8.8.8/32 10.10.1.4/32 53 - 4398046511112 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - 8.8.8.8 - - - -1254722767.875996 42 - - - - - 2048 - 6 10.10.1.4/32 192.169.18.1/32 - 80 4398046511114 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - - - - -#close 2015-06-04-23-21-03 +1398529018.678276 42 - - - - - 2048 - - 192.168.18.50/32 - - - 4398046511108 - OpenFlow::OFPFC_ADD 0 36000 0 - - 1 (empty) - - F - - - - - - - +1398529018.678276 42 - - - - - 2048 - 17 192.168.18.50/32 8.8.8.8/32 - 53 4398046511110 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - 192.169.18.1 - - +1398529018.678276 42 - - - - - 2048 - 17 8.8.8.8/32 192.168.18.50/32 53 - 4398046511112 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - 8.8.8.8 - - - +1398529018.678276 42 - - - - - 2048 - 6 192.168.18.50/32 192.169.18.1/32 - 80 4398046511114 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - - - - +#close 2016-02-12-03-28-52 diff --git a/testing/btest/scripts/base/frameworks/netcontrol/acld.bro b/testing/btest/scripts/base/frameworks/netcontrol/acld.bro index c6aabfd2a2..d799b36d30 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/acld.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/acld.bro @@ -1,7 +1,7 @@ # @TEST-SERIALIZE: brokercomm # @TEST-REQUIRES: grep -q ENABLE_BROKER $BUILD/CMakeCache.txt # @TEST-EXEC: btest-bg-run recv "bro -b ../recv.bro broker_port=$BROKER_PORT >recv.out" -# @TEST-EXEC: btest-bg-run send "bro -b -r $TRACES/smtp.trace --pseudo-realtime ../send.bro broker_port=$BROKER_PORT >send.out" +# @TEST-EXEC: btest-bg-run send "bro -b -r $TRACES/tls/ecdhe.pcap --pseudo-realtime ../send.bro broker_port=$BROKER_PORT >send.out" # @TEST-EXEC: btest-bg-wait 20 # @TEST-EXEC: btest-diff recv/recv.out @@ -50,7 +50,7 @@ event connection_established(c: connection) $dst_p=c$id$resp_p ); local e2: NetControl::Entity = [$ty=NetControl::FLOW, $flow=flow2]; - local r2: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e2, $expire=10hrs, $location="here"]; + local r2: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e2, $expire=10hrs, $location="there"]; NetControl::add_rule(r1); NetControl::add_rule(r2); diff --git a/testing/btest/scripts/base/frameworks/netcontrol/basic-cluster.bro b/testing/btest/scripts/base/frameworks/netcontrol/basic-cluster.bro index 3047416bac..df275307ee 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/basic-cluster.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/basic-cluster.bro @@ -2,13 +2,11 @@ # # @TEST-EXEC: btest-bg-run manager-1 "cp ../cluster-layout.bro . && CLUSTER_NODE=manager-1 bro %INPUT" # @TEST-EXEC: sleep 1 -# @TEST-EXEC: btest-bg-run worker-1 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-1 bro --pseudo-realtime -C -r $TRACES/smtp.trace %INPUT" +# @TEST-EXEC: btest-bg-run worker-1 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-1 bro --pseudo-realtime -C -r $TRACES/tls/ecdhe.pcap %INPUT" # @TEST-EXEC: sleep 1 -# @TEST-EXEC: btest-bg-run worker-2 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-2 bro --pseudo-realtime -C -r $TRACES/smtp.trace %INPUT" +# @TEST-EXEC: btest-bg-run worker-2 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-2 bro --pseudo-realtime -C -r $TRACES/tls/ecdhe.pcap %INPUT" # @TEST-EXEC: btest-bg-wait 20 # @TEST-EXEC: btest-diff manager-1/netcontrol.log -# @TEST-EXEC: btest-diff worker-1/.stdout -# @TEST-EXEC: btest-diff worker-2/.stdout @TEST-START-FILE cluster-layout.bro redef Cluster::nodes = { diff --git a/testing/btest/scripts/base/frameworks/netcontrol/basic.bro b/testing/btest/scripts/base/frameworks/netcontrol/basic.bro index f1f63b3d99..c32cb1d7c6 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/basic.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/basic.bro @@ -1,6 +1,6 @@ -# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT -# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff netcontrol.log -# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff .stdout +# @TEST-EXEC: bro %INPUT +# @TEST-EXEC: btest-diff netcontrol.log +# @TEST-EXEC: btest-diff .stdout @load base/frameworks/netcontrol @@ -10,11 +10,33 @@ event bro_init() NetControl::activate(netcontrol_debug, 0); } -event connection_established(c: connection) +function test_mac_flow() { - local id = c$id; - NetControl::shunt_flow([$src_h=id$orig_h, $src_p=id$orig_p, $dst_h=id$resp_h, $dst_p=id$resp_p], 30sec); - NetControl::drop_address(id$orig_h, 15sec); - NetControl::whitelist_address(id$orig_h, 15sec); - NetControl::redirect_flow([$src_h=id$orig_h, $src_p=id$orig_p, $dst_h=id$resp_h, $dst_p=id$resp_p], 5, 30sec); + local flow = NetControl::Flow( + $src_m = "FF:FF:FF:FF:FF:FF" + ); + local e: NetControl::Entity = [$ty=NetControl::FLOW, $flow=flow]; + local r: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e, $expire=15sec]; + + NetControl::add_rule(r); } + +function test_mac() + { + local e: NetControl::Entity = [$ty=NetControl::MAC, $mac="FF:FF:FF:FF:FF:FF"]; + local r: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e, $expire=15sec]; + + NetControl::add_rule(r); + } + +event bro_init() &priority=-5 + { + NetControl::shunt_flow([$src_h=192.168.17.1, $src_p=32/tcp, $dst_h=192.168.17.2, $dst_p=32/tcp], 30sec); + NetControl::drop_address(1.1.2.2, 15sec, "Hi there"); + NetControl::whitelist_address(1.2.3.4, 15sec); + NetControl::redirect_flow([$src_h=192.168.17.1, $src_p=32/tcp, $dst_h=192.168.17.2, $dst_p=32/tcp], 5, 30sec); + NetControl::quarantine_host(127.0.0.2, 8.8.8.8, 127.0.0.3, 15sec); + test_mac(); + test_mac_flow(); + } + diff --git a/testing/btest/scripts/base/frameworks/netcontrol/broker.bro b/testing/btest/scripts/base/frameworks/netcontrol/broker.bro index f675a0fd13..7546977344 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/broker.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/broker.bro @@ -4,6 +4,7 @@ # @TEST-EXEC: btest-bg-run send "bro -b -r $TRACES/smtp.trace --pseudo-realtime ../send.bro broker_port=$BROKER_PORT >send.out" # @TEST-EXEC: btest-bg-wait 20 +# @TEST-EXEC: btest-diff send/netcontrol.log # @TEST-EXEC: btest-diff recv/recv.out # @TEST-EXEC: btest-diff send/send.out diff --git a/testing/btest/scripts/base/frameworks/netcontrol/catch-and-release.bro b/testing/btest/scripts/base/frameworks/netcontrol/catch-and-release.bro index e5ce73410f..318d87803f 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/catch-and-release.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/catch-and-release.bro @@ -1,4 +1,4 @@ -# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT +# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff netcontrol.log # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff .stdout diff --git a/testing/btest/scripts/base/frameworks/netcontrol/hook.bro b/testing/btest/scripts/base/frameworks/netcontrol/hook.bro index d859f8a089..5ad0fe85e8 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/hook.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/hook.bro @@ -1,4 +1,4 @@ -# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT +# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT # @TEST-EXEC: btest-diff netcontrol.log @load base/frameworks/netcontrol diff --git a/testing/btest/scripts/base/frameworks/netcontrol/multiple.bro b/testing/btest/scripts/base/frameworks/netcontrol/multiple.bro index d8676c07ab..c2d209ca38 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/multiple.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/multiple.bro @@ -1,4 +1,4 @@ -# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT +# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT # @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff netcontrol.log @load base/frameworks/netcontrol diff --git a/testing/btest/scripts/base/frameworks/netcontrol/quarantine-openflow.bro b/testing/btest/scripts/base/frameworks/netcontrol/quarantine-openflow.bro index ced53f441e..d9fb1fd62c 100644 --- a/testing/btest/scripts/base/frameworks/netcontrol/quarantine-openflow.bro +++ b/testing/btest/scripts/base/frameworks/netcontrol/quarantine-openflow.bro @@ -1,4 +1,4 @@ -# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT +# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT # @TEST-EXEC: btest-diff netcontrol.log # @TEST-EXEC: btest-diff openflow.log