Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Extend NetControl logging and fix bugs.

Browse source 
Netcontrol log now includes more information; before that, it had not
quite caught up to the new capabilities (like flow modifying and
redirection, as well as mac addresses).

Furthermore, this fixes a number of bugs with cluster mode (like
duplicate events), test failures due to updates in Bro, etc.
This commit is contained in:
Johanna Amann 2016-02-11 19:45:30 -08:00
parent 9f3c0c9bb4
commit a38327bd08
38 changed files with 466 additions and 267 deletions
Download patch file Download diff file Expand all files Collapse all files

31
scripts/base/frameworks/netcontrol/cluster.bro
View file

@ -64,3 +64,34 @@ event NetControl::cluster_netcontrol_remove_rule(id: string)
remove_rule_impl(id);
}
@endif
@if ( Cluster::local_node_type() == Cluster::MANAGER )
event rule_expire(r: Rule, p: PluginState) &priority=-5
{
rule_expire_impl(r, p);
}
event rule_added(r: Rule, p: PluginState, msg: string &default="") &priority=5
{
rule_added_impl(r, p, msg);
if ( r?$expire && ! p$plugin$can_expire )
schedule r$expire { rule_expire(r, p) };
}
event rule_removed(r: Rule, p: PluginState, msg: string &default="") &priority=-5
{
rule_removed_impl(r, p, msg);
}
event rule_timeout(r: Rule, i: FlowInfo, p: PluginState) &priority=-5
{
rule_timeout_impl(r, i, p);
}
event rule_error(r: Rule, p: PluginState, msg: string &default="") &priority=-5
{
rule_error_impl(r, p, msg);
}
@endif

127
scripts/base/frameworks/netcontrol/main.bro
View file

@ -116,7 +116,7 @@ export {
## t: how long to leave the quarantine in place
##
## Returns: Vector of inserted rules on success, empty list on failure.
global quarantine_host: function(infected: addr, dns: addr, quarantine: addr, t: interval, location: string) : vector of string;
global quarantine_host: function(infected: addr, dns: addr, quarantine: addr, t: interval, location: string &default="") : vector of string;
## Flushes all state.
global clear: function();
@ -197,7 +197,7 @@ export {
## r: The rule to be added
global NetControl::rule_policy: hook(r: Rule);
## Type of an entry in the PACF log.
## Type of an entry in the NetControl log.
type InfoCategory: enum {
## A log entry reflecting a framework message.
MESSAGE,
@ -207,7 +207,7 @@ export {
RULE
};
## State of an entry in the PACF log.
## State of an entry in the NetControl log.
type InfoState: enum {
REQUESTED,
SUCCEEDED,
@ -216,10 +216,12 @@ export {
TIMEOUT,
};
## The record type which contains column fields of the PACF log.
## The record type which contains column fields of the NetControl log.
type Info: record {
## Time at which the recorded activity occurred.
ts: time &log;
## ID of the rule; unique during each Bro run
rule_id: string &log &optional;
## Type of the log entry.
category: InfoCategory &log &optional;
## The command the log entry is about.
@ -234,14 +236,24 @@ export {
entity_type: string &log &optional;
## String describing the entity the log entry is about.
entity: string &log &optional;
## String describing the optional modification of the entry (e.h. redirect)
mod: string &log &optional;
## String with an additional message.
msg: string &log &optional;
## Logcation where the underlying action was triggered.
## Number describing the priority of the log entry
priority: int &log &optional;
## Expiry time of the log entry
expire: interval &log &optional;
## Location where the underlying action was triggered.
location: string &log &optional;
## Plugin triggering the log entry.
plugin: string &log &optional;
};
# type ShuntInfo: record {
# ## Time at which the recorded activity occurred.
# ts: time &log;
## Event that can be handled to access the :bro:type:`NetControl::Info`
## record as it is sent on to the logging framework.
global log_netcontrol: event(rec: Info);
@ -262,6 +274,7 @@ global id_to_cids: table[string] of set[count]; # id to cid
event bro_init() &priority=5
{
Log::create_stream(NetControl::LOG, [$columns=Info, $ev=log_netcontrol, $path="netcontrol"]);
# Log::create_stream(NetControl::SHUNT, [$columns=ShuntInfo, $ev=log_netcontrol_shung, $path="netcontrol_shunt"]);
}
function entity_to_info(info: Info, e: Entity)
@ -284,6 +297,8 @@ function entity_to_info(info: Info, e: Entity)
local ffrom_port = "*";
local fto_ip = "*";
local fto_port = "*";
local ffrom_mac = "*";
local fto_mac = "*";
if ( e$flow?$src_h )
ffrom_ip = cat(e$flow$src_h);
if ( e$flow?$src_p )
@ -295,6 +310,15 @@ function entity_to_info(info: Info, e: Entity)
info$entity = fmt("%s/%s->%s/%s",
ffrom_ip, ffrom_port,
fto_ip, fto_port);
if ( e$flow?$src_m || e$flow?$dst_m )
{
if ( e$flow?$src_m )
ffrom_mac = e$flow$src_m;
if ( e$flow?$dst_m )
fto_mac = e$flow$dst_m;
info$entity = fmt("%s (%s->%s)", info$entity, ffrom_mac, fto_mac);
}
break;
case MAC:
@ -311,10 +335,46 @@ function rule_to_info(info: Info, r: Rule)
{
info$action = fmt("%s", r$ty);
info$target = r$target;
info$rule_id = r$id;
info$expire = r$expire;
info$priority = r$priority;
if ( r?$location )
if ( r?$location && r$location != "" )
info$location = r$location;
if ( r$ty == REDIRECT )
info$mod = fmt("-> %d", r$out_port);
if ( r$ty == MODIFY )
{
local mfrom_ip = "_";
local mfrom_port = "_";
local mto_ip = "_";
local mto_port = "_";
local mfrom_mac = "_";
local mto_mac = "_";
if ( r$mod?$src_h )
mfrom_ip = cat(r$mod$src_h);
if ( r$mod?$src_p )
mfrom_port = fmt("%d", r$mod$src_p);
if ( r$mod?$dst_h )
mto_ip = cat(r$mod$dst_h);
if ( r$mod?$dst_p )
mto_port = fmt("%d", r$mod$dst_p);
if ( r$mod?$src_m )
mfrom_mac = r$mod$src_m;
if ( r$mod?$dst_m )
mto_mac = r$mod$dst_m;
info$mod = fmt("Src: %s/%s (%s) Dst: %s/%s (%s)",
mfrom_ip, mfrom_port, mfrom_mac, mto_ip, mto_port, mto_mac);
if ( r$mod?$redirect_port )
info$mod = fmt("%s -> %d", info$mod, r$mod$redirect_port);
}
entity_to_info(info, r$entity);
}
@ -328,13 +388,15 @@ function log_error(msg: string, p: PluginState)
Log::write(LOG, [$ts=network_time(), $category=ERROR, $msg=msg, $plugin=p$plugin$name(p)]);
}
function log_rule(r: Rule, cmd: string, state: InfoState, p: PluginState)
function log_rule(r: Rule, cmd: string, state: InfoState, p: PluginState, msg: string &default="")
{
local info: Info = [$ts=network_time()];
info$category = RULE;
info$cmd = cmd;
info$state = state;
info$plugin = p$plugin$name(p);
if ( msg != "" )
info$msg = msg;
rule_to_info(info, r);
@ -415,7 +477,7 @@ function redirect_flow(f: flow_id, out_port: count, t: interval, location: strin
$dst_p=f$dst_p
);
local e: Entity = [$ty=FLOW, $flow=flow];
local r: Rule = [$ty=REDIRECT, $target=FORWARD, $entity=e, $expire=t, $location=location, $c=out_port];
local r: Rule = [$ty=REDIRECT, $target=FORWARD, $entity=e, $expire=t, $location=location, $out_port=out_port];
return add_rule(r);
}
@ -559,7 +621,7 @@ function remove_rule_impl(id: string) : bool
return success;
}
event rule_expire(r: Rule, p: PluginState)
function rule_expire_impl(r: Rule, p: PluginState) &priority=-5
{
if ( [r$id,r$cid] !in rules )
# Removed already.
@ -569,41 +631,54 @@ event rule_expire(r: Rule, p: PluginState)
remove_single_rule(r$id, r$cid);
}
event rule_added(r: Rule, p: PluginState, msg: string &default="")
function rule_added_impl(r: Rule, p: PluginState, msg: string &default="")
{
log_rule(r, "ADD", SUCCEEDED, p);
log_rule(r, "ADD", SUCCEEDED, p, msg);
rules[r$id,r$cid] = r;
if ( r$id !in id_to_cids )
id_to_cids[r$id] = set();
add id_to_cids[r$id][r$cid];
if ( r?$expire && ! p$plugin$can_expire )
schedule r$expire { rule_expire(r, p) };
}
event rule_removed(r: Rule, p: PluginState, msg: string &default="")
function rule_removed_impl(r: Rule, p: PluginState, msg: string &default="")
{
if ( [r$id,r$cid] !in rules )
{
log_rule_error(r, "Removal of non-existing rule", p);
return;
}
delete rules[r$id,r$cid];
delete id_to_cids[r$id][r$cid];
if ( |id_to_cids[r$id]| == 0 )
delete id_to_cids[r$id];
log_rule(r, "REMOVE", SUCCEEDED, p, msg);
}
function rule_timeout_impl(r: Rule, i: FlowInfo, p: PluginState)
{
delete rules[r$id,r$cid];
delete id_to_cids[r$id][r$cid];
if ( |id_to_cids[r$id]| == 0 )
delete id_to_cids[r$id];
log_rule(r, "REMOVE", SUCCEEDED, p);
}
event rule_timeout(r: Rule, i: FlowInfo, p: PluginState)
local msg = "";
if ( i?$packet_count )
msg = fmt("Packets: %d", i$packet_count);
if ( i?$byte_count )
{
delete rules[r$id,r$cid];
delete id_to_cids[r$id][r$cid];
if ( |id_to_cids[r$id]| == 0 )
delete id_to_cids[r$id];
log_rule(r, "EXPIRE", TIMEOUT, p);
if ( msg != "" )
msg = msg + " ";
msg = fmt("%sBytes: %s", msg, i$byte_count);
}
event rule_error(r: Rule, p: PluginState, msg: string &default="")
log_rule(r, "EXPIRE", TIMEOUT, p, msg);
}
function rule_error_impl(r: Rule, p: PluginState, msg: string &default="")
{
log_rule_error(r, msg, p);
# errors can occur during deletion. Since this probably means we wo't hear

29
scripts/base/frameworks/netcontrol/non-cluster.bro
View file

@ -16,3 +16,32 @@ function remove_rule(id: string) : bool
{
return remove_rule_impl(id);
}
event rule_expire(r: Rule, p: PluginState) &priority=-5
{
rule_expire_impl(r, p);
}
event rule_added(r: Rule, p: PluginState, msg: string &default="") &priority=5
{
rule_added_impl(r, p, msg);
if ( r?$expire && ! p$plugin$can_expire )
schedule r$expire { rule_expire(r, p) };
}
event rule_removed(r: Rule, p: PluginState, msg: string &default="") &priority=-5
{
rule_removed_impl(r, p, msg);
}
event rule_timeout(r: Rule, i: FlowInfo, p: PluginState) &priority=-5
{
rule_timeout_impl(r, i, p);
}
event rule_error(r: Rule, p: PluginState, msg: string &default="") &priority=-5
{
rule_error_impl(r, p, msg);
}

2
scripts/base/frameworks/netcontrol/plugins/acld.bro
View file

@ -99,7 +99,7 @@ event NetControl::acld_rule_error(id: count, r: Rule, msg: string)
function acld_name(p: PluginState) : string
{
return fmt("PACF acld plugin - using broker topic %s", p$acld_config$acld_topic);
return fmt("Acld-%s", p$acld_config$acld_topic);
}
# check that subnet specifies an addr

2
scripts/base/frameworks/netcontrol/plugins/broker.bro
View file

@ -89,7 +89,7 @@ event NetControl::broker_rule_timeout(id: count, r: Rule, i: FlowInfo)
function broker_name(p: PluginState) : string
{
return fmt("PACF Broker plugin - topic %s", p$broker_topic);
return fmt("Broker-%s", p$broker_topic);
}
function broker_add_rule_fun(p: PluginState, r: Rule) : bool

2
scripts/base/frameworks/netcontrol/plugins/debug.bro
View file

@ -4,7 +4,7 @@
module NetControl;
export {
## Instantiates a debug plugin for the PACF framework. The debug
## Instantiates a debug plugin for the NetControl framework. The debug
## plugin simply logs the operations it receives.
##
## do_something: If true, the plugin will claim it supports all operations; if

4
scripts/base/frameworks/netcontrol/plugins/openflow.bro
View file

@ -41,7 +41,7 @@ export {
## buildup for quite a while if keeping this around...
const openflow_flow_timeout = 24hrs &redef;
## Instantiates an openflow plugin for the PACF framework.
## Instantiates an openflow plugin for the NetControl framework.
global create_openflow: function(controller: OpenFlow::Controller, config: OfConfig &default=[]) : PluginState;
}
@ -256,7 +256,7 @@ function openflow_rule_to_flow_mod(p: PluginState, r: Rule) : OpenFlow::ofp_flow
else if ( r$ty == REDIRECT )
{
# redirect to port c
flow_mod$actions$out_ports = vector(r$c);
flow_mod$actions$out_ports = vector(r$out_port);
}
else
{

4
scripts/base/frameworks/netcontrol/plugins/packetfilter.bro
View file

@ -1,4 +1,4 @@
# PACF plugin for the PacketFilter handling that comes with
# NetControl plugin for the PacketFilter handling that comes with
# Bro. Since the PacketFilter in Bro is quite limited in scope
# and can only add/remove filters for addresses, this is quite
# limited in scope at the moment.
@ -92,7 +92,7 @@ function packetfilter_remove_rule(p: PluginState, r: Rule) : bool
function packetfilter_name(p: PluginState) : string
{
return "PACF plugin for the Bro packetfilter";
return "Packetfilter";
}
global packetfilter_plugin = Plugin(

5
scripts/base/frameworks/netcontrol/types.bro
View file

@ -89,10 +89,7 @@ export {
priority: int &default=default_priority; ##< Priority if multiple rules match an entity (larger value is higher priority).
location: string &optional; ##< Optional string describing where/what installed the rule.
c: count &optional; ##< Argument for rule types requiring an count argument.
i: int &optional; ##< Argument for rule types requiring an integer argument.
d: double &optional; ##< Argument for rule types requiring a double argument.
s: string &optional; ##< Argument for rule types requiring a string argument.
out_port: count &optional; ##< Argument for bro:id:`REDIRECT` rules.
mod: FlowMod &optional; ##< Argument for :bro:id:`MODIFY` rules.
id: string &default=""; ##< Internally determined unique ID for this rule. Will be set when added.

2
scripts/base/frameworks/openflow/plugins/broker.bro
View file

@ -38,7 +38,7 @@ export {
function broker_describe(state: ControllerState): string
{
return fmt("Broker Plugin - %s:%d - DPID: %d", state$broker_host, state$broker_port, state$broker_dpid);
return fmt("Broker-%s:%d-%d", state$broker_host, state$broker_port, state$broker_dpid);
}
function broker_flow_mod_fun(state: ControllerState, match: ofp_match, flow_mod: OpenFlow::ofp_flow_mod): bool

2
scripts/base/frameworks/openflow/plugins/log.bro
View file

@ -62,7 +62,7 @@ function log_flow_mod(state: ControllerState, match: ofp_match, flow_mod: OpenFl
function log_describe(state: ControllerState): string
{
return fmt("OpenFlog Log Plugin - DPID %d", state$log_dpid);
return fmt("Log-%d", state$log_dpid);
}
function log_new(dpid: count, success_event: bool &default=T): OpenFlow::Controller

2
scripts/base/frameworks/openflow/plugins/ryu.bro
View file

@ -173,7 +173,7 @@ function ryu_flow_clear(state: OpenFlow::ControllerState): bool
function ryu_describe(state: ControllerState): string
{
return fmt("Ryu Plugin - http://%s:%d - DPID: %d", state$ryu_host, state$ryu_port, state$ryu_dpid);
return fmt("Ryu-%d-http://%s:%d", state$ryu_dpid, state$ryu_host, state$ryu_port);
}
# Ryu controller constructor

12
testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/recv.recv.out
View file

@ -1,7 +1,7 @@
BrokerComm::incoming_connection_established
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=<uninitialized>, dst_h=74.53.140.153/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1], [command=blockhosthost, cookie=2, arg=10.10.1.4 74.53.140.153, comment=here]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1], [command=droptcpport, cookie=3, arg=25, comment=here]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1], [command=drop, cookie=4, arg=10.10.1.4/32, comment=]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=<uninitialized>, dst_h=74.53.140.153/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1], [command=restorehosthost, cookie=2, arg=10.10.1.4 74.53.140.153, comment=here]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1], [command=restoretcpport, cookie=3, arg=25, comment=here]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1], [command=restore, cookie=4, arg=10.10.1.4/32, comment=]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.18.50/32, src_p=<uninitialized>, dst_h=74.125.239.97/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1], [command=blockhosthost, cookie=2, arg=192.168.18.50 74.125.239.97, comment=here]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=443/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=there, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1], [command=droptcpport, cookie=3, arg=443, comment=there]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1], [command=drop, cookie=4, arg=192.168.18.50/32, comment=]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.18.50/32, src_p=<uninitialized>, dst_h=74.125.239.97/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1], [command=restorehosthost, cookie=2, arg=192.168.18.50 74.125.239.97, comment=here]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=443/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=there, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1], [command=restoretcpport, cookie=3, arg=443, comment=there]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1], [command=restore, cookie=4, arg=192.168.18.50/32, comment=]

12
testing/btest/Baseline/scripts.base.frameworks.netcontrol.acld/send.send.out
View file

@ -1,7 +1,7 @@
BrokerComm::outgoing_connection_established, 127.0.0.1, 9999/tcp
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=<uninitialized>, dst_h=74.53.140.153/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=<uninitialized>, dst_h=74.53.140.153/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.18.50/32, src_p=<uninitialized>, dst_h=74.125.239.97/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=443/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=there, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.18.50/32, src_p=<uninitialized>, dst_h=74.125.239.97/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=here, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=443/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=there, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]

48
testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/manager-1.netcontrol.log
View file

@ -3,30 +3,24 @@
#empty_field (empty)
#unset_field -
#path netcontrol
#open 2015-07-08-19-33-09
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
1436383989.876677 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All
1436383992.255152 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436383992.255152 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436383992.255152 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436383992.255152 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436383994.376366 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436383994.376366 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436383994.376366 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436383994.376366 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436383991.768500 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436383991.768500 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436383993.849722 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436383993.849722 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436383993.813850 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436383993.813850 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1436384002.162435 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
#close 2015-07-08-19-33-22
#open 2016-02-12-00-47-14
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
1455238034.228329 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All
1455238036.276570 worker-1:2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1455238036.276570 worker-1:3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238036.276570 worker-1:2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1455238036.276570 worker-1:3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238038.340995 worker-2:2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1455238038.340995 worker-2:3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238038.340995 worker-2:2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1455238038.340995 worker-2:3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238038.865312 worker-1:3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238038.865312 worker-2:3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238038.865312 worker-1:2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1455238038.865312 worker-2:2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1455238038.865312 worker-1:3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238038.865312 worker-2:3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1455238038.865312 worker-1:2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1455238038.865312 worker-2:2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
#close 2016-02-12-00-47-18

4
testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-1..stdout
View file

@ -1,4 +0,0 @@
Rule added, worker-1:2, 2
Rule added, worker-1:3, 3
Rule added, worker-2:2, 4
Rule added, worker-2:3, 5

2
testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic-cluster/worker-2..stdout
View file

@ -1,2 +0,0 @@
Rule added, worker-2:2, 4
Rule added, worker-2:3, 5

28
testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/.stdout
View file

@ -1,9 +1,21 @@
netcontrol debug (Debug-All): init
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=15.0 secs, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, c=5, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=15.0 secs, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, c=5, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=1.1.2.2/32, mac=<uninitialized>], expire=15.0 secs, priority=0, location=Hi there, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=1.2.3.4/32, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, out_port=5, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=127.0.0.2/32, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=6, cid=6, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=127.0.0.2/32, src_p=<uninitialized>, dst_h=8.8.8.8/32, dst_p=53/udp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=127.0.0.3, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>, redirect_port=<uninitialized>], id=7, cid=7, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=8.8.8.8/32, src_p=53/udp, dst_h=127.0.0.2/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=[src_h=8.8.8.8, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>, redirect_port=<uninitialized>], id=8, cid=8, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=127.0.0.2/32, src_p=<uninitialized>, dst_h=127.0.0.3/32, dst_p=80/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=<uninitialized>, id=9, cid=9, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::MAC, conn=<uninitialized>, flow=<uninitialized>, ip=<uninitialized>, mac=FF:FF:FF:FF:FF:FF], expire=15.0 secs, priority=0, location=<uninitialized>, out_port=<uninitialized>, mod=<uninitialized>, id=10, cid=10, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=<uninitialized>, src_m=FF:FF:FF:FF:FF:FF, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=0, location=<uninitialized>, out_port=<uninitialized>, mod=<uninitialized>, id=11, cid=11, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=127.0.0.2/32, src_p=<uninitialized>, dst_h=8.8.8.8/32, dst_p=53/udp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=127.0.0.3, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>, redirect_port=<uninitialized>], id=7, cid=7, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::MODIFY, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=8.8.8.8/32, src_p=53/udp, dst_h=127.0.0.2/32, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=[src_h=8.8.8.8, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>, redirect_port=<uninitialized>], id=8, cid=8, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=1.1.2.2/32, mac=<uninitialized>], expire=15.0 secs, priority=0, location=Hi there, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=127.0.0.2/32, src_p=<uninitialized>, dst_h=127.0.0.3/32, dst_p=80/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=<uninitialized>, id=9, cid=9, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=<uninitialized>, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=<uninitialized>, src_m=FF:FF:FF:FF:FF:FF, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=0, location=<uninitialized>, out_port=<uninitialized>, mod=<uninitialized>, id=11, cid=11, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=127.0.0.2/32, src_p=<uninitialized>, dst_h=<uninitialized>, dst_p=<uninitialized>, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=15.0 secs, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=6, cid=6, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::MAC, conn=<uninitialized>, flow=<uninitialized>, ip=<uninitialized>, mac=FF:FF:FF:FF:FF:FF], expire=15.0 secs, priority=0, location=<uninitialized>, out_port=<uninitialized>, mod=<uninitialized>, id=10, cid=10, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::WHITELIST, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=1.2.3.4/32, mac=<uninitialized>], expire=15.0 secs, priority=5, location=, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::REDIRECT, target=NetControl::FORWARD, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, out_port=5, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=192.168.17.1/32, src_p=32/tcp, dst_h=192.168.17.2/32, dst_p=32/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=30.0 secs, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]

68
testing/btest/Baseline/scripts.base.frameworks.netcontrol.basic/netcontrol.log
View file

@ -2,25 +2,49 @@
#set_separator ,
#empty_field (empty)
#unset_field -
#path pacf
#open 2015-06-01-22-57-07
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
#close 2015-06-01-22-57-07
#path netcontrol
#open 2016-02-12-00-21-34
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
1455236494.855016 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All
1455236494.855016 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All
1455236494.855016 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All
1455236494.855016 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All
1455236494.855016 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All
1455236494.855016 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All
1455236494.855016 7 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 8 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 9 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All
1455236494.855016 10 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All
1455236494.855016 11 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All
1455236494.855016 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All
1455236494.855016 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All
1455236494.855016 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All
1455236494.855016 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All
1455236494.855016 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All
1455236494.855016 7 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 8 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 9 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All
1455236494.855016 10 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All
1455236494.855016 11 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All
1455236494.855016 7 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 8 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All
1455236494.855016 9 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All
1455236494.855016 11 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All
1455236494.855016 6 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All
1455236494.855016 10 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All
1455236494.855016 4 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All
1455236494.855016 5 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All
1455236494.855016 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All
1455236494.855016 7 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 127.0.0.3/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 8 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->127.0.0.2/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 15.000000 - Debug-All
1455236494.855016 3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 1.1.2.2/32 - - 0 15.000000 Hi there Debug-All
1455236494.855016 9 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->127.0.0.3/32/80 - - 5 15.000000 - Debug-All
1455236494.855016 11 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW */*->*/* (FF:FF:FF:FF:FF:FF->*) - - 0 15.000000 - Debug-All
1455236494.855016 6 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 127.0.0.2/32/*->*/* - - 0 15.000000 - Debug-All
1455236494.855016 10 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::MAC FF:FF:FF:FF:FF:FF - - 0 15.000000 - Debug-All
1455236494.855016 4 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 1.2.3.4/32 - - 5 15.000000 - Debug-All
1455236494.855016 5 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 -> 5 - 0 30.000000 - Debug-All
1455236494.855016 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.17.1/32/32->192.168.17.2/32/32 - - 0 30.000000 - Debug-All
#close 2016-02-12-00-21-34

8
testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/recv.recv.out
View file

@ -1,5 +1,5 @@
BrokerComm::incoming_connection_established
add_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
add_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
remove_rule, 0, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]

20
testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.netcontrol.log Normal file
View file

@ -0,0 +1,20 @@
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path netcontrol
#open 2016-02-12-03-43-39
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Broker-bro/event/netcontroltest
1455248619.521854 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521854 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 2 NetControl::RULE EXPIRE NetControl::TIMEOUT NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 2 NetControl::ERROR - - NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - Removal of non-existing rule 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 3 NetControl::RULE EXPIRE NetControl::TIMEOUT NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 36000.000000 - Broker-bro/event/netcontroltest
1455248619.521886 3 NetControl::ERROR - - NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Removal of non-existing rule 0 36000.000000 - Broker-bro/event/netcontroltest
#close 2016-02-12-03-43-39

12
testing/btest/Baseline/scripts.base.frameworks.netcontrol.broker/send.send.out
View file

@ -1,7 +1,7 @@
BrokerComm::outgoing_connection_established, 127.0.0.1, 9999/tcp
rule added, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
rule timeout, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1], [duration=<uninitialized>, packet_count=<uninitialized>, byte_count=<uninitialized>]
rule removed, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule timeout, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1], [duration=<uninitialized>, packet_count=<uninitialized>, byte_count=<uninitialized>]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule added, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
rule timeout, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1], [duration=<uninitialized>, packet_count=<uninitialized>, byte_count=<uninitialized>]
rule removed, [ty=NetControl::DROP, target=NetControl::MONITOR, entity=[ty=NetControl::FLOW, conn=<uninitialized>, flow=[src_h=10.10.1.4/32, src_p=1470/tcp, dst_h=74.53.140.153/32, dst_p=25/tcp, src_m=<uninitialized>, dst_m=<uninitialized>], ip=<uninitialized>, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
rule timeout, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1], [duration=<uninitialized>, packet_count=<uninitialized>, byte_count=<uninitialized>]
rule removed, [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=36000.0, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]

20
testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/.stdout
View file

@ -1,11 +1,11 @@
netcontrol debug (Debug-All): init
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=10.0 mins, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=6, cid=6, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=10.0 mins, priority=0, location=, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=6, cid=6, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=10.10.1.4/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, c=<uninitialized>, i=<uninitialized>, d=<uninitialized>, s=<uninitialized>, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=10.0 mins, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]
netcontrol debug (Debug-All): add_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=6, cid=6, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=10.0 mins, priority=0, location=, out_port=<uninitialized>, mod=<uninitialized>, id=2, cid=2, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=1.0 hr, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=3, cid=3, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=1.0 day, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=4, cid=4, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=6, cid=6, _plugin_id=1]
netcontrol debug (Debug-All): remove_rule: [ty=NetControl::DROP, target=NetControl::FORWARD, entity=[ty=NetControl::ADDRESS, conn=<uninitialized>, flow=<uninitialized>, ip=192.168.18.50/32, mac=<uninitialized>], expire=7.0 days, priority=0, location=Re-drop by catch-and-release, out_port=<uninitialized>, mod=<uninitialized>, id=5, cid=5, _plugin_id=1]

52
testing/btest/Baseline/scripts.base.frameworks.netcontrol.catch-and-release/netcontrol.log
View file

@ -2,29 +2,29 @@
#set_separator ,
#empty_field (empty)
#unset_field -
#path pacf
#open 2015-06-02-22-02-42
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - Re-drop by catch-and-release Debug-All
#close 2015-06-02-22-02-42
#path netcontrol
#open 2016-02-12-03-24-03
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All
1398529018.678276 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All
1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All
1398529018.678276 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
1398529018.678276 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All
1398529018.678276 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All
1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All
1398529018.678276 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
1398529018.678276 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All
1398529020.164464 3 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 4 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 6 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 5 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 600.000000 - Debug-All
1398529020.164464 3 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 3600.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 4 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 86400.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 6 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
1398529020.164464 5 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 604800.000000 Re-drop by catch-and-release Debug-All
#close 2016-02-12-03-24-03

26
testing/btest/Baseline/scripts.base.frameworks.netcontrol.hook/netcontrol.log
View file

@ -3,16 +3,16 @@
#empty_field (empty)
#unset_field -
#path netcontrol
#open 2015-07-08-19-33-47
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/1470->74.53.140.153/32/25 - (empty) Debug-All
#close 2015-07-08-19-33-48
#open 2016-02-12-03-22-09
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1398529018.678276 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1398529018.678276 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529020.164464 5 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529020.164464 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1398529020.164464 5 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529020.164464 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 0.0.0.0/0/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
#close 2016-02-12-03-22-09

64
testing/btest/Baseline/scripts.base.frameworks.netcontrol.multiple/netcontrol.log
View file

@ -2,35 +2,35 @@
#set_separator ,
#empty_field (empty)
#unset_field -
#path pacf
#open 2015-06-02-19-34-04
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 10 - Debug-All
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 10 - Openflow - OpenFlog Log Plugin - DPID 42
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
1254722776.690444 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Debug-All
#close 2015-06-02-19-34-04
#path netcontrol
#open 2016-02-12-03-43-55
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 10 - - - Debug-All
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 10 - - - Openflow-Log-42
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Openflow-Log-42
1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Openflow-Log-42
1398529018.678276 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All
1398529018.678276 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Openflow-Log-42
1398529018.678276 8 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529018.678276 8 NetControl::RULE ADD NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Openflow-Log-42
1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1398529018.678276 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All
1398529018.678276 8 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Openflow-Log-42
1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Openflow-Log-42
1398529018.678276 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Openflow-Log-42
1398529018.678276 8 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Openflow-Log-42
1398529020.164464 4 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1398529020.164464 6 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All
1398529020.164464 8 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529020.164464 2 NetControl::RULE REMOVE NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
1398529020.164464 4 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 0 15.000000 - Debug-All
1398529020.164464 6 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::ADDRESS 192.168.18.50/32 - - 5 15.000000 - Debug-All
1398529020.164464 8 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::REDIRECT NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 -> 5 - 0 30.000000 - Debug-All
1398529020.164464 2 NetControl::RULE REMOVE NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.18.50/32/56981->74.125.239.97/32/443 - - 0 30.000000 - Debug-All
#close 2016-02-12-03-43-55

34
testing/btest/Baseline/scripts.base.frameworks.netcontrol.openflow/netcontrol.log
View file

@ -3,20 +3,20 @@
#empty_field (empty)
#unset_field -
#path netcontrol
#open 2016-02-11-21-07-34
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831787.861602 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831787.861602 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831787.861602 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831787.861602 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831799.610433 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831799.610433 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831799.610433 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1437831799.610433 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
#close 2016-02-11-21-07-34
#open 2016-02-12-03-44-04
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Openflow-Log-42
1254722767.875996 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 30.000000 - Openflow-Log-42
1254722767.875996 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 15.000000 - Openflow-Log-42
1254722767.875996 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 10.10.1.4/32/1470->74.53.140.153/32/25 - - 0 30.000000 - Openflow-Log-42
1254722767.875996 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 10.10.1.4/32 - - 0 15.000000 - Openflow-Log-42
1437831787.861602 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - - 0 30.000000 - Openflow-Log-42
1437831787.861602 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42
1437831787.861602 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49648->192.168.133.102/32/25 - - 0 30.000000 - Openflow-Log-42
1437831787.861602 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42
1437831799.610433 6 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - - 0 30.000000 - Openflow-Log-42
1437831799.610433 7 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42
1437831799.610433 6 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::MONITOR NetControl::FLOW 192.168.133.100/32/49655->17.167.150.73/32/443 - - 0 30.000000 - Openflow-Log-42
1437831799.610433 7 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::ADDRESS 192.168.133.100/32 - - 0 15.000000 - Openflow-Log-42
#close 2016-02-12-03-44-04

8
testing/btest/Baseline/scripts.base.frameworks.netcontrol.packetfilter/conn.log
View file

@ -3,10 +3,12 @@
#empty_field (empty)
#unset_field -
#path conn
#open 2015-05-12-22-11-25
#open 2016-02-12-03-18-52
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string]
1254722767.492060 CXWv6p3arKYeMETxOg 10.10.1.4 56166 10.10.1.1 53 udp dns 0.034025 34 100 SF - - 0 Dd 1 62 1 128 (empty)
1254722767.529046 CjhGID4nQcgTWjvg4c 10.10.1.4 1470 74.53.140.153 25 tcp - 0.346950 0 0 S1 - - 0 Sh 1 48 1 48 (empty)
1254722776.690444 CCvvfg3TEfuqmmG4bh 10.10.1.20 138 10.10.1.255 138 udp - - - - S0 - - 0 D 1 229 0 0 (empty)
#close 2015-05-12-22-11-25
1254722767.529046 CjhGID4nQcgTWjvg4c 10.10.1.4 1470 74.53.140.153 25 tcp - 0.346950 0 0 S1 - - 0 Sh 1 48 1 48 (empty)
1437831787.856895 CRJuHdVW0XPVINV8a 192.168.133.100 49648 192.168.133.102 25 tcp - 0.004707 0 0 S1 - - 0 Sh 1 64 1 60 (empty)
1437831776.764391 CsRx2w45OKnoww6xl4 192.168.133.100 49285 66.196.121.26 5050 tcp - 0.343008 41 0 OTH - - 0 Da 1 93 1 52 (empty)
#close 2016-02-12-03-18-52

26
testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/netcontrol.log
View file

@ -3,16 +3,16 @@
#empty_field (empty)
#unset_field -
#path netcontrol
#open 2015-07-08-19-33-55
#fields ts category cmd state action target entity_type entity msg location plugin
#types time enum string enum string enum string string string string string
0.000000 NetControl::MESSAGE - - - - - - activated plugin with priority 0 - Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->*/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->8.8.8.8/32/53 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->10.10.1.4/32/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->192.169.18.1/32/80 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->*/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->8.8.8.8/32/53 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->10.10.1.4/32/* - (empty) Openflow - OpenFlog Log Plugin - DPID 42
1254722767.875996 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 10.10.1.4/32/*->192.169.18.1/32/80 - (empty) Openflow - OpenFlog Log Plugin - DPID 42
#close 2015-07-08-19-33-55
#open 2016-02-12-03-44-17
#fields ts rule_id category cmd state action target entity_type entity mod msg priority expire location plugin
#types time string enum string enum string enum string string string string int interval string string
0.000000 - NetControl::MESSAGE - - - - - - - activated plugin with priority 0 - - - Openflow-Log-42
1398529018.678276 2 NetControl::RULE ADD NetControl::REQUESTED NetControl::DROP NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->*/* - - 0 36000.000000 - Openflow-Log-42
1398529018.678276 3 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 192.169.18.1/_ (_) - 5 36000.000000 - Openflow-Log-42
1398529018.678276 4 NetControl::RULE ADD NetControl::REQUESTED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->192.168.18.50/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 36000.000000 - Openflow-Log-42
1398529018.678276 5 NetControl::RULE ADD NetControl::REQUESTED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->192.169.18.1/32/80 - - 5 36000.000000 - Openflow-Log-42
1398529018.678276 2 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::DROP NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->*/* - - 0 36000.000000 - Openflow-Log-42
1398529018.678276 3 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->8.8.8.8/32/53 Src: _/_ (_) Dst: 192.169.18.1/_ (_) - 5 36000.000000 - Openflow-Log-42
1398529018.678276 4 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::MODIFY NetControl::FORWARD NetControl::FLOW 8.8.8.8/32/53->192.168.18.50/32/* Src: 8.8.8.8/_ (_) Dst: _/_ (_) - 5 36000.000000 - Openflow-Log-42
1398529018.678276 5 NetControl::RULE ADD NetControl::SUCCEEDED NetControl::WHITELIST NetControl::FORWARD NetControl::FLOW 192.168.18.50/32/*->192.169.18.1/32/80 - - 5 36000.000000 - Openflow-Log-42
#close 2016-02-12-03-44-17

12
testing/btest/Baseline/scripts.base.frameworks.netcontrol.quarantine-openflow/openflow.log
View file

@ -3,11 +3,11 @@
#empty_field (empty)
#unset_field -
#path openflow
#open 2015-06-04-23-21-03
#open 2016-02-12-03-28-52
#fields ts dpid match.in_port match.dl_src match.dl_dst match.dl_vlan match.dl_vlan_pcp match.dl_type match.nw_tos match.nw_proto match.nw_src match.nw_dst match.tp_src match.tp_dst flow_mod.cookie flow_mod.table_id flow_mod.command flow_mod.idle_timeout flow_mod.hard_timeout flow_mod.priority flow_mod.out_port flow_mod.out_group flow_mod.flags flow_mod.actions.out_ports flow_mod.actions.vlan_vid flow_mod.actions.vlan_pcp flow_mod.actions.vlan_strip flow_mod.actions.dl_src flow_mod.actions.dl_dst flow_mod.actions.nw_tos flow_mod.actions.nw_src flow_mod.actions.nw_dst flow_mod.actions.tp_src flow_mod.actions.tp_dst
#types time count count string string count count count count count subnet subnet count count count count enum count count count count count count vector[count] count count bool string string count addr addr count count
1254722767.875996 42 - - - - - 2048 - - 10.10.1.4/32 - - - 4398046511108 - OpenFlow::OFPFC_ADD 0 36000 0 - - 1 (empty) - - F - - - - - - -
1254722767.875996 42 - - - - - 2048 - 17 10.10.1.4/32 8.8.8.8/32 - 53 4398046511110 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - 192.169.18.1 - -
1254722767.875996 42 - - - - - 2048 - 17 8.8.8.8/32 10.10.1.4/32 53 - 4398046511112 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - 8.8.8.8 - - -
1254722767.875996 42 - - - - - 2048 - 6 10.10.1.4/32 192.169.18.1/32 - 80 4398046511114 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - - - -
#close 2015-06-04-23-21-03
1398529018.678276 42 - - - - - 2048 - - 192.168.18.50/32 - - - 4398046511108 - OpenFlow::OFPFC_ADD 0 36000 0 - - 1 (empty) - - F - - - - - - -
1398529018.678276 42 - - - - - 2048 - 17 192.168.18.50/32 8.8.8.8/32 - 53 4398046511110 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - 192.169.18.1 - -
1398529018.678276 42 - - - - - 2048 - 17 8.8.8.8/32 192.168.18.50/32 53 - 4398046511112 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - 8.8.8.8 - - -
1398529018.678276 42 - - - - - 2048 - 6 192.168.18.50/32 192.169.18.1/32 - 80 4398046511114 - OpenFlow::OFPFC_ADD 0 36000 5 - - 1 4294967290 - - F - - - - - - -
#close 2016-02-12-03-28-52

4
testing/btest/scripts/base/frameworks/netcontrol/acld.bro
View file

@ -1,7 +1,7 @@
# @TEST-SERIALIZE: brokercomm
# @TEST-REQUIRES: grep -q ENABLE_BROKER $BUILD/CMakeCache.txt
# @TEST-EXEC: btest-bg-run recv "bro -b ../recv.bro broker_port=$BROKER_PORT >recv.out"
# @TEST-EXEC: btest-bg-run send "bro -b -r $TRACES/smtp.trace --pseudo-realtime ../send.bro broker_port=$BROKER_PORT >send.out"
# @TEST-EXEC: btest-bg-run send "bro -b -r $TRACES/tls/ecdhe.pcap --pseudo-realtime ../send.bro broker_port=$BROKER_PORT >send.out"
# @TEST-EXEC: btest-bg-wait 20
# @TEST-EXEC: btest-diff recv/recv.out
@ -50,7 +50,7 @@ event connection_established(c: connection)
$dst_p=c$id$resp_p
);
local e2: NetControl::Entity = [$ty=NetControl::FLOW, $flow=flow2];
local r2: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e2, $expire=10hrs, $location="here"];
local r2: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e2, $expire=10hrs, $location="there"];
NetControl::add_rule(r1);
NetControl::add_rule(r2);

6
testing/btest/scripts/base/frameworks/netcontrol/basic-cluster.bro
View file

@ -2,13 +2,11 @@
#
# @TEST-EXEC: btest-bg-run manager-1 "cp ../cluster-layout.bro . && CLUSTER_NODE=manager-1 bro %INPUT"
# @TEST-EXEC: sleep 1
# @TEST-EXEC: btest-bg-run worker-1 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-1 bro --pseudo-realtime -C -r $TRACES/smtp.trace %INPUT"
# @TEST-EXEC: btest-bg-run worker-1 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-1 bro --pseudo-realtime -C -r $TRACES/tls/ecdhe.pcap %INPUT"
# @TEST-EXEC: sleep 1
# @TEST-EXEC: btest-bg-run worker-2 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-2 bro --pseudo-realtime -C -r $TRACES/smtp.trace %INPUT"
# @TEST-EXEC: btest-bg-run worker-2 "cp ../cluster-layout.bro . && CLUSTER_NODE=worker-2 bro --pseudo-realtime -C -r $TRACES/tls/ecdhe.pcap %INPUT"
# @TEST-EXEC: btest-bg-wait 20
# @TEST-EXEC: btest-diff manager-1/netcontrol.log
# @TEST-EXEC: btest-diff worker-1/.stdout
# @TEST-EXEC: btest-diff worker-2/.stdout
@TEST-START-FILE cluster-layout.bro
redef Cluster::nodes = {

40
testing/btest/scripts/base/frameworks/netcontrol/basic.bro
View file

@ -1,6 +1,6 @@
# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff netcontrol.log
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff .stdout
# @TEST-EXEC: bro %INPUT
# @TEST-EXEC: btest-diff netcontrol.log
# @TEST-EXEC: btest-diff .stdout
@load base/frameworks/netcontrol
@ -10,11 +10,33 @@ event bro_init()
NetControl::activate(netcontrol_debug, 0);
}
event connection_established(c: connection)
function test_mac_flow()
{
local id = c$id;
NetControl::shunt_flow([$src_h=id$orig_h, $src_p=id$orig_p, $dst_h=id$resp_h, $dst_p=id$resp_p], 30sec);
NetControl::drop_address(id$orig_h, 15sec);
NetControl::whitelist_address(id$orig_h, 15sec);
NetControl::redirect_flow([$src_h=id$orig_h, $src_p=id$orig_p, $dst_h=id$resp_h, $dst_p=id$resp_p], 5, 30sec);
local flow = NetControl::Flow(
$src_m = "FF:FF:FF:FF:FF:FF"
);
local e: NetControl::Entity = [$ty=NetControl::FLOW, $flow=flow];
local r: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e, $expire=15sec];
NetControl::add_rule(r);
}
function test_mac()
{
local e: NetControl::Entity = [$ty=NetControl::MAC, $mac="FF:FF:FF:FF:FF:FF"];
local r: NetControl::Rule = [$ty=NetControl::DROP, $target=NetControl::FORWARD, $entity=e, $expire=15sec];
NetControl::add_rule(r);
}
event bro_init() &priority=-5
{
NetControl::shunt_flow([$src_h=192.168.17.1, $src_p=32/tcp, $dst_h=192.168.17.2, $dst_p=32/tcp], 30sec);
NetControl::drop_address(1.1.2.2, 15sec, "Hi there");
NetControl::whitelist_address(1.2.3.4, 15sec);
NetControl::redirect_flow([$src_h=192.168.17.1, $src_p=32/tcp, $dst_h=192.168.17.2, $dst_p=32/tcp], 5, 30sec);
NetControl::quarantine_host(127.0.0.2, 8.8.8.8, 127.0.0.3, 15sec);
test_mac();
test_mac_flow();
}

1
testing/btest/scripts/base/frameworks/netcontrol/broker.bro
View file

@ -4,6 +4,7 @@
# @TEST-EXEC: btest-bg-run send "bro -b -r $TRACES/smtp.trace --pseudo-realtime ../send.bro broker_port=$BROKER_PORT >send.out"
# @TEST-EXEC: btest-bg-wait 20
# @TEST-EXEC: btest-diff send/netcontrol.log
# @TEST-EXEC: btest-diff recv/recv.out
# @TEST-EXEC: btest-diff send/send.out

2
testing/btest/scripts/base/frameworks/netcontrol/catch-and-release.bro
View file

@ -1,4 +1,4 @@
# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT
# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff netcontrol.log
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff .stdout

2
testing/btest/scripts/base/frameworks/netcontrol/hook.bro
View file

@ -1,4 +1,4 @@
# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT
# @TEST-EXEC: btest-diff netcontrol.log
@load base/frameworks/netcontrol

2
testing/btest/scripts/base/frameworks/netcontrol/multiple.bro
View file

@ -1,4 +1,4 @@
# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT
# @TEST-EXEC: TEST_DIFF_CANONIFIER='grep -v ^# | $SCRIPTS/diff-sort' btest-diff netcontrol.log
@load base/frameworks/netcontrol

2
testing/btest/scripts/base/frameworks/netcontrol/quarantine-openflow.bro
View file

@ -1,4 +1,4 @@
# @TEST-EXEC: bro -r $TRACES/smtp.trace %INPUT
# @TEST-EXEC: bro -r $TRACES/tls/ecdhe.pcap %INPUT
# @TEST-EXEC: btest-diff netcontrol.log
# @TEST-EXEC: btest-diff openflow.log