Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

[ADD] reworked code to new design suggested by seth.

Browse source 
The openflow framework now supports multiple
controllers. The design now looks a bit object
oriented and a new() function creates a controller
record.

Moved the JSON script from the JSON namespace into a
openflow specific OpenflowJSON namespace
This commit is contained in:
Christian Struck 2014-11-13 16:49:50 -08:00
parent fef8476690
commit d80cc9ea10
4 changed files with 158 additions and 166 deletions
Download patch file Download diff file Expand all files Collapse all files

136
scripts/base/frameworks/openflow/main.bro
View file

@ -159,10 +159,10 @@ export {
## this should never change, but there are not ## this should never change, but there are not
## constants available in records ## constants available in records
## defaults to OFPAT_OUTPUT ## defaults to OFPAT_OUTPUT
_type: ofp_action_type &default=OFPAT_OUTPUT; type_: ofp_action_type &default=OFPAT_OUTPUT;
#_len: count &default=8; #_len: count &default=8;
## Output port. ## Output port.
_port: count &default=OFPP_FLOOD; port_: count &default=OFPP_FLOOD;
#_max_len: count &optional; #_max_len: count &optional;
}; };
@ -239,95 +239,94 @@ export {
actions: vector of ofp_action_output; actions: vector of ofp_action_output;
}; };
## Function to modify flows in a openflow flow table. ## Function to get the unique id out of a given cookie.
##
## dpid: The openflow controller datapath id.
##
## flow_mod: The openflow flow_mod record which describes
## the flow to delete, modify or add.
##
## Returns: T, if successful, else F.
global flow_mod: function(dpid: count, flow_mod: ofp_flow_mod): bool
&default=function(dpid: count, flow_mod: ofp_flow_mod): bool
{
Reporter::warning("Openflow::flow_mod function not implemented. Please load the right Openflow plugin");
return F;
};
## Function to get flow stats from the openflow switch/router
##
## dpid: The openflow controller datapath id.
##
## Returns: list with the installed flows and their statistics
global flow_stats: function(dpid: count): vector of ofp_flow_stats
&default=function(dpid: count): vector of ofp_flow_stats
{
Reporter::warning("Openflow::flow_stats function not implemented. Please load the right Openflow plugin");
return vector();
};
## Function to get the unique id out of a given cookie
##
## cookie: The openflow match cookie
##
## Returns: The cookie unique id
global get_cookie_uid: function(cookie: count): count;
## Function to get the group id out of a given cookie
## ##
## cookie: The openflow match cookie. ## cookie: The openflow match cookie.
## ##
## Returns: The cookie group id ## Returns: The cookie unique id.
global get_cookie_uid: function(cookie: count): count;
## Function to get the group id out of a given cookie.
##
## cookie: The openflow match cookie.
##
## Returns: The cookie group id.
global get_cookie_gid: function(cookie: count): count; global get_cookie_gid: function(cookie: count): count;
## Function to get the group id out of a given cookie.
##
## cookie: The openflow match cookie.
##
## Returns: The cookie group id.
global generate_cookie: function(cookie: count &default=0): count;
## Event to signal that a flow has been successfully modified. ## Event to signal that a flow has been successfully modified.
## ##
## flow_mod: The openflow flow_mod record which describes ## flow_mod: The openflow flow_mod record which describes
## the flow to delete, modify or add. ## the flow to delete, modify or add.
## ##
## msg: Message to describe the event. ## msg: Message to describe the event.
global Openflow::flow_mod_success: event(flow_mod: ofp_flow_mod, msg: string &default = "Flow successfully modified"); global Openflow::flow_mod_success: event(flow_mod: ofp_flow_mod, msg: string &default="Flow successfully modified");
## Event to signal that a flow mod has failed. ## Event to signal that a flow mod has failed.
## ##
## flow_mod: The openflow flow_mod record which describes ## flow_mod: The openflow flow_mod record which describes
## the flow to delete, modify ord add. ## the flow to delete, modify or add.
## ##
## msg: Message to describe the event. ## msg: Message to describe the event.
global Openflow::flow_mod_failure: event(flow_mod: ofp_flow_mod, msg: string &default = "Could not modify flow"); global Openflow::flow_mod_failure: event(flow_mod: ofp_flow_mod, msg: string &default="Could not modify flow");
## Available openflow plugins
type Plugin: enum {
PLACEHOLDER,
};
## Controller related state.
## Can be redefined by plugins to
## add state.
type ControllerState: record {
## Controller ip.
ip: addr &optional;
## Controller listen port.
port_: count &optional;
## Openflow switch datapath id.
dpid: count &optional;
## Type of the openflow plugin.
type_: Plugin;
} &redef;
## Controller record representing an openflow controller
type Controller: record {
## Controller related state.
state: ControllerState;
## flow_mod function the plugin implements
flow_mod: function(state: ControllerState, flow_mod: ofp_flow_mod): bool;
## flow_stats function the plugin implements if existing
flow_stats: function(state: ControllerState): vector of ofp_flow_stats &optional;
};
## Global flow_mod function wrapper
##
## controller: The controller which should execute the flow modification
##
## flow_mod: The openflow flow_mod record which describes
## the flow to delete, modify or add
##
## Returns: T if successfull, else F
global flow_mod: function(controller: Controller, flow_mod: ofp_flow_mod): bool;
} }
# the flow_mod function wrapper
# Flow Modification function prototype function flow_mod(controller: Controller, flow_mod: ofp_flow_mod): bool
type FlowModFunc: function(dpid: count, flow_mod: ofp_flow_mod): bool;
# Flow Statistics function prototype
type FlowStatsFunc: function(dpid: count): vector of ofp_flow_stats;
# Hook for registering openflow plugins
global register_openflow_plugin: hook();
# Function for plugins to call when they register their flow_mod function.
function register_openflow_mod_func(func: FlowModFunc)
{ {
flow_mod = func; return controller$flow_mod(controller$state, flow_mod);
}
# Function for plugins to call when they register their flow_stats function.
function register_openflow_stats_func(func: FlowStatsFunc)
{
flow_stats = func;
} }
# local function to forge a flow_mod cookie for this framework. # local function to forge a flow_mod cookie for this framework.
# all flow entries from the openflow framework should have the # all flow entries from the openflow framework should have the
# 42 bit of the cookie set. # 42 bit of the cookie set.
function generate_cookie(cookie: count &default = 0): count function generate_cookie(cookie: count &default=0): count
{ {
local c = BRO_COOKIE_ID * COOKIE_BID_START; local c = BRO_COOKIE_ID * COOKIE_BID_START;
if(cookie >= COOKIE_UID_SIZE) if(cookie >= COOKIE_UID_SIZE)
@ -366,10 +365,3 @@ function get_cookie_gid(cookie: count): count
); );
return INVALID_COOKIE; return INVALID_COOKIE;
} }
event bro_init()
{
# Call all of the plugin registration hooks
hook register_openflow_plugin();
}

77
scripts/base/frameworks/openflow/plugins/ryu.bro
View file

@ -4,19 +4,16 @@
@load base/utils/active-http @load base/utils/active-http
module Openflow; module OpenflowRyu;
export { export {
## The Ryu openflow controller IP. redef enum Openflow::Plugin += {
const controller_ip = "0.0.0.0" &redef; Openflow::RYU,
## The port where the ReST API listens on. };
const controller_port = "8080" &redef;
## Ryu error definitions. ## Ryu error definitions.
type RyuError: enum { type Error: enum {
## The controller IP needs to be redefined.
CONTROLLER_IP_REDEF,
## The openflow command type is not available ## The openflow command type is not available
## for this ryu openflow plugin. ## for this ryu openflow plugin.
COMMAND_TYPE_NOT_AVAILABLE, COMMAND_TYPE_NOT_AVAILABLE,
@ -33,7 +30,18 @@ export {
## error: The error why the plugin aborted. ## error: The error why the plugin aborted.
## ##
## msg: More detailed error description. ## msg: More detailed error description.
global Openflow::ryu_error: event(flow_mod: ofp_flow_mod, error: RyuError, msg: string &default=""); global OpenflowRyu::error: event(flow_mod: Openflow::ofp_flow_mod, error: Error, msg: string &default="");
## Ryu controller constructor.
##
## ip: Controller ip.
##
## port_: Controller listen port.
##
## dpid: Openflow switch datapath id.
##
## Returns: Openflow::Controller record
global new: function(ip: addr, port_: count, dpid: count): Openflow::Controller;
} }
@ -62,7 +70,7 @@ type ryu_flow_action_output: record {
# https://media.readthedocs.org/pdf/ryu/latest/ryu.pdf # https://media.readthedocs.org/pdf/ryu/latest/ryu.pdf
# on page 278-299 (30.10.2014) # on page 278-299 (30.10.2014)
# Ryu ReST API flow_mod type. # Ryu ReST API flow_mod type.
type ryu_flow_mod: record { type ryu_ofp_flow_mod: record {
dpid: count; dpid: count;
cookie: count &optional; cookie: count &optional;
cookie_mask: count &optional; cookie_mask: count &optional;
@ -77,39 +85,28 @@ type ryu_flow_mod: record {
}; };
# Hook to register the Ryu openflow plugin's flow_mod function # Ryu flow_mod function
# as the one the openflow framework should use. function flow_mod(state: Openflow::ControllerState, flow_mod: Openflow::ofp_flow_mod): bool
hook register_openflow_plugin()
{ {
register_openflow_mod_func(
function(dpid: count, flow_mod: ofp_flow_mod): bool
{
# Check if the controller_ip has been redefined.
if(controller_ip == "0.0.0.0")
{
Reporter::warning("The constant Openflow::controller_ip must be redefined");
event Openflow::ryu_error(flow_mod, CONTROLLER_IP_REDEF, cat(controller_ip));
return F;
}
# Generate ryu_flow_actions because their type differs (using strings as type). # Generate ryu_flow_actions because their type differs (using strings as type).
local _flow_actions: vector of ryu_flow_action_output; local _flow_actions: vector of ryu_flow_action_output;
for(i in flow_mod$actions) for(i in flow_mod$actions)
{ {
switch(flow_mod$actions[i]$_type) switch(flow_mod$actions[i]$type_)
{ {
case OFPAT_OUTPUT: case Openflow::OFPAT_OUTPUT:
_flow_actions[|_flow_actions|] = ryu_flow_action_output($_port=flow_mod$actions[i]$_port); _flow_actions[|_flow_actions|] = ryu_flow_action_output($_port=flow_mod$actions[i]$port_);
break; break;
default: default:
Reporter::warning(fmt("The given Openflow action type '%s' is not available", flow_mod$actions[i]$_type)); Reporter::warning(fmt("The given Openflow action type '%s' is not available", flow_mod$actions[i]$type_));
event Openflow::ryu_error(flow_mod, ACTION_TYPE_NOT_AVAILABLE, cat(flow_mod$actions[i]$_type)); event OpenflowRyu::error(flow_mod, ACTION_TYPE_NOT_AVAILABLE, cat(flow_mod$actions[i]$type_));
return F; return F;
} }
} }
# Generate our ryu_flow_mod record for the ReST API call. # Generate our ryu_flow_mod record for the ReST API call.
local _flow_mod: ryu_flow_mod = ryu_flow_mod( local _flow_mod: ryu_ofp_flow_mod = ryu_ofp_flow_mod(
$dpid=dpid, $dpid=state$dpid,
$cookie=generate_cookie(flow_mod$cookie), $cookie=Openflow::generate_cookie(flow_mod$cookie),
$idle_timeout=flow_mod$idle_timeout, $idle_timeout=flow_mod$idle_timeout,
$hard_timeout=flow_mod$hard_timeout, $hard_timeout=flow_mod$hard_timeout,
$match=flow_mod$match, $match=flow_mod$match,
@ -119,22 +116,22 @@ hook register_openflow_plugin()
local command_type: string; local command_type: string;
switch(flow_mod$command) switch(flow_mod$command)
{ {
case OFPFC_ADD: case Openflow::OFPFC_ADD:
command_type = "add"; command_type = "add";
break; break;
case OFPFC_DELETE: case Openflow::OFPFC_DELETE:
command_type = "delete"; command_type = "delete";
break; break;
default: default:
Reporter::warning(fmt("The given Openflow command type '%s' is not available", cat(flow_mod$command))); Reporter::warning(fmt("The given Openflow command type '%s' is not available", cat(flow_mod$command)));
event Openflow::ryu_error(flow_mod, COMMAND_TYPE_NOT_AVAILABLE, cat(flow_mod$command)); event OpenflowRyu::error(flow_mod, COMMAND_TYPE_NOT_AVAILABLE, cat(flow_mod$command));
return F; return F;
} }
# Create the ActiveHTTP request and convert the record to a Ryu ReST API JSON string # Create the ActiveHTTP request and convert the record to a Ryu ReST API JSON string
local request: ActiveHTTP::Request = ActiveHTTP::Request( local request: ActiveHTTP::Request = ActiveHTTP::Request(
$url=cat("http://", controller_ip, ":", controller_port, RYU_FLOWENTRY_PATH, command_type), $url=cat("http://", cat(state$ip), ":", cat(state$port_), RYU_FLOWENTRY_PATH, command_type),
$method="POST", $method="POST",
$client_data=JSON::convert(_flow_mod) $client_data=OpenflowJSON::convert(_flow_mod)
); );
# Execute call to Ryu's ReST API # Execute call to Ryu's ReST API
when(local result = ActiveHTTP::request(request)) when(local result = ActiveHTTP::request(request))
@ -151,8 +148,10 @@ hook register_openflow_plugin()
return T; return T;
} }
);
# TODO: implement when a JSON -> record converter exists
# register_openflow_stats_func(); # Ryu controller constructor
function new(ip: addr, port_: count, dpid: count): Openflow::Controller
{
return [$state=[$ip=ip, $port_=port_, $type_=Openflow::RYU, $dpid=dpid], $flow_mod=flow_mod];
} }

12
scripts/base/frameworks/openflow/utils/json.bro
View file

@ -1,6 +1,6 @@
@load base/utils/strings @load base/utils/strings
module JSON; module OpenflowJSON;
export { export {
## A function to convert arbitrary Bro data into a JSON string. ## A function to convert arbitrary Bro data into a JSON string.
@ -72,7 +72,7 @@ function convert(v: any, only_loggable: bool &default=F, field_escape_pattern: p
field = cat(sub(field, field_escape_pattern, "")); field = cat(sub(field, field_escape_pattern, ""));
if ( field_desc?$value && (!only_loggable || field_desc$log) ) if ( field_desc?$value && (!only_loggable || field_desc$log) )
{ {
local onepart = cat("\"", field, "\": ", JSON::convert(field_desc$value, only_loggable)); local onepart = cat("\"", field, "\": ", OpenflowJSON::convert(field_desc$value, only_loggable));
rec_parts[|rec_parts|] = onepart; rec_parts[|rec_parts|] = onepart;
} }
} }
@ -86,7 +86,7 @@ function convert(v: any, only_loggable: bool &default=F, field_escape_pattern: p
local sa: set[bool] = v; local sa: set[bool] = v;
for ( sv in sa ) for ( sv in sa )
{ {
set_parts[|set_parts|] = JSON::convert(sv, only_loggable); set_parts[|set_parts|] = OpenflowJSON::convert(sv, only_loggable);
} }
return cat("[", join_string_vec(set_parts, ", "), "]"); return cat("[", join_string_vec(set_parts, ", "), "]");
} }
@ -96,9 +96,9 @@ function convert(v: any, only_loggable: bool &default=F, field_escape_pattern: p
local ta: table[bool] of any = v; local ta: table[bool] of any = v;
for ( ti in ta ) for ( ti in ta )
{ {
local ts = JSON::convert(ti); local ts = OpenflowJSON::convert(ti);
local if_quotes = (ts[0] == "\"") ? "" : "\""; local if_quotes = (ts[0] == "\"") ? "" : "\"";
tab_parts[|tab_parts|] = cat(if_quotes, ts, if_quotes, ": ", JSON::convert(ta[ti], only_loggable)); tab_parts[|tab_parts|] = cat(if_quotes, ts, if_quotes, ": ", OpenflowJSON::convert(ta[ti], only_loggable));
} }
return cat("{", join_string_vec(tab_parts, ", "), "}"); return cat("{", join_string_vec(tab_parts, ", "), "}");
} }
@ -108,7 +108,7 @@ function convert(v: any, only_loggable: bool &default=F, field_escape_pattern: p
local va: vector of any = v; local va: vector of any = v;
for ( vi in va ) for ( vi in va )
{ {
vec_parts[|vec_parts|] = JSON::convert(va[vi], only_loggable); vec_parts[|vec_parts|] = OpenflowJSON::convert(va[vi], only_loggable);
} }
return cat("[", join_string_vec(vec_parts, ", "), "]"); return cat("[", join_string_vec(vec_parts, ", "), "]");
} }

13
scripts/site/openflow-shunt.bro
View file

@ -2,8 +2,10 @@
@load base/frameworks/notice @load base/frameworks/notice
@load base/frameworks/openflow @load base/frameworks/openflow
module OpenflowShunt; module OpenflowShunt;
# pox # pox
# global param_dpid = "00-24-a8-5c-0c-00|15" &redef; # global param_dpid = "00-24-a8-5c-0c-00|15" &redef;
# global param_port = "\"OFPP_ALL\"" &redef; # global param_port = "\"OFPP_ALL\"" &redef;
@ -12,7 +14,6 @@ module OpenflowShunt;
# default constants which are not automatically gathered. # default constants which are not automatically gathered.
redef Openflow::controller_ip = "10.255.0.20";
const dpid = 4222282094087168; const dpid = 4222282094087168;
const cookie = 0; const cookie = 0;
const idle_timeout = 30; const idle_timeout = 30;
@ -38,6 +39,7 @@ export {
function size_callback(c: connection, cnt: count): interval function size_callback(c: connection, cnt: count): interval
{ {
local controller = OpenflowRyu::new(10.255.0.20, 8080, dpid);
# print Openflow::flow_stats(dpid); # print Openflow::flow_stats(dpid);
# if traffic exceeds the given threshold, remove flow. # if traffic exceeds the given threshold, remove flow.
if ( c$orig$num_bytes_ip + c$resp$num_bytes_ip >= size_threshold ) if ( c$orig$num_bytes_ip + c$resp$num_bytes_ip >= size_threshold )
@ -45,8 +47,8 @@ function size_callback(c: connection, cnt: count): interval
# create openflow flow_mod add records from connection data and give default constants # create openflow flow_mod add records from connection data and give default constants
local actions: vector of Openflow::ofp_action_output; local actions: vector of Openflow::ofp_action_output;
local reverse_actions: vector of Openflow::ofp_action_output; local reverse_actions: vector of Openflow::ofp_action_output;
actions[|actions|] = Openflow::ofp_action_output($_port=out_port); actions[|actions|] = Openflow::ofp_action_output($port_=out_port);
reverse_actions[|reverse_actions|] = Openflow::ofp_action_output($_port=in_port); reverse_actions[|reverse_actions|] = Openflow::ofp_action_output($port_=in_port);
# flow layer 4 protocol # flow layer 4 protocol
local nw_proto = Openflow::IP_TCP; local nw_proto = Openflow::IP_TCP;
if(is_udp_port(c$id$orig_p)) if(is_udp_port(c$id$orig_p))
@ -93,9 +95,8 @@ function size_callback(c: connection, cnt: count): interval
]; ];
# call openflow framework # call openflow framework
if(Openflow::flow_mod(dpid, flow_mod) && Openflow::flow_mod(dpid, reverse_flow_mod)) { if(Openflow::flow_mod(controller, flow_mod) && Openflow::flow_mod(controller, reverse_flow_mod))
event shunt_triggered(c); event shunt_triggered(c);
}
if(delete_flow) if(delete_flow)
{ {
@ -132,7 +133,7 @@ event Openflow::flow_mod_failure(flow_mod: Openflow::ofp_flow_mod, msg: string)
} }
event Openflow::ryu_error(flow_mod: Openflow::ofp_flow_mod, error: Openflow::RyuError, msg: string) event OpenflowRyu::error(flow_mod: Openflow::ofp_flow_mod, error: OpenflowRyu::Error, msg: string)
{ {
print fmt("ERROR: %s, msg: %s\n%s", error, msg, flow_mod); print fmt("ERROR: %s, msg: %s\n%s", error, msg, flow_mod);
} }