Re: [Ryu-devel] IP packet handler
Brought to you by:
nz_gizmoguy
Menu
▾
▴
Re: [Ryu-devel] IP packet handler
|
From: Gabriele G. <gab...@gm...> - 2013-10-18 17:04:16
|
Many thanks.
If it can be helpful, after some effort, I was able to extract the prefix
with the following code
icimpv6 = pkt.get_protocol(icmpv6.icmpv6)
icmpv6type = icimpv6.type_
if (icmpv6type == 134):
icidata = icimpv6.data
self.logger.info("[DATA ND_OPTION] %s: ", icidata)
self.logger.info("[ICIDATA.DATA_TYPE] %s:
",type(icidata.data))
try:
dict1 = icidata.data[1]
self.logger.info("[PREFIX] %s ", dict1.prefix)
except:
try:
dict1 = icidata.data[0]
self.logger.info("[PREFIX] %s ",
dict1.prefix)
except:
self.logger.info("[ALERT] ND_OPTION_PI not
found, irregular structure. Packet Dropped.")
dict1=0
if isinstance(dict1, icmpv6.nd_option_pi):
self.logger.info("[ALERT] I'm IN! :)")
else:
self.logger.info("[ALERT] I'm OUT! :(")
if isinstance(icidata, icmpv6.nd_router_advert):
self.logger.info("Router Advert Instance Detected!")
self.logger.info("[ALERT] packet contains a Router
Advertisement!")
LOG:
[DATA ND_OPTION]
nd_router_advert(ch_l=0,data=[nd_option_pi(pl=64,pre_l=4294967295,prefix='1234::',res1=192,res2=0,val_l=4294967295)],length=[4],rea_t=0,res=0,ret_t=0,rou_l=1800,type_=[3]):
[ICIDATA.DATA_TYPE] <type 'list'>:
[PREFIX] 1234::
[ALERT] I'm IN! :)
Router Advert Instance Detected!
[ALERT] packet contains a Router Advertisement!
[WARNING] Intrusion Detection System detected a Rogue Router Advertisement!
2013/10/18 YAMAMOTO Takashi <yam...@va...>
> > I tested your code but, even if I generate a RA using scapy, ryu doesn't
> go
> > into the "if isinstance(data, icmpv6.nd_option_pi)"
>
> sure, it should have been the following as your log says.
>
> if isinstance(data, icmpv6.nd_router_advert):
>
> >
> > It seems like there is no instance for the nd_option_pi subclass...while
> I
> > need to print the prefix value. Any hints?
>
> seems like a parser bug. i posted a fix.
>
> YAMAMOTO Takashi
>
> >
> > Thanks again!
> >
> > Scapy code:
> > a = IPv6()
> > a.dst = "ff02::1"
> > b = ICMPv6ND_RA()
> > c = ICMPv6NDOptSrcLLAddr()
> > c.lladdr = "00:00:00:00:00:01"
> > d = ICMPv6NDOptMTU()
> > e = ICMPv6NDOptPrefixInfo()
> > e.prefixlen = 64
> > e.prefix = "cc5f::"
> > send(a/b/c/d/e)
> >
> > #1 Ryu code:
> >
> > icidata = icmpv6.icmpv6.data
> > self.logger.info("[DATA] %s TYPE: %s", icidata,
> > type(icidata))
> > if isinstance(icidata, icmpv6.nd_option_pi):
> > self.logger.info("[ALERT] I'm IN!")
> > else:
> > self.logger.info("[ALERT] I'm OUT! :(")
> >
> > #1 LOG:
> > [DATA]
> >
> nd_router_advert(ch_l=0,data=[nd_option_la(data=None,hw_src='00:00:00:00:00:01'),
> > '\x00\x00\x00\x00\x05\x00\x03\x04@
> \xc0\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x124\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'],length=[1,
> > 1],rea_t=0,res=0,ret_t=0,rou_l=1800,type_=[1, 5]) TYPE: <class
> > 'ryu.lib.packet.icmpv6.nd_router_advert'>
> > [ALERT] I'm OUT! :(
> >
> > -------------------------------
> >
> > 2# Ryu code:
> > icidata = icmpv6.icmpv6.data
> > self.logger.info("[DATA] %s TYPE: %s", icidata,
> > type(icidata))
> > if isinstance(icidata, icmpv6.nd_router_advert):
> > self.logger.info("[ALERT] I'm IN!")
> > else:
> > self.logger.info("[ALERT] I'm OUT! :(")
> >
> > #2 LOG:
> > [DATA]
> >
> nd_router_advert(ch_l=0,data=[nd_option_la(data=None,hw_src='00:00:00:00:00:01'),
> > '\x00\x00\x00\x00\x05\x00\x03\x04@
> \xc0\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x124\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'],length=[1,
> > 1],rea_t=0,res=0,ret_t=0,rou_l=1800,type_=[1, 5]) TYPE: <class
> > 'ryu.lib.packet.icmpv6.nd_router_advert'>
> > [ALERT] I'm IN!
> >
> >
> > 2013/10/16 YAMAMOTO Takashi <yam...@va...>
> >
> >> > Many thanks for your reply, now I've tried some tests and they work.
> >> > Unfortunately, I'm experiencing another issue: I want my switch to
> >> extract
> >> > IPv6 ND informations, but the console reply back to me with this error
> >> when
> >> > I execute the following code (the omitted portion of code is the same
> of
> >> > simple_switch.py example)
> >> >
> >> > [ERROR]
> >> > hub: uncaught exception: Traceback (most recent call last):
> >> > File "/home/user/ryu/ryu/lib/hub.py", line 48, in _launch
> >> > func(*args, **kwargs)
> >> > File "/home/user/ryu/ryu/base/app_manager.py", line 110, in
> _event_loop
> >> > handler(ev)
> >> > File "/home/user/ryu/ryu/app/simple_switch03BACKUP.py", line 68, in
> >> > _packet_in
> >> > icimpv6 = pkt.get_protocol(icmpv6.nd_neighbor)
> >> > File "/home/user/ryu/ryu/lib/packet/packet.py", line 104, in
> >> get_protocol
> >> > result = self.get_protocols(protocol)
> >> > File "/home/user/ryu/ryu/lib/packet/packet.py", line 97, in
> >> get_protocols
> >> > assert issubclass(protocol, packet_base.PacketBase)
> >> > AssertionError
> >> >
> >> >
> >> > [CODE]
> >> >
> >> >
> >> > @set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER)
> >> >
> >> > def _packet_in_handler(self, ev):
> >> >
> >> > msg = ev.msg
> >> >
> >> > datapath = msg.datapath
> >> >
> >> > ofproto = datapath.ofproto
> >> >
> >> >
> >> > pkt = packet.Packet(msg.data)
> >> >
> >> > eth = pkt.get_protocol(ethernet.ethernet)
> >> >
> >> >
> >> > dst = eth.dst
> >> >
> >> > src = eth.src
> >> >
> >> >
> >> > try:
> >> >
> >> > ippiv6 = pkt.get_protocol(ipv6.ipv6)
> >> >
> >> > ipv6s = ippiv6.src
> >> >
> >> > except:
> >> >
> >> > ipv6s = "not assigned yet"
> >> >
> >> >
> >> > icimpv6 = pkt.get_protocol(icmpv6.icmpv6)
> >> >
> >> > #icmpv6type = icimpv6.type_
> >> >
> >> >
> >> >
> >> > options = pkt.get_protocol(icmpv6.nd_option_pi)
> >>
> >> i think you need something like this.
> >>
> >> i = pkt.get_protocol(icmpv6.icmpv6)
> >> if i:
> >> data = i.data
> >> if isinstance(data, icmpv6.nd_option_pi):
> >> :
> >> :
> >>
> >> YAMAMOTO Takashi
> >>
> >> >
> >> > if (icmpv6type == 134):
> >> > prefixes = option.prefix
> >> >
> >> > self.logger.info("[ALERT] packet contains a Router
> >> Advertisement!")
> >> >
> >> > self.logger.info("Prefix announced: %s", prefixes)
> >> >
> >> >
> >> >
> >> > dpid = datapath.id
> >> >
> >> > self.mac_to_port.setdefault(dpid, {})
> >> >
> >> >
> >> > self.logger.info("packet in %s ipv6:%s %s %s %s", dpid, ipv6s,
> src,
> >> > dst, msg.in_port)
> >> >
> >> >
> >> > # learn a mac address to avoid FLOOD next time.
> >> >
> >> > self.mac_to_port[dpid][src] = msg.in_port
> >> >
> >> >
> >> > ...
> >> >
> >> > How can I fix this?
> >> >
> >> > Many thanks for your time
> >> > Gabriele
> >> >
> >> >
> >> > 2013/10/15 FUJITA Tomonori <fuj...@la...>
> >> >
> >> >> Hi,
> >> >>
> >> >> On Sun, 13 Oct 2013 15:58:14 +0200
> >> >> Gabriele Gerbino <gab...@gm...> wrote:
> >> >>
> >> >> > Hi there, I'm new to this ML and to OF in general. I was trying to
> >> gain
> >> >> > confidence with ryu but I found myself stucked so soon. I wanted to
> >> >> modify
> >> >> > the "simple_switch.py" example in order to make it able to learn IP
> >> >> > addresses too and handle packets based on them. In particular, my
> >> idea is
> >> >> > to use ryu to avoid some ipv6 security issues (rogue RA). Is there
> >> anyone
> >> >> > who can give me some instructions and/or examples of ip packet
> >> handlers?
> >> >>
> >> >> I updated simple_switch.py. Packet library enables you to access an
> IP
> >> >> header in a packet easily. Also check out:
> >> >>
> >> >> http://ryu.readthedocs.org/en/latest/library_packet_ref.html
> >> >>
> >> >>
> >>
>
|
