Skip to content
Snippets Groups Projects
Commit b10e01d6 authored by Leonidas Poulopoulos's avatar Leonidas Poulopoulos
Browse files

Changed logic to all parts. Dev db is incorporated

parent 7a8a4da4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
flowspec/admin.py
+ 22
14
View file @ b10e01d6
......@@ -10,33 +10,41 @@ class RouteAdmin(admin.ModelAdmin):
applier = PR.Applier(route_objects=queryset)
commit, response = applier.apply(configuration=applier.delete_routes())
if commit:
rows = queryset.update(is_online=False)
rows = queryset.update(is_online=False, is_active=False)
queryset.update(response="Successfully removed route from network")
self.message_user(request, "Successfully removed %s routes from network" % rows)
else:
self.message_user(request, "Could not remove routes from network")
deactivate.short_description = "Remove selected routes from network"
list_display = ('name', 'get_match', 'get_then', 'is_online', 'applier', 'response')
fields = ('name', 'match','then','applier', 'expires')
deactivate.short_description = "Deactivate selected routes from network"
list_display = ('name', 'is_online', 'applier', 'get_match', 'get_then', 'response')
fieldsets = [
(None, {'fields': ['name',]}),
("Match", {'fields': ['source', 'sourceport', 'destination', 'destinationport', 'port']}),
('Advanced Match Statements', {'fields': ['dscp', 'fragmenttype', 'icmpcode', 'icmptype', 'packetlength', 'protocol', 'tcpflag'], 'classes': ['collapse']}),
("Then", {'fields': ['then' ]}),
(None, {'fields': ['comments',]}),
]
# fields = ('name', 'applier', 'expires')
#def formfield_for_dbfield(self, db_field, **kwargs):
# if db_field.name == 'password':
# kwargs['widget'] = PasswordInput
# return db_field.formfield(**kwargs)
admin.site.register(MatchAddress)
#admin.site.register(MatchAddress)
admin.site.register(MatchPort)
admin.site.register(MatchDscp)
admin.site.register(MatchFragmentType)
admin.site.register(MatchIcmpCode)
admin.site.register(MatchIcmpType)
admin.site.register(MatchPacketLength)
admin.site.register(MatchProtocol)
admin.site.register(MatchTcpFlag)
#admin.site.register(MatchFragmentType)
#admin.site.register(MatchIcmpCode)
#admin.site.register(MatchIcmpType)
#admin.site.register(MatchPacketLength)
#admin.site.register(MatchProtocol)
#admin.site.register(MatchTcpFlag)
admin.site.register(ThenAction)
admin.site.register(ThenStatement)
admin.site.register(MatchStatement)
#admin.site.register(ThenStatement)
#admin.site.register(MatchStatement)
admin.site.register(Route, RouteAdmin)
admin.site.disable_action('delete_selected')
......
flowspec/models.py
+ 68
82
View file @ b10e01d6
......@@ -2,9 +2,11 @@
# vim: tabstop=4:shiftwidth=4:softtabstop=4:expandtab
from django.db import models
from django.conf import settings
from django.contrib.auth.models import User
from utils import proxy as PR
from ipaddr import *
from datetime import *
import logging
FORMAT = '%(asctime)s %(levelname)s: %(message)s'
......@@ -32,23 +34,8 @@ THEN_CHOICES = (
)
def days_offset(): return datetime.now() + timedelta(days = settings.EXPIRATION_DAYS_OFFSET)
class MatchAddress(models.Model):
address = models.CharField(max_length=255, help_text=u"Network address. Use address/CIDR notation")
def __unicode__(self):
return self.address
def clean(self, *args, **kwargs):
from django.core.exceptions import ValidationError
try:
address = IPNetwork(self.address)
self.address = address.exploded
except Exception:
raise ValidationError('Invalid network address format')
class Meta:
db_table = u'match_address'
class MatchPort(models.Model):
port = models.CharField(max_length=24)
def __unicode__(self):
......@@ -65,70 +52,72 @@ class MatchDscp(models.Model):
class ThenAction(models.Model):
action = models.CharField(max_length=60, choices=THEN_CHOICES)
action_value = models.CharField(max_length=255, blank=True, null=True)
action = models.CharField(max_length=60, choices=THEN_CHOICES, verbose_name="Action")
action_value = models.CharField(max_length=255, blank=True, null=True, verbose_name="Action Value")
def __unicode__(self):
return "%s %s" %(self.action, self.action_value)
return "%s: %s" %(self.action, self.action_value)
class Meta:
db_table = u'then_action'
class Route(models.Model):
name = models.CharField(max_length=128)
applier = models.ForeignKey(User)
destination = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation")
destinationport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchDestinationPort")
dscp = models.ManyToManyField(MatchDscp, blank=True, null=True)
fragmenttype = models.CharField(max_length=20, choices=FRAGMENT_CODES, blank=True, null=True)
icmpcode = models.CharField(max_length=32, blank=True, null=True)
icmptype = models.CharField(max_length=32, blank=True, null=True)
packetlength = models.IntegerField(blank=True, null=True)
port = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchPort")
protocol = models.CharField(max_length=32, blank=True, null=True)
source = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation")
sourceport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchSourcePort")
tcpflag = models.CharField(max_length=128, blank=True, null=True)
then = models.ManyToManyField(ThenAction)
source = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation", verbose_name="Source Address")
sourceport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchSourcePort", verbose_name="Source Port")
destination = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation", verbose_name="Destination Address")
destinationport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchDestinationPort", verbose_name="Destination Port")
port = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchPort", verbose_name="Port" )
dscp = models.ManyToManyField(MatchDscp, blank=True, null=True, verbose_name="DSCP")
fragmenttype = models.CharField(max_length=20, choices=FRAGMENT_CODES, blank=True, null=True, verbose_name="Fragment Type")
icmpcode = models.CharField(max_length=32, blank=True, null=True, verbose_name="ICMP Code")
icmptype = models.CharField(max_length=32, blank=True, null=True, verbose_name="ICMP Type")
packetlength = models.IntegerField(blank=True, null=True, verbose_name="Packet Length")
protocol = models.CharField(max_length=32, blank=True, null=True, verbose_name="Protocol")
tcpflag = models.CharField(max_length=128, blank=True, null=True, verbose_name="TCP flag")
then = models.ManyToManyField(ThenAction, verbose_name="Then")
filed = models.DateTimeField(auto_now_add=True)
last_updated = models.DateTimeField(auto_now=True)
is_online = models.BooleanField(default=False)
is_active = models.BooleanField(default=False)
expires = models.DateTimeField()
expires = models.DateField(default=days_offset)
response = models.CharField(max_length=512, blank=True, null=True)
comments = models.TextField(null=True, blank=True)
comments = models.TextField(null=True, blank=True, verbose_name="Comments")
def __unicode__(self):
return self.name
class Meta:
unique_together = (("name", "is_active"),)
db_table = u'route'
def clean(self, *args, **kwargs):
from django.core.exceptions import ValidationError
if self.destination:
try:
address = IPNetwork(self.address)
self.address = address.exploded
address = IPNetwork(self.destination)
self.destination = address.exploded
except Exception:
raise ValidationError('Invalid network address format')
raise ValidationError('Invalid network address format at Destination Field')
if self.source:
try:
address = IPNetwork(self.address)
self.address = address.exploded
address = IPNetwork(self.source)
self.source = address.exploded
except Exception:
raise ValidationError('Invalid network address format')
raise ValidationError('Invalid network address format at Source Field')
def save(self, *args, **kwargs):
applier = PR.Applier(route_object=self)
commit, response = applier.apply()
if commit:
self.is_online = True
self.is_active = True
self.response = response
else:
self.is_online = False
self.response = response
super(Route, self).save(*args, **kwargs)
def is_synced(self):
found = False
......@@ -144,11 +133,10 @@ class Route(models.Model):
found = True
logger.info('Found a matching route name')
devicematch = route.match
routematch = self.match
try:
assert(routematch.matchDestination.address)
assert(self.destination)
assert(devicematch['destination'][0])
if routematch.matchDestination.address == devicematch['destination'][0]:
if self.destination == devicematch['destination'][0]:
found = found and True
logger.info('Found a matching destination')
else:
......@@ -157,9 +145,9 @@ class Route(models.Model):
except:
pass
try:
assert(routematch.matchSource.address)
assert(self.source)
assert(devicematch['source'][0])
if routematch.matchSource.address == devicematch['source'][0]:
if self.source == devicematch['source'][0]:
found = found and True
logger.info('Found a matching source')
else:
......@@ -168,9 +156,9 @@ class Route(models.Model):
except:
pass
try:
assert(routematch.matchfragmenttype.fragmenttype)
assert(self.fragmenttype)
assert(devicematch['fragment'][0])
if routematch.matchfragmenttype.fragmenttype == devicematch['fragment'][0]:
if self.fragmenttype == devicematch['fragment'][0]:
found = found and True
logger.info('Found a matching fragment type')
else:
......@@ -179,9 +167,9 @@ class Route(models.Model):
except:
pass
try:
assert(routematch.matchicmpcode.icmp_code)
assert(self.icmpcode)
assert(devicematch['icmp-code'][0])
if routematch.matchicmpcode.icmp_code == devicematch['icmp-code'][0]:
if self.icmpcode == devicematch['icmp-code'][0]:
found = found and True
logger.info('Found a matching icmp code')
else:
......@@ -190,9 +178,9 @@ class Route(models.Model):
except:
pass
try:
assert(routematch.matchicmptype.icmp_type)
assert(self.icmptype)
assert(devicematch['icmp-type'][0])
if routematch.matchicmpcode.icmp_type == devicematch['icmp-type'][0]:
if self.icmptype == devicematch['icmp-type'][0]:
found = found and True
logger.info('Found a matching icmp type')
else:
......@@ -201,9 +189,9 @@ class Route(models.Model):
except:
pass
try:
assert(routematch.matchprotocol.protocol)
assert(self.protocol)
assert(devicematch['protocol'][0])
if routematch.matchprotocol.protocol == devicematch['protocol'][0]:
if self.protocol == devicematch['protocol'][0]:
found = found and True
logger.info('Found a matching protocol')
else:
......@@ -217,10 +205,9 @@ class Route(models.Model):
return found
def get_then(self):
ret = ''
then_statements = self.then.thenaction.all()
then_statements = self.then.all()
for statement in then_statements:
if statement.action_value:
ret = "%s %s:<strong>%s</strong><br/>" %(ret, statement.action, statement.action_value)
......@@ -230,37 +217,36 @@ class Route(models.Model):
get_then.short_description = 'Then statement'
get_then.allow_tags = True
#
def get_match(self):
ret = ''
match = self.match
if match.matchDestination:
ret = ret = '%s Destination Address:<strong>%s</strong><br/>' %(ret, match.matchDestination)
if match.matchfragmenttype:
ret = ret = "%s Fragment Type:<strong>%s</strong><br/>" %(ret, match.matchfragmenttype)
if match.matchicmpcode:
ret = ret = "%s ICMP code:<strong>%s</strong><br/>" %(ret, match.matchicmpcode)
if match.matchicmptype:
ret = ret = "%s ICMP Type:<strong>%s</strong><br/>" %(ret, match.matchicmptype)
if match.matchpacketlength:
ret = ret = "%s Packet Length:<strong>%s</strong><br/>" %(ret, match.matchpacketlength)
if match.matchprotocol:
ret = ret = "%s Protocol:<strong>%s</strong><br/>" %(ret, match.matchprotocol)
if match.matchSource:
ret = ret = "%s Source Address:<strong>%s</strong><br/>" %(ret, match.matchSource)
if match.matchTcpFlag:
ret = ret = "%s TCP flag:<strong>%s</strong><br/>" %(ret, match.matchTcpFlag)
if match.matchport:
for port in match.matchport.all():
if self.destination:
ret = ret = '%s Destination Address:<strong>%s</strong><br/>' %(ret, self.destination)
if self.fragmenttype:
ret = ret = "%s Fragment Type:<strong>%s</strong><br/>" %(ret, self.fragmenttype)
if self.icmpcode:
ret = ret = "%s ICMP code:<strong>%s</strong><br/>" %(ret, self.icmpcode)
if self.icmptype:
ret = ret = "%s ICMP Type:<strong>%s</strong><br/>" %(ret, self.icmptype)
if self.packetlength:
ret = ret = "%s Packet Length:<strong>%s</strong><br/>" %(ret, self.packetlength)
if self.protocol:
ret = ret = "%s Protocol:<strong>%s</strong><br/>" %(ret, self.protocol)
if self.source:
ret = ret = "%s Source Address:<strong>%s</strong><br/>" %(ret, self.source)
if self.tcpflag:
ret = ret = "%s TCP flag:<strong>%s</strong><br/>" %(ret, self.tcpflag)
if self.port:
for port in self.port.all():
ret = "%s Port:<strong>%s</strong><br/>" %(ret, port)
if match.matchDestinationPort:
for port in match.matchDestinationPort.all():
if self.destinationport:
for port in self.destinationport.all():
ret = "%s Port:<strong>%s</strong><br/>" %(ret, port)
if match.matchSourcePort:
for port in match.matchSourcePort.all():
if self.sourceport:
for port in self.sourceport.all():
ret = "%s Port:<strong>%s</strong><br/>" %(ret, port)
if match.matchdscp:
for dscp in match.matchdscp.all():
if self.dscp:
for dscp in self.dscp.all():
ret = "%s Port:<strong>%s</strong><br/>" %(ret, dscp)
return ret.rstrip('<br/>')
......
flowspec_dev.db 0 → 100644
+ 0
0
View file @ b10e01d6
File added
utils/proxy.py
+ 39
29
View file @ b10e01d6
......@@ -66,35 +66,45 @@ class Applier(object):
flow.routes.append(route)
device.routing_options.append(flow)
route.name = route_obj.name
match = route_obj.match
if match.matchSource:
route.match['source'].append(match.matchSource.address)
if match.matchDestination:
route.match['destination'].append(match.matchDestination.address)
if match.matchprotocol:
route.match['protocol'].append(match.matchprotocol.protocol)
if match.matchport:
for port in match.matchport.all():
route.match['port'].append(port.port)
if match.matchDestinationPort:
for port in match.matchDestinationPort.all():
route.match['destination-port'].append(port.port)
if match.matchSourcePort:
for port in match.matchSourcePort.all():
route.match['source-port'].append(port.port)
if match.matchicmpcode:
route.match['icmp-code'].append(match.matchicmpcode.icmp_code)
if match.matchicmptype:
route.match['icmp-type'].append(match.matchicmptype.icmp_type)
if match.matchTcpFlag:
route.match['tcp-flags'].append(match.matchTcpFlag.tcp_flags)
if match.matchdscp:
for dscp in match.matchdscp.all():
route.match['dscp'].append(dscp.dscp)
if match.matchfragmenttype:
route.match['fragment'].append(match.matchfragmenttype.fragmenttype)
then = route_obj.then
for thenaction in then.thenaction.all():
if route_obj.source:
route.match['source'].append(route_obj.source)
if route_obj.destination:
route.match['destination'].append(route_obj.destination)
if route_obj.protocol:
route.match['protocol'].append(route_obj.protocol)
try:
if route_obj.port:
for port in route_obj.port.all():
route.match['port'].append(port.port)
except:
pass
try:
if route_obj.destinationport:
for port in route_obj.destinationport.all():
route.match['destination-port'].append(port.port)
except:
pass
try:
if route_obj.sourceport:
for port in route_obj.sourceport.all():
route.match['source-port'].append(port.port)
except:
pass
if route_obj.icmpcode:
route.match['icmp-code'].append(route_obj.icmpcode)
if route_obj.icmptype:
route.match['icmp-type'].append(route_obj.icmptype)
if route_obj.tcpflag:
route.match['tcp-flags'].append(route_obj.tcpflag)
try:
if route_obj.dscp:
for dscp in route_obj.dscp.all():
route.match['dscp'].append(dscp.dscp)
except:
pass
if route_obj.fragmenttype:
route.match['fragment'].append(route_obj.fragmenttype)
for thenaction in route_obj.then.all():
if thenaction.action_value:
route.then[thenaction.action] = thenaction.action_value
else:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment