Beispiel #1
0
void init_ethernet_mac(uint32_t iface_num)
{
    UHD_FW_TRACE_FSTR(INFO, "Initializing eth%d...", iface_num);

    //Get interface info from the EEPROM (or defaults otherwise)
    const n230_eth_eeprom_map_t* eth_eeprom_map = get_n230_ethernet_info(iface_num);
    const eth_mac_addr_t *my_mac = (const eth_mac_addr_t *) &(eth_eeprom_map->mac_addr);
    const struct ip_addr *my_ip  = (const struct ip_addr *) &(eth_eeprom_map->ip_addr);
    const struct ip_addr *subnet = (const struct ip_addr *) &(eth_eeprom_map->subnet);

    //Init software fields related to ethernet
    u3_net_stack_init_eth(iface_num, my_mac, my_ip, subnet);

    uint32_t dispatcher_base =
        ((iface_num == 1) ? SR_ZPU_ETHINT1 : SR_ZPU_ETHINT0) + SR_ZPU_ETHINT_DISPATCHER_BASE;

    //Program dispatcher
    wb_poke32(SR_ADDR(WB_SBRB_BASE, dispatcher_base + 0),
          (my_mac->addr[5] << 0) | (my_mac->addr[4] << 8) | (my_mac->addr[3] << 16) | (my_mac->addr[2] << 24));
    wb_poke32(SR_ADDR(WB_SBRB_BASE, dispatcher_base + 1), (my_mac->addr[1] << 0) | (my_mac->addr[0] << 8));
    wb_poke32(SR_ADDR(WB_SBRB_BASE, dispatcher_base + 2), my_ip->addr);
    wb_poke32(SR_ADDR(WB_SBRB_BASE, dispatcher_base + 4), 0/*nofwd*/);
    wb_poke32(SR_ADDR(WB_SBRB_BASE, dispatcher_base + 5), (ICMP_IRQ << 8) | 0); //no fwd: type, code

    //DEBUG: Print initialized info
    UHD_FW_TRACE_FSTR(INFO, "-- MAC%u:     %s", iface_num, mac_addr_to_str(u3_net_stack_get_mac_addr(iface_num)));
    UHD_FW_TRACE_FSTR(INFO, "-- IP%u:      %s", iface_num, ip_addr_to_str(u3_net_stack_get_ip_addr(iface_num)));
    UHD_FW_TRACE_FSTR(INFO, "-- SUBNET%u:  %s", iface_num, ip_addr_to_str(u3_net_stack_get_subnet(iface_num)));
    UHD_FW_TRACE_FSTR(INFO, "-- BCAST%u:   %s", iface_num, ip_addr_to_str(u3_net_stack_get_bcast(iface_num)));
}
Beispiel #2
0
void fill_pfx_table(struct pfx_table* pfxt){
    FILE* df = fopen("pfx_records.txt", "r");
    if(df == NULL){
        fprintf(stderr, "cant open pfx_records.txt");
        exit(EXIT_FAILURE);
    }
    char ip[256];
    unsigned int pref_len;
    unsigned int asn;
    unsigned int count = 0;
    struct pfx_record rec;
    while (fscanf(df, "%s %u %u", ip, &pref_len, &asn) != EOF){
        rec.max_len = pref_len;
        rec.min_len = pref_len;
        rec.asn = asn;
        printf("%u: IP: %s/%u %u\n", count, ip, pref_len, asn);
        enum ip_version ver;
        if (strchr("ip", ':') == NULL)
            ver = IPV6;
        else
            ver = IPV4;
        if(ip_str_to_addr(ip, &(rec.prefix)) == -1){
            fprintf(stderr, "ip_str_to_addr_error\n");
            exit(EXIT_FAILURE);
        }
        if(pfx_table_add(pfxt, &rec) == PFX_ERROR){
            fprintf(stderr, "pfx_table_add error\n");
            exit(EXIT_FAILURE);
        }
        char tmp[100];
        ip_addr_to_str(&(rec.prefix), tmp, sizeof(tmp));
        //printf("IP: %s/%u-%u %u\n", t, rec.min_len, rec.max_len,rec.asn);

        enum pfxv_state state;
        pfx_table_validate(pfxt, rec.asn, &(rec.prefix), rec.min_len, &state);
       if(state != BGP_PFXV_STATE_VALID){
           printf("Error added pfx_record couldnt be validated as valid\n");
           exit(EXIT_FAILURE);
       }
        count++;
    }
    printf("added %u records to the pfx_table\n", count);
    fclose(df);
}
Beispiel #3
0
int main()
{
    signal(SIGINT, &sig_handler);

    struct tr_tcp_config tcp_config = {
        "rpki.realmv6.org",          //IP
        "42420"                      //Port
    };
    struct tr_socket tr_tcp;
    tr_tcp_init(&tcp_config, &tr_tcp);
    struct rtr_socket rtr_tcp;
    rtr_tcp.tr_socket = &tr_tcp;

    struct tr_tcp_config tcp1_config = {
        "rpki.realmv6.org",          //IP
        "8282"                      //Port
    };
    struct tr_socket tr_tcp1;
    tr_tcp_init(&tcp1_config, &tr_tcp1);
    struct rtr_socket rtr_tcp1;
    rtr_tcp1.tr_socket = &tr_tcp1;

    struct rtr_mgr_group groups[2];
    groups[0].sockets_len = 1;
    groups[0].sockets = malloc(1 * sizeof(struct rtr_socket*));
    groups[0].sockets[0] = &rtr_tcp;
    groups[0].preference = 1;
    groups[1].sockets_len = 1;
    groups[1].sockets = malloc(1 * sizeof(struct rtr_socket*));
    groups[1].sockets[0] = &rtr_tcp1;
    groups[1].preference = 2;

    struct rtr_mgr_config conf;
    conf.groups = groups;
    conf.len = 2;

    rtr_mgr_init(groups, 2, 60, 60, NULL, NULL, NULL, NULL);
    rtr_mgr_start(&conf);

    //fill_pfx_table(groups[1].sockets[0]->pfx_table);
    while(!rtr_mgr_conf_in_sync(&conf)){
        sleep(1);
    }


    unsigned int asn;
    char prefix[256] = "";
    unsigned int prefix_len;
    struct ip_addr ip_addr;
    enum pfxv_state state;
    char tmp[100];
    time_t t = time(NULL);
    struct tm* tm = localtime(&t);
    strftime(tmp, sizeof(tmp), "log/prefixes-%F", tm);
    strcat(tmp, ".log");
    int day = tm->tm_mday;
    pref_f = fopen(tmp, "w");
    if(pref_f == NULL){
        printf("can't open %s\n", tmp);
        exit(EXIT_FAILURE);
    }
    fprintf(pref_f, "#CLOCK DATE;ANNOUNCED_PREFIX PREF_LEN ASN;AS_PATH_ELEM{,AS_PATH_ELEM};ROA_ASN ROA_PREFIX/ROA_MIN_LEN-ROA_MAX_LEN {,ROA_ASN ROA_PREFIX/ROA_MIN_LEN-ROA_MAX_LEN };VAL_STATE");

    strftime(tmp, sizeof(tmp), "log/benchmark-%F", tm);
    strcat(tmp, ".log");
    bench_f = fopen(tmp, "w");
    if(bench_f == NULL){
        printf("can't open %s\n", tmp);
        exit(EXIT_FAILURE);
    }

    //purge stdin buffer
    __fpurge(stdin);

    pthread_t thrd_id;
    pthread_create(&thrd_id, NULL, &log_thr, NULL);


    printf("Benchmark started\n");
    char as_path[1024];

    struct pfx_record* reason = NULL;
    unsigned int reason_len = 0;

    while(true){
        read_announcement(&asn, prefix, &prefix_len, as_path);
        strftime(tmp, sizeof(tmp), "%R:%S %F", tm);
        if(ip_str_to_addr(prefix, &ip_addr) == -1){ fprintf(stderr, "ERROR STR TO IPADDR\n");
            exit(EXIT_FAILURE);
        }
        if(pfx_table_validate_r(conf.groups[0].sockets[0]->pfx_table, &reason, &reason_len, asn, &ip_addr, prefix_len, &state) == -1){
            fprintf(stderr, "VALIDATE ERROR\n");
            exit(EXIT_FAILURE);
        }
        if(fprintf(pref_f, "%s;%s %u %u;%s;", tmp, prefix, prefix_len, asn, as_path) < 0)
            perror("printf error");

        if(reason != NULL && reason_len > 0){
            for(unsigned int i = 0; i < reason_len; i++){
                ip_addr_to_str(&(reason[i].prefix), tmp, sizeof(tmp));
                fprintf(pref_f, "%u %s/%u-%u", reason[i].asn, tmp, reason[i].min_len, reason[i].max_len);
                if((i+1) < reason_len)
                    fprintf(pref_f, ",");

            }
            fprintf(pref_f, ";");
        }
        if(state == BGP_PFXV_STATE_VALID){
            pthread_mutex_lock(&mutex);
            valid_state++;
            pthread_mutex_unlock(&mutex);
            if (fprintf(pref_f, "VALID\n") < 0 )
                perror("printf error");
        }
        else if (state == BGP_PFXV_STATE_INVALID){
            pthread_mutex_lock(&mutex);
            invalid_state++;
            pthread_mutex_unlock(&mutex);
            if (fprintf(pref_f, "INVALID\n") < 0)
                perror("printf error");
        }
        else if (state == BGP_PFXV_STATE_NOT_FOUND){
            pthread_mutex_lock(&mutex);
            not_found_state++;
            pthread_mutex_unlock(&mutex);
            if (fprintf(pref_f, "NOT_FOUND\n") < 0)
                perror("printf error");
        }

        //tagwechsel
        //
        t = time(NULL);
        if(t == ((time_t) -1)){
            perror("time returned error value");
            exit(EXIT_FAILURE);
        }
        struct tm* tm = localtime(&t);
        tm = localtime(&t);
        if(tm == NULL){
            perror("localtime error");
            exit(EXIT_FAILURE);
        }
        if(tm->tm_mday != day){
            day = tm->tm_mday;
            fclose(bench_f);
            fclose(pref_f);
            strftime(tmp, sizeof(tmp), "log/prefixes-%F", tm);
            strcat(tmp, ".log");
            pref_f = fopen(tmp, "w");
            if(pref_f == NULL){
                printf("can't open prefixes.log\n");
                exit(EXIT_FAILURE);
            }

            pthread_mutex_lock(&mutex);
            strftime(tmp, sizeof(tmp), "log/benchmark-%F", tm);
            strcat(tmp, ".log");
            bench_f = fopen(tmp, "w");
            pthread_mutex_unlock(&mutex);
        }

    }
    fclose(bench_f);
    fclose(pref_f);
}
Beispiel #4
0
//int validatePrefix(char* ip, int mask, int asn){
int main(int argc, char *argv[]) {
	if(argc<3) {
		printf("Usage: %s [host] [port]\n", argv[0]);
		return 0;
	}
	//create a TCP transport socket
	tr_socket tr_tcp1;
	tr_tcp_config tcp_config1 = { argv[1], //IP, old: "rpki.realmv6.org"
			argv[2] //Port, old: "42420"
			};
	tr_tcp_init(&tcp_config1, &tr_tcp1);

	//create 3 rtr_sockets and associate them with the transprort sockets
	rtr_socket rtr_tcp1;
	rtr_tcp1.tr_socket = &tr_tcp1;

	//create a rtr_mgr_group array with 1 element
	rtr_mgr_group groups[1];
	//The first group contains both TCP RTR sockets
	groups[0].sockets = malloc(1 * sizeof(rtr_socket*));
	groups[0].sockets_len = 1;
	groups[0].sockets[0] = &rtr_tcp1;
	groups[0].preference = 1; //Preference value of this group
	//create a rtr_mgr_config struct that stores the group
	rtr_mgr_config conf;
	conf.groups = groups;
	conf.len = 1; //1 element in the groups array
	//initialize all rtr_sockets in the server pool with the same settings
	rtr_mgr_init(&conf, 240, 520, NULL);
	//start the connection manager
	rtr_mgr_start(&conf);
	//wait till at least one rtr_mgr_group is fully synchronized with the server
	while (!rtr_mgr_conf_in_sync(&conf))
		sleep(1);

	char ip[128];
	int mask;
	int asn;
	int counter;
	int spaces;

	while (1) {
		char input[256];
		int inputLength;

		fgets(input, 256, stdin);
		// Remove newline, if present
		inputLength = strlen(input) - 1;
		if (input[inputLength] == '\n')
			input[inputLength] = '\0';


		// Check if there are exactly 3 arguments
		spaces = 0;
		for (counter = 0; counter < inputLength; counter++) {
			if (input[counter] == ' '
					&& input[counter+1] != ' '
					&& input[counter+1] != '\0'
					&& counter != 0) {
				spaces++;
			}
		}

		if (spaces != 2) {
			//break;
			//printf("Arguments required: IP, Mask, ASN, %d\n", spaces);
			//fflush(stdout);
			printf("Next\n");
			continue;
		}

		char delims[] = " ";
		char *inputToken = NULL;
		inputToken = strtok(input, delims);
		strcpy(ip, inputToken);

		inputToken = strtok(NULL, delims);
		mask = atoi(inputToken);

		inputToken = strtok(NULL, delims);
		asn = atoi(inputToken);

		//validate the BGP-Route ip/mask, origin ASN: asn
		ip_addr pref;
		ip_str_to_addr(ip, &pref);
		pfxv_state result;
		pfx_record* reason = NULL;
		unsigned int reason_len = 0;
		//rtr_mgr_validate(&conf, asn, &pref, mask, &result);
		pfx_table_validate_r(conf.groups[0].sockets[0]->pfx_table, &reason,
				&reason_len, asn, &pref, mask, &result);
		int validityNr = 0;

		if (result == BGP_PFXV_STATE_NOT_FOUND) {
			validityNr = -1;
		} else if (result == BGP_PFXV_STATE_INVALID) {
			validityNr = 0;
		} else if (result == BGP_PFXV_STATE_VALID) {
			validityNr = 1;
		}
		
		// |ValidityNr
		printf("%d|", validityNr);
		
		// IP Mask BGP-ASN|
		printf("%s %d %d", ip, mask, asn);
		
		if(validityNr>=0)
			printf("|");

		// ROA-ASN IP MaskMin MaskMax, ..
		if (reason != NULL && reason_len > 0) {
			unsigned int i;
			for (i = 0; i < reason_len; i++) {
				char tmp[100];
				ip_addr_to_str(&(reason[i].prefix), tmp, sizeof(tmp));
				printf("%u %s %u %u", reason[i].asn, tmp,
						reason[i].min_len, reason[i].max_len);
				if ((i + 1) < reason_len)
					printf(",");
			}
		}

		

		printf("\n");
		fflush(stdout);
	}
	rtr_mgr_stop(&conf);
	rtr_mgr_free(&conf);
	free(groups[0].sockets);
}
Beispiel #5
0
int log_attack(connection_t *conn, sublog_t *slog )
{
        char buf[32];
        char *p_url, *p_host, *p_pkt, *p_cookie, *p_agent;
    	int len, index, n; 	

		if (!conn || !slog) {
			return -1;
		}

	
		alog_t alog;
		memset(&alog,0x00,sizeof(alog_t));
	
		http_t *p_http = &conn->http_ctx;       
 
		alog.time=time(0);
	
		p_host = http_get_str(p_http, HTTP_STR_HOST);
        strncpy(alog.host,p_host,sizeof(alog.host));
        
        p_url = http_get_str(p_http, HTTP_STR_URL);
        //strncpy(alog.url,p_url,sizeof(alog.url));
		_escape_append_str(alog.url, p_url, sizeof(alog.url)-1);
		
		index = http_get_logic(p_http,HTTP_LOGIC_METHOD);
		strncpy(alog.method, method[index], sizeof(alog.method));	

        ip_addr_to_str(&conn->cliaddr, buf, sizeof(buf));
        strncpy(alog.src_ip,buf,sizeof(alog.src_ip));
        
		alog.src_port = conn->cliport;

//		ip_addr_to_str(&g_cfg.httpaddr, buf, sizeof(buf));
  //      strncpy(alog.dst_ip,buf,sizeof(alog.dst_ip));
		
//		log.dst_port =ntohs(_g_svraddr.port);
//      printf("src ip= %s\n",buf);

//      DBGM("host= %s\n",p_host);


        strncpy(alog.id, slog->id, sizeof(slog->id));
        
		strncpy(alog.catalog, slog->catalog,sizeof(slog->catalog));

		p_agent = http_get_str(p_http,HTTP_STR_AGENT);
		n = _escape_append_str(alog.agent, p_agent, sizeof(alog.agent)-1);

		p_cookie = http_get_str(p_http,HTTP_STR_COOKIE);
//		strncpy(alog.cookie, p_cookie, sizeof(alog.cookie)-1);	
		_escape_append_str(alog.cookie, p_cookie, sizeof(alog.cookie));


        p_pkt = get_pkt_buf(conn, &len, 0);
		//printf("len = %d\n",len);
        if (p_pkt) {
			if (len >= sizeof(alog.raw)) {
				len = sizeof(alog.raw) - 1;
			}
			_escape_append_str(alog.raw, p_pkt, len);
        }

	
	proxy_log_lock();
	log_data(&m_db_log, &alog);
	proxy_log_unlock();
	return 0;
}