我正在使用用python编写的Ryu open flow controller开关来监视我的虚拟mininet中的数据包。我有3台主机,正在阻止从host2到host3和从host3到host2的传输。其他数据包被添加到交换流表中。 我的问题是,在添加流之后,如果它们是在交换机流表中有规则的两个主机之间的数据包,则不会触发我的事件。 例如,如果交换机看到从host1到host2的数据包,则该数据包是合法的,因此该流将被添加到表中,但如果从host1到host2的另一个数据包被发送,则它将不再通过该方法。我查看了Ryu指南,但是没有找到任何关于这个案例的信息,因为一个流已经被添加到交换流表中。 我怎样才能拿到包裹?
提前谢谢。
这是我的代码:
import logging
import struct
from ryu.base import app_manager
from ryu.controller import mac_to_port
from ryu.controller import ofp_event
from ryu.controller.handler import MAIN_DISPATCHER
from ryu.controller.handler import set_ev_cls
from ryu.ofproto import ofproto_v1_0
from ryu.lib.mac import haddr_to_str
class SimpleSwitch(app_manager.RyuApp):
OFP_VERSIONS = [ofproto_v1_0.OFP_VERSION]
counterTraffic=0
def __init__(self, *args, **kwargs):
super(SimpleSwitch, self).__init__(*args, **kwargs)
self.mac_to_port = {}
def add_flow(self, datapath, in_port, dst, actions):
ofproto = datapath.ofproto
wildcards = ofproto_v1_0.OFPFW_ALL
wildcards &= ~ofproto_v1_0.OFPFW_IN_PORT
wildcards &= ~ofproto_v1_0.OFPFW_DL_DST
match = datapath.ofproto_parser.OFPMatch(
wildcards, in_port, 0, dst,
0, 0, 0, 0, 0, 0, 0, 0, 0)
mod = datapath.ofproto_parser.OFPFlowMod(
datapath=datapath, match=match, cookie=0,
command=ofproto.OFPFC_ADD, idle_timeout=0, hard_timeout=0,
priority=ofproto.OFP_DEFAULT_PRIORITY,
flags=ofproto.OFPFF_SEND_FLOW_REM, actions=actions)
datapath.send_msg(mod)
@set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER)
def _packet_in_handler(self, ev):
print("Im in main function")
msg = ev.msg
datapath = msg.datapath
ofproto = datapath.ofproto
dst, src, _eth_type = struct.unpack_from('!6s6sH', buffer(msg.data), 0)
dpid = datapath.id
self.mac_to_port.setdefault(dpid, {})
self.logger.info("packet in %s %s %s %s",
dpid, haddr_to_str(src), haddr_to_str(dst),
msg.in_port)
if (haddr_to_str(dst) == "00:00:00:00:00:01"):
print "dst"
self.counterTraffic +=1
if not ((haddr_to_str(src) == "00:00:00:00:00:02" and haddr_to_str(dst) =="00:00:00:00:00:03")or (haddr_to_str(src) == "00:00:00:00:00:03" and haddr_to_str(dst) =="00:00:00:00:00:02")):
# learn a mac address to avoid FLOOD next time.
print("after condition")
self.mac_to_port[dpid][src] = msg.in_port
if dst in self.mac_to_port[dpid]:
out_port = self.mac_to_port[dpid][dst]
else:
out_port = ofproto.OFPP_FLOOD
actions = [datapath.ofproto_parser.OFPActionOutput(out_port)]
# install a flow to avoid packet_in next time
if out_port != ofproto.OFPP_FLOOD:
self.add_flow(datapath, msg.in_port, dst, actions)
out = datapath.ofproto_parser.OFPPacketOut(
datapath=datapath, buffer_id=msg.buffer_id, in_port=msg.in_port,
actions=actions)
datapath.send_msg(out)
if (haddr_to_str(src) == "00:00:00:00:00:01"):
print "src"
self.counterTraffic +=1
print(self.counterTraffic)
@set_ev_cls(ofp_event.EventOFPPortStatus, MAIN_DISPATCHER)
def _port_status_handler(self, ev):
msg = ev.msg
reason = msg.reason
port_no = msg.desc.port_no
ofproto = msg.datapath.ofproto
if reason == ofproto.OFPPR_ADD:
self.logger.info("port added %s", port_no)
elif reason == ofproto.OFPPR_DELETE:
self.logger.info("port deleted %s", port_no)
elif reason == ofproto.OFPPR_MODIFY:
self.logger.info("port modified %s", port_no)
else:
self.logger.info("Illeagal port state %s %s", port_no, reason)
简而言之,你正在正确解码目标mac地址。。。然而,IP必须ARP来解析mac地址,这就是为什么您看到
ff:ff:ff:ff:ff:ff
。。。这些只是ryu controller中的ARP帧。我建立了一个完整的控制器,解码到下面的IPv4层。。。
更新的ryu交换包解码器
您已经对原始数据包进行了解码,但是使用ryu Packet library比解包原始数据包要容易得多。这是我对
_packet_in_handler()
的快速替换,它只输出源和目标mac地址,以及上层协议。。。现在,无论何时发送以太网数据包,您都会在mininet会话中看到这一点。。。
ARP包看起来像这样。。。
演示
假设我将上面修改过的代码(包括源代码的其他部分)保存为
ne_question.py
。ff:ff:ff:ff:ff:ff
。顺便说一句,如果您将wget
更改为h2 wget h1
,则一切正常。。。相关问题 更多 >
编程相关推荐