-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathredirectable-routing-switch.rb
91 lines (79 loc) · 2.85 KB
/
redirectable-routing-switch.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#
# Author: Nick Karanatsios <nickkaranatsios@gmail.com>
#
# Copyright (C) 2008-2011 NEC Corporation
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2, as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
$LOAD_PATH << "../apps_backup/redirectable_routing_switch"
require "trema/router"
require "authenticator"
require "redirector"
require "redirectable-routing-switch-options"
require "authentication-filter"
class RedirectableRoutingSwitch < Trema::Controller
include Router
#
# A redirectable routing switch behaves like any other routing switch
# with an additional authentication and redirection function. Un-authorized
# host packets would be redirected to a pre-defined device. Learned
# authorized packets would be forward to destination as normal.
# After verifying its command line options assigns singleton instances of
# authenticator and redirector classes. It then starts the router waiting and
# responding to events.
#
def start
opts = RedirectableRoutingSwitchOptions.parse( ARGV )
if opts.nil?
shutdown!
exit
end
@authenticator = Authenticator.instance.init( opts.authorized_host_db )
@redirector = Redirector.instance.init
start_router opts
end
#
# Every packet in's mac source address is authenticated against a list of known
# mac addresses. Packets that pass the authentication are either transmitted to
# destination directly via a constructed flow path or flooded on the network.
# Unauthorized packets redirected to a pre-defined device.
#
def packet_in datapath_id, message
return unless validate_in_port datapath_id, message.in_port
return if message.macda.is_multicast?
@fdb.learn message.macsa, message.in_port, datapath_id
puts message.macsa
if !@authenticator.authenticate_mac( message.macsa )
# if the array list is empty call redirect otherwise skip redirection
filtered = AuthenticationFilter.apply( message )
if filtered.length == 0
puts "redirect"
@redirector.redirect datapath_id, message
end
else
if dest = @fdb.lookup( message.macda )
puts "make path"
make_path datapath_id, message, dest
else
puts "flood_packet"
flood_packet datapath_id, message
end
end
end
end
### Local variables:
### mode: Ruby
### coding: utf-8-unix
### indent-tabs-mode: nil
### End: