--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/scratch/netfilter-exerciseHooks.cc Fri Jul 27 21:20:50 2012 +0200
@@ -0,0 +1,187 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/*
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation;
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include "ns3/core-module.h"
+#include "ns3/network-module.h"
+#include "ns3/internet-module.h"
+#include "ns3/point-to-point-module.h"
+#include "ns3/applications-module.h"
+#include "ns3/ipv4-netfilter-hook.h"
+#include "ns3/callback.h"
+#include "ns3/ipv4-l3-protocol.h"
+#include <fstream>
+#include <string>
+
+using namespace ns3;
+using std::string;
+
+NS_LOG_COMPONENT_DEFINE ("NetfilterExerciseHooks");
+
+string whichHook(Hooks_t hook) {
+ string returnValue = "---";
+ switch (hook)
+ {
+ case NF_INET_PRE_ROUTING:
+ returnValue= "NF_INET_PRE_ROUTING";
+ break;
+ case NF_INET_LOCAL_IN:
+ returnValue= "NF_INET_LOCAL_IN";
+ break;
+ case NF_INET_FORWARD:
+ returnValue= "NF_INET_FORWARD";
+ break;
+ case NF_INET_LOCAL_OUT:
+ returnValue= "NF_INET_LOCAL_OUT";
+ break;
+ case NF_INET_POST_ROUTING:
+ returnValue= "NF_INET_POST_ROUTING";
+ break;
+ default:
+ NS_LOG_UNCOND("UNEXPECTED Drop value");
+ break;
+ }
+ return returnValue;
+}
+
+
+Verdicts_t
+HookProcessing(Hooks_t hook, Ptr<Packet> packet, Ptr<NetDevice> in,
+ Ptr<NetDevice> out, ContinueCallback& ccb)
+{
+ string whichHooCalled = whichHook(hook);
+ NS_LOG_UNCOND("**********Process " + whichHooCalled + " Hook***********");
+ packet->Print (std::cout);
+ std::cout << std::endl;
+
+// There is a problem that happens when we remove and add a header on the first node beginning
+
+ Ipv4Header ipHeader;
+
+ packet->RemoveHeader (ipHeader);
+ std::cout << ipHeader.GetProtocol();
+ // even if you do not change the header, just adding and removing is enough to
+ // break the packet for the next node
+// ipHeader.SetTtl(ipHeader.GetTtl()>>1);
+ packet->AddHeader (ipHeader);
+ std::cout << ipHeader.GetProtocol();
+
+ packet->Print (std::cout);
+ std::cout << std::endl;
+
+ return NF_ACCEPT;
+}
+
+int
+main (int argc, char *argv[])
+{
+ LogComponentEnable ("UdpEchoClientApplication", LOG_LEVEL_INFO);
+ LogComponentEnable ("UdpEchoServerApplication", LOG_LEVEL_INFO);
+
+ uint16_t port = 9;
+
+ // Desired topology: n0 <----> n1 <-----> n2
+ // n0 and n1 in first container, n1 and n2 in second
+
+ NodeContainer first;
+ first.Create (2);
+
+ NodeContainer second;
+ second.Add ( first.Get (1) );
+ second.Create (1);
+
+
+ PointToPointHelper pointToPoint;
+ pointToPoint.SetDeviceAttribute ("DataRate", StringValue ("5Mbps"));
+ pointToPoint.SetChannelAttribute ("Delay", StringValue ("2ms"));
+
+ NetDeviceContainer devices1;
+ devices1 = pointToPoint.Install (first);
+
+ NetDeviceContainer devices2;
+ devices2 = pointToPoint.Install (second);
+
+ InternetStackHelper stack;
+ stack.Install (first);
+ stack.Install (second.Get (1));
+
+ Ipv4AddressHelper address1;
+ address1.SetBase ("192.168.1.0", "255.255.255.0");
+
+ Ipv4AddressHelper address2;
+ address2.SetBase ("10.1.1.0", "255.255.255.0");
+
+ Ipv4InterfaceContainer firstInterfaces = address1.Assign (devices1);
+ Ipv4InterfaceContainer secondInterfaces = address2.Assign (devices2);
+
+
+ //Hook Registering on Node 1
+ Ptr<Ipv4> ipv4=first.Get (0)->GetObject<Ipv4> ();
+ Ptr<Ipv4L3Protocol> ipv4L3 = DynamicCast <Ipv4L3Protocol>(first.Get (0)->GetObject<Ipv4> ());
+ Ptr <Ipv4Netfilter> netfilter = ipv4L3->GetNetfilter ();
+
+ ns3::PacketMetadata::Enable ();
+
+ NetfilterHookCallback nodehook = MakeCallback (&HookProcessing);
+
+ // Register hooks
+
+ Ipv4NetfilterHook nfh1 = Ipv4NetfilterHook (1, NF_INET_PRE_ROUTING, NF_IP_PRI_FIRST , nodehook);
+ netfilter->RegisterHook (nfh1);
+ Ipv4NetfilterHook nfh2 = Ipv4NetfilterHook (1, NF_INET_LOCAL_IN, NF_IP_PRI_FIRST , nodehook);
+ netfilter->RegisterHook (nfh2);
+
+ Ipv4NetfilterHook nfh4 = Ipv4NetfilterHook (1, NF_INET_LOCAL_OUT, NF_IP_PRI_FIRST , nodehook);
+ netfilter->RegisterHook (nfh4);
+ Ipv4NetfilterHook nfh5 = Ipv4NetfilterHook (1, NF_INET_POST_ROUTING, NF_IP_PRI_FIRST , nodehook);
+ netfilter->RegisterHook (nfh5);
+
+ Ipv4NetfilterHook nfh3 = Ipv4NetfilterHook (1, NF_INET_FORWARD, NF_IP_PRI_FIRST , nodehook);
+ // netfilter->RegisterHook (nfh3);
+
+ ipv4L3 = DynamicCast <Ipv4L3Protocol>(first.Get (1)->GetObject<Ipv4> ());
+ netfilter = ipv4L3->GetNetfilter ();
+ netfilter->RegisterHook (nfh3);
+
+ UdpEchoServerHelper echoServer (port);
+
+ ApplicationContainer serverApps = echoServer.Install (second.Get (1));
+ serverApps.Start (Seconds (1.0));
+ serverApps.Stop (Seconds (15.0));
+
+ UdpEchoClientHelper echoClient (secondInterfaces.GetAddress (1), port);
+ echoClient.SetAttribute ("MaxPackets", UintegerValue (11));
+ echoClient.SetAttribute ("Interval", TimeValue (Seconds (1.)));
+ echoClient.SetAttribute ("PacketSize", UintegerValue (512));
+
+ ApplicationContainer clientApps = echoClient.Install (first.Get (0));
+ clientApps.Start (Seconds (2.0));
+ clientApps.Stop (Seconds (15.0));
+
+ Ipv4GlobalRoutingHelper::PopulateRoutingTables ();
+
+ pointToPoint.EnablePcapAll ("netfilter_drop", false);
+
+// AsciiTraceHelper ascii;
+// pointToPoint.EnableAsciiAll (ascii.CreateFileStream ("test_trace_netfilter.tr"));
+//
+// first.Get (1)->GetObject<Ipv4> ()-> TraceConnectWithoutContext ("Drop", MakeCallback(&DropTrace));
+
+ Simulator::Run ();
+ Simulator::Destroy ();
+ return 0;
+}
+
+
--- a/src/internet/test/ipv4-netfilter-test.cc Tue Jul 17 15:55:53 2012 +0200
+++ b/src/internet/test/ipv4-netfilter-test.cc Fri Jul 27 21:20:50 2012 +0200
@@ -17,58 +17,165 @@
// An essential include is test.h
#include "ns3/test.h"
// Include any headers files needed for testing your module
+#include "ns3/callback.h"
+#include "ns3/core-module.h"
+#include "ns3/network-module.h"
+#include "ns3/internet-module.h"
+#include "ns3/point-to-point-module.h"
+#include "ns3/applications-module.h"
#include "ns3/ipv4.h"
+#include "ns3/ipv4-l3-protocol.h"
+#include "ns3/ipv4-netfilter-hook.h"
+
+#include <fstream>
+#include <string>
// Do not put your test classes in namespace ns3. You may find it useful
// to use the using directive to access the ns3 namespace directly
using namespace ns3;
-class Ipv4NetfilterTestCase1 : public TestCase
-{
+class Ipv4NetfilterRemovePacket: public TestCase {
public:
- Ipv4NetfilterTestCase1 ();
- virtual ~Ipv4NetfilterTestCase1 ();
+ Ipv4NetfilterRemovePacket();
+ virtual ~Ipv4NetfilterRemovePacket();
private:
- virtual void DoRun (void);
+ virtual void DoRun(void);
+ virtual Verdicts_t Hook1(Hooks_t hook, Ptr<Packet> packet,
+ Ptr<NetDevice> in, Ptr<NetDevice> out, ContinueCallback& ccb);
+
};
+class Ipv4NetfilterTestSuite: public TestSuite {
+public:
+ NodeContainer first;
+ NodeContainer second;
+ PointToPointHelper pointToPoint;
+ NetDeviceContainer devices1;
+ NetDeviceContainer devices2;
+ Ipv4AddressHelper address1;
+ Ipv4AddressHelper address2;
+ Ipv4NetfilterTestSuite();
+ virtual void SetUpSim();
+};
+
+Verdicts_t Ipv4NetfilterRemovePacket::Hook1(Hooks_t hook, Ptr<Packet> packet,
+ Ptr<NetDevice> in, Ptr<NetDevice> out, ContinueCallback& ccb) {
+ std::cout << "Hook1";
+ return NF_DROP;
+}
+
// Add some help text to this case to describe what it is intended to test
-Ipv4NetfilterTestCase1::Ipv4NetfilterTestCase1 ()
- : TestCase ("Ipv4Netfilter test case (does nothing)")
-{
+Ipv4NetfilterRemovePacket::Ipv4NetfilterRemovePacket() :
+ TestCase("Ipv4Netfilter test case (does nothing)") {
+
}
// This destructor does nothing but we include it as a reminder that
// the test case should clean up after itself
-Ipv4NetfilterTestCase1::~Ipv4NetfilterTestCase1 ()
-{
+Ipv4NetfilterRemovePacket::~Ipv4NetfilterRemovePacket() {
+ std::cout << "~Ipv4NetfilterRemovePacket";
}
//
// This method is the pure virtual method from class TestCase that every
// TestCase must implement
//
-void
-Ipv4NetfilterTestCase1::DoRun (void)
-{
- // A wide variety of test macros are available in src/core/test.h
- NS_TEST_ASSERT_MSG_EQ (true, true, "true doesn't equal true for some reason");
- // Use this one for floating point comparisons
- NS_TEST_ASSERT_MSG_EQ_TOL (0.01, 0.01, 0.001, "Numbers are not equal within tolerance");
+void Ipv4NetfilterRemovePacket::DoRun(void) {
+ std::cout << "DoRun";
+ Ipv4NetfilterTestSuite testSuite;
+ // sets up the environment
+ testSuite.SetUpSim();
+ std::cout << "Ipv4NetfilterRemovePacket ";
+
+// Todo: see why Hook1 does not match the MakeCallback
+
+// NetfilterHookCallback nodehook = MakeCallback(&Hook1);
+// Ipv4NetfilterHook nfh_pre = Ipv4NetfilterHook(1, NF_INET_PRE_ROUTING,
+// NF_IP_PRI_FILTER, nodehook);
+// Ipv4NetfilterHook nfh_fwd = Ipv4NetfilterHook(1, NF_INET_FORWARD,
+// NF_IP_PRI_FILTER, nodehook);
+// Ipv4NetfilterHook nfh_post = Ipv4NetfilterHook(1, NF_INET_POST_ROUTING,
+// NF_IP_PRI_FILTER, nodehook);
+// Ipv4NetfilterHook nfh_li = Ipv4NetfilterHook(1, NF_INET_LOCAL_IN,
+// NF_IP_PRI_FILTER, nodehook);
+// Ipv4NetfilterHook nfh_lo = Ipv4NetfilterHook(1, NF_INET_LOCAL_OUT,
+// NF_IP_PRI_FILTER, nodehook);
+//
+// //Hook Registering on Node 0
+// Ptr<Ipv4> ipv4 = testSuite.first.Get(0)->GetObject<Ipv4> ();
+// Ptr<Ipv4Netfilter> netfilter = ipv4->GetNetfilter();
+// NS_ASSERT (netfilter);
+//
+// netfilter->RegisterHook(nfh_pre);
+// netfilter->RegisterHook(nfh_post);
+// netfilter->RegisterHook(nfh_li);
+// netfilter->RegisterHook(nfh_lo);
+
+ Simulator::Run();
+ Simulator::Destroy();
+
+ // NS_TEST_ASSERT_MSG_EQ (server.GetServer ()->GetLost (), 0, "Packets were lost !");
+ // NS_TEST_ASSERT_MSG_EQ (server.GetServer ()->GetReceived (), 8, "Did not receive expected number of packets !");
+
+ // A wide variety of test macros are available in src/core/test.h
+ NS_TEST_ASSERT_MSG_EQ (true, true, "true doesn't equal true for some reason");
+ // Use this one for floating point comparisons
+ NS_TEST_ASSERT_MSG_EQ_TOL (0.01, 0.01, 0.001, "Numbers are not equal within tolerance");
}
-class Ipv4NetfilterTestSuite : public TestSuite
-{
-public:
- Ipv4NetfilterTestSuite ();
-};
-
-Ipv4NetfilterTestSuite::Ipv4NetfilterTestSuite ()
- : TestSuite ("ipv4-netfilter", UNIT)
-{
- AddTestCase (new Ipv4NetfilterTestCase1);
+Ipv4NetfilterTestSuite::Ipv4NetfilterTestSuite() :
+ TestSuite("ipv4-netfilter", UNIT) {
+ std::cout << "Ipv4NetfilterTestSuite";
+ AddTestCase(new Ipv4NetfilterRemovePacket);
}
static Ipv4NetfilterTestSuite ipv4NetfilterTestSuite;
+void Ipv4NetfilterTestSuite::SetUpSim() {
+ std::cout << "Setup";
+ NS_TEST_ASSERT_MSG_EQ (true, true, "Passing setup");
+ uint16_t port = 9;
+
+ first.Create(2);
+
+ second.Add(first.Get(1));
+ second.Create(1);
+
+ pointToPoint.SetDeviceAttribute("DataRate", StringValue("5Mbps"));
+ pointToPoint.SetChannelAttribute("Delay", StringValue("2ms"));
+
+ devices1 = pointToPoint.Install(first);
+
+ devices2 = pointToPoint.Install(second);
+
+ InternetStackHelper stack;
+ stack.Install(first);
+ stack.Install(second.Get(1));
+
+ address1.SetBase("192.168.1.0", "255.255.255.0");
+
+ address2.SetBase("10.1.1.0", "255.255.255.0");
+
+ Ipv4InterfaceContainer firstInterfaces = address1.Assign(devices1);
+ Ipv4InterfaceContainer secondInterfaces = address2.Assign(devices2);
+
+ UdpEchoServerHelper echoServer (port);
+
+ ApplicationContainer serverApps = echoServer.Install(second.Get(1));
+ serverApps.Start(Seconds(1.0));
+ serverApps.Stop(Seconds(10.0));
+
+ UdpEchoClientHelper echoClient(secondInterfaces.GetAddress(1), port);
+ echoClient.SetAttribute("MaxPackets", UintegerValue(1));
+ echoClient.SetAttribute("Interval", TimeValue(Seconds(1.)));
+ echoClient.SetAttribute("PacketSize", UintegerValue(512));
+
+ ApplicationContainer clientApps = echoClient.Install(first.Get(0));
+ clientApps.Start(Seconds(2.0));
+ clientApps.Stop(Seconds(10.0));
+
+ Ipv4GlobalRoutingHelper::PopulateRoutingTables();
+ return;
+}
+