summaryrefslogtreecommitdiffstats
path: root/examples/ip_pipeline/config/network_layers.sh
blob: 449b006910603d99feda9fda667da1f2e7feaaae (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#
# run ./config/network_layers.sh
#

################################################################################
# Link configuration
################################################################################
# Routes added implicitly when links are brought UP:
# IP Prefix = 10.0.0.1/16 => (Port 0, Local)
# IP Prefix = 10.0.0.1/32 => (Port 4, Local)
# IP Prefix = 10.1.0.1/16 => (Port 1, Local)
# IP Prefix = 10.1.0.1/32 => (Port 4, Local)
# IP Prefix = 10.2.0.1/16 => (Port 2, Local)
# IP Prefix = 10.2.0.1/32 => (Port 4, Local)
# IP Prefix = 10.3.0.1/16 => (Port 3, Local)
# IP Prefix = 10.3.0.1/32 => (Port 4, Local)
link 0 down
link 1 down
link 2 down
link 3 down
link 0 config 10.0.0.1 16
link 1 config 10.1.0.1 16
link 2 config 10.2.0.1 16
link 3 config 10.3.0.1 16
link 0 up
link 1 up
link 2 up
link 3 up
#link ls

################################################################################
# Static ARP
################################################################################
p 1 arp add default 5 #SINK3
p 1 arp add 0 10.0.0.2 a0:b0:c0:d0:e0:f0
p 1 arp add 1 10.1.0.2 a1:b1:c1:d1:e1:f1
p 1 arp add 2 10.2.0.2 a2:b2:c2:d2:e2:f2
p 1 arp add 3 10.3.0.2 a3:b3:c3:d3:e3:f3
#p 1 arp ls

################################################################################
# Routes
################################################################################
p 1 route add default 4 #SINK2
p 1 route add 100.0.0.0 16 port 0 ether 10.0.0.2
p 1 route add 100.1.0.0 16 port 1 ether 10.1.0.2
p 1 route add 100.2.0.0 16 port 2 ether 10.2.0.2
p 1 route add 100.3.0.0 16 port 3 ether 10.3.0.2
#p 1 route ls

################################################################################
# Local destination UDP traffic
################################################################################
# Prio = Lowest: [SA = ANY, DA = ANY, SP = ANY, DP = ANY, PROTO = ANY] => Drop
# Prio = 1 (High): [SA = ANY, DA = 10.0.0.1, SP = ANY, DP = 1000, PROTO = UDP] => Allow
# Prio = 1 (High): [SA = ANY, DA = 10.1.0.1, SP = ANY, DP = 1001, PROTO = UDP] => Allow
# Prio = 1 (High): [SA = ANY, DA = 10.2.0.1, SP = ANY, DP = 1002, PROTO = UDP] => Allow
# Prio = 1 (High): [SA = ANY, DA = 10.3.0.1, SP = ANY, DP = 1003, PROTO = UDP] => Allow
p 2 firewall add default 1 #SINK0
p 2 firewall add priority 1 ipv4 0.0.0.0 0 10.0.0.1 32 0 65535 1000 1000 17 0xF port 0
p 2 firewall add priority 1 ipv4 0.0.0.0 0 10.1.0.1 32 0 65535 1001 1001 17 0xF port 0
p 2 firewall add priority 1 ipv4 0.0.0.0 0 10.2.0.1 32 0 65535 1002 1002 17 0xF port 0
p 2 firewall add priority 1 ipv4 0.0.0.0 0 10.3.0.1 32 0 65535 1003 1003 17 0xF port 0
#p 2 firewall ls

################################################################################
# Local destination TCP traffic
################################################################################
# Unknown connection => Drop
# TCP [SA = 100.0.0.10, DA = 10.0.0.1, SP = 1000, DP = 80] => socket ID = 0
# TCP [SA = 100.1.0.10, DA = 10.1.0.1, SP = 1001, DP = 80] => socket ID = 1
# TCP [SA = 100.2.0.10, DA = 10.2.0.1, SP = 1002, DP = 80] => socket ID = 2
# TCP [SA = 100.3.0.10, DA = 10.3.0.1, SP = 1003, DP = 80] => socket ID = 3
p 3 flow add default 1 #SINK1
p 3 flow add ipv4 100.0.0.10 10.0.0.1 1000 80 6 port 0 id 0
p 3 flow add ipv4 100.1.0.10 10.1.0.1 1001 80 6 port 0 id 1
p 3 flow add ipv4 100.2.0.10 10.2.0.1 1002 80 6 port 0 id 2
p 3 flow add ipv4 100.3.0.10 10.3.0.1 1003 80 6 port 0 id 3
#p 3 flow ls