summaryrefslogtreecommitdiffstats
path: root/vnfs/vFW/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'vnfs/vFW/scripts')
-rw-r--r--vnfs/vFW/scripts/.DS_Storebin0 -> 6148 bytes
-rwxr-xr-xvnfs/vFW/scripts/run_traffic_fw_demo.sh13
-rw-r--r--vnfs/vFW/scripts/v_firewall_init.sh47
-rw-r--r--vnfs/vFW/scripts/v_packetgen_init.sh61
-rw-r--r--vnfs/vFW/scripts/v_sink_init.sh7
-rw-r--r--vnfs/vFW/scripts/vfirewall.sh98
-rw-r--r--vnfs/vFW/scripts/vpacketgen.sh98
-rw-r--r--vnfs/vFW/scripts/vsink.sh98
8 files changed, 422 insertions, 0 deletions
diff --git a/vnfs/vFW/scripts/.DS_Store b/vnfs/vFW/scripts/.DS_Store
new file mode 100644
index 00000000..e97f86f1
--- /dev/null
+++ b/vnfs/vFW/scripts/.DS_Store
Binary files differ
diff --git a/vnfs/vFW/scripts/run_traffic_fw_demo.sh b/vnfs/vFW/scripts/run_traffic_fw_demo.sh
new file mode 100755
index 00000000..b7a356e4
--- /dev/null
+++ b/vnfs/vFW/scripts/run_traffic_fw_demo.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -H "Cache-Control: no-cache" -H "Postman-Token: 9005870c-900b-2e2e-0902-ef2009bb0ff7" -d '{"pg-streams":{"pg-stream": [{"id":"fw_udp1", "is-enabled":"true"},{"id":"fw_udp2", "is-enabled":"true"},{"id":"fw_udp3", "is-enabled":"true"},{"id":"fw_udp4", "is-enabled":"true"},{"id":"fw_udp5", "is-enabled":"true"}]}}' "http://localhost:8183/restconf/config/sample-plugin:sample-plugin/pg-streams"
+
+sleep 300
+
+while [ 1 ]
+do
+curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -H "Cache-Control: no-cache" -H "Postman-Token: 9005870c-900b-2e2e-0902-ef2009bb0ff7" -d '{"pg-streams":{"pg-stream": [{"id":"fw_udp1", "is-enabled":"true"},{"id":"fw_udp2", "is-enabled":"true"},{"id":"fw_udp3", "is-enabled":"true"},{"id":"fw_udp4", "is-enabled":"true"},{"id":"fw_udp5", "is-enabled":"true"},{"id":"fw_udp6", "is-enabled":"true"},{"id":"fw_udp7", "is-enabled":"true"},{"id":"fw_udp8", "is-enabled":"true"},{"id":"fw_udp9", "is-enabled":"true"},{"id":"fw_udp10", "is-enabled":"true"}]}}' "http://localhost:8183/restconf/config/sample-plugin:sample-plugin/pg-streams"
+sleep 300
+curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -H "Cache-Control: no-cache" -H "Postman-Token: 9005870c-900b-2e2e-0902-ef2009bb0ff7" -d '{"pg-streams":{"pg-stream": [{"id":"fw_udp1", "is-enabled":"true"}]}}' "http://localhost:8183/restconf/config/sample-plugin:sample-plugin/pg-streams"
+sleep 300
+done
diff --git a/vnfs/vFW/scripts/v_firewall_init.sh b/vnfs/vFW/scripts/v_firewall_init.sh
new file mode 100644
index 00000000..fe16cef5
--- /dev/null
+++ b/vnfs/vFW/scripts/v_firewall_init.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# Start VPP
+start vpp
+sleep 1
+
+# Configure VPP for vFirewall
+IPADDR1=$(ifconfig eth1 | grep "inet addr" | tr -s ' ' | cut -d' ' -f3 | cut -d':' -f2)
+IPADDR2=$(ifconfig eth2 | grep "inet addr" | tr -s ' ' | cut -d' ' -f3 | cut -d':' -f2)
+HWADDR1=$(ifconfig eth1 | grep HWaddr | tr -s ' ' | cut -d' ' -f5)
+HWADDR2=$(ifconfig eth2 | grep HWaddr | tr -s ' ' | cut -d' ' -f5)
+FAKE_HWADDR1=$(echo -n 00; dd bs=1 count=5 if=/dev/urandom 2>/dev/null | hexdump -v -e '/1 ":%02X"')
+FAKE_HWADDR2=$(echo -n 00; dd bs=1 count=5 if=/dev/urandom 2>/dev/null | hexdump -v -e '/1 ":%02X"')
+
+ifconfig eth1 down
+ifconfig eth2 down
+ifconfig eth1 hw ether $FAKE_HWADDR1
+ifconfig eth2 hw ether $FAKE_HWADDR2
+ip addr flush dev eth1
+ip addr flush dev eth2
+ifconfig eth1 up
+ifconfig eth2 up
+vppctl tap connect tap111 hwaddr $HWADDR1
+vppctl tap connect tap222 hwaddr $HWADDR2
+vppctl set int ip address tap-0 $IPADDR1"/24"
+vppctl set int ip address tap-1 $IPADDR2"/24"
+vppctl set int state tap-0 up
+vppctl set int state tap-1 up
+brctl addbr br0
+brctl addif br0 tap111
+brctl addif br0 eth1
+brctl addbr br1
+brctl addif br1 tap222
+brctl addif br1 eth2
+ifconfig br0 up
+ifconfig br1 up
+sleep 1
+
+# Start HoneyComb
+echo "" > /var/lib/honeycomb/persist/context/data.json
+echo "" > /var/lib/honeycomb/persist/config/data.json
+/opt/honeycomb/sample-distribution-1.0.0/honeycomb &>/dev/null &disown
+sleep 1
+
+# Start VES client
+cd /opt/VES/code/evel_training/VESreporting/
+./go-client.sh &>/dev/null &disown
diff --git a/vnfs/vFW/scripts/v_packetgen_init.sh b/vnfs/vFW/scripts/v_packetgen_init.sh
new file mode 100644
index 00000000..68469663
--- /dev/null
+++ b/vnfs/vFW/scripts/v_packetgen_init.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+# Start VPP
+start vpp
+sleep 1
+
+# Configure VPP for vPacketGenerator
+IPADDR1=$(ifconfig eth1 | grep "inet addr" | tr -s ' ' | cut -d' ' -f3 | cut -d':' -f2)
+HWADDR1=$(ifconfig eth1 | grep HWaddr | tr -s ' ' | cut -d' ' -f5)
+FAKE_HWADDR1=$(echo -n 00; dd bs=1 count=5 if=/dev/urandom 2>/dev/null | hexdump -v -e '/1 ":%02X"')
+PROTECTED_NET_CIDR=$(cat /opt/config/protected_net_cidr.txt)
+FW_IPADDR=$(cat /opt/config/fw_ipaddr.txt)
+SINK_IPADDR=$(cat /opt/config/sink_ipaddr.txt)
+
+ifconfig eth1 down
+ifconfig eth1 hw ether $FAKE_HWADDR1
+ip addr flush dev eth1
+ifconfig eth1 up
+vppctl tap connect tap111 hwaddr $HWADDR1
+vppctl set int ip address tap-0 $IPADDR1"/24"
+vppctl set int state tap-0 up
+brctl addbr br0
+brctl addif br0 tap111
+brctl addif br0 eth1
+ifconfig br0 up
+vppctl ip route add $PROTECTED_NET_CIDR via $FW_IPADDR
+sleep 1
+
+# Install packet streams
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp1
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp2
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp3
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp4
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp5
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp6
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp7
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp8
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp9
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_fw_udp10
+vppctl exec /opt/pg_streams/stream_fw_udp1
+vppctl exec /opt/pg_streams/stream_fw_udp2
+vppctl exec /opt/pg_streams/stream_fw_udp3
+vppctl exec /opt/pg_streams/stream_fw_udp4
+vppctl exec /opt/pg_streams/stream_fw_udp5
+vppctl exec /opt/pg_streams/stream_fw_udp6
+vppctl exec /opt/pg_streams/stream_fw_udp7
+vppctl exec /opt/pg_streams/stream_fw_udp8
+vppctl exec /opt/pg_streams/stream_fw_udp9
+vppctl exec /opt/pg_streams/stream_fw_udp10
+sleep 1
+
+# Start HoneyComb
+echo "" > /var/lib/honeycomb/persist/context/data.json
+echo "" > /var/lib/honeycomb/persist/config/data.json
+/opt/honeycomb/sample-distribution-1.0.0/honeycomb &>/dev/null &disown
+sleep 20
+
+# Enable traffic flows
+cd /opt
+chmod +x run_traffic_fw_demo.sh
+./run_traffic_fw_demo.sh &>/dev/null &disown
diff --git a/vnfs/vFW/scripts/v_sink_init.sh b/vnfs/vFW/scripts/v_sink_init.sh
new file mode 100644
index 00000000..16a67508
--- /dev/null
+++ b/vnfs/vFW/scripts/v_sink_init.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Set the IP address of the protected network interface of the vFirewall as a default gateway to the unprotected network
+PROTECTED_NET_GW=$(cat /opt/config/protected_net_gw.txt)
+UNPROTECTED_NET=$(cat /opt/config/unprotected_net.txt)
+
+route add -net $UNPROTECTED_NET netmask 255.255.255.0 gw $PROTECTED_NET_GW
diff --git a/vnfs/vFW/scripts/vfirewall.sh b/vnfs/vFW/scripts/vfirewall.sh
new file mode 100644
index 00000000..0c57d733
--- /dev/null
+++ b/vnfs/vFW/scripts/vfirewall.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start daemon at boot time
+# Description: Enable service provided by daemon.
+### END INIT INFO
+
+dir="/opt"
+cmd="./v_firewall_init.sh"
+user="root"
+
+name=`basename $0`
+pid_file="/var/run/$name.pid"
+stdout_log="/var/log/$name.log"
+stderr_log="/var/log/$name.err"
+
+get_pid() {
+ cat "$pid_file"
+}
+
+is_running() {
+ [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
+}
+
+case "$1" in
+ start)
+ if is_running; then
+ echo "Already started"
+ else
+ echo "Starting $name"
+ cd "$dir"
+ if [ -z "$user" ]; then
+ sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ else
+ sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ fi
+ echo $! > "$pid_file"
+ if ! is_running; then
+ echo "Unable to start, see $stdout_log and $stderr_log"
+ exit 1
+ fi
+ fi
+ ;;
+ stop)
+ if is_running; then
+ echo -n "Stopping $name.."
+ kill `get_pid`
+ for i in {1..10}
+ do
+ if ! is_running; then
+ break
+ fi
+
+ echo -n "."
+ sleep 1
+ done
+ echo
+
+ if is_running; then
+ echo "Not stopped; may still be shutting down or shutdown may have failed"
+ exit 1
+ else
+ echo "Stopped"
+ if [ -f "$pid_file" ]; then
+ rm "$pid_file"
+ fi
+ fi
+ else
+ echo "Not running"
+ fi
+ ;;
+ restart)
+ $0 stop
+ if is_running; then
+ echo "Unable to stop, will not attempt to start"
+ exit 1
+ fi
+ $0 start
+ ;;
+ status)
+ if is_running; then
+ echo "Running"
+ else
+ echo "Stopped"
+ exit 1
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
diff --git a/vnfs/vFW/scripts/vpacketgen.sh b/vnfs/vFW/scripts/vpacketgen.sh
new file mode 100644
index 00000000..bd1178a0
--- /dev/null
+++ b/vnfs/vFW/scripts/vpacketgen.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start daemon at boot time
+# Description: Enable service provided by daemon.
+### END INIT INFO
+
+dir="/opt"
+cmd="./v_packetgen_init.sh"
+user="root"
+
+name=`basename $0`
+pid_file="/var/run/$name.pid"
+stdout_log="/var/log/$name.log"
+stderr_log="/var/log/$name.err"
+
+get_pid() {
+ cat "$pid_file"
+}
+
+is_running() {
+ [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
+}
+
+case "$1" in
+ start)
+ if is_running; then
+ echo "Already started"
+ else
+ echo "Starting $name"
+ cd "$dir"
+ if [ -z "$user" ]; then
+ sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ else
+ sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ fi
+ echo $! > "$pid_file"
+ if ! is_running; then
+ echo "Unable to start, see $stdout_log and $stderr_log"
+ exit 1
+ fi
+ fi
+ ;;
+ stop)
+ if is_running; then
+ echo -n "Stopping $name.."
+ kill `get_pid`
+ for i in {1..10}
+ do
+ if ! is_running; then
+ break
+ fi
+
+ echo -n "."
+ sleep 1
+ done
+ echo
+
+ if is_running; then
+ echo "Not stopped; may still be shutting down or shutdown may have failed"
+ exit 1
+ else
+ echo "Stopped"
+ if [ -f "$pid_file" ]; then
+ rm "$pid_file"
+ fi
+ fi
+ else
+ echo "Not running"
+ fi
+ ;;
+ restart)
+ $0 stop
+ if is_running; then
+ echo "Unable to stop, will not attempt to start"
+ exit 1
+ fi
+ $0 start
+ ;;
+ status)
+ if is_running; then
+ echo "Running"
+ else
+ echo "Stopped"
+ exit 1
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
diff --git a/vnfs/vFW/scripts/vsink.sh b/vnfs/vFW/scripts/vsink.sh
new file mode 100644
index 00000000..a6862b0d
--- /dev/null
+++ b/vnfs/vFW/scripts/vsink.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start daemon at boot time
+# Description: Enable service provided by daemon.
+### END INIT INFO
+
+dir="/opt"
+cmd="./v_sink_init.sh"
+user="root"
+
+name=`basename $0`
+pid_file="/var/run/$name.pid"
+stdout_log="/var/log/$name.log"
+stderr_log="/var/log/$name.err"
+
+get_pid() {
+ cat "$pid_file"
+}
+
+is_running() {
+ [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
+}
+
+case "$1" in
+ start)
+ if is_running; then
+ echo "Already started"
+ else
+ echo "Starting $name"
+ cd "$dir"
+ if [ -z "$user" ]; then
+ sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ else
+ sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ fi
+ echo $! > "$pid_file"
+ if ! is_running; then
+ echo "Unable to start, see $stdout_log and $stderr_log"
+ exit 1
+ fi
+ fi
+ ;;
+ stop)
+ if is_running; then
+ echo -n "Stopping $name.."
+ kill `get_pid`
+ for i in {1..10}
+ do
+ if ! is_running; then
+ break
+ fi
+
+ echo -n "."
+ sleep 1
+ done
+ echo
+
+ if is_running; then
+ echo "Not stopped; may still be shutting down or shutdown may have failed"
+ exit 1
+ else
+ echo "Stopped"
+ if [ -f "$pid_file" ]; then
+ rm "$pid_file"
+ fi
+ fi
+ else
+ echo "Not running"
+ fi
+ ;;
+ restart)
+ $0 stop
+ if is_running; then
+ echo "Unable to stop, will not attempt to start"
+ exit 1
+ fi
+ $0 start
+ ;;
+ status)
+ if is_running; then
+ echo "Running"
+ else
+ echo "Stopped"
+ exit 1
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+exit 0