wieerwill/aegis-dos-protection
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update 0.0.2

Browse Source
This commit is contained in:
WieErWill
2021-10-24 12:51:25 +02:00
parent d80e285bb4
commit c2c321eb9b
30 changed files with 1689 additions and 1333 deletions
Download Patch File Download Diff File Expand all files Collapse all files

293
source/Attacker/main.cpp
View File

@@ -1,27 +1,16 @@
#include <chrono>
#include <fstream>
#include <iostream>
#include <signal.h>
#include "Cli.hpp"
#include "ConfigurationManagement/Configurator.hpp"
#include "Configurator.hpp"
#include "Initializer.hpp"
#include "PacketDissection/PacketContainer.hpp"
#include "Threads/AttackThread.hpp"
int main(int argc, char** argv);
void handle_quit(int signum);
void terminate(AttackThread** thread_arr, uint16_t nb_worker_threads);
bool quit = false;
std::chrono::time_point<std::chrono::system_clock> start, end;
uint64_t nb_pkts_to_dave = 0;
uint64_t nb_pkts_from_dave = 0;
uint64_t nb_atk_pkts = 0;
uint64_t nb_pkts_to_alice = 0;
uint64_t nb_pkts_from_alice = 0;
uint64_t data_volume_to_alice = 0;
uint64_t data_volume_from_alice = 0;
int pkt_type_used = 0;
int main(int argc, char** argv) {
@@ -29,7 +18,7 @@ int main(int argc, char** argv) {
// Register signal and signal handler
signal(SIGINT, handle_quit);
Configurator::instance()->read_config("../test/config_attacker.json");
Configurator::instance()->read_config("../test/Attacker_config.json");
Initializer* init = new Initializer();
unsigned int lcore_id;
@@ -60,189 +49,64 @@ int main(int argc, char** argv) {
lcore_id = rte_lcore_id();
// run every thread except the last one
for (int i = 0; i < nb_worker_threads; ++i) {
for (int i = 0; i < nb_worker_threads - 1; ++i) {
lcore_id = rte_get_next_lcore(lcore_id, true, true);
rte_eal_remote_launch(
static_cast<lcore_function_t*>(AttackThread::s_run), thread_arr[i],
lcore_id);
}
// start measuring time running
std::chrono::time_point<std::chrono::system_clock> start, end;
start = std::chrono::system_clock::now();
std::cout << "\nRunning. [Ctrl+C to quit]\n" << std::endl;
// ===== RUN =====//
std::cout << "\nRunning on lcore " << rte_lcore_id()
<< ". [Ctrl+C to quit]\n"
<< std::endl;
// ===================START CLI ====================//
while (quit == false) {
thread_arr[nb_worker_threads - 1]->iterate();
#ifdef SINGLE_ITERATION
quit = true;
#endif
}
std::string input = "";
const std::string NAME = "syntflut";
const char* PATH_ATTACKING_FILE = "/home/guru/is_attacking/attacking";
// ===== TERMINATE ===== //
std::cout << "\nterminating..." << std::endl;
enum State { RUNNING, IDLE };
State state = IDLE;
for (int i = 0; i < nb_worker_threads - 1; ++i) {
#ifndef SINGLE_ITERATION
thread_arr[i]->quit();
#endif
}
// stop measuring time running
end = std::chrono::system_clock::now();
// calculate total number of attack packets
uint64_t nb_atk_pkts = 0;
uint64_t nb_pkts_to_alice = 0;
uint64_t nb_pkts_from_alice = 0;
uint64_t data_volume_to_alice = 0;
uint64_t data_volume_from_alice = 0;
int pkt_type_used = 0;
while (input != "exit") {
std::cout << NAME << "> ";
std::cin >> input;
std::cout << std::endl;
if (input == "start") {
if (state == IDLE) {
for (int i = 0; i < nb_worker_threads; ++i) {
thread_arr[i]->_do_attack = true;
}
// start measuring time running
start = std::chrono::system_clock::now();
// Start GUI
std::ofstream outfile(PATH_ATTACKING_FILE);
outfile.close();
// ===== RUN =====//
state = RUNNING;
} else { // state == RUNNING
std::cout << "Cannot start if program is already running."
<< std::endl;
}
} else if (input == "stop") {
if (state == IDLE) {
std::cout << "Cannot stop if program is not running."
<< std::endl;
} else { // state == RUNNING
// Stop GUI
std::remove(PATH_ATTACKING_FILE);
end = std::chrono::system_clock::now();
nb_pkts_to_dave = 0;
nb_pkts_from_dave = 0;
nb_pkts_to_alice = 0;
nb_pkts_from_alice = 0;
data_volume_to_alice = 0;
data_volume_from_alice = 0;
pkt_type_used = 0;
for (int i = 0; i < nb_worker_threads; ++i) {
// rescue Informations
nb_pkts_to_dave +=
thread_arr[i]->get_total_nb_pkts_to_dave();
nb_pkts_from_dave +=
thread_arr[i]->get_total_nb_pkts_from_dave();
nb_pkts_to_alice +=
thread_arr[i]->get_total_nb_pkts_to_alice();
nb_pkts_from_alice +=
thread_arr[i]->get_total_nb_pkts_from_alice();
data_volume_to_alice +=
thread_arr[i]->get_total_data_volume_to_alice();
data_volume_from_alice +=
thread_arr[i]->get_total_data_volume_from_alice();
pkt_type_used += thread_arr[i]->get_atk_pkt_type();
thread_arr[i]->_do_attack = false;
}
// print attack statistics
std::chrono::duration<double> elapsed_seconds = end - start;
std::cout << "\nduration of attack:\t\t\t\t"
<< elapsed_seconds.count() << " seconds" << std::endl;
int pkt_size = -1;
if (pkt_type_used > 1) { // TCP:tcp + ip + ether
pkt_size = 20 + 20 + 14;
} else { // UDP: udp + ip + ether
pkt_size = 8 + 20 + 14;
}
nb_atk_pkts = nb_pkts_to_dave - nb_pkts_from_alice;
std::cout << "attack packets sent:\t\t\t\t" << nb_atk_pkts
<< std::endl;
std::cout << "data volume sent (without L1 header):\t\t"
<< nb_atk_pkts * pkt_size / 1048576 << " MByte"
<< std::endl;
std::cout << "data volume sent (with L1 header):\t\t"
<< nb_atk_pkts * 84 / 1048576 << " MByte"
<< std::endl;
std::cout << "average attack rate (without L1 header):\t"
<< nb_atk_pkts * pkt_size / elapsed_seconds.count() /
1048576 * 8
<< " Mbps" << std::endl;
std::cout << "average attack rate (with L1 header):\t\t"
<< nb_atk_pkts * 84 / elapsed_seconds.count() /
1048576 * 8
<< " Mbps" << std::endl;
std::cout << "average attack packet rate:\t\t\t"
<< nb_atk_pkts / elapsed_seconds.count() / 1000
<< " Kpps" << std::endl;
std::cout << "\nnumber packets sent from alice:\t\t\t"
<< nb_pkts_from_alice << std::endl;
std::cout << "number packets recieved by alice:\t\t"
<< nb_pkts_to_alice << std::endl;
std::cout << "average data rate sent from alice:\t\t"
<< data_volume_from_alice / elapsed_seconds.count() /
1024 * 8
<< " Kbps" << std::endl;
std::cout << "average data rate recieved by alice:\t\t"
<< data_volume_to_alice / elapsed_seconds.count() /
1024 * 8
<< " Kbps" << std::endl
<< std::endl;
/*
std::cout << "\nstats for testing:" << std::endl;
std::cout << "number packets sent from dave:\t\t\t"
<< nb_pkts_from_dave << std::endl;
std::cout << "number packets recieved by dave:\t\t\t"
<< nb_pkts_to_dave << std::endl;
std::cout << "attack time:\t\t\t\t\t\t\t\t"
<< elapsed_seconds.count() <<"s" << std::endl;
*/
state = IDLE;
}
} else if (input == "exit") {
// Stop GUI
if (state == RUNNING) {
std::remove(PATH_ATTACKING_FILE);
}
} else if (input == "help" || input == "h") {
std::cout << "start\tstart " << NAME << std::endl
<< "stop\tstop " << NAME << std::endl
<< "help, h\tprint commands " << std::endl
<< "exit\texit " << NAME << std::endl
<< std::endl;
} else {
std::cout << "Command unknown. Try 'h' or 'help'." << std::endl;
//wait for threads to end
for (int i = 0; i < nb_worker_threads - 1; ++i) {
while (thread_arr[i]->is_running()) {
// wait
}
}
// ====================END CLI ====================//
// ===== TERMINATE ===== //
terminate(thread_arr, nb_worker_threads);
// destruct objects on heap
for (int i = 0; i < nb_worker_threads; ++i) {
// rescue Informations
nb_atk_pkts += thread_arr[i]->get_total_nb_atk_pkts();
nb_pkts_to_alice += thread_arr[i]->get_total_nb_pkts_to_alice();
nb_pkts_from_alice += thread_arr[i]->get_total_nb_pkts_from_alice();
data_volume_to_alice += thread_arr[i]->get_total_data_volume_to_alice();
data_volume_from_alice +=
thread_arr[i]->get_total_data_volume_from_alice();
pkt_type_used += thread_arr[i]->get_atk_pkt_type();
delete thread_arr[i];
thread_arr[i] = nullptr;
@@ -254,6 +118,52 @@ int main(int argc, char** argv) {
pkt_containers_to_alice[i] = nullptr;
}
// print attack statistics
std::chrono::duration<double> elapsed_seconds = end - start;
std::cout << "\nduration of attack:\t\t\t\t" << elapsed_seconds.count()
<< " seconds" << std::endl;
int pkt_size = -1;
if (pkt_type_used > 1) { // TCP:tcp + ip + ether
pkt_size = 20 + 20 + 14;
} else { // UDP: udp + ip + ether
pkt_size = 8 + 20 + 14;
}
std::cout << "attack packets sent:\t\t\t\t" << nb_atk_pkts << std::endl;
std::cout << "data volume sent (without L1 header):\t\t"
<< nb_atk_pkts * pkt_size / 1073741824 << " GByte" << std::endl;
std::cout << "data volume sent (with L1 header):\t\t"
<< nb_atk_pkts * 84 / 1073741824 << " GByte" << std::endl;
std::cout << "average attack rate (without L1 header):\t"
<< nb_atk_pkts * pkt_size / elapsed_seconds.count() / 1073741824 *
8
<< " Gbps" << std::endl;
std::cout << "average attack rate (with L1 header):\t\t"
<< nb_atk_pkts * 84 / elapsed_seconds.count() / 1073741824 * 8
<< " Gbps" << std::endl;
std::cout << "average attack packet rate:\t\t\t"
<< nb_atk_pkts / elapsed_seconds.count() / 1000000 << " Mpps"
<< std::endl;
std::cout << "\nnumber packets sent from alice:\t\t\t" << nb_pkts_from_alice
<< std::endl;
std::cout << "number packets recieved by alice:\t\t" << nb_pkts_to_alice
<< std::endl;
std::cout << "average data rate sent from alice:\t\t"
<< data_volume_from_alice / elapsed_seconds.count() / 1024 * 8
<< " Kbps" << std::endl;
std::cout << "average data rate recieved by alice:\t\t"
<< data_volume_to_alice / elapsed_seconds.count() / 1024 * 8
<< " Kbps" << std::endl
<< std::endl;
delete init;
init = nullptr;
@@ -264,23 +174,4 @@ int main(int argc, char** argv) {
// YOU ARE TERMINATED
}
void handle_quit(int signum) {
// do nothing
}
void terminate(AttackThread** thread_arr, uint16_t nb_worker_threads) {
std::cout << "\nterminating..." << std::endl;
for (int i = 0; i < nb_worker_threads - 1; ++i) {
#ifndef SINGLE_ITERATION
thread_arr[i]->quit();
#endif
}
//wait for threads to end
for (int i = 0; i < nb_worker_threads - 1; ++i) {
while (thread_arr[i]->is_running()) {
// wait
}
}
}
void handle_quit(int signum) { quit = true; }

83
source/Configurator.cpp
View File

@@ -2,88 +2,99 @@
#include <boost/log/trivial.hpp>
#include <boost/log/utility/setup/common_attributes.hpp>
//-------------------------------------------------------------------------------
//------------------------- Constructor/ Destructor -----------------------------
//-------------------------------------------------------------------------------
//------------------------------------------------------------------------------
//------------------------- Constructor/ Destructor ----------------------------
//------------------------------------------------------------------------------
Configurator::Configurator(){}
Configurator::Configurator() {}
Configurator* Configurator::_instance = nullptr;
Configurator* Configurator::instance(){ // Speicherbereinigung
Configurator* Configurator::instance() { // Speicherbereinigung
static CGuard g;
if (!_instance){
_instance = new Configurator ();
if (!_instance) {
_instance = new Configurator();
}
return _instance;
}
Configurator::~Configurator(){}
Configurator::~Configurator() {}
//-------------------------------------------------------------------------------
//-------------------------------- Read Config ----------------------------------
//-------------------------------------------------------------------------------
//------------------------------------------------------------------------------
//-------------------------------- Read Config ---------------------------------
//------------------------------------------------------------------------------
void Configurator::read_config(std::string path,
std::string default_path){
void Configurator::read_config(std::string path, std::string default_path) {
// Read Standard Config
std::ifstream config_file(path);
if(config_file.is_open()){
if (config_file.is_open()) {
config_file >> _config;
LOG_INFO << "Config loaded Succesfully" << LOG_END;
}
else {
} else {
LOG_INFO << "No Config-File found at " + path << LOG_END;
throw std::runtime_error("No Config-File found at " + path);
}
// Read Default Config
std::ifstream default_config_file(default_path);
if(default_config_file.is_open()){
if (default_config_file.is_open()) {
default_config_file >> _default_config;
LOG_INFO << "Default Config loaded Succesfully" << LOG_END;
}
else {
LOG_ERROR << "No Config-File found at default path " + default_path << LOG_END;
throw std::runtime_error("No Config-File found at deafult path " + default_path);
} else {
LOG_ERROR << "No Config-File found at default path " + default_path
<< LOG_END;
throw std::runtime_error("No Config-File found at deafult path " +
default_path);
}
}
//-------------------------------------------------------------------------------
//-------------------------------- Get-Methods ----------------------------------
//-------------------------------------------------------------------------------
//------------------------------------------------------------------------------
//-------------------------------- Get-Methods ---------------------------------
//------------------------------------------------------------------------------
bool Configurator::entry_exists(const std::string att_name) {
bool in_default_config = _default_config.find(att_name) != _default_config.end();
bool in_default_config =
_default_config.find(att_name) != _default_config.end();
bool in_standard_config = _config.find(att_name) != _config.end();
return in_default_config || in_standard_config;
}
std::string Configurator::get_config_as_string(const std::string& att_name, bool default_value) {
return Configurator::get_value_from_config<std::string>(att_name, default_value);
std::string Configurator::get_config_as_string(const std::string& att_name,
bool default_value) {
return Configurator::get_value_from_config<std::string>(att_name,
default_value);
}
unsigned int Configurator::get_config_as_unsigned_int(const std::string& att_name, bool default_value) {
unsigned int
Configurator::get_config_as_unsigned_int(const std::string& att_name,
bool default_value) {
return Configurator::get_value_from_config<int>(att_name, default_value);
}
bool Configurator::get_config_as_bool(const std::string& att_name, bool default_value) {
bool Configurator::get_config_as_bool(const std::string& att_name,
bool default_value) {
return Configurator::get_value_from_config<bool>(att_name, default_value);
}
float Configurator::get_config_as_float(const std::string& att_name, bool default_value) {
float Configurator::get_config_as_float(const std::string& att_name,
bool default_value) {
return Configurator::get_value_from_config<float>(att_name, default_value);
}
double Configurator::get_config_as_double(const std::string& att_name, bool default_value) {
double Configurator::get_config_as_double(const std::string& att_name,
bool default_value) {
return Configurator::get_value_from_config<double>(att_name, default_value);
}
template <typename T>
T Configurator::get_value_from_config(const std::string& att_name, bool default_value) {
bool search_in_default_config = !(_config.find(att_name) != _config.end()) || default_value;
if (!search_in_default_config) { return _config[att_name]; }
template <typename T>
T Configurator::get_value_from_config(const std::string& att_name,
bool default_value) {
bool search_in_default_config =
!(_config.find(att_name) != _config.end()) || default_value;
if (!search_in_default_config) {
return _config[att_name];
}
return _default_config[att_name];
}
//TODO Mehrdimensionale Attribute suchen
// TODO Mehrdimensionale Attribute suchen

2
source/DebugHelper.cpp
View File

@@ -57,7 +57,7 @@ void DebugHelper::hex_dump_raw(const void *addr, int len) {
unsigned char res[2 * len + 1];
res[2 * len] = '\0';
for(unsigned int i = 0; i < len; i++) {
for(int i = 0; i < len; i++) {
printf((char *)res + i * 2, "%02X", pc[i]);
}
printf ("%s\n", res);

59
source/Initializer.cpp
View File

@@ -4,7 +4,7 @@
#include <stdexcept>
#include "ConfigurationManagement/Configurator.hpp"
#include "Configurator.hpp"
#include "Definitions.hpp"
#include "Initializer.hpp"
@@ -20,15 +20,19 @@ rte_mempool* Initializer::init_dpdk(int argc, char** argv,
};
rte_eth_conf port_conf = {
.rxmode = {.mq_mode = ETH_MQ_RX_RSS,
.max_rx_pkt_len = RTE_ETHER_MAX_LEN,
.offloads = DEV_RX_OFFLOAD_CHECKSUM},
.rxmode =
{
.mq_mode = ETH_MQ_RX_RSS,
.max_rx_pkt_len = RTE_ETHER_MAX_LEN,
.offloads =
DEV_RX_OFFLOAD_CHECKSUM
},
.txmode =
{
.offloads =
(DEV_TX_OFFLOAD_IPV4_CKSUM | DEV_TX_OFFLOAD_UDP_CKSUM |
DEV_TX_OFFLOAD_TCP_CKSUM),
},
DEV_TX_OFFLOAD_TCP_CKSUM),
},
.rx_adv_conf = {.rss_conf =
{
.rss_key = hash_key,
@@ -53,8 +57,8 @@ rte_mempool* Initializer::init_dpdk_attacker(int argc, char** argv,
{
.offloads =
(DEV_TX_OFFLOAD_IPV4_CKSUM | DEV_TX_OFFLOAD_UDP_CKSUM |
DEV_TX_OFFLOAD_TCP_CKSUM),
},
DEV_TX_OFFLOAD_TCP_CKSUM),
},
};
return init_dpdk_template(0, port_conf, argc, argv, nb_worker_threads);
@@ -66,7 +70,7 @@ rte_mempool* Initializer::init_dpdk_template(uint16_t nb_non_worker_threads,
uint16_t& nb_worker_threads) {
int ret;
unsigned int nb_ports;
uint16_t portid;
uint16_t portid; //< init portid
struct rte_mempool* mbuf_pool;
// initialize eal
@@ -100,21 +104,22 @@ rte_mempool* Initializer::init_dpdk_template(uint16_t nb_non_worker_threads,
cache_size -= 1;
}
mbuf_pool =
rte_pktmbuf_pool_create("MBUF_POOL", NUM_MBUF_POOL_ELEMENTS, cache_size,
0, RTE_MBUF_DEFAULT_BUF_SIZE, rte_socket_id());
mbuf_pool = rte_pktmbuf_pool_create(
"MBUF_POOL", NUM_MBUF_POOL_ELEMENTS, 0 /*cache_size*/, 0,
RTE_MBUF_DEFAULT_BUF_SIZE, rte_socket_id());
if (mbuf_pool == nullptr) {
rte_exit(EXIT_FAILURE, "Cannot create mbuf pool\n");
}
// Initialize all ports.
try {
RTE_ETH_FOREACH_DEV(portid) {
RTE_ETH_FOREACH_DEV(portid) {
try {
init_port(port_conf, portid, mbuf_pool, nb_worker_threads);
}
catch (std::exception& e) {
rte_exit(EXIT_FAILURE, "Cannot init port %" PRIu16 "\n", portid);
}
} catch (std::exception& e) {
rte_exit(EXIT_FAILURE, "Cannot init port %" PRIu16 "\n", portid);
}
return mbuf_pool;
@@ -150,23 +155,17 @@ void Initializer::init_port(rte_eth_conf port_conf, uint16_t port,
// |= is not allowed operator. negation of DEV_TX_OFFL...
port_conf.txmode.offloads |= DEV_TX_OFFLOAD_MBUF_FAST_FREE;
// test if checksum offloading is possible
if (((dev_info.tx_offload_capa & DEV_TX_OFFLOAD_TCP_CKSUM) ==
DEV_TX_OFFLOAD_TCP_CKSUM) &&
((dev_info.tx_offload_capa & DEV_TX_OFFLOAD_IPV4_CKSUM) ==
DEV_TX_OFFLOAD_IPV4_CKSUM)) {
std::cout << "ethernet device is checksum offloading capable"
<< std::endl;
if (((dev_info.tx_offload_capa & DEV_TX_OFFLOAD_TCP_CKSUM) == DEV_TX_OFFLOAD_TCP_CKSUM) &&
((dev_info.tx_offload_capa & DEV_TX_OFFLOAD_IPV4_CKSUM) == DEV_TX_OFFLOAD_IPV4_CKSUM) ){
std::cout << "ethernet device is checksum offloading capabel" << std::endl;
} else {
std::cout << "ethernet device is not checksum offloading capable"
<< std::endl;
std::cout << "ethernet device is not checksum offloading capabel" << std::endl;
}
if (((dev_info.tx_queue_offload_capa & DEV_TX_OFFLOAD_IPV4_CKSUM) ==
DEV_TX_OFFLOAD_IPV4_CKSUM) &&
((dev_info.tx_queue_offload_capa & DEV_TX_OFFLOAD_TCP_CKSUM) ==
DEV_TX_OFFLOAD_TCP_CKSUM)) {
std::cout << "queue is checksum offloading capable" << std::endl;
if (((dev_info.tx_queue_offload_capa & DEV_TX_OFFLOAD_IPV4_CKSUM) == DEV_TX_OFFLOAD_IPV4_CKSUM) &&
((dev_info.tx_queue_offload_capa & DEV_TX_OFFLOAD_TCP_CKSUM) == DEV_TX_OFFLOAD_TCP_CKSUM)) {
std::cout << "queue is checksum offloading capabel" << std::endl;
} else {
std::cout << "queue is not checksum offloading capable" << std::endl;
std::cout << "queue is not checksum offloading capabel" << std::endl;
}
// Configure the Ethernet device.

134
source/Threads/DefenseThread.cpp
View File

@@ -1,28 +1,20 @@
#include <iostream>
#include <rte_cycles.h>
#include <rte_lcore.h>
#include <rte_mbuf.h>
#include "Definitions.hpp"
#include "Threads/DefenseThread.hpp"
#include "Threads/StatisticsThread.hpp"
// ===== PUBLIC ===== //
DefenseThread::DefenseThread(
MbufContainerReceiving* mbuf_container_from_inside,
MbufContainerReceiving* mbuf_container_from_outside,
MbufContainerTransmitting* mbuf_container_to_inside,
MbufContainerTransmitting* mbuf_container_to_outside)
: Thread()
, _mbuf_container_from_inside(mbuf_container_from_inside)
, _mbuf_container_from_outside(mbuf_container_from_outside)
, _mbuf_container_to_inside(mbuf_container_to_inside)
, _mbuf_container_to_outside(mbuf_container_to_outside)
, _do_treat(false) {
_treatment =
new Treatment(_mbuf_container_to_outside, _mbuf_container_to_inside, 0);
}
DefenseThread::DefenseThread(PacketContainer* pkt_container_to_inside,
PacketContainer* pkt_container_to_outside,
StatisticsThread* stat_thread)
: ForwardingThread(pkt_container_to_inside, pkt_container_to_outside),
_treatment(pkt_container_to_inside, pkt_container_to_outside),
_statistics_thread(stat_thread) {}
int DefenseThread::s_run(void* thread_vptr) {
DefenseThread* thread = static_cast<DefenseThread*>(thread_vptr);
@@ -33,94 +25,54 @@ int DefenseThread::s_run(void* thread_vptr) {
// ===== PRIVATE ===== //
void DefenseThread::run() {
/*
LOG_INFO << "\nRunning on lcore " << rte_lcore_id() << ". [Ctrl+C to quit]"
<< LOG_END;
*/
uint16_t nb_pkts_to_inside;
uint16_t nb_pkts_to_outside;
BOOST_LOG_TRIVIAL(info)
<< "\nRunning on lcore " << rte_lcore_id() << ". [Ctrl+C to quit]\n";
// stats for StatisticThread_testing
Stats* thread_statistics = new Stats();
thread_statistics->attacks = rte_lcore_id();
thread_statistics->bytes = rte_lcore_id();
thread_statistics->dropped = rte_lcore_id();
thread_statistics->packets = rte_lcore_id();
thread_statistics->work_time = rte_lcore_id();
// Run until the application is quit or killed.
while (likely(_quit == false)) {
_statistics_thread->enqueue_statistics(rte_lcore_id(),
thread_statistics);
// std::cout << _do_treat << std::endl;
// ===== ALICE --[DAVE]--> BOB ===== //
// continue if no packets are received
int mbufs_from_inside = _mbuf_container_from_inside->poll_mbufs();
/* if (mbufs_from_inside != 0) {
BOOST_LOG_TRIVIAL(info)
<< "Number of packets received from inside: "
<< mbufs_from_inside;
} */
bool keep = true;
for (int i = 0; i < mbufs_from_inside; ++i) {
rte_mbuf* mbuf = _mbuf_container_from_inside->get_mbuf_at_index(i);
_pkt_container_to_inside->poll_packets(nb_pkts_to_inside);
if (likely(nb_pkts_to_inside > 0)) {
if (PacketInfoCreator::is_ipv4_tcp(mbuf) == true &&
_do_treat == true) {
PacketInfoIpv4Tcp* pkt_info = new PacketInfoIpv4Tcp(mbuf);
keep = _treatment->treat_packets_to_outside(pkt_info);
if (keep == false) {
// delete PacketInfo
delete pkt_info;
}
} else {
// fwd
// std::cout << _do_treat;
_mbuf_container_to_outside->add_mbuf(mbuf);
}
/// TODO: implement pipeline
_treatment.treat_packets_to_inside();
_pkt_container_to_inside->send_packets();
_pkt_container_to_outside->send_packets();
}
_mbuf_container_to_inside->send_mbufs();
_mbuf_container_to_outside->send_mbufs();
// _mbuf_container_to_inside->send_mbufs();
// _mbuf_container_to_outside->send_mbufs();
// for mbuf in pktsFromOutside
// pktInfoCreator::determinePacketType without creating a pktinfo
// create packetInfo with obtained type
// if tcp: treat
// else: fwd
// destroy pktInfo
// Pakete von innen, auch die selbsterzeugten bevorzugen
// ===== ALICE <--[DAVE]-- BOB ===== //
// continue if no packets are received
_pkt_container_to_outside->poll_packets(nb_pkts_to_outside);
if (likely(nb_pkts_to_outside > 0)) {
int mbufs_from_outside = _mbuf_container_from_outside->poll_mbufs();
/* if (mbufs_from_outside != 0) {
BOOST_LOG_TRIVIAL(info)
<< "Number of packets received from outside: "
<< mbufs_from_outside;
} */
for (int i = 0; i < mbufs_from_outside; ++i) {
rte_mbuf* mbuf = _mbuf_container_from_outside->get_mbuf_at_index(i);
if (PacketInfoCreator::is_ipv4_tcp(mbuf) == true &&
_do_treat == true) {
PacketInfoIpv4Tcp* pkt_info = new PacketInfoIpv4Tcp(mbuf);
keep = _treatment->treat_packets_to_inside(
static_cast<PacketInfoIpv4Tcp*>(pkt_info));
if (keep == false) {
// delete PacketInfo
delete pkt_info;
}
} else {
// std::cout << _do_treat;
_mbuf_container_to_inside->add_mbuf(mbuf);
}
/// TODO: implement pipeline
_treatment.treat_packets_to_outside();
_pkt_container_to_inside->send_packets();
_pkt_container_to_outside->send_packets();
}
/* if (_mbuf_container_to_inside->get_number_of_mbufs() > 0) {
BOOST_LOG_TRIVIAL(info)
<< "Number of packets sent to inside: "
<< _mbuf_container_to_inside->get_number_of_mbufs();
}
if (_mbuf_container_to_outside->get_number_of_mbufs() > 0) {
BOOST_LOG_TRIVIAL(info)
<< "Number of packets sent to outside: "
<< _mbuf_container_to_outside->get_number_of_mbufs();
} */
_mbuf_container_to_inside->send_mbufs();
_mbuf_container_to_outside->send_mbufs();
if (likely(nb_pkts_to_inside != 0 || nb_pkts_to_outside != 0)) {
BOOST_LOG_TRIVIAL(info)
<< "pkts_to_inside = " << nb_pkts_to_inside
<< "\tpkts_to_outside = " << nb_pkts_to_outside << "\n";
}
}
_running = false;

150
source/Threads/StatisticsThread.cpp
View File

@@ -1,9 +1,58 @@
#include "Threads/StatisticsThread.hpp"
#include <iostream>
//-------------------------------------------------------------------------
//-------------------------- StatisticsThread -----------------------------
//-------------------------------------------------------------------------
StatisticsThread::StatisticsThread() {
std::string name;
unsigned int lcore_id = rte_lcore_id();
for (int i = 0; i < 16; ++i) {
lcore_id = rte_get_next_lcore(lcore_id, true, true);
name = "RTE_RING_THREAD_";
name += i + 1;
const char* c =
name.c_str(); // wrap string to char pointer //TODO: good name
lcore_id = rte_get_next_lcore(lcore_id, true, true);
_s_queue[i] = rte_ring_create(c, 4, rte_lcore_to_socket_id(lcore_id),
RING_F_SP_ENQ | RING_F_SC_DEQ);
// checking for errors in creating rte rings
if (_s_queue[i] == NULL) {
if (rte_errno == E_RTE_NO_CONFIG) {
std::cout << "Error during RTE_RING creation at Ring " << i + 1
<< ", return Value = E_RTE_NO_CONFIG" << std::endl;
}
if (rte_errno == E_RTE_SECONDARY) {
std::cout << "Error during RTE_RING creation at Ring " << i + 1
<< ", return Value = E_RTE_SECONDARY" << std::endl;
}
if (rte_errno == EINVAL) {
std::cout << "Error during RTE_RING creation at Ring " << i + 1
<< ", return Value = EINVAL" << std::endl;
}
if (rte_errno == ENOSPC) {
std::cout << "Error during RTE_RING creation at Ring " << i + 1
<< ", return Value = ENOSPC" << std::endl;
}
if (rte_errno == EEXIST) {
std::cout << "Error during RTE_RING creation at Ring " << i + 1
<< ", return Value = EEXIST" << std::endl;
}
if (rte_errno == ENOMEM) {
std::cout << "Error during RTE_RING creation at Ring " << i + 1
<< ", return Value = ENOMEM" << std::endl;
}
}
} // rte_lcore_to_socket_id
_s_stats_monitor = new StatsMonitor;
_s_stats = new Stats;
_s_stats_monitor->total_time = 0;
}
rte_ring* StatisticsThread::_s_queue[16];
int StatisticsThread::s_run(void* thread_vptr) {
@@ -14,42 +63,97 @@ int StatisticsThread::s_run(void* thread_vptr) {
void StatisticsThread::run() {
// Check for new statistics in each rte_ring
while (_quit != false) {
for (rte_ring* ring : _s_queue) {
// Get stats from queue and update them
std::cout << "\n StatisticThread running on lcore " << rte_lcore_id()
<< ". [Ctrl+C to quit]\n"
<< std::endl;
cycles_old = rte_get_tsc_cycles();
while (likely(_quit == false)) {
// Timer -> update_statistics_monitor
if (timer_get_seconds() >=
1) { // every second updating the stats monitor
timer_reset();
update_statistics_monitor();
}
for (struct rte_ring* ring : _s_queue) {
// get stats from each Thread and put them into _s_stats
Stats* out;
rte_ring_dequeue(ring, (void**)&out);
if (rte_ring_dequeue(ring, (void**)&out) ==
0) { // taking existing stats from ring
*_s_stats += *out; // updating _s_stats
if (true) { // \TODO test if empty
update_statistics(out);
/*delete out;
out = nullptr;*/
}
}
}
}
void StatisticsThread::enqueue_statistics(int& id, Stats* new_stats) {
// enqueue statistics
rte_ring* ring = _s_queue[id];
rte_ring_enqueue(ring, new_stats);
void StatisticsThread::enqueue_statistics(const unsigned int& id,
Stats* new_stats) {
// enqueue statistics (checked and working)
rte_ring_enqueue(_s_queue[id], (void*)new_stats);
}
Stats* StatisticsThread::_s_stats;
void StatisticsThread::update_statistics_monitor() {
// called once per second
_s_stats_monitor->attacks_per_second = _s_stats->attacks;
_s_stats_monitor->attacks_percent =
((double)_s_stats->attacks / (double)_s_stats->packets) * 100;
_s_stats_monitor->bytes_per_second = _s_stats->bytes;
_s_stats_monitor->dropped_per_second = _s_stats->dropped;
_s_stats_monitor->attacks_percent =
((double)_s_stats->dropped / (double)_s_stats->packets) * 100;
_s_stats_monitor->packets_per_second = _s_stats->packets;
//_s_stats_monitor->process_speed = ;
++_s_stats_monitor->total_time;
void StatisticsThread::update_statistics(Stats* new_stats) {
//_s_stats += new_stats;
// delete old _s_stats
_s_stats->reset_stats();
}
void StatisticsThread::print_stats_monitor(){
std::cout << "Total runtime = " << _s_stats_monitor->total_time << "s" << std::endl;
std::cout << "Bytes per second = " << _s_stats_monitor->bytes_per_second << std::endl;
std::cout << "Packets per second = " << _s_stats_monitor->packets_per_second << std::endl;
std::cout << "Attacks per Second = " << _s_stats_monitor->attacks_per_second << std::endl;
std::cout << "Attacks in percent = " << _s_stats_monitor->attacks_percent << "%" << std::endl;
std::cout << "Dropped packets per second = " << _s_stats_monitor->dropped_per_second << std::endl;
std::cout << "Dropped packets in percent = " << _s_stats_monitor->dropped_percent << "%" << std::endl;
std::cout << "Prozess speed = " << _s_stats_monitor->process_speed << std::endl;
}
uint64_t StatisticsThread::timer_get_seconds() {
cycles = rte_get_tsc_cycles();
hz = rte_get_tsc_hz();
//calculate
seconds = (cycles - cycles_old) / hz;
return seconds;
}
void StatisticsThread::timer_reset() {
seconds = 0;
cycles_old = cycles;
}
//-------------------------------------------------------------------------
//-------------------------- Stats ----------------------------------------
//------------------------------- Stats -----------------------------------
//-------------------------------------------------------------------------
Stats* Stats::operator+=(const Stats* new_stats) {
this->attacks += new_stats->attacks;
this->bytes += new_stats->bytes;
this->dropped += new_stats->dropped;
this->packets += new_stats->packets;
this->work_time += new_stats->work_time;
this->syn_level += new_stats->syn_level;
return this;
Stats& Stats::operator+=(const Stats& new_stats) {
attacks += new_stats.attacks;
bytes += new_stats.bytes;
dropped += new_stats.dropped;
packets += new_stats.packets;
work_time += new_stats.work_time;
}
void Stats::reset_stats() {
attacks = 0;
bytes = 0;
dropped = 0;
packets = 0;
work_time = 0;
}

158
source/main.cpp
View File

@@ -1,12 +1,13 @@
#include <signal.h>
#include "ConfigurationManagement/Configurator.hpp"
#include "Configurator.hpp"
#include "Initializer.hpp"
#include "PacketDissection/PacketContainer.hpp"
#include "Threads/DefenseThread.hpp"
#include "Threads/StatisticsThread.hpp"
int main(int argc, char** argv);
void handle_quit(int signum);
void terminate(DefenseThread** thread_arr, uint16_t nb_worker_threads);
bool quit = false;
@@ -20,39 +21,34 @@ int main(int argc, char** argv) {
Initializer* init = new Initializer();
unsigned int lcore_id;
uint16_t inside_port = 1;
uint16_t outside_port = 0;
uint16_t inside_port = 0;
uint16_t outside_port = 1;
uint16_t nb_worker_threads = 0;
struct rte_mempool* mbuf_pool =
init->init_dpdk(argc, argv, nb_worker_threads);
// create thread objects
DefenseThread* thread_arr[nb_worker_threads];
MbufContainerReceiving* pkt_containers_from_outside[nb_worker_threads];
MbufContainerReceiving* pkt_containers_from_inside[nb_worker_threads];
MbufContainerTransmitting* pkt_containers_to_inside[nb_worker_threads];
MbufContainerTransmitting* pkt_containers_to_outside[nb_worker_threads];
StatisticsThread* stat_thread = new StatisticsThread();
DefenseThread* thread_arr[nb_worker_threads];
PacketContainer* pkt_containers_to_outside[nb_worker_threads];
PacketContainer* pkt_containers_to_inside[nb_worker_threads];
for (int i = 0; i < nb_worker_threads; i++) {
pkt_containers_from_outside[i] =
new MbufContainerReceiving(mbuf_pool, outside_port, i);
pkt_containers_from_inside[i] =
new MbufContainerReceiving(mbuf_pool, inside_port, i);
pkt_containers_to_inside[i] =
new MbufContainerTransmitting(mbuf_pool, inside_port, i);
pkt_containers_to_outside[i] =
new MbufContainerTransmitting(mbuf_pool, outside_port, i);
new PacketContainer(mbuf_pool, inside_port, outside_port, i, i);
pkt_containers_to_inside[i] =
new PacketContainer(mbuf_pool, outside_port, inside_port, i, i);
thread_arr[i] = new DefenseThread(
pkt_containers_from_inside[i], pkt_containers_from_outside[i],
pkt_containers_to_inside[i], pkt_containers_to_outside[i]);
thread_arr[i] = new DefenseThread(pkt_containers_to_outside[i],
pkt_containers_to_inside[i], stat_thread);
}
// start each thread on an own lcore
lcore_id = rte_lcore_id();
// start DefenseThreads
// ..start each thread on an own lcore
lcore_id = rte_lcore_id();
for (int i = 0; i < nb_worker_threads; ++i) {
lcore_id = rte_get_next_lcore(lcore_id, true, true);
@@ -61,100 +57,41 @@ int main(int argc, char** argv) {
lcore_id);
}
/*
uint64_t hz = rte_get_tsc_hz();
u_int64_t cycles = rte_get_tsc_cycles();
u_int64_t old_cycles = cycles;
while (likely(quit == false)) {
cycles = rte_get_tsc_cycles();
if (cycles - old_cycles > 64 * hz) {
Treatment::s_increment_timestamp();
old_cycles = cycles;
}
}
*/
// ===================START CLI ====================//
std::string input = "";
const std::string NAME = "aegis";
enum State { RUNNING, IDLE };
State state = IDLE;
while (input != "exit") {
std::cout << std::endl;
std::cout << NAME << "> " << std::flush;
std::cin >> input;
std::cout << std::endl;
if (input == "start") {
if (state == IDLE) {
for (int i = 0; i < nb_worker_threads; ++i) {
thread_arr[i]->start_treat();
}
state = RUNNING;
} else { // state == RUNNING
std::cout << "Cannot start if program is already running."
<< std::endl;
}
} else if (input == "stop") {
if (state == IDLE) {
std::cout << "Cannot stop if program is not running."
<< std::endl;
} else { // state == RUNNING
for (int i = 0; i < nb_worker_threads; ++i) {
thread_arr[i]->stop_treat();
}
state = IDLE;
}
} else if (input == "exit") {
// do nothing; while loop stops
} else if (input == "help" || input == "h") {
std::cout << "start\tstart " << NAME << std::endl
<< "stop\tstop " << NAME << std::endl
<< "help, h\tprint commands " << std::endl
<< "exit\texit " << NAME << std::endl
<< std::endl;
} else {
std::cout << "Command unknown. Try 'h' or 'help'." << std::endl;
uint64_t hz = rte_get_tsc_hz();
u_int64_t cycles = rte_get_tsc_cycles();
u_int64_t old_cycles = cycles;
while (likely(quit == false)) {
cycles = rte_get_tsc_cycles();
if (cycles - old_cycles > 64 * hz) {
Treatment::s_increment_timestamp();
old_cycles = cycles;
}
}
// ====================END CLI ====================//
// ===== TERMINATE ===== //
terminate(thread_arr, nb_worker_threads);
std::cout << "\nterminating..." << std::endl;
for (int i = 0; i < nb_worker_threads; ++i) {
thread_arr[i]->quit();
}
stat_thread->quit();
// destruct objects on heap
for (int i = 0; i < nb_worker_threads; ++i) {
delete thread_arr[i];
thread_arr[i] = nullptr;
delete pkt_containers_from_inside[i];
pkt_containers_from_inside[i] = nullptr;
delete pkt_containers_from_outside[i];
pkt_containers_from_outside[i] = nullptr;
delete pkt_containers_to_inside[i];
pkt_containers_to_inside[i] = nullptr;
delete pkt_containers_to_inside[i];
pkt_containers_to_inside[i] = nullptr;
delete pkt_containers_to_outside[i];
pkt_containers_to_outside[i] = nullptr;
}
delete stat_thread;
stat_thread = nullptr;
delete init;
init = nullptr;
@@ -166,22 +103,7 @@ int main(int argc, char** argv) {
}
void handle_quit(int signum) {
// do nothing
// quit = true;
//
quit = true;
}
//
void terminate(DefenseThread** thread_arr, uint16_t nb_worker_threads) {
std::cout << "\nterminating..." << std::endl;
for (int i = 0; i < nb_worker_threads; ++i) {
thread_arr[i]->quit();
}
//wait for threads to end
for (int i = 0; i < nb_worker_threads - 1; ++i) {
while (thread_arr[i]->is_running()) {
// wait
}
}
}
//

9
source/meson.build
View File

@@ -1,11 +1,14 @@
# Please keep all alphabetically sorted
sources = [
'source/main.cpp',
'source/Initializer.cpp',
'source/DebugHelper.cpp',
'source/ConfigurationManagement/Configurator.cpp',
'source/Configurator.cpp',
'source/Threads/DefenseThread.cpp',
'source/Cli.cpp',
#'source/Threads/StatisticsThread.cpp',
'source/Threads/StatisticsThread.cpp',
'source/DebugHelper.cpp',
'source/Initializer.cpp',
'source/main.cpp',
]
# Attacker