havox 0.11.1

data/lib/havox/app/helpers/methods.rb

@@ -0,0 +1,43 @@
+helpers do
+  def handle_file(params)
+    filepath = "./#{params[:filename]}"
+    File.open(filepath, 'w') { |f| f.write(params[:tempfile].read) }
+    filepath
+  end
+
+  def run_network(dot_filepath, hvx_filepath, opts = {})
+    mln_filename = "./#{File.basename(hvx_filepath, '.hvx')}.mln"
+    eval File.read(hvx_filepath)
+    mln_blocks = Havox::Network.transcompile(opts)
+    print_blocks(mln_blocks, opts)
+    return nil if mln_blocks.empty?
+    File.open(mln_filename, 'w') { |f| f.write(mln_blocks.join("\n")) }
+    mln_filename
+  end
+
+  def print_blocks(merlin_blocks, opts)
+    print_opts(opts)
+    if merlin_blocks.empty?
+      puts 'No Merlin code was generated'.bold.red
+    else
+      puts 'Merlin code generated:'.bold
+      puts merlin_blocks.join("\n").green
+    end
+  end
+
+  def print_policy(policy, opts)
+    print_opts(opts)
+    puts "Generated #{policy.rules.size} rule(s)".bold
+  end
+
+  def print_opts(opts)
+    puts 'Havox will:'.bold
+    puts "- generate Merlin code with QoS '#{opts[:qos]}'".blue unless opts[:qos].nil?
+    puts "- generate Merlin code with preference for exit switches: #{opts[:preferred].join(', ')}".blue unless opts[:preferred].nil?
+    puts "- generate Merlin code with arbitrary exit switches: #{opts[:arbitrary].join(', ')}".blue unless opts[:arbitrary].nil?
+    puts '- force attribute redefinition for rules with an attribute defined twice'.blue if opts[:force]
+    puts '- automatically append policies for ARP and ICMP protocols'.blue if opts[:basic]
+    puts '- expand generated rules from VLAN-based to their full predicates'.blue if opts[:expand]
+    puts '- switch all occurrences of Enqueue action to Output action'.blue if opts[:output]
+  end
+end

data/lib/havox/classes/edge.rb

@@ -0,0 +1,11 @@
+module Havox
+  class Edge
+    attr_reader :from, :to, :attributes
+
+    def initialize(from, to, attributes)
+      @from = from
+      @to = to
+      @attributes = attributes
+    end
+  end
+end

data/lib/havox/classes/modified_policy.rb

@@ -0,0 +1,44 @@
+module Havox
+  class ModifiedPolicy
+    attr_reader :path
+
+    def initialize(topology_file_path, policy_file_path)
+      @topology_file_path = topology_file_path
+      @original_policy_file_path = policy_file_path
+      @hosts = parsed_hosts
+      @path = nil
+      append_basic_policies
+    end
+
+    private
+
+    def arp_policy
+      Havox::DSL::Directive.new(nil, nil, ethernet_type: 2054).
+        to_block(@hosts, @hosts, 'min(100 Mbps)')
+    end
+
+    def icmp_policy
+      Havox::DSL::Directive.new(nil, nil, ethernet_type: 2048, ip_protocol: 1).
+        to_block(@hosts, @hosts, 'min(100 Mbps)')
+    end
+
+    def policies
+      [icmp_policy, arp_policy]
+    end
+
+    def append_basic_policies
+      policy_file_string = File.read(@original_policy_file_path)
+      basename = File.basename(@original_policy_file_path, '.mln')
+      Tempfile.open([basename, '.mln']) do |tmp|
+        tmp.puts "#{policy_file_string}\n"
+        tmp.puts policies.join("\n")
+        @path = tmp.path
+      end
+    end
+
+    def parsed_hosts
+      topology = Havox::Topology.new(@topology_file_path)
+      topology.host_names
+    end
+  end
+end

data/lib/havox/classes/node.rb

@@ -0,0 +1,19 @@
+module Havox
+  class Node
+    attr_reader :name, :type, :attributes
+
+    def initialize(name, attributes)
+      @name = name
+      @type = attributes[:type]&.to_sym
+      @attributes = attributes
+    end
+
+    def host?
+      @type.eql?(:host)
+    end
+
+    def switch?
+      @type.eql?(:switch)
+    end
+  end
+end

data/lib/havox/classes/policy.rb

@@ -0,0 +1,68 @@
+module Havox
+  class Policy
+    attr_reader :rules
+
+    def initialize(opts = {})
+      @opts = opts
+      @rules = nil
+      generate_rules
+      check_ip_netmasks if Havox::Network.reachable.any?
+    end
+
+    def to_json
+      @rules.map(&:to_h).to_json
+    end
+
+    private
+
+    MERLIN_IP_SRC = 'ipSrc'
+    MERLIN_IP_DST = 'ipDst'
+    MERLIN_ETHERTYPE = 'ethTyp'
+    ETHERTYPE_IP  = 2048
+
+    def generate_rules
+      @rules = Havox::Merlin.compile!(
+        @opts[:merlin_topology],
+        @opts[:merlin_policy],
+        @opts
+      )
+    end
+
+    def check_ip_netmasks
+      @rules.each do |r|
+        r.matches[src_ip] = netmasked_or_nil(r.matches[src_ip]) if r.matches.key?(src_ip)
+        r.matches[dst_ip] = netmasked_or_nil(r.matches[dst_ip]) if r.matches.key?(dst_ip)
+        delete_ip_match(r.matches, src_ip) if has_key_but_nil?(r.matches, src_ip)
+        delete_ip_match(r.matches, dst_ip) if has_key_but_nil?(r.matches, dst_ip)
+      end
+    end
+
+    def src_ip
+      Havox::Translator.instance.fields_to(@opts[:syntax])[MERLIN_IP_SRC]
+    end
+
+    def dst_ip
+      Havox::Translator.instance.fields_to(@opts[:syntax])[MERLIN_IP_DST]
+    end
+
+    def ethertype
+      Havox::Translator.instance.fields_to(@opts[:syntax])[MERLIN_ETHERTYPE]
+    end
+
+    def delete_ip_match(matches, target_ip_key)
+      matches.delete(target_ip_key)
+      matches[ethertype] = ETHERTYPE_IP unless matches.key?(ethertype)
+    end
+
+    def netmasked_or_nil(ip)
+      Havox::Network.reachable.each do |network|
+        return network if IPAddr.new(network).include?(ip)
+      end
+      nil
+    end
+
+    def has_key_but_nil?(matches, target_key)
+      matches.key?(target_key) && matches[target_key].nil?
+    end
+  end
+end

data/lib/havox/classes/rib.rb

@@ -0,0 +1,30 @@
+module Havox
+  class RIB
+    attr_reader :routes
+
+    def initialize(opts = {})
+      @opts = opts
+      @routes = Havox::RouteFlow.ribs(vm_names, @opts)
+    end
+
+    def routes_to(ip, protocol = :bgp)
+      @routes.select do |r|
+        r.protocol.eql?(protocol) && IPAddr.new(r.network).include?(ip)
+      end
+    end
+
+    def network_list(protocol = :bgp)
+      @routes.select { |r| r.protocol.eql?(protocol) }.map(&:network).uniq
+    end
+
+    private
+
+    def vm_names
+      case @opts[:vm_names]
+      when Array then @opts[:vm_names]
+      when String then @opts[:vm_names].split(',').map(&:strip)
+      else Havox.configuration.rf_lxc_names
+      end
+    end
+  end
+end

data/lib/havox/classes/route.rb

@@ -0,0 +1,82 @@
+module Havox
+  class Route
+    attr_reader :network, :via, :interface, :protocol, :best, :fib, :raw,
+      :timestamp, :router, :recursive_via
+
+    IP_REGEX = /([0-9]{1,3}\.){3}[0-9]{1,3}/
+    TYPE_CHAR_REGEX = /^[\w\s]/
+
+    ROUTE_REGEX = %r(^
+      (?<flags>[A-Z>\*\s]{3})\s*
+      (?<network>#{IP_REGEX}\/[0-9]{1,2})?\s
+      (\[\d*\/\d*\])?\s?
+      (via\s(?<via>([0-9]{1,3}\.){3}[0-9]{1,3})|is\sdirectly\sconnected)
+      (,\s(?<interface>\w+)|\s\(recursive\svia\s(?<recursive_via>#{IP_REGEX})\))
+      (,\s(?<timestamp>\d\d:\d\d:\d\d))?
+    )x
+
+    TYPE_HASH = {
+      'O' => :ospf, 'B' => :bgp, 'C' => :connected, 'S' => :static,
+      'R' => :rip, 'I' => :isis, 'A' => :babel, 'K' => :kernel
+    }
+
+    def initialize(raw, router, opts = {})
+      @router = router
+      @opts = opts
+      @raw = raw
+      parse_raw_entry
+    end
+
+    def to_s
+      connection = @via.nil? ? 'direct' : "via #{@via}"
+      "#{@protocol.upcase}: to #{@network} #{connection} in " \
+      "#{@interface || @recursive_via}#{', BEST' if @best}" \
+      "#{', FIB route' if @fib}"
+    end
+
+    def inspect
+      "Route #{object_id.to_s(16)}, router #{@router}, #{to_s}"
+    end
+
+    def to_h
+      { router: @router, protocol: @protocol, network: @network, via: @via,
+        recursive_via: @recursive_via, interface: @interface,
+        timestamp: @timestamp, best: @best, fib: @fib }
+    end
+
+    def direct?
+      @via.nil?
+    end
+
+    def bgp?
+      @protocol.eql?(:bgp)
+    end
+
+    def ospf?
+      @protocol.eql?(:ospf)
+    end
+
+    private
+
+    def parse_raw_entry
+      parsed_entry = @raw.match(ROUTE_REGEX)
+      evaluate_protocol(parsed_entry[:flags])
+      evaluate_route_attributes(parsed_entry)
+    end
+
+    def evaluate_protocol(flags_str)
+      type_char = flags_str.scan(TYPE_CHAR_REGEX).first
+      @protocol = TYPE_HASH[type_char] || :unknown
+    end
+
+    def evaluate_route_attributes(parsed_entry)
+      @network       = parsed_entry[:network]&.to_s
+      @via           = parsed_entry[:via]&.to_s
+      @interface     = parsed_entry[:interface]&.to_s
+      @timestamp     = parsed_entry[:timestamp]&.to_s
+      @best          = parsed_entry[:flags].include?('>')
+      @fib           = parsed_entry[:flags].include?('*')
+      @recursive_via = parsed_entry[:recursive_via]&.to_s
+    end
+  end
+end

data/lib/havox/classes/route_filler.rb

@@ -0,0 +1,43 @@
+module Havox
+  class RouteFiller
+    attr_reader :filled_routes
+
+    ROUTE_REGEX = %r(^
+      (?<protocol_char>[A-Z\s]{1})[>\s]{1}[\*\s]{1}\s
+      (?<network>([0-9]{1,3}\.){3}[0-9]{1,3}\/[0-9]{1,2})?.+$
+    )x
+
+    def initialize(raw_routes)
+      @raw_routes = raw_routes
+      @filled_routes = []
+      fill_routes
+    end
+
+    private
+
+    def fill_routes
+      pivot = nil                                                               # Sets null as initial value for the pivot, since the first route is always OK.
+      @raw_routes.each do |raw_route|
+        match = raw_route.match(ROUTE_REGEX)                                    # Tries to match the current route to the regex.
+        if match[:network].nil?                                                 # If the network match is null, the current route must be treated:
+          @filled_routes << filled_route(raw_route, pivot)                      # -- Treats the current route and adds it to the returning array.
+        else                                                                    # Otherwise, the current route is OK:
+          pivot = raw_route                                                     # -- Sets the current route as the new pivot.
+          @filled_routes << raw_route                                           # -- Adds the current route to the returning array.
+        end
+      end
+    end
+
+    def filled_route(raw_route, pivot)
+      match = pivot.match(ROUTE_REGEX)                                          # Extracts protocol char and network from the pivot.
+      network_str = "#{match[:protocol_char]} * #{match[:network]} [110/10] "   # Builds the substitution string containing the char and the network.
+      treated_route = raw_route.gsub(/\s{2}\*\s+(?=via|is)/, network_str)       # Fits the substitution string to the correct place.
+      raise_error(raw_route) if treated_route.eql?(raw_route)                   # Raises an error if the treated route is equal to its initial state.
+      treated_route
+    end
+
+    def raise_error(raw_route)
+      raise Havox::OperationError, "Failed to fill route '#{raw_route}'"
+    end
+  end
+end

data/lib/havox/classes/rule.rb

@@ -0,0 +1,74 @@
+module Havox
+  class Rule
+    attr_reader :matches, :actions, :dp_id, :raw
+
+    def initialize(raw, opts = {})
+      @opts = opts
+      @syntax = @opts[:syntax] || :trema
+      @matches = parsed_matches(raw)
+      @actions = parsed_actions(raw)
+      @dp_id = @matches[:dp_id].to_i
+      @matches.delete(:dp_id)
+      @raw = raw.strip
+    end
+
+    def to_s                                                                    # Stringifies the rule.
+      sep = ' AND '
+      matches_str = @matches.map { |k, v| "#{k.to_s} = #{v.to_s}" }.join(sep)
+      actions_str = @actions.map do |o|
+        %Q(#{o[:action]}(#{o[:arg_a]}#{", #{o[:arg_b]}" unless o[:arg_b].nil?}))
+      end
+      "#{matches_str} --> #{actions_str.join(sep)}"
+    end
+
+    def inspect
+      "Rule #{object_id.to_s(16)}, dp_id = #{@dp_id}: #{to_s}"                  # Prints the rule when debugging or array listing.
+    end
+
+    def to_h
+      { dp_id: @dp_id, matches: @matches, actions: @actions }
+    end
+
+    private
+
+    def parsed_matches(raw_rule)
+      ok_matches = {}
+      raw_matches = raw_rule.split('->').first.split('and')                     # Parses each match field in the 1st part.
+      raw_matches = raw_matches.map { |str| str.tr('()*', '').strip }           # Removes unwanted characters.
+      raw_matches = raw_matches.reject(&:empty?)                                # Rejects resulting empty match fields.
+      raw_matches.each do |raw_match|                                           # Parses and adds each match based on the dictionary.
+        stmt = raw_match.split(/\s?=\s?/)                                       # Splits the statement by '='.
+        field = translate.fields_to(@syntax)[stmt.first]                        # Gets the right field by the raw field name.
+        ok_matches[field] = stmt.last unless already_set?(ok_matches, stmt)
+      end
+      translate.matches_to(@syntax, ok_matches)
+    end
+
+    def parsed_actions(raw_rule)
+      ok_actions = []
+      raw_actions = raw_rule.split('->').last.strip                             # Parses the actions in the 2nd part.
+      raw_actions = raw_actions.split(/(?<=\))\s+(?=\w)/)                       # Splits the string into single raw actions.
+      raw_actions.each do |raw_action|
+        regex = /(?<action>\w+)\((?<arg_a>[\w<>]+)[,\s]*(?<arg_b>[\w<>]*)\)/    # Matches raw actions in the format 'Action(x, y)'.
+        ok_actions << hashed(raw_action.match(regex))                           # Adds the structured action to the returning array.
+      end
+      translate.actions_to(@syntax, ok_actions, @opts)
+    end
+
+    def hashed(match_data)
+      Hash[match_data.names.map(&:to_sym).zip(match_data.captures)]             # Converts the match data to a hash object.
+    end
+
+    def translate
+      Havox::Translator.instance
+    end
+
+    def already_set?(matches_hash, stmt)
+      field = translate.fields_to(@syntax)[stmt.first]
+      unless matches_hash[field].nil? || matches_hash[field].eql?(stmt.last)
+        return !@opts[:force]
+      end
+      false
+    end
+  end
+end

data/lib/havox/classes/rule_expander.rb

@@ -0,0 +1,47 @@
+module Havox
+  class RuleExpander
+    attr_reader :expanded_rules
+
+    SET_VLAN_REGEX    = /SetField\(vlan,\s?(<none>|\d+)\)/
+    SET_VLAN_ID_REGEX = /SetField\(vlan,\s?(?<vlan_id>\d+)\)/
+    VLAN_MATCH_REGEX  = /vlanId\s?=\s?(?<vlan_id>\d+)/
+    PREDICATE_REGEX   = /\(switch\s?=\s?\d+\s?and(?<pred>.+)\)/
+
+    def initialize(raw_rules)
+      @raw_rules = raw_rules
+      @vlan_predicates = {}
+      @expanded_rules = []
+      scan_vlan_predicates
+      expand
+    end
+
+    private
+
+    def expand
+      @raw_rules.each do |raw_rule|
+        rule_str = raw_rule.gsub(SET_VLAN_REGEX, '')                            # Removes any 'SetField(vlan, x)' pattern, x being a number or '<none>'.
+        @expanded_rules << sub_vlan_predicates(rule_str)                        # Substitutes 'vlanId = x' pattern for the full predicate.
+      end
+    end
+
+    def sub_vlan_predicates(raw_rule)
+      match_data = raw_rule.match(VLAN_MATCH_REGEX)                             # Matches 'vlanId = x' pattern.
+      unless match_data.nil?
+        vlan_id = match_data[:vlan_id]
+        return raw_rule.gsub(VLAN_MATCH_REGEX, @vlan_predicates[vlan_id])       # Returns the substitution of the pattern for the full predicate.
+      end
+      raw_rule                                                                  # Returns the raw rule unmodified if there are no match pattern.
+    end
+
+    def scan_vlan_predicates
+      @raw_rules.each do |raw_rule|
+        match_data = raw_rule.match(SET_VLAN_ID_REGEX)                          # Matches 'SetField(vlan, x)' pattern, x being a number only.
+        unless match_data.nil?
+          vlan_id = match_data[:vlan_id]
+          predicate = raw_rule.split('->').first.match(PREDICATE_REGEX)[:pred]  # Takes the predicate of the rule without the 'switch = x' substring.
+          @vlan_predicates[vlan_id] = predicate                                 # Associates the predicate to its VLAN id.
+        end
+      end
+    end
+  end
+end