Skip to content

Commit

Permalink
scripts: replace scripts required for using socket pktio
Browse files Browse the repository at this point in the history 
When using linux interfaces as socket pktios we need to block
access to those interfaces for applications and some functions
of Linux network stack (ping, etc.).

Signed-off-by: Bogdan Pricope <[email protected]>
Reviewed-by: Matias Elo <[email protected]>
  • Loading branch information
@bogdanPricope @MatiasElo
bogdanPricope authored and MatiasElo committed May 13, 2020
1 parent ed2680e commit 03dba93
Show file tree
Hide file tree
Showing 14 changed files with 72 additions and 189 deletions.
38 changes: 38 additions & 0 deletions scripts/ofp_linux_interface_acquire.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
#!/bin/bash

# Use this script to block access to a linux interface for other
# applications before it is utilized as a socket pktio, in OFP
# example applications.

# Check arguments
if [ "$#" -ne 1 ]; then
echo "Error: Invalid number of parameters."
echo "Usage:"
echo " "${0}" <interface_name>"
exit 1
fi

linux_intf=${1}
ifconfig $linux_intf &> /dev/null
if [ $? -ne 0 ]; then
echo "Error: Invalid interface '"$linux_intf"'."
exit 1
fi

# Check rights
if [ "$EUID" -ne 0 ]; then
echo "Error: Script must be executed with superuser rights."
exit 1
fi

# Set iptables: append drop rules
iptables -A FORWARD -i $linux_intf -j DROP
iptables -A INPUT -i $linux_intf -j DROP
ip6tables -A FORWARD -i $linux_intf -j DROP
ip6tables -A INPUT -i $linux_intf -j DROP

# Disable arp
ifconfig $linux_intf -arp

# Flush addresses
ip addr flush dev $linux_intf
34 changes: 34 additions & 0 deletions scripts/ofp_linux_interface_release.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
#!/bin/bash

# Use this script to restore access to a linux interface for other
# applications after it was blocked with ofp_linux_interface_acquire.sh.

# Check arguments
if [ "$#" -ne 1 ]; then
echo "Error: Invalid number of parameters."
echo "Usage:"
echo " "${0}" <interface_name>"
exit 1
fi

linux_intf=${1}
ifconfig $linux_intf &> /dev/null
if [ $? -ne 0 ]; then
echo "Error: Invalid interface '"$linux_intf"'."
exit 1
fi

# Check rights
if [ "$EUID" -ne 0 ]; then
echo "Error: Script must be executed with superuser rights."
exit 1
fi

# Set iptables: delete drop rules
iptables -D FORWARD -i $linux_intf -j DROP
iptables -D INPUT -i $linux_intf -j DROP
ip6tables -D FORWARD -i $linux_intf -j DROP
ip6tables -D INPUT -i $linux_intf -j DROP

# Enable arp
ifconfig $linux_intf arp
12 changes: 0 additions & 12 deletions scripts/reset_classifier.sh
View file

This file was deleted.

13 changes: 0 additions & 13 deletions scripts/reset_device.sh
View file

This file was deleted.

12 changes: 0 additions & 12 deletions scripts/reset_socket.sh
View file

This file was deleted.

12 changes: 0 additions & 12 deletions scripts/reset_webserver2.sh
View file

This file was deleted.

15 changes: 0 additions & 15 deletions scripts/start_classifier.sh
View file

This file was deleted.

20 changes: 0 additions & 20 deletions scripts/start_conformance.sh
View file

This file was deleted.

21 changes: 0 additions & 21 deletions scripts/start_device.sh
View file

This file was deleted.

16 changes: 0 additions & 16 deletions scripts/start_socket.sh
View file

This file was deleted.

25 changes: 0 additions & 25 deletions scripts/start_webserver.sh
View file

This file was deleted.

14 changes: 0 additions & 14 deletions scripts/start_webserver2.sh
View file

This file was deleted.

13 changes: 0 additions & 13 deletions scripts/stop_conformance.sh
View file

This file was deleted.

16 changes: 0 additions & 16 deletions scripts/stop_webserver.sh
View file

This file was deleted.

0 comments on commit 03dba93

Please sign in to comment.