openflow.zeek¶

NetControl¶

OpenFlow plugin for the NetControl framework.

Namespace:	NetControl
Imports:	base/frameworks/netcontrol/main.zeek, base/frameworks/netcontrol/plugin.zeek, base/frameworks/openflow

Summary¶

Redefinable Options¶

`NetControl::openflow_flow_timeout`: `interval` `&redef`	The time interval after we consider a flow timed out.
`NetControl::openflow_message_timeout`: `interval` `&redef`	The time interval after which an openflow message is considered to be timed out and we delete it from our internal tracking.

Types¶

`NetControl::OfConfig`: `record`	This record specifies the configuration that is passed to `NetControl::create_openflow`.
`NetControl::OfTable`: `record`

Redefinitions¶

NetControl::PluginState: record

Functions¶

NetControl::create_openflow: function Instantiates an openflow plugin for the NetControl framework.

Detailed Interface¶

Redefinable Options¶

NetControl::openflow_flow_timeout¶

Type:	`interval`
Attributes:	`&redef`
Default:	`1.0 day`

The time interval after we consider a flow timed out. This should be fairly high (or even disabled) if you expect a lot of long flows. However, one also will have state buildup for quite a while if keeping this around…

NetControl::openflow_message_timeout¶

Type:	`interval`
Attributes:	`&redef`
Default:	`20.0 secs`

The time interval after which an openflow message is considered to be timed out and we delete it from our internal tracking.

Types¶

NetControl::OfConfig¶

Type:

record

monitor: bool &default = T &optional

Accept rules that target the monitor path.

forward: bool &default = T &optional

Accept rules that target the forward path.

idle_timeout: count &default = 0 &optional

Default OpenFlow idle timeout.

table_id: count &optional

Default OpenFlow table ID.

priority_offset: int &default = 0 &optional

Add this to all rule priorities. Can be useful if you want the openflow priorities be offset from the netcontrol priorities without having to write a filter function.

check_pred: function (p: NetControl::PluginState, r: NetControl::Rule) : bool &optional

Predicate that is called on rule insertion or removal.

p:	Current plugin state.
r:	The rule to be inserted or removed.
returns:	T if the rule can be handled by the current backend, F otherwise.

match_pred: function (p: NetControl::PluginState, e: NetControl::Entity, m: vector of OpenFlow::ofp_match) : vector of OpenFlow::ofp_match &optional

This predicate is called each time an OpenFlow match record is created. The predicate can modify the match structure before it is sent on to the device.

p:	Current plugin state.
r:	The rule to be inserted or removed.
m:	The openflow match structures that were generated for this rules.
returns:	The modified OpenFlow match structures that will be used in place of the structures passed in m.

flow_mod_pred: function (p: NetControl::PluginState, r: NetControl::Rule, m: OpenFlow::ofp_flow_mod) : OpenFlow::ofp_flow_mod &optional

This predicate is called before a FlowMod message is sent to the OpenFlow device. It can modify the FlowMod message before it is passed on.

p:	Current plugin state.
r:	The rule to be inserted or removed.
m:	The OpenFlow FlowMod message.
returns:	The modified FlowMod message that is used in lieu of m.

This record specifies the configuration that is passed to NetControl::create_openflow.

NetControl::OfTable¶

Type:

record

p: NetControl::PluginState

r: NetControl::Rule

c: count &default = 0 &optional

packet_count: count &default = 0 &optional

byte_count: count &default = 0 &optional

duration_sec: double &default = 0.0 &optional

Functions¶

NetControl::create_openflow¶

Type:	`function` (controller: `OpenFlow::Controller`, config: `NetControl::OfConfig` `&default` = `[]` `&optional`) : `NetControl::PluginState`

Instantiates an openflow plugin for the NetControl framework.