openflow.zeek¶

NetControl¶

OpenFlow plugin for the NetControl framework.

Namespace: NetControl
Imports: base/frameworks/netcontrol/main.zeek, base/frameworks/netcontrol/plugin.zeek, base/frameworks/openflow

Summary¶

Redefinable Options¶

`NetControl::openflow_flow_timeout`: `interval` `&redef`	The time interval after we consider a flow timed out.
`NetControl::openflow_message_timeout`: `interval` `&redef`	The time interval after which an openflow message is considered to be timed out and we delete it from our internal tracking.

Types¶

`NetControl::OfConfig`: `record`	This record specifies the configuration that is passed to `NetControl::create_openflow`.
`NetControl::OfTable`: `record`

Redefinitions¶

NetControl::PluginState: record

New Fields

NetControl::PluginState

of_controller: OpenFlow::Controller &optional: OpenFlow controller for NetControl OpenFlow plugin.
of_config: NetControl::OfConfig &optional: OpenFlow configuration record that is passed on initialization.

Functions¶

NetControl::create_openflow: function

Instantiates an openflow plugin for the NetControl framework.

Detailed Interface¶

Redefinable Options¶

NetControl::openflow_flow_timeout¶

Type: interval
Attributes: &redef
Default: 1.0 day

The time interval after we consider a flow timed out. This should be fairly high (or even disabled) if you expect a lot of long flows. However, one also will have state buildup for quite a while if keeping this around…

NetControl::openflow_message_timeout¶

Type: interval
Attributes: &redef
Default: 20.0 secs

The time interval after which an openflow message is considered to be timed out and we delete it from our internal tracking.

Types¶

NetControl::OfConfig¶

Type

record

monitor: bool &default = T &optional

Accept rules that target the monitor path.

forward: bool &default = T &optional

Accept rules that target the forward path.

idle_timeout: count &default = 0 &optional

Default OpenFlow idle timeout.

table_id: count &optional

Default OpenFlow table ID.

priority_offset: int &default = 0 &optional

Add this to all rule priorities. Can be useful if you want the openflow priorities be offset from the netcontrol priorities without having to write a filter function.

check_pred: function (p: NetControl::PluginState, r: NetControl::Rule)bool &optional

Predicate that is called on rule insertion or removal.

p: Current plugin state.
r: The rule to be inserted or removed.
returns: T if the rule can be handled by the current backend, F otherwise.

match_pred: function (p: NetControl::PluginState, e: NetControl::Entity, m: vector of OpenFlow::ofp_match)vector of OpenFlow::ofp_match &optional

This predicate is called each time an OpenFlow match record is created. The predicate can modify the match structure before it is sent on to the device.

p: Current plugin state.
r: The rule to be inserted or removed.
m: The openflow match structures that were generated for this rules.
returns: The modified OpenFlow match structures that will be used in place of the structures passed in m.

flow_mod_pred: function (p: NetControl::PluginState, r: NetControl::Rule, m: OpenFlow::ofp_flow_mod)OpenFlow::ofp_flow_mod &optional