private static final String STR_INT_STUB_CLS_CFG = "INTERFACE_STUB_CLASS";
private static final String STR_FILE_TRF_CFG = "ADDITIONAL_ZIP_FILE";
private static final String STR_LANGUAGE = "LANGUAGE";
+ private static final String STR_ADD_MAC_POL = "ADDITIONAL_MAC_POLICY";
private static final String STR_YES = "Yes";
private static final String STR_NO = "No";
private static final String STR_JAVA = "Java";
// Get information from the set
List<Object[]> listObject = objAddInitHand.getFields(strFieldIdentifier);
+ RuntimeOutput.print("IoTMaster: DEBUG: Getting into instrumentIoTSetDevice!", BOOL_VERBOSE);
// Create a new IoTSet
if(strLanguage.equals(STR_JAVA)) {
Message msgCrtIoTSet = new MessageCreateSetRelation(IoTCommCode.CREATE_NEW_IOTSET, strFieldName);
processJailConfig.configureProcessJailDeviceDriverPolicies(strIoTSlaveObjectHostAdd, strObjName, strObjClassName,
strFileName, strIoTMasterHostAdd, commHan.getComPort(strObjName), commHan.getRMIRegPort(strObjName),
commHan.getRMIStubPort(strObjName));
+ // Check for additional MAC policy
+ String strMACConfigPath = STR_IOT_CODE_PATH + strObjClassName + "/";
+ String strCfgFile = strMACConfigPath + strObjClassName + STR_CFG_FILE_EXT;
+ String strAddMACPolicy = parseConfigFile(strCfgFile, STR_ADD_MAC_POL);
+ if (strAddMACPolicy != null && strAddMACPolicy.equals("Yes"))
+ processJailConfig.combineAdditionalMACPolicy(strMACConfigPath, strObjClassName, strIoTSlaveObjectHostAdd);
processJailConfig.configureProcessJailContRMIPolicies(strObjControllerName, strIoTSlaveObjectHostAdd,
commHan.getRMIRegPort(strObjName), commHan.getRMIStubPort(strObjName));
}
routerConfig.configureHostHTTPPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveObjectHostAdd, strDeviceAddress);
// Configure MAC policies
if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
- processJailConfig.configureProcessJailGWDevicePolicies(strIoTSlaveObjectHostAdd, STR_ROUTER_ADD, INT_DNS_PORT);
+ processJailConfig.configureProcessJailGWDevicePolicies(strIoTSlaveObjectHostAdd, STR_ROUTER_ADD, strDeviceAddress, INT_DNS_PORT);
} else {
// Other port numbers...
commHan.addDevicePort(iDestDeviceDriverPort);
if(setInstrumenter.getObjTableName().equals(STR_IOT_DEV_ADD_CLS)) {
// Instrument the normal IoTDeviceAddress
synchronized(this) {
+ //RuntimeOutput.print("IoTMaster: DEBUG: Processing " + STR_IOT_DEV_ADD_CLS + "!", BOOL_VERBOSE);
instrumentIoTSetDevice(strFieldIdentifier, strObjName, strFieldName, strIoTSlaveObjectHostAdd, inStream, outStream, strLanguageDriver);
}
} else if(setInstrumenter.getObjTableName().equals(STR_IOT_ZB_ADD_CLS)) {
private void setRouterBasicPolicies(String strRouter) {
String strMonitorHost = routerConfig.getIPFromMACAddress(STR_MONITORING_HOST);
+ routerConfig.initMainPolicy(strRouter);
+ routerConfig.combineRouterPolicies(strRouter);
routerConfig.configureRouterICMPPolicies(strRouter, strMonitorHost);
routerConfig.configureRouterDHCPPolicies(strRouter);
routerConfig.configureRouterDNSPolicies(strRouter);
private void setHostBasicPolicies(String strHost) {
String strMonitorHost = routerConfig.getIPFromMACAddress(STR_MONITORING_HOST);
+ routerConfig.initMainPolicy(strHost);
+ routerConfig.combineRouterPolicies(strHost);
routerConfig.configureHostDHCPPolicies(strHost);
routerConfig.configureHostDNSPolicies(strHost);
if (strHost.equals(strMonitorHost)) {
try {
// Extract hostname for this IoTMaster from MySQL DB
strIoTMasterHostAdd = routerConfig.getIPFromMACAddress(STR_MASTER_MAC_ADD);
+ // Assign a new list of PrintWriter objects
+ routerConfig.renewPrintWriter();
+ HashSet<String> setAddresses = null;
// Loop as we can still find controller/device classes
for(int i=0; i<strObjectNames.length; i++) {
// PROFILING
start = System.currentTimeMillis();
-
- // Assign a new list of PrintWriter objects
- routerConfig.renewPrintWriter();
+ // Assign a new list of main PrintWriter objects
+ routerConfig.renewMainPrintWriter();
// Get controller names one by one
String strObjControllerName = strObjectNames[i];
// Use LoadBalancer to assign a host address
String strFileName = STR_MAC_POL_PATH + STR_JAVA + STR_MAC_POLICY_EXT;
processJailConfig.configureProcessJailControllerPolicies(strObjControllerName, strFileName,
strIoTMasterHostAdd, commHan.getComPort(strObjControllerName));
+ // Whether or not we need additional Tomoyo policy?
+ String strAddMACPolicy = parseConfigFile(strControllerCfg, STR_ADD_MAC_POL);
+ if (strAddMACPolicy != null && strAddMACPolicy.equals("Yes")) {
+ String strContMACCfg = STR_CONT_PATH + strObjControllerName + "/";
+ processJailConfig.combineAdditionalMACPolicy(strContMACCfg, strObjControllerName, strObjControllerName);
+ }
}
// PROFILING
result = System.currentTimeMillis()-start;
// SetInstrumenter vs. RelationInstrumenter
String strFieldName = map.getKey();
String strClassName = map.getValue().getClass().getName();
+
+ System.out.println("\n\nDEBUG: Instrumenting IoTSet and IoTRelation objects!!!");
+ System.out.println("DEBUG: Field name: " + strFieldName);
+ System.out.println("DEBUG: Class name: " + strFieldName + "\n\n");
+
if(strClassName.equals(STR_SET_INSTRUMENTER_CLS)) {
SetInstrumenter setInstrumenter = (SetInstrumenter) map.getValue();
if(setInstrumenter.getObjTableName().equals(STR_IOT_DEV_ADD_CLS)) {
// Combine controller MAC policies with the main policy file for the host
String strTempFileName = "./" + strObjControllerName + STR_MAC_POLICY_EXT;
processJailConfig.combineControllerMACPolicies(strIoTSlaveControllerHostAdd, strObjControllerName, strTempFileName);
- processJailConfig.close();
+ processJailConfig.flush();
// PROFILING
result = System.currentTimeMillis()-start;
// PROFILING
start = System.currentTimeMillis();
- // ROUTING POLICY: Deploy basic policies if this is the last controller
- if (i == strObjectNames.length-1) {
- // ROUTING POLICY: implement basic policies to reject all other irrelevant traffics
- for(String s: commHan.getHosts()) {
- setHostBasicPolicies(s);
- }
- // We retain all the basic policies for router,
- // but we delete the initial allowance policies for internal all TCP and UDP communications
- setRouterBasicPolicies(STR_ROUTER_ADD);
+ // ROUTING POLICY: implement basic policies to reject all other irrelevant traffics
+ for(String s: commHan.getHosts()) {
+ setHostBasicPolicies(s);
}
- // Close access to policy files and deploy policies
- routerConfig.close();
+ // We retain all the basic policies for router,
+ // but we delete the initial allowance policies for internal all TCP and UDP communications
+ setRouterBasicPolicies(STR_ROUTER_ADD);
+ routerConfig.closeMain();
// Deploy the policy
- HashSet<String> setAddresses = new HashSet<String>(commHan.getHosts());
+ setAddresses = new HashSet<String>(commHan.getHosts());
setAddresses.add(strIoTMasterHostAdd);
createPolicyThreads(STR_ROUTER_ADD, setAddresses);
inStream.close();
socket.close();
serverSocket.close();
+ objInitHand.clearObjectInitHandler();
commHan.printLists();
+ commHan.clearCommunicationHandler();
lbIoT.printHostInfo();
- if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
- createMACPolicyThreads(setAddresses);
}
+ // Close access to policy files and deploy policies
+ routerConfig.close();
+ processJailConfig.close();
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+ createMACPolicyThreads(setAddresses);
} catch (IOException |
InterruptedException |