X-Git-Url: http://demsky.eecs.uci.edu/git/?a=blobdiff_plain;f=iotjava%2Fiotruntime%2Fmaster%2FRouterConfig.java;h=2c7309b54ef13d7e824e0c58bc077580e4295e6c;hb=7e8c0cabb7057ad561adbb8b6cc2a0fd5c41bbf4;hp=3c5c2a92519acd35eae08c42a19ce51ca4e4870b;hpb=8e565033fd19c4696f67862ade27f0ebbacf5682;p=iot2.git diff --git a/iotjava/iotruntime/master/RouterConfig.java b/iotjava/iotruntime/master/RouterConfig.java index 3c5c2a9..2c7309b 100644 --- a/iotjava/iotruntime/master/RouterConfig.java +++ b/iotjava/iotruntime/master/RouterConfig.java @@ -38,12 +38,12 @@ public final class RouterConfig { /** * RouterConfig constants */ - private static final String STR_SSH_USERNAME_ROUTER = "root"; - private static final String STR_SSH_USERNAME_RASPBERRYPI = "pi"; - private static final String STR_SSH_USERNAME_HOST = "iotuser"; - private static final String STR_POLICY_FILE_ALL = "_all"; - private static final String STR_POLICY_FILE_EXT = ".policy"; - private static final String STR_INCOMPLETE = "(incomplete)"; + private static final String STR_SSH_USERNAME_ROUTER = "root"; + private static final String STR_SSH_USERNAME_RASPBERRYPI = "pi"; + private static final String STR_SSH_USERNAME_HOST = "iotuser"; + private static final String STR_POLICY_FILE_ALL = "_all"; + private static final String STR_POLICY_FILE_EXT = ".policy"; + private static final String STR_INCOMPLETE = "(incomplete)"; /** * RouterConfig properties @@ -215,10 +215,7 @@ public final class RouterConfig { deployPolicies(strCmdSend); String strCmdDeploy = "ssh " + STR_SSH_USERNAME_ROUTER + "@" + strConfigHost + " iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost + - STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; ";// + - // TODO: delete these later when we apply tight initial conditions (reject everything but SSH commands) - //"iptables -F startup_filter_tcp; iptables -F startup_filter_udp; " + - //"iptables -t filter -D FORWARD -j startup_filter_tcp; iptables -t filter -D FORWARD -j startup_filter_udp;"; + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; "; //System.out.println(strCmdDeploy); deployPolicies(strCmdDeploy); } @@ -233,12 +230,12 @@ public final class RouterConfig { String strCmdSend = "scp " + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + " " + STR_SSH_USERNAME_HOST + "@" + strConfigHost + ":~;"; - System.out.println(strCmdSend); + //System.out.println(strCmdSend); deployPolicies(strCmdSend); String strCmdDeploy = "ssh " + STR_SSH_USERNAME_HOST + "@" + strConfigHost + " sudo iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + ";"; - System.out.println(strCmdDeploy); + //System.out.println(strCmdDeploy); deployPolicies(strCmdDeploy); } @@ -285,7 +282,6 @@ public final class RouterConfig { */ public void getAddressListTmp(String strRouterAddress) { - //HashMap hmMACToIPAdd = new HashMap(); try { // We can replace "cat /tmp/dhcp.leases" with "cat /proc/net/arp" String cmd = "ssh " + STR_SSH_USERNAME_ROUTER + "@" + strRouterAddress + @@ -307,41 +303,40 @@ public final class RouterConfig { } } - /** - * getAddressListArp() method gets list of IP addresses from arp command - *

- * This method sends an inquiry to the router to look for - * the list of DHCP leased addresses and their mapping to MAC - * addresses - * - * @param strRouterAddress String that contains address of router - */ - public void getAddressListArp(String strRouterAddress) { - - //HashMap hmMACToIPAdd = new HashMap(); - try { - // We replace with "cat /usr/sbin/arp" - String cmd = "ssh " + STR_SSH_USERNAME_RASPBERRYPI + "@" + strRouterAddress + - " /usr/sbin/arp -n"; - Runtime runtime = Runtime.getRuntime(); - Process process = runtime.exec(cmd); - - InputStream inStream = process.getInputStream(); - InputStreamReader isReader = new InputStreamReader(inStream); - BufferedReader bReader = new BufferedReader(isReader); - String strRead = null; - while((strRead = bReader.readLine()) != null){ - String[] str = strRead.split("\\s+"); - // Skip if "(incomplete)" is seen! - if (str[1].equals(STR_INCOMPLETE)) - continue; - mapMACtoIPAdd.put(str[2], str[0]); - } - } catch (IOException ex) { - System.out.println("RouterConfig: IOException: " + ex.getMessage()); - ex.printStackTrace(); - } + /** + * getAddressListArp() method gets list of IP addresses from arp command + *

+ * This method sends an inquiry to the router to look for + * the list of DHCP leased addresses and their mapping to MAC + * addresses + * + * @param strRouterAddress String that contains address of router + */ + public void getAddressListArp(String strRouterAddress) { + + try { + // We replace with "cat /usr/sbin/arp" + String cmd = "ssh " + STR_SSH_USERNAME_RASPBERRYPI + "@" + strRouterAddress + + " /usr/sbin/arp -n"; + Runtime runtime = Runtime.getRuntime(); + Process process = runtime.exec(cmd); + + InputStream inStream = process.getInputStream(); + InputStreamReader isReader = new InputStreamReader(inStream); + BufferedReader bReader = new BufferedReader(isReader); + String strRead = null; + while((strRead = bReader.readLine()) != null) { + String[] str = strRead.split("\\s+"); + // Skip if "(incomplete)" is seen! + if (str[1].equals(STR_INCOMPLETE)) + continue; + mapMACtoIPAdd.put(str[2], str[0]); + } + } catch (IOException ex) { + System.out.println("RouterConfig: IOException: " + ex.getMessage()); + ex.printStackTrace(); } + } /** * getIPFromMACAddress() method gets IP from MAC address @@ -686,8 +681,6 @@ public final class RouterConfig { strConfigHost + " -d " + strMonitorHost + " -p tcp --dport ssh"); pwConfig.println("-A OUTPUT -j ACCEPT -s " + strConfigHost + " -d " + strMonitorHost + " -p tcp --sport ssh"); - //pwConfig.println("-A FORWARD -j ACCEPT -p tcp --dport ssh"); - //pwConfig.println("-A FORWARD -j ACCEPT -p tcp --sport ssh"); } @@ -973,6 +966,5 @@ public final class RouterConfig { pwConfig.println("-A INPUT -j ACCEPT -p udp --sport domain"); pwConfig.println("-A OUTPUT -j ACCEPT -p udp --dport domain"); pwConfig.println("-A OUTPUT -j ACCEPT -p udp --sport domain"); - } }