tcl/NAT_8tcl_source.html

##

# @brief Basic namespace for all Excentis Tcl extensions

#

namespace eval excentis {


##

# @brief This namespace holds all ByteBlower-related Tcl extensions, including the ByteBlower higher-layer Tcl API.

#

# These procedures are developed for higher-level usage of the ByteBlower API.

# They are mainly used to simplify running specific Test Scenarios similar to

# scenarios you know from the ByteBlower GUI.

#

namespace eval ByteBlower {


## \file

#

# @brief Utility module that provides functionality for <b>NAT scenarios</b>, such as detecting the NAT public IP and public port number.

#

# @copyright Excentis nv - www.excentis.com

#

package require excentis_basic


##

# To find out which ip address and port is used by the nat device, we first send

# some packets from the private to the public side

#

# The used discovery packet size is 256 Bytes.

#

# @param publicPort

#     ByteBlower Port connected to the public side of the NAT device

#

# @param nattedPort

#     ByteBlower Port connected to the private side of the NAT device

#

# @param natUdpPort

#     is the UDP SOURCE port for the nattedPort.

#

# @param publicUdpPort

#     is the UDP SOURCE port for the publicPort.

#

# @param publicIpAddress

#     is the public IP address to use instead of the public IP address that is configured at the publicPort.

#

# @return

#     List of:

#     1. NAT public IP address

#     2. NAT public UDP port

proc NatDevice.IP.Get { publicPort nattedPort publicUdpPort natUdpPort { publicIpAddress null } } {


    if { [ $publicPort Info -implements WirelessEndpoint ]} {

        error "Public port cannot be a WirelessEndpoint!"

    }


    # Is our natted port a Wireless Endpoint?

    set nattedPortIsWE [ $nattedPort Info -implements WirelessEndpoint ]


    # Collect generic information:

    set publicportIP [ $publicPort Layer3.IPv4.Get ]

    set publicportL25List [ $publicPort Layer2_5.Vlan.Get ]

    if { [ string equal $publicIpAddress "null" ]} {

        set publicIpAddress [ $publicportIP Ip.Get ]

    }


    if { ! $nattedPortIsWE} {

        set nattedPortL3 [ $nattedPort Layer3.IPv4.Get ]

        set nattedPortIP [ $nattedPortL3 Ip.Get ]

        set nattedPortL2 [ $nattedPort Layer2.EthII.Get ]

        set nattedPortMac [ $nattedPortL2 Mac.Get ]

        set nattedPortL25List [ $nattedPort Layer2_5.Vlan.Get ]

    } else {

        set nattedPortIP [ [ [ $nattedPort Device.Info.Get ] Network.Info.Get ] IPv4.Get ]

    }


    # Configure stream

    set stream [ $nattedPort Tx.Stream.Add ]

    $stream InterFrameGap.Set 10ms

    $stream NumberOfFrames.Set 100


    set txFrame [ $stream Frame.Add ]


    if { ! $nattedPortIsWE} {

        # send arp to find mac address of nat device

        set mac [ $nattedPortL3 Protocol.Arp [ $publicportIP Ip.Get ] ]


        puts "== NATTED PORT DEST MAC : $mac =="


        # configure frame

        set srcFrame [ ::excentis::basic::Frame.Udp.Set $mac $nattedPortMac $publicIpAddress $nattedPortIP $publicUdpPort $natUdpPort { -Length 256 } ]

        for { set i [expr [llength $nattedPortL25List] - 1]} { $i >= 0} { incr i -1} {

            set nattedPortL25 [lindex $nattedPortL25List $i]

            set srcFrame [::excentis::basic::Frame.Vlan.Insert $srcFrame [ $nattedPortL25 ID.Get ] [ $nattedPortL25 Priority.Get ] [ $nattedPortL25 DropEligible.Get ]]

        }

        $txFrame Bytes.Set $srcFrame

    } else {

        # Much easier for wireless endpoints, since these do not support Full frames and VLAN tagging

        $stream Destination.Address.Set $publicIpAddress

        $stream Destination.Port.Set $publicUdpPort

        $stream Source.Port.Set $natUdpPort

        $txFrame Payload.Set [ string repeat "AA" [ expr 256 - 42 ] ]

    }


    # capture packet at receive port

    set capture [ $publicPort Rx.Capture.Basic.Add ]

    set publicportVlanCount 0

    set vlanFilters [ list ]

    foreach publicportL25 $publicportL25List {

        incr publicportVlanCount

        set vlanId [ $publicportL25 ID.Get ]

        lappend vlanFilters  "vlan $vlanId"

    }


    if { $publicportVlanCount > 0} {

        set vlanFilter [ join $vlanFilters " and " ]

        set filter "$vlanFilter and dst host $publicIpAddress and udp"

    } else {

        set filter "dst host $publicIpAddress and udp"

    }


    $capture Filter.Set $filter

    $capture Start


    # start stream

    if { $nattedPortIsWE} {

        $nattedPort Lock 1

        $nattedPort Prepare

        set ts [ $nattedPort Start ]

        set mpTs [ [ $nattedPort Parent.Get ] Timestamp.Get ]

        set timeToWait [ expr int((double($ts) - double($mpTs)) / 1000000) ]

        after $timeToWait

    } else {

        $nattedPort Start

    }

    after 1000


    # stop stream - should have stopped by itself already.

    if { ! $nattedPortIsWE} {

        $nattedPort Stop

    }


    # stop capture

    $capture Stop


    if { $nattedPortIsWE} {

        $nattedPort Result.Clear

        $nattedPort Lock 0

    }


   set captureResult [ $capture Result.Get ]

    set capturedFrames [ $captureResult Frames.Get ]

    if { [ llength $capturedFrames ] == 0} {

        # Delete the stream and the capture

        $capture Destructor

        $stream Destructor

        error "NAT failed, no packets received on public port for NATted port $nattedPort"

    }

    set capturedFrame [ lindex $capturedFrames 0 ]

    set bytes [ $capturedFrame Bytes.Get ]


    # get source ip and udp port from captured packet

    # Layer 2 decoding

    # -- decoding LENGTH/TYPE field

    set lentype [ string range $bytes 24 27 ]

    scan $lentype "%x" lentypeDec

    if { $lentypeDec <= 1500} {

        set ethernetLength $lentypeDec

        set ethernetPayload [ string range $bytes 44 [ expr 44 + $lentypeDec * 2 - 1 ] ]

    } else {

        set ethernetType $lentype

        set ethernetPayload [ string range $bytes 28 end ]

    }

    # Layer 2.5 decoding

    set ethernetPayload [ string range $ethernetPayload [expr 2 * 4 * $publicportVlanCount] end ]

    # Layer 3 decoding

    scan [ string range $ethernetPayload 0 1 ] "%x" temp

    set ipIhl [ expr $temp & 15 ]


    # -- decoding Total Length

    scan [ string range $ethernetPayload 4 7 ] "%x" ipLength

    # -- decoding IP Source Address

    set ipSa [ string range $ethernetPayload 24 31 ]

    set ipPayload [ string range $ethernetPayload [ expr $ipIhl * 4 * 2 ] [ expr $ipLength * 2 - 1 ] ]

    # Layer 4 decoding

    # -- decoding Source Port

    scan [ string range $ipPayload 0 3 ] "%x" udpSp


    set natPublicIP [ ::excentis::basic::Hex.To.IP $ipSa ]

    set natPublicPort $udpSp


    # clean up streams/triggers/captures

    unset capturedFrames

    $capture Destructor

    $stream Destructor


    return [ list $natPublicIP $natPublicPort ]

}


}


}