msg = of.ofp_flow_mod()
msg.priority = 42
msg.match.dl_type=0x800
msg.idle_timeout = 40
msg.hard_timeout = 40
msg.match.nw_dst = IPAddr("10.0.0.2")
msg.actions.append(of.ofp_action_nw_addr.set_dst(IPAddr("10.0.0.4")))
msg.actions.append(of.ofp_action_output(port = 4))
self.connection.send(msg)
msg = of.ofp_flow_mod()
msg.priority = 42
msg.match.dl_type=0x800
msg.idle_timeout = 40
msg.hard_timeout = 40
msg.match.nw_dst = IPAddr(src_ip)
msg.actions.append(of.ofp_action_nw_addr.set_src(IPAddr("10.0.0.2")))
msg.actions.append(of.ofp_action_output(port = myport))
self.connection.send(msg)
I have a switch and 3 hosts.I assume that 10.0.0.3 is the attacker and 10.0.0.2
and 10.0.0.4 are two(supposed) honeypots.(i use mininet)
When there are a lot of packets towards .2 honeypot i want to redirect the
traffic to .4.So i install a rule for ip spoofing to .4 and i send it to port
4.Moreover there is a flow for the replies from 10.0.0.4.The thing is that i
send echo requests to .2 ,switch succeessfully changes it to .4 and sends is
from the correct port.But h4 drops it and doesn't send any echo reply.
The even more bizzar thing is that i can ping from .4 to .3 and .3 sees is as
.2.(ping show that packets drop,but with tcpdump i can see full duplex
communication,wtf is going on) :/
I cannot understand if it's a pox bug when it modifies src or destination ip,or
mininet bug.Or if you could suggest any other solution.To sum up the consept
is,i want to send packets from .3 to .2 and when an event accurs to send them
to .4 But the attacker should see that communicates always with .2 and not .4
(that's why i want to modify ip 2 times)Thanks in advance !!!!
