Hi,
i need a bit help with ryu. Currently i'm working with the
alert_dumper example which allows the interaction with the
SNORT IDS. It works very well, and i'm able to trace the
source and destination of suspicous packets by IP and MAC.
Now i want to go one step further and define rules for
suspious IP's. I tried to set a new flowtable-entry with
add_flow, but as the alert_dumper example makes use of the
AlertPkt Object, i'm not able to get access to the
datapath.
It shall look (and work) like the following code-snippet
@set_ev_cls(alert_monitor.EventAlert)
def _dump_alert(self, ev):
msg = ev.msg
print 'alertmsg:', ''.join(msg.alertmsg)
self.packet_print(msg.pkt)
# This is how i think i might work, if i can access the
datapath
actions =
[datapath.ofproto_parser.OFPActionOutput(port_for_further_analysis)]
self.add_flow(datapath, suspicious_port, dst,
actions)
out = datapath.ofproto_parser.OFPPacketOut(
datapath=datapath, buffer_id=msg.buffer_id,
in_port=msg.in_port,
actions=actions)
datapath.send_msg(out)
It would be very kind if someone is able to give me a hint
how i could get access to that datapath.
Thanks a lot!
Chris
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
