diff --git a/simple-IDS/unikernel.ml b/simple-IDS/unikernel.ml index 494dca1e480424947fb2663c9d80e6734db37ac4..6e2c5b9cd58e785f5e8f300f7b2152c17da16e9e 100644 --- a/simple-IDS/unikernel.ml +++ b/simple-IDS/unikernel.ml @@ -35,15 +35,15 @@ module Main (* the specific impls we're using show up as arguments to start. *) let start public_netif4 private_netif4 - _public_netif5 _private_netif5 - _public_netif6 _private_netif6 - _public_netif7 _private_netif7 - _public_netif8 _private_netif8 - _public_netif9 _private_netif9 - _public_netif10 _private_netif10 - _public_netif11 _private_netif11 - _public_netif12 _private_netif12 - _public_netif13 _private_netif13 + public_netif5 private_netif5 + public_netif6 private_netif6 + public_netif7 private_netif7 + public_netif8 private_netif8 + public_netif9 private_netif9 + public_netif10 private_netif10 + public_netif11 private_netif11 + public_netif12 private_netif12 + public_netif13 private_netif13 _public_ethernet4 private_ethernet4 _public_ethernet5 _private_ethernet5 _public_ethernet6 _private_ethernet6 @@ -61,6 +61,96 @@ module Main Rules.init false in + let output_public4 packet = + let len = Cstruct.length packet in + Public_net4.write public_netif4 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net4.pp_error e) ; + () + in + + let output_public5 packet = + let len = Cstruct.length packet in + Public_net5.write public_netif5 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net5.pp_error e) ; + () + in + + let output_public6 packet = + let len = Cstruct.length packet in + Public_net6.write public_netif6 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net6.pp_error e) ; + () + in + + let output_public7 packet = + let len = Cstruct.length packet in + Public_net7.write public_netif7 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net7.pp_error e) ; + () + in + + let output_public8 packet = + let len = Cstruct.length packet in + Public_net8.write public_netif8 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net8.pp_error e) ; + () + in + + let output_public9 packet = + let len = Cstruct.length packet in + Public_net9.write public_netif9 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net9.pp_error e) ; + () + in + + let output_public10 packet = + let len = Cstruct.length packet in + Public_net10.write public_netif10 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net10.pp_error e) ; + () + in + + let output_public11 packet = + let len = Cstruct.length packet in + Public_net11.write public_netif11 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net11.pp_error e) ; + () + in + + let output_public12 packet = + let len = Cstruct.length packet in + Public_net12.write public_netif12 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net12.pp_error e) ; + () + in + + let output_public13 packet = + let len = Cstruct.length packet in + Public_net13.write public_netif13 ~size:len (fun b -> Cstruct.blit packet 0 b 0 len ; len) >|= function + | Ok () -> () + | Error e -> + Log.warn (fun f -> f "netif write errored %a" Public_net13.pp_error e) ; + () + in + (* Forward the (dest, packet) [packet] to the private interface, using [dest] to understand how to route *) let output_private4 packet = (* For IPv4 only one prefix can be configured so the list is always of length 1 *) @@ -132,14 +222,125 @@ module Main Lwt.return_unit in Public_net4.listen ~header_size public_netif4 input >>= function - | Error e -> Log.debug (fun f -> f "public4 interface stopped: %a" - Public_net4.pp_error e); Lwt.return_unit + | Error e -> Log.debug (fun f -> f "public4 interface stopped: %a" Public_net4.pp_error e); Lwt.return_unit | Ok () -> Log.debug (fun f -> f "public4 interface terminated normally"); Lwt.return_unit in + let listen_private4 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = (* Takes an ethernet packet and send it to the relevant callback *) + output_public4 frame + in + Private_net4.listen ~header_size private_netif4 input >>= function + | Error e -> Log.debug (fun f -> f "private4 interface stopped: %a" Private_net4.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private4 interface terminated normally"); + Lwt.return_unit + in + + let listen_private5 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public5 frame + in + Private_net5.listen ~header_size private_netif5 input >>= function + | Error e -> Log.debug (fun f -> f "private5 interface stopped: %a" Private_net5.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private5 interface terminated normally"); Lwt.return_unit + in + + let listen_private6 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public6 frame + in + Private_net6.listen ~header_size private_netif6 input >>= function + | Error e -> Log.debug (fun f -> f "private6 interface stopped: %a" Private_net6.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private6 interface terminated normally"); Lwt.return_unit + in + + let listen_private7 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public7 frame + in + Private_net7.listen ~header_size private_netif7 input >>= function + | Error e -> Log.debug (fun f -> f "private7 interface stopped: %a" Private_net7.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private7 interface terminated normally"); Lwt.return_unit + in + + let listen_private8 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public8 frame + in + Private_net8.listen ~header_size private_netif8 input >>= function + | Error e -> Log.debug (fun f -> f "private8 interface stopped: %a" Private_net8.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private8 interface terminated normally"); Lwt.return_unit + in + + let listen_private9 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public9 frame + in + Private_net9.listen ~header_size private_netif9 input >>= function + | Error e -> Log.debug (fun f -> f "private9 interface stopped: %a" Private_net9.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private9 interface terminated normally"); Lwt.return_unit + in + + let listen_private10 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public10 frame + in + Private_net10.listen ~header_size private_netif10 input >>= function + | Error e -> Log.debug (fun f -> f "private10 interface stopped: %a" Private_net10.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private10 interface terminated normally"); Lwt.return_unit + in + + let listen_private11 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public11 frame + in + Private_net11.listen ~header_size private_netif11 input >>= function + | Error e -> Log.debug (fun f -> f "private11 interface stopped: %a" Private_net11.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private11 interface terminated normally"); Lwt.return_unit + in + + let listen_private12 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public12 frame + in + Private_net12.listen ~header_size private_netif12 input >>= function + | Error e -> Log.debug (fun f -> f "private12 interface stopped: %a" Private_net12.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private12 interface terminated normally"); Lwt.return_unit + in + + let listen_private13 = + let header_size = Ethernet.Packet.sizeof_ethernet + and input frame = + output_public13 frame + in + Private_net13.listen ~header_size private_netif13 input >>= function + | Error e -> Log.debug (fun f -> f "private13 interface stopped: %a" Private_net13.pp_error e); Lwt.return_unit + | Ok () -> Log.debug (fun f -> f "private13 interface terminated normally"); Lwt.return_unit + in + + (* start both listeners, and continue as long as both are working. *) Lwt.pick [ listen_public4; + listen_private4; + listen_private5; + listen_private6; + listen_private7; + listen_private8; + listen_private9; + listen_private10; + listen_private11; + listen_private12; + listen_private13; ] end \ No newline at end of file