/**
* RouterConfig constants
*/
- private static final String STR_SSH_USERNAME_ROUTER = "root";
- private static final String STR_SSH_USERNAME_RASPBERRYPI = "pi";
- private static final String STR_SSH_USERNAME_HOST = "iotuser";
- private static final String STR_POLICY_FILE_ALL = "_all";
- private static final String STR_POLICY_FILE_EXT = ".policy";
- private static final String STR_INCOMPLETE = "(incomplete)";
+ private static final String STR_SSH_USERNAME_ROUTER = "root";
+ private static final String STR_SSH_USERNAME_RASPBERRYPI = "pi";
+ private static final String STR_SSH_USERNAME_HOST = "iotuser";
+ private static final String STR_POLICY_FILE_ALL = "_all";
+ private static final String STR_POLICY_FILE_EXT = ".policy";
+ private static final String STR_INCOMPLETE = "(incomplete)";
/**
* RouterConfig properties
deployPolicies(strCmdSend);
String strCmdDeploy = "ssh " + STR_SSH_USERNAME_ROUTER + "@" + strConfigHost +
" iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost +
- STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; ";// +
- // TODO: delete these later when we apply tight initial conditions (reject everything but SSH commands)
- //"iptables -F startup_filter_tcp; iptables -F startup_filter_udp; " +
- //"iptables -t filter -D FORWARD -j startup_filter_tcp; iptables -t filter -D FORWARD -j startup_filter_udp;";
+ STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; ";
//System.out.println(strCmdDeploy);
deployPolicies(strCmdDeploy);
}
String strCmdSend = "scp " + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + " " +
STR_SSH_USERNAME_HOST + "@" + strConfigHost + ":~;";
- System.out.println(strCmdSend);
+ //System.out.println(strCmdSend);
deployPolicies(strCmdSend);
String strCmdDeploy = "ssh " + STR_SSH_USERNAME_HOST + "@" + strConfigHost +
" sudo iptables-restore < ~/" + strConfigHost + STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + "; rm ~/" + strConfigHost +
STR_POLICY_FILE_ALL + STR_POLICY_FILE_EXT + ";";
- System.out.println(strCmdDeploy);
+ //System.out.println(strCmdDeploy);
deployPolicies(strCmdDeploy);
}
*/
public void getAddressListTmp(String strRouterAddress) {
- //HashMap<String,String> hmMACToIPAdd = new HashMap<String,String>();
try {
// We can replace "cat /tmp/dhcp.leases" with "cat /proc/net/arp"
String cmd = "ssh " + STR_SSH_USERNAME_ROUTER + "@" + strRouterAddress +
}
}
- /**
- * getAddressListArp() method gets list of IP addresses from arp command
- * <p>
- * This method sends an inquiry to the router to look for
- * the list of DHCP leased addresses and their mapping to MAC
- * addresses
- *
- * @param strRouterAddress String that contains address of router
- */
- public void getAddressListArp(String strRouterAddress) {
-
- //HashMap<String,String> hmMACToIPAdd = new HashMap<String,String>();
- try {
- // We replace with "cat /usr/sbin/arp"
- String cmd = "ssh " + STR_SSH_USERNAME_RASPBERRYPI + "@" + strRouterAddress +
- " /usr/sbin/arp -n";
- Runtime runtime = Runtime.getRuntime();
- Process process = runtime.exec(cmd);
-
- InputStream inStream = process.getInputStream();
- InputStreamReader isReader = new InputStreamReader(inStream);
- BufferedReader bReader = new BufferedReader(isReader);
- String strRead = null;
- while((strRead = bReader.readLine()) != null){
- String[] str = strRead.split("\\s+");
- // Skip if "(incomplete)" is seen!
- if (str[1].equals(STR_INCOMPLETE))
- continue;
- mapMACtoIPAdd.put(str[2], str[0]);
- }
- } catch (IOException ex) {
- System.out.println("RouterConfig: IOException: " + ex.getMessage());
- ex.printStackTrace();
- }
+ /**
+ * getAddressListArp() method gets list of IP addresses from arp command
+ * <p>
+ * This method sends an inquiry to the router to look for
+ * the list of DHCP leased addresses and their mapping to MAC
+ * addresses
+ *
+ * @param strRouterAddress String that contains address of router
+ */
+ public void getAddressListArp(String strRouterAddress) {
+
+ try {
+ // We replace with "cat /usr/sbin/arp"
+ String cmd = "ssh " + STR_SSH_USERNAME_RASPBERRYPI + "@" + strRouterAddress +
+ " /usr/sbin/arp -n";
+ Runtime runtime = Runtime.getRuntime();
+ Process process = runtime.exec(cmd);
+
+ InputStream inStream = process.getInputStream();
+ InputStreamReader isReader = new InputStreamReader(inStream);
+ BufferedReader bReader = new BufferedReader(isReader);
+ String strRead = null;
+ while((strRead = bReader.readLine()) != null) {
+ String[] str = strRead.split("\\s+");
+ // Skip if "(incomplete)" is seen!
+ if (str[1].equals(STR_INCOMPLETE))
+ continue;
+ mapMACtoIPAdd.put(str[2], str[0]);
+ }
+ } catch (IOException ex) {
+ System.out.println("RouterConfig: IOException: " + ex.getMessage());
+ ex.printStackTrace();
}
+ }
/**
* getIPFromMACAddress() method gets IP from MAC address
strConfigHost + " -d " + strMonitorHost + " -p tcp --dport ssh");
pwConfig.println("-A OUTPUT -j ACCEPT -s " +
strConfigHost + " -d " + strMonitorHost + " -p tcp --sport ssh");
- //pwConfig.println("-A FORWARD -j ACCEPT -p tcp --dport ssh");
- //pwConfig.println("-A FORWARD -j ACCEPT -p tcp --sport ssh");
}
pwConfig.println("-A INPUT -j ACCEPT -p udp --sport domain");
pwConfig.println("-A OUTPUT -j ACCEPT -p udp --dport domain");
pwConfig.println("-A OUTPUT -j ACCEPT -p udp --sport domain");
-
}
}