|
| 1 | +[](https://travis-ci.com/roykuper13/linux-switch) |
| 2 | +# linux-switch |
| 3 | + |
| 4 | +linux-switch is a module that let you emulate a network in a linux environment |
| 5 | +very easily by creating, connecting and configuring network devices that are represented |
| 6 | +as Python objects. |
| 7 | + |
| 8 | +Moreover, linux-switch let you manipulate packets before the network switch forwards |
| 9 | +them (see example below). Thus, External binaries/applications that performs |
| 10 | +any logic on packets (for example, NAT) can be tested using linux-switch. |
| 11 | + |
| 12 | + |
| 13 | +## Description |
| 14 | +linux-switch uses linux's network namespace feature. For each `Device` object that's connected to the |
| 15 | +network `Switch` object, the module creates a new network namespace that's connected to the |
| 16 | +default network namespace. |
| 17 | + |
| 18 | +The network switch object (`Switch`) has the basic operations required by a real network |
| 19 | +switch device, meaning: |
| 20 | +1. It manages a table that maps between devices and their vlans + network-namespaces. |
| 21 | +2. It doesn't allow packets from one vlan to be transmistted to a different vlan. |
| 22 | +3. When connecting `Device`s to the `Switch`, the connection type must be specified (access or trunk). |
| 23 | +When using trunk - the switch and the device will send/recieve tagged packet. |
| 24 | +When using access - they'll send untagged packets. |
| 25 | + |
| 26 | + |
| 27 | +## Example |
| 28 | + |
| 29 | +```python |
| 30 | + |
| 31 | +from switch import Switch |
| 32 | +from device import Device |
| 33 | + |
| 34 | +# Creating a network switch instance |
| 35 | +switch = Switch() |
| 36 | + |
| 37 | +# Creating two devices, 'a' and 'b', and assign IP addresses to them |
| 38 | +dev1 = Device('a', '192.168.250.1', '255.255.255.0') |
| 39 | +dev2 = Device('b', '192.168.250.2', '255.255.255.0') |
| 40 | + |
| 41 | +# Connect dev1 to the network switch. |
| 42 | +# dev1 will be part of vlan 20. |
| 43 | +# The physical port of the switch is configured to be access, |
| 44 | +# meaning the switch and the device do not transmit tagged packets, |
| 45 | +# and expect to recieve untagged packets. |
| 46 | +# The switch will make sure that dev1 will be able to send/recv packets |
| 47 | +# from vlan 20 only. |
| 48 | +switch.connect_device_access(dev1, 20) |
| 49 | + |
| 50 | +# Connect dev2 to the network switch. |
| 51 | +# dev2 will also be part of vlan 20. |
| 52 | +# The physical port of the switch is configured to be trunk, |
| 53 | +# meaning the switch and the device transmits and recieves tagged packets (dot1q). |
| 54 | +switch.connect_device_trunk(dev2, 20) |
| 55 | +``` |
| 56 | + |
| 57 | +From that point, you can run whatever you want from the devices context. |
| 58 | +For example: |
| 59 | + |
| 60 | +```python |
| 61 | +# Ping to the second device (we're able to do that since both devices |
| 62 | +# are in the same vlan). |
| 63 | +dev1.run_from_namespace('ping -c 1 192.168.250.2') |
| 64 | + |
| 65 | +# Open a terminal (gnome-terminal is given as an example) |
| 66 | +dev2.run_from_namespace('dbus-launch gnome-terminal') |
| 67 | + |
| 68 | +# Open wireshark and sniff from the device |
| 69 | +dev2.run_from_namespace('wireshark') |
| 70 | + |
| 71 | +# TCP connections |
| 72 | +dev1.run_from_namespace('nc -l 0.0.0.0 8888') |
| 73 | +dev2.run_from_namespace('nc 192.168.250.1 8888') |
| 74 | + |
| 75 | +# etc. |
| 76 | +``` |
| 77 | + |
| 78 | +And for cleanup: |
| 79 | + |
| 80 | +```python |
| 81 | +switch.disconnect_device(dev1) |
| 82 | +switch.disconnect_device(dev2) |
| 83 | + |
| 84 | +switch.term() |
| 85 | +``` |
0 commit comments