oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#2402 rename network_acl actions to router_acl and refactor how router_name is given

Browse Source
This commit is contained in:
Cristian-VM2
2024-03-29 11:34:43 +00:00
parent 2a5432fb0a
commit 2eb900746b
12 changed files with 426 additions and 244 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
src/primaite/config/_package_data/data_manipulation.yaml
View File

@@ -258,12 +258,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -477,8 +473,9 @@ agents:
node_id: 6
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -487,8 +484,9 @@ agents:
dest_port_id: 1
protocol_id: 1
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -497,8 +495,9 @@ agents:
dest_port_id: 1
protocol_id: 1
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -507,8 +506,9 @@ agents:
dest_port_id: 1
protocol_id: 3
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -517,8 +517,9 @@ agents:
dest_port_id: 1
protocol_id: 3
50: # old action num: 26
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -527,8 +528,9 @@ agents:
dest_port_id: 1
protocol_id: 3
51: # old action num: 27
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -537,44 +539,54 @@ agents:
dest_port_id: 1
protocol_id: 3
52: # old action num: 28
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
53: # old action num: 29
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
54: # old action num: 30
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
55: # old action num: 31
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
56: # old action num: 32
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
57: # old action num: 33
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
58: # old action num: 34
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
59: # old action num: 35
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
60: # old action num: 36
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
61: # old action num: 37
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
62: # old action num: 38
action: "NETWORK_NIC_DISABLE"

112
src/primaite/config/_package_data/data_manipulation_marl.yaml
View File

@@ -260,12 +260,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -479,8 +475,9 @@ agents:
node_id: 6
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -489,8 +486,9 @@ agents:
dest_port_id: 1
protocol_id: 1
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -499,8 +497,9 @@ agents:
dest_port_id: 1
protocol_id: 1
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -509,8 +508,9 @@ agents:
dest_port_id: 1
protocol_id: 3
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -519,8 +519,9 @@ agents:
dest_port_id: 1
protocol_id: 3
50: # old action num: 26
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -529,8 +530,9 @@ agents:
dest_port_id: 1
protocol_id: 3
51: # old action num: 27
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -539,44 +541,54 @@ agents:
dest_port_id: 1
protocol_id: 3
52: # old action num: 28
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
53: # old action num: 29
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
54: # old action num: 30
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
55: # old action num: 31
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
56: # old action num: 32
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
57: # old action num: 33
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
58: # old action num: 34
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
59: # old action num: 35
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
60: # old action num: 36
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
61: # old action num: 37
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
62: # old action num: 38
action: "NETWORK_NIC_DISABLE"
@@ -811,12 +823,12 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
- type: ROUTER_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
target_router_nodename: router_1
- type: ROUTER_ACL_REMOVERULE
options:
target_router_hostname: router_1
target_router_nodename: router_1
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -1030,8 +1042,9 @@ agents:
node_id: 6
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -1040,8 +1053,9 @@ agents:
dest_port_id: 1
protocol_id: 1
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -1050,8 +1064,9 @@ agents:
dest_port_id: 1
protocol_id: 1
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -1060,8 +1075,9 @@ agents:
dest_port_id: 1
protocol_id: 3
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -1070,8 +1086,9 @@ agents:
dest_port_id: 1
protocol_id: 3
50: # old action num: 26
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -1080,8 +1097,9 @@ agents:
dest_port_id: 1
protocol_id: 3
51: # old action num: 27
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -1090,44 +1108,54 @@ agents:
dest_port_id: 1
protocol_id: 3
52: # old action num: 28
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
53: # old action num: 29
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
54: # old action num: 30
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
55: # old action num: 31
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
56: # old action num: 32
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
57: # old action num: 33
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
58: # old action num: 34
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
59: # old action num: 35
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
60: # old action num: 36
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
61: # old action num: 37
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
62: # old action num: 38
action: "NETWORK_NIC_DISABLE"

28
src/primaite/game/agent/actions.py
View File

@@ -405,25 +405,22 @@ class NodeResetAction(NodeAbstractAction):
self.verb: str = "reset"
class NetworkACLAddRuleAction(AbstractAction):
class RouterACLAddRuleAction(AbstractAction):
"""Action which adds a rule to a router's ACL."""
def __init__(
self,
manager: "ActionManager",
target_router_hostname: str,
max_acl_rules: int,
num_ips: int,
num_ports: int,
num_protocols: int,
**kwargs,
) -> None:
"""Init method for NetworkACLAddRuleAction.
"""Init method for RouterACLAddRuleAction.
:param manager: Reference to the ActionManager which created this action.
:type manager: ActionManager
:param target_router_hostname: hostname of the router to which the ACL rule should be added.
:type target_router_hostname: str
:param max_acl_rules: Maximum number of ACL rules that can be added to the router.
:type max_acl_rules: int
:param num_ips: Number of IP addresses in the simulation.
@@ -444,10 +441,10 @@ class NetworkACLAddRuleAction(AbstractAction):
"dest_port_id": num_ports,
"protocol_id": num_protocols,
}
self.target_router_name: str = target_router_hostname
def form_request(
self,
target_router_nodename: str,
position: int,
permission: int,
source_ip_id: int,
@@ -511,7 +508,7 @@ class NetworkACLAddRuleAction(AbstractAction):
return [
"network",
"node",
self.target_router_name,
target_router_nodename,
"acl",
"add_rule",
permission_str,
@@ -524,26 +521,23 @@ class NetworkACLAddRuleAction(AbstractAction):
]
class NetworkACLRemoveRuleAction(AbstractAction):
class RouterACLRemoveRuleAction(AbstractAction):
"""Action which removes a rule from a router's ACL."""
def __init__(self, manager: "ActionManager", target_router_hostname: str, max_acl_rules: int, **kwargs) -> None:
"""Init method for NetworkACLRemoveRuleAction.
def __init__(self, manager: "ActionManager", max_acl_rules: int, **kwargs) -> None:
"""Init method for RouterACLRemoveRuleAction.
:param manager: Reference to the ActionManager which created this action.
:type manager: ActionManager
:param target_router_hostname: Hostname of the router from which the ACL rule should be removed.
:type target_router_hostname: str
:param max_acl_rules: Maximum number of ACL rules that can be added to the router.
:type max_acl_rules: int
"""
super().__init__(manager=manager)
self.shape: Dict[str, int] = {"position": max_acl_rules}
self.target_router_name: str = target_router_hostname
def form_request(self, position: int) -> List[str]:
def form_request(self, target_router_nodename: str, position: int) -> List[str]:
"""Return the action formatted as a request which can be ingested by the PrimAITE simulation."""
return ["network", "node", self.target_router_name, "acl", "remove_rule", position]
return ["network", "node", target_router_nodename, "acl", "remove_rule", position]
class NetworkNICAbstractAction(AbstractAction):
@@ -672,8 +666,8 @@ class ActionManager:
"NODE_SHUTDOWN": NodeShutdownAction,
"NODE_STARTUP": NodeStartupAction,
"NODE_RESET": NodeResetAction,
"NETWORK_ACL_ADDRULE": NetworkACLAddRuleAction,
"NETWORK_ACL_REMOVERULE": NetworkACLRemoveRuleAction,
"ROUTER_ACL_ADDRULE": RouterACLAddRuleAction,
"ROUTER_ACL_REMOVERULE": RouterACLRemoveRuleAction,
"NETWORK_NIC_ENABLE": NetworkNICEnableAction,
"NETWORK_NIC_DISABLE": NetworkNICDisableAction,
"NETWORK_PORT_ENABLE": NetworkPortEnableAction,

61
src/primaite/simulator/network/hardware/nodes/network/firewall.py
View File

@@ -4,6 +4,7 @@ from typing import Dict, Final, Optional, Union
from prettytable import MARKDOWN, PrettyTable
from pydantic import validate_call
# from primaite.simulator.core import RequestManager, RequestType
from primaite.simulator.network.hardware.node_operating_state import NodeOperatingState
from primaite.simulator.network.hardware.nodes.network.router import (
AccessControlList,
@@ -123,6 +124,66 @@ class Firewall(Router):
sys_log=kwargs["sys_log"], implicit_action=ACLAction.PERMIT, name=f"{hostname} - External Outbound"
)
# def _init_request_manager(self) -> RequestManager:
# """
# Initialise the request manager.
# More information in user guide and docstring for SimComponent._init_request_manager.
# """
# rm = super()._init_request_manager()
# self._internal_acl_request_manager = RequestManager()
# rm.add_request("internal", RequestType(func=self._internal_acl_request_manager))
# self._dmz_acl_request_manager = RequestManager()
# rm.add_request("dmz", RequestType(func=self._dmz_acl_request_manager))
# self._external_acl_request_manager = RequestManager()
# rm.add_request("external", RequestType(func=self._external_acl_request_manager))
# self._internal_inbound_acl_request_manager = RequestManager()
# self._internal_outbound_acl_request_manager = RequestManager()
# self._internal_acl_request_manager.add_request(
# "inbound", RequestType(func=self._internal_inbound_acl_request_manager)
# )
# self._internal_acl_request_manager.add_request(
# "outbound", RequestType(func=self._internal_outbound_acl_request_manager)
# )
# self.dmz_inbound_acl_request_manager = RequestManager()
# self.dmz_outbound_acl_request_manager = RequestManager()
# self._dmz_acl_request_manager.add_request("inbound", RequestType(func=self.dmz_inbound_acl_request_manager))
# self._dmz_acl_request_manager.add_request("outbound", RequestType(func=self.dmz_outbound_acl_request_manager))
# self.external_inbound_acl_request_manager = RequestManager()
# self.external_outbound_acl_request_manager = RequestManager()
# self._external_acl_request_manager.add_request(
# "inbound", RequestType(func=self.external_inbound_acl_request_manager)
# )
# self._external_acl_request_manager.add_request(
# "outbound", RequestType(func=self.external_outbound_acl_request_manager)
# )
# self._internal_inbound_acl_request_manager.add_request(
# "acl", RequestType(func=self.internal_inbound_acl._request_manager)
# )
# self._internal_outbound_acl_request_manager.add_request(
# "acl", RequestType(func=self.internal_outbound_acl._request_manager)
# )
# self.dmz_inbound_acl_request_manager.add_request("acl", RequestType(func=self.dmz_inbound_acl._request_manager))
# self.dmz_outbound_acl_request_manager.add_request(
# "acl", RequestType(func=self.dmz_outbound_acl._request_manager)
# )
# self.external_inbound_acl_request_manager.add_request(
# "acl", RequestType(func=self.external_inbound_acl._request_manager)
# )
# self.external_outbound_acl_request_manager.add_request(
# "acl", RequestType(func=self.external_outbound_acl._request_manager)
# )
# return rm
def describe_state(self) -> Dict:
"""
Describes the current state of the Firewall.

56
tests/assets/configs/bad_primaite_session.yaml
View File

@@ -169,12 +169,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -291,8 +287,9 @@ agents:
options:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -301,8 +298,9 @@ agents:
dest_port_id: 1
protocol_id: 1
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -311,8 +309,9 @@ agents:
dest_port_id: 1
protocol_id: 1
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -321,8 +320,9 @@ agents:
dest_port_id: 1
protocol_id: 3
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -331,8 +331,9 @@ agents:
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -341,8 +342,9 @@ agents:
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -351,44 +353,54 @@ agents:
dest_port_id: 1
protocol_id: 3
28:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
29:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
30:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
31:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
32:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
33:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
34:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
35:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
36:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
37:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
38:
action: "NETWORK_NIC_DISABLE"

56
tests/assets/configs/eval_only_primaite_session.yaml
View File

@@ -173,12 +173,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -295,8 +291,9 @@ agents:
options:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -305,8 +302,9 @@ agents:
dest_port_id: 1
protocol_id: 1
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -315,8 +313,9 @@ agents:
dest_port_id: 1
protocol_id: 1
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -325,8 +324,9 @@ agents:
dest_port_id: 1
protocol_id: 3
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -335,8 +335,9 @@ agents:
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -345,8 +346,9 @@ agents:
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -355,44 +357,54 @@ agents:
dest_port_id: 1
protocol_id: 3
28:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
29:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
30:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
31:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
32:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
33:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
34:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
35:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
36:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
37:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
38:
action: "NETWORK_NIC_DISABLE"

112
tests/assets/configs/multi_agent_session.yaml
View File

@@ -180,12 +180,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -302,8 +298,9 @@ agents:
options:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -312,8 +309,9 @@ agents:
dest_port_id: 1
protocol_id: 1
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -322,8 +320,9 @@ agents:
dest_port_id: 1
protocol_id: 1
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -332,8 +331,9 @@ agents:
dest_port_id: 1
protocol_id: 3
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -342,8 +342,9 @@ agents:
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -352,8 +353,9 @@ agents:
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -362,44 +364,54 @@ agents:
dest_port_id: 1
protocol_id: 3
28:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
29:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
30:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
31:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
32:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
33:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
34:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
35:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
36:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
37:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
38:
action: "NETWORK_NIC_DISABLE"
@@ -624,12 +636,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -746,8 +754,9 @@ agents:
options:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -756,8 +765,9 @@ agents:
dest_port_id: 1
protocol_id: 1
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -766,8 +776,9 @@ agents:
dest_port_id: 1
protocol_id: 1
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -776,8 +787,9 @@ agents:
dest_port_id: 1
protocol_id: 3
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -786,8 +798,9 @@ agents:
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -796,8 +809,9 @@ agents:
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -806,44 +820,54 @@ agents:
dest_port_id: 1
protocol_id: 3
28:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
29:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
30:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
31:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
32:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
33:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
34:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
35:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
36:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
37:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
38:
action: "NETWORK_NIC_DISABLE"

56
tests/assets/configs/shared_rewards.yaml
View File

@@ -258,12 +258,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -477,8 +473,9 @@ agents:
node_id: 6
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -487,8 +484,9 @@ agents:
dest_port_id: 1
protocol_id: 1
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -497,8 +495,9 @@ agents:
dest_port_id: 1
protocol_id: 1
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -507,8 +506,9 @@ agents:
dest_port_id: 1
protocol_id: 3
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -517,8 +517,9 @@ agents:
dest_port_id: 1
protocol_id: 3
50: # old action num: 26
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -527,8 +528,9 @@ agents:
dest_port_id: 1
protocol_id: 3
51: # old action num: 27
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -537,44 +539,54 @@ agents:
dest_port_id: 1
protocol_id: 3
52: # old action num: 28
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
53: # old action num: 29
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
54: # old action num: 30
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
55: # old action num: 31
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
56: # old action num: 32
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
57: # old action num: 33
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
58: # old action num: 34
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
59: # old action num: 35
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
60: # old action num: 36
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
61: # old action num: 37
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
62: # old action num: 38
action: "NETWORK_NIC_DISABLE"

56
tests/assets/configs/test_primaite_session.yaml
View File

@@ -183,12 +183,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -305,8 +301,9 @@ agents:
options:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -315,8 +312,9 @@ agents:
dest_port_id: 1
protocol_id: 1
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -325,8 +323,9 @@ agents:
dest_port_id: 1
protocol_id: 1
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -335,8 +334,9 @@ agents:
dest_port_id: 1
protocol_id: 3
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -345,8 +345,9 @@ agents:
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -355,8 +356,9 @@ agents:
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -365,44 +367,54 @@ agents:
dest_port_id: 1
protocol_id: 3
28:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
29:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
30:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
31:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
32:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
33:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
34:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
35:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
36:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
37:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
38:
action: "NETWORK_NIC_DISABLE"

56
tests/assets/configs/train_only_primaite_session.yaml
View File

@@ -181,12 +181,8 @@ agents:
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: NETWORK_ACL_ADDRULE
options:
target_router_hostname: router_1
- type: NETWORK_ACL_REMOVERULE
options:
target_router_hostname: router_1
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: NETWORK_NIC_ENABLE
- type: NETWORK_NIC_DISABLE
@@ -303,8 +299,9 @@ agents:
options:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
@@ -313,8 +310,9 @@ agents:
dest_port_id: 1
protocol_id: 1
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
@@ -323,8 +321,9 @@ agents:
dest_port_id: 1
protocol_id: 1
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
@@ -333,8 +332,9 @@ agents:
dest_port_id: 1
protocol_id: 3
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
@@ -343,8 +343,9 @@ agents:
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
@@ -353,8 +354,9 @@ agents:
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
action: "ROUTER_ACL_ADDRULE"
options:
target_router_nodename: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
@@ -363,44 +365,54 @@ agents:
dest_port_id: 1
protocol_id: 3
28:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 0
29:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 1
30:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 2
31:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 3
32:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 4
33:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 5
34:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 6
35:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 7
36:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 8
37:
action: "NETWORK_ACL_REMOVERULE"
action: "ROUTER_ACL_REMOVERULE"
options:
target_router_nodename: router_1
position: 9
38:
action: "NETWORK_NIC_DISABLE"

4
tests/conftest.py
View File

@@ -494,8 +494,8 @@ def game_and_agent():
{"type": "NODE_SHUTDOWN"},
{"type": "NODE_STARTUP"},
{"type": "NODE_RESET"},
{"type": "NETWORK_ACL_ADDRULE", "options": {"target_router_hostname": "router"}},
{"type": "NETWORK_ACL_REMOVERULE", "options": {"target_router_hostname": "router"}},
{"type": "ROUTER_ACL_ADDRULE"},
{"type": "ROUTER_ACL_REMOVERULE"},
{"type": "NETWORK_NIC_ENABLE"},
{"type": "NETWORK_NIC_DISABLE"},
{"type": "NETWORK_PORT_ENABLE"},

17
tests/integration_tests/game_layer/test_actions.py
View File

@@ -93,9 +93,9 @@ def test_node_service_fix_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
assert svc.health_state_actual == SoftwareHealthState.GOOD
def test_network_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
"""
Test that the NetworkACLAddRuleAction can form a request and that it is accepted by the simulation.
Test that the RouterACLAddRuleAction can form a request and that it is accepted by the simulation.
The ACL starts off with 4 rules, and we add a rule, and check that the ACL now has 5 rules.
"""
@@ -112,8 +112,9 @@ def test_network_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Pro
# 2: Add a rule to block client 1 from reaching server 2 on router
action = (
"NETWORK_ACL_ADDRULE",
"ROUTER_ACL_ADDRULE",
{
"target_router_nodename": "router",
"position": 4, # 4th rule
"permission": 2, # DENY
"source_ip_id": 3, # 10.0.1.2 (client_1)
@@ -136,8 +137,9 @@ def test_network_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Pro
# 4: Add a rule to block server_1 from reaching server_2 on router (this should not affect comms as they are on same subnet)
action = (
"NETWORK_ACL_ADDRULE",
"ROUTER_ACL_ADDRULE",
{
"target_router_nodename": "router",
"position": 5, # 5th rule
"permission": 2, # DENY
"source_ip_id": 5, # 10.0.2.2 (server_1)
@@ -155,8 +157,8 @@ def test_network_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Pro
assert server_1.ping("10.0.2.3") # Can ping server_2
def test_network_acl_removerule_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
"""Test that the NetworkACLRemoveRuleAction can form a request and that it is accepted by the simulation."""
def test_router_acl_removerule_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
"""Test that the RouterACLRemoveRuleAction can form a request and that it is accepted by the simulation."""
game, agent = game_and_agent
# 1: Check that http traffic is going across the network nicely.
@@ -171,8 +173,9 @@ def test_network_acl_removerule_integration(game_and_agent: Tuple[PrimaiteGame,
# 2: Remove rule that allows HTTP traffic across the network
action = (
"NETWORK_ACL_REMOVERULE",
"ROUTER_ACL_REMOVERULE",
{
"target_router_nodename": "router",
"position": 3, # 4th rule
},
)