tc_identity module

This module is part of the nmeta suite running on top of Ryu SDN controller to provide network identity and flow (traffic classification) metadata

class tc_identity.IdentityInspect(config)

Bases: baseclass.BaseClass

This class is instantiated by policy.py and provides methods to ingest identity updates and query identities

check_identity(classifier_result, pkt, ident)

Checks if a given packet matches a given identity match rule. Passed TCClassifierResult, Flow.Packet and Identities class objects and update the classifier_result match based on whether or not either of the packet IP addresses matches the identity attribute/value. Uses methods of the Identities class to work this out

check_lldp(host_name, pkt, ident, is_regex=False)

Passed a hostname, flows packet object, an instance of the identities class and a regex boolean (if true, hostname is treated as regex). Return True or False based on whether or not the packet has a source or destination IP address that matches the IP address registered to the given hostname via LLDP harvest (if one even exists). Uses methods of the Identities class to work this out. Returns boolean

check_dhcp(host_name, pkt, ident, is_regex=False)

Passed a hostname, flows packet object, an instance of the identities class and a regex boolean (if true, hostname is treated as regex). Return True or False based on whether or not the packet has a source or destination IP address that matches the IP address registered to the given hostname via DHCP harvest (if one even exists). Uses methods of the Identities class to work this out. Returns boolean

check_dns(dns_name, pkt, ident, is_regex=False)

Passed a DNS name, flows packet object, an instance of the identities class and a regex boolean (if true, DNS name is treated as regex). Return True or False based on whether or not the packet has a source or destination IP address that has been resolved from the DNS name. Uses methods of the Identities class to work this out. Returns boolean