vespa package¶
Submodules¶
vespa.agent module¶
Agent representation
- class vespa.agent.Agent(name, host, port, master, run=True)[source]¶
Bases: vespa.node.Node
vespa.agent_av module¶
Agent representation
- class vespa.agent_av.Agent_AV(name, host, port, master, vm)[source]¶
Bases: vespa.agent.Agent
Create an Agent able to communicate with the ClamAV backend (need a driver).
Returns: The Agent instance to offer the ClamAV support Return type: Node - dump_analyzed_file_list()[source]¶
Gather list of files analyzed bi the ClamAV antivirus
Returns: The list of analyzed files Return type: list
vespa.agent_bandwidth module¶
Agent wrapper around /proc/dev/net to filter an interface statistics. The interface eth0 is used as default.
- class vespa.agent_bandwidth.Agent_Bandwidth(name, host, port, master, run=True)[source]¶
Bases: vespa.agent.Agent
Provide a wrapper around Linux interfaces /proc files. The Agent can extract information of specific interfaces, i.e. eth0 or lo.
Returns: The agent to grab informations Return type: Node
vespa.agent_connections module¶
- Counting connections as suggested into:
- http://www.linuxjournal.com/content/back-dead-simple-bash-complex-ddos
SynFlood https://raw.github.com/arthurnn/SynFlood/master/synflood
- class vespa.agent_connections.Agent_Connections(name, host, port, master, run=True)[source]¶
Bases: vespa.agent.Agent
An agent gathering network links through psutil python module or system lsof command
Returns: The wrapper Return type: Node
vespa.agent_controller module¶
Agent to wrap Gandalf’s controller
- class vespa.agent_controller.Agent_Controller(name, host, port, master, run=False)[source]¶
Bases: vespa.agent.Agent
Create an Agent to send a mac address to an OpenFlow controller
Returns: The Agent instance to offer the OpenFlow alert_ip function Return type: Node
vespa.agent_controller_floodlight module¶
Agent to wrap Gandalf’s controller. Based on floodlight, it can be a nice start for a full API against floodlight.
- class vespa.agent_controller_floodlight.Agent_Controller_Floodlight(name, host, port, master, run=False)[source]¶
Bases: vespa.agent_controller.Agent_Controller
Flag a mac address as suspicious and gather statistics for local links
Returns: The wrapper to the OMN controller Return type: Node - alert_ip(ip, mac)[source]¶
Block a tuple (ip,mac) with SDN
Parameters: - IP (str) – The IP to block (for future)
- mac (str) – The associated MAC address (needed)
Returns: The controller response
Return type: str
- block_hackers(mac)[source]¶
Block a MAC address with SDN
Parameters: mac (str) – The associated MAC address Returns: The controller response Return type: str
- get_link_stats(cmd='wm/topology/links/json')[source]¶
Get links statistics over the floodlight controller
Parameters: cmd (str) – The floodlight URL to grab the links statistics Returns: The controller response Return type: str
- get_topology(cmd='wm/topology/switchclusters/json')[source]¶
Get the current topology of the SDN network
Parameters: cmd (str) – The floodlight URL to grab the topology Returns: The list of nodes and links detected Return type: dict
vespa.agent_controller_pox module¶
Agent to wrap the POX python SDN controller. It require some modification on the other side too. You can follow the mac address blocking tutorial on the POX website.
- class vespa.agent_controller_pox.Agent_Controller_Pox(name, host, port, master, run=False)[source]¶
Bases: vespa.agent_controller.Agent_Controller
Flag a mac address as suspicious and gather statistics for local links
Returns: The wrapper to the OMN controller Return type: Node - alert_ip(ip, mac)[source]¶
Block a tuple (ip,mac) with SDN
Parameters: - IP (str) – The IP to block (for future)
- mac (str) – The associated MAC address (needed)
Returns: The controller response
Return type: str
- block_hackers()[source]¶
Block a MAC address with SDN
Parameters: mac (str) – The associated MAC address Returns: The controller response Return type: str
- get_link_stats(cmd='get_link_stats')[source]¶
Get links statistics over the pox controller
Parameters: cmd (str) – The POX URL to grab the links statistics Returns: The controller response Return type: str
- get_topology(cmd='get_topology')[source]¶
Get the current topology of the SDN network
Parameters: cmd (str) – The POX URL to grab the topology Returns: The list of nodes and links detected Return type: dict
vespa.agent_libvirt module¶
- class vespa.agent_libvirt.Agent_Libvirt(name, host, port, master, run=True)[source]¶
Bases: vespa.agent.Agent
vespa.controller module¶
Controller
- class vespa.controller.HttpServerHandler(request, client_address, server)[source]¶
Bases: BaseHTTPServer.BaseHTTPRequestHandler
vespa.ho module¶
Horizontal orchestrator
- class vespa.ho.HO(name, host, port, master, run=True)[source]¶
Bases: vespa.node.Node
vespa.ho_hy module¶
Horizontal orchestrator
- class vespa.ho_hy.HO_HY(name, host, port, master, run=True)[source]¶
Bases: vespa.ho.HO
Create an horizontal orchestrator to handle agents at the hypervisor level.
Returns: The HO to gather and react on hypervisor agents. Return type: Node
vespa.ho_ph module¶
Horizontal orchestrator
- class vespa.ho_ph.HO_PH(name, host, port, master, run=True)[source]¶
Bases: vespa.ho.HO
Create an horizontal orchestrator to handle agents at the physical level.
Returns: The HO to gather and react on physical agents. Return type: Node
vespa.ho_vm module¶
Horizontal orchestrator
- class vespa.ho_vm.HO_VM(name, host, port, master, run=True)[source]¶
Bases: vespa.ho.HO
Create an horizontal orchestrator to handle agents at the VM level.
Returns: The Horizontal Orchestrator to gather and react on VM agents. Return type: Node
vespa.log_pipe module¶
log_pipe
- class vespa.log_pipe.bcolors[source]¶
Bases: object
- ENDC = '\x1b[0m'¶
- FAIL = '\x1b[91m'¶
- HEADER = '\x1b[95m'¶
- OKBLUE = '\x1b[94m'¶
- OKGREEN = '\x1b[92m'¶
- WARNING = '\x1b[93m'¶
- vespa.log_pipe.debug_comm_detail(str)[source]¶
Display extended communications information - How sendRemote split RECV_LENGTH
Notes: offloaded to prevent screen flooding
vespa.model module¶
Model
- class vespa.model.Model[source]¶
Bases: vespa.node.Node
vespa.node module¶
Most basic inherited class for a simple Node
Default config without backend
Pthread is used as Profiler wrapper
- If you do not need profiling you may replace the PThread class with:
- class Node(Thread):
INTERNALS:
- class vespa.node.Node(name, host, port, master, run=True)[source]¶
Bases: vespa.node.PThread
- class vespa.node.PThread(name, host, port, master, run=True)[source]¶
Bases: threading.Thread
- run()[source]¶
Thread listenning on node port. It creates a worker thread for each accepted socket.
It SHOULD NOT accept multiple hosts, but ready for it.
- sendAlert(msg)[source]¶
Wrapper for sendRemote with alert formatting.
See “sendRemote” for arguments description and returns
- sendRemote(remote, msg, needack=True)[source]¶
Send a message to a node (remote) using the node.desc() string. This function deals with sockets directly.
Default behavior is to wait data as acknowledgement (needack). It is only modified for messages needing fast delivery and processing such as alerts.
- sendRemotef(remote, msg)[source]¶
Wrapper for sendRemote with needack=False
See “sendRemote” for arguments description and returns
vespa.starter module¶
Starter
vespa.vo module¶
Vertical orchestrator
- class vespa.vo.VO(name, host, port, master, run=True)[source]¶
Bases: vespa.node.Node
Create a Vertical Orchestrator to interconnect all other components. It may be requested by an external controller. All incoming communications go through the alert() method, and are parsed there.
Returns: The VO instance Return type: Node - alert(msg)[source]¶
This is the most important function of the whole framework. The format is alert|source>...>source>message. The message is also split in the following format function#arg1#...#argN. The two formats are used to create a Finite State Machine, each alert being a state transition.
Parameters: msg (str) – The massage to process with the current format