summaryrefslogtreecommitdiff
path: root/kpov_judge/tasks/openvpn_multiple_hops
diff options
context:
space:
mode:
authorTimotej Lazar <timotej.lazar@fri.uni-lj.si>2019-02-24 21:05:27 +0100
committerTimotej Lazar <timotej.lazar@fri.uni-lj.si>2019-02-24 21:05:27 +0100
commit8081a5520a441b43a8a7a73f3a90c7aacfaa8e10 (patch)
treec7f49bd33ed19d53afc0ee9df8b2c82c200c5910 /kpov_judge/tasks/openvpn_multiple_hops
parent9963b74f777edf985540eac71b1ca095f88b8bca (diff)
Move everything one level up
Diffstat (limited to 'kpov_judge/tasks/openvpn_multiple_hops')
-rw-r--r--kpov_judge/tasks/openvpn_multiple_hops/task.py317
1 files changed, 0 insertions, 317 deletions
diff --git a/kpov_judge/tasks/openvpn_multiple_hops/task.py b/kpov_judge/tasks/openvpn_multiple_hops/task.py
deleted file mode 100644
index 44ad8c4..0000000
--- a/kpov_judge/tasks/openvpn_multiple_hops/task.py
+++ /dev/null
@@ -1,317 +0,0 @@
-# kpov_util should be imported by add_assignment.py
-
-instructions = {
- 'si':"""
-<pre>Postavi 4 navidezne računalnike - SimpleArbiter z diska simpleArbiterDhcp, A, B ter C.
-Na računalnikih A, B in C ustvari uporabnika test z geslom test.
-Poskrbi, da bodo vsi štirje na istem navideznem fizičnem omrežju. Naslov omrežja (NET_PHYS) ter naslove
-(IP_A, IP_B, IP_C) preberi na SimpleArbiter. S pomočjo OpenVPN postavi navidezno omrežje med A in B na naslovih NET_VPN1.
-Nato s pomočjo OpenVPN postavi še navidezno omrežje med B in C na naslovih NET_VPN2.
-Poskrbi, da bo promet z A prek VPN prišel do C in obratno. Za avtentikacijo uporabi skupne skrivnosti, ki
-jih prebereš na SimpleArbiter - med A in B SECRET_AB ter med B in C SECRET_BC.</pre>
-"""
-}
-
-computers = {
- 'SimpleArbiter': {
- 'disks': [
- {
- 'name': 'simpleArbiterDhcp',
- }
- ],
- 'network_interfaces': [
- {
- 'network': 'nat'
- },
- {
- 'network': 'net1'
- }
- ],
- 'flavor': 'm1.tiny',
- 'config_drive': False
- },
- 'VPNClient1': {
- 'disks': [
- {
- 'name': 'student-VPNClient1',
- }
- ],
- 'network_interfaces': [
- {
- 'network': 'net1'
- },
- {
- 'network': 'vpnAB'
- }
- ],
- 'flavor': 'm1.tiny',
- 'config_drive': False
- },
- 'VPNClient2': {
- 'disks': [
- {
- 'name': 'student-VPNClient2',
- }
- ],
- 'network_interfaces': [
- {
- 'network': 'net1'
- },
- {
- 'network': 'vpnAB'
- },
- {
- 'network': 'vpnBC'
- }
- ],
- 'flavor': 'm1.tiny',
- 'config_drive': False
- },
- 'VPNClient3': {
- 'disks': [
- {
- 'name': 'student-VPNClient3',
- }
- ],
- 'network_interfaces': [
- {
- 'network': 'net1'
- },
- {
- 'network': 'vpnBC'
- }
- ],
- 'flavor': 'm1.tiny',
- 'config_drive': False
- }
-}
-
-networks = {
- 'nat': {
- 'public': True
- },
-
- 'net1': {
- 'public': True
- },
- # Used for VPN
- 'vpnAB': {
- 'public': False
- },
-
- 'vpnBC': {
- 'public': False
- }
-}
-#Tukaj sem generiral osem parametrov, prosil bi če se upoštevali pri Tasku.
-params_meta = {
- 'IP_VPNClient1': {'descriptions':{'si':'IP klienta A na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True},
- 'IP_LANClient1': {'descriptions':{'si':'IP klienta A na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False},
- 'IP1_VPNClient2': {'descriptions':{'si':'1. IP klienta B na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True},
- 'IP2_VPNClient2': {'descriptions':{'si':'2. IP klienta B na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True},
- 'IP_LANClient2': {'descriptions':{'si':'IP klienta B na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False},
- 'IP_VPNClient3': {'descriptions':{'si':'IP klienta C na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True},
- 'IP_LANClient3': {'descriptions':{'si':'IP klienta C na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False},
- 'IP_SimpleArbiterLAN': {'descriptions':{'si':'IP za SimpleArbiter na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False}
-}
-
-
-def task(IP_SimpleArbiterLAN, IP_VPNClient1, IP_LANClient1, IP1_VPNClient2, IP2_VPNClient2, IP_LANClient2, IP_VPNClient3, IP_LANClient3):
- tests = {
- ('VPNClient1', IP_LANClient1): [
- ('VPNClient1_ping_C2', 'ping -c 3 {}'.format(IP1_VPNClient2)),
- ('VPNClient1_ping_C3', 'ping -c 3 {}'.format(IP_VPNClient3)),
- ('VPNClient1_traceroute_C3', 'traceroute {}'.format(IP_VPNClient3)),
- ],
- ('VPNClient2', IP_LANClient2): [
- ('VPNClient2_ping_C1', 'ping -c 3 {}'.format(IP_VPNClient1)),
- ('VPNClient2_ping_C3', 'ping -c 3 {}'.format(IP_VPNClient3)),
- ],
- ('VPNClient3', IP_LANClient3): [
- ('VPNClient3_ping_C1', 'ping -c 3 {}'.format(IP_VPNClient1)),
- ('VPNClient3_ping_C2', 'ping -c 3 {}'.format(IP2_VPNClient2)),
- ('VPNClient3_traceroute_C1', 'traceroute {}'.format(IP_VPNClient1)),
- ],
- }
-
- for (name, host), host_tests in tests.items():
- host_tests += [
- (name+'_ifconfig', '/sbin/ifconfig -a'),
- (name+'_route', '/sbin/route -n'),
- ]
-
- results = collections.defaultdict(str)
- for (name, host), host_tests in tests.items():
- results.update(kpov_util.ssh_test(host, 'test', 'test', host_tests))
- return results
-
-def gen_params(user_id, params_meta):
- params = dict()
- import random
- r = random.Random(user_id)
- net = kpov_util.IPv4_subnet_gen(r, '10.70.0.0/16', 24)
- params['IP_VPNClient1'], params['IP1_VPNClient2'] = kpov_util.IPv4_addr_gen(r, net, 2)
- net = kpov_util.IPv4_subnet_gen(r, '10.50.0.0/16', 24)
- params['IP_VPNClient3'], params['IP2_VPNClient2'] = kpov_util.IPv4_addr_gen(r, net, 2)
- return params
-
-def task_check(results, params):
-
- import re
- score = 0
- hints = []
-
- IP_C1 = params['IP_VPNClient1'].replace('.', '\.')
- IP1_C2 = params['IP1_VPNClient2'].replace('.', '\.')
- IP2_C2 = params['IP2_VPNClient2'].replace('.', '\.')
- IP_C3 = params['IP_VPNClient3'].replace('.', '\.')
-
- # testi za ifconfig
- # C1
- rs = r"tun0.*\n.*inet.*{}".format(IP_C1)
- if re.search(rs,
- results['VPNClient1_ifconfig']):
- score += 1
- else:
- hints.append("ifconfig on VPNClient1 is not OK")
- pass
- # C2
- rs = r"tun.*\n.*inet.*{}".format(IP1_C2)
- if re.search(rs, results['VPNClient2_ifconfig']):
- rs = r"tun.*\n.*inet.*{}".format(IP2_C2)
- if re.search(rs, results['VPNClient2_ifconfig']):
- score += 1
- else:
- hints.append("ifconfig on VPNClient2 is not OK")
- pass
- else:
- hints.append("ifconfig on VPNClient2 is not OK")
- pass
- # C3
- rs = r"tun0.*\n.*inet.*{}".format(IP_C3)
- if re.search(rs, results['VPNClient3_ifconfig']):
- score += 1
- else:
- hints.append("ifconfig on VPNClient3 is not OK")
- pass
- # testi za route
- # C1
- rs = r"{}.*tun0".format(IP1_C2)
- if IP_C3[:-1].endswith('.'):
- ASD = IP_C3[:-1]+"0"
- elif IP_C3[:-2].endswith('.'):
- ASD = IP_C3[:-2]+"0"
- else:
- ASD = IP_C3[:-3]+"0"
- if re.search(rs, results['VPNClient1_route']):
- rs = r"{} {}.*tun0".format(ASD, IP1_C2)
- if re.search(rs, results['VPNClient1_route']):
- score += 1
- else:
- hints.append("route on VPNClient1 is not OK")
- else:
- hints.append("route on VPNClient1 is not OK")
- pass
- # C2
- rs = r"{}.*tun".format(IP_C1)
- if re.search(rs, results['VPNClient2_route']):
- rs = r"{}.*tun".format(IP_C3)
- if re.search(rs, results['VPNClient2_route']):
- score += 1
- else:
- hints.append("route on VPNClient2 is not OK")
- else:
- hints.append("route on VPNClient2 is not OK")
- pass
- # C3
- rs = r"{}.*tun0".format(IP2_C2)
- if IP_C1[:-1].endswith('.'):
- ASD = IP_C1[:-1]+"0"
- elif IP_C1[:-2].endswith('.'):
- ASD = IP_C1[:-2]+"0"
- else:
- ASD = IP_C1[:-3]+"0"
- if re.search(rs, results['VPNClient3_route']):
- rs = r"{} {}.*tun0".format(ASD, IP2_C2)
- if re.search(rs, results['VPNClient3_route']):
- score += 1
- else:
- hints.append("route on VPNClient3 is not OK")
- else:
- hints.append("route on VPNClient3 is not OK")
- pass
- # testi za ping
- # C1
- rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP1_C2)
- if re.search(rs, results['VPNClient1_ping_C2']):
- score += 0.5
- else:
- hints.append("ping from VPNClient1 to VPNClient2 is not OK")
- pass
- rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C3)
- if re.search(rs, results['VPNClient1_ping_C3']):
- score += 0.5
- else:
- hints.append("ping from VPNClient1 to VPNClient3 is not OK")
- pass
- # C2
- rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C1)
- if re.search(rs, results['VPNClient2_ping_C1']):
- score += 0.5
- else:
- hints.append("ping from VPNClient2 to VPNClient1 is not OK")
- pass
- rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C3)
- if re.search(rs, results['VPNClient2_ping_C3']):
- score += 0.5
- else:
- hints.append("ping from VPNClient2 to VPNClient3 is not OK")
- pass
- # C3
- rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C1)
- if re.search(rs, results['VPNClient3_ping_C1']):
- score += 0.5
- else:
- hints.append("ping from VPNClient3 to VPNClient1 is not OK")
- pass
- rs = r"64 bytes from {}: icmp_seq=1 ttl=[0-9]+ time=\d+\.\d+ ms".format(IP2_C2)
- if re.search(rs, results['VPNClient3_ping_C2']):
- score += 0.5
- else:
- hints.append("ping from VPNClient3 to VPNClient2 is not OK")
- pass
- #score = int(score)
-
- # testi za tracetoute
- # C1
- rs = r"1 {}".format(IP1_C2)
- if re.search(rs, results['VPNClient1_traceroute_C3']):
- rs = r"2 {}".format(IP_C3)
- if re.search(rs, results['VPNClient1_traceroute_C3']):
- score += 1
- else:
- hints.append("traceroute from VPNClient1 to VPNClient3 is not OK")
- pass
- else:
- hints.append("traceroute from VPNClient1 to VPNClient3 is not OK")
- pass
- # C3
- rs = r"1 {}".format(IP2_C2)
- if re.search(rs, results['VPNClient3_traceroute_C1']):
- rs = r"2 {}".format(IP_C1)
- if re.search(rs, results['VPNClient3_traceroute_C1']):
- score += 1
- else:
- hints.append("traceroute from VPNClient1 to VPNClient3 is not OK")
- pass
- else:
- hints.append("traceroute from VPNClient1 to VPNClient3 is not OK")
- pass
- if score > 10 :
- score -= 1
- score = int(score)
- return score, hints
-
-
-def prepare_disks(templates, task_params, global_params):
- write_default_config(templates['simpleArbiterDhcp'], global_params)