# SPDX-License-Identifier: AGPL-3.0-or-later # kpov_util should be imported by add_assignment.py instructions = { 'si':"""
Postavi 4 navidezne računalnike - SimpleArbiter z diska simpleArbiterDhcp, A, B ter C. Na računalnikih A, B in C ustvari uporabnika test z geslom test. Poskrbi, da bodo vsi štirje na istem navideznem fizičnem omrežju. Naslov omrežja (NET_PHYS) ter naslove (IP_A, IP_B, IP_C) preberi na SimpleArbiter. S pomočjo OpenVPN postavi navidezno omrežje med A in B na naslovih NET_VPN1. Nato s pomočjo OpenVPN postavi še navidezno omrežje med B in C na naslovih NET_VPN2. Poskrbi, da bo promet z A prek VPN prišel do C in obratno. Za avtentikacijo uporabi skupne skrivnosti, ki jih prebereš na SimpleArbiter - med A in B SECRET_AB ter med B in C SECRET_BC.""" } computers = { 'SimpleArbiter': { 'disks': [ { 'name': 'simpleArbiterDhcp', } ], 'network_interfaces': [ { 'network': 'nat' }, { 'network': 'net1' } ], 'flavor': 'm1.tiny', 'config_drive': False }, 'VPNClient1': { 'disks': [ { 'name': 'student-VPNClient1', } ], 'network_interfaces': [ { 'network': 'net1' }, { 'network': 'vpnAB' } ], 'flavor': 'm1.tiny', 'config_drive': False }, 'VPNClient2': { 'disks': [ { 'name': 'student-VPNClient2', } ], 'network_interfaces': [ { 'network': 'net1' }, { 'network': 'vpnAB' }, { 'network': 'vpnBC' } ], 'flavor': 'm1.tiny', 'config_drive': False }, 'VPNClient3': { 'disks': [ { 'name': 'student-VPNClient3', } ], 'network_interfaces': [ { 'network': 'net1' }, { 'network': 'vpnBC' } ], 'flavor': 'm1.tiny', 'config_drive': False } } networks = { 'nat': { 'public': True }, 'net1': { 'public': True }, # Used for VPN 'vpnAB': { 'public': False }, 'vpnBC': { 'public': False } } #Tukaj sem generiral osem parametrov, prosil bi če se upoštevali pri Tasku. params_meta = { 'IP_VPNClient1': {'descriptions':{'si':'IP klienta A na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True}, 'IP_LANClient1': {'descriptions':{'si':'IP klienta A na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False}, 'IP1_VPNClient2': {'descriptions':{'si':'1. IP klienta B na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True}, 'IP2_VPNClient2': {'descriptions':{'si':'2. IP klienta B na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True}, 'IP_LANClient2': {'descriptions':{'si':'IP klienta B na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False}, 'IP_VPNClient3': {'descriptions':{'si':'IP klienta C na VPN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': True}, 'IP_LANClient3': {'descriptions':{'si':'IP klienta C na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False}, 'IP_SimpleArbiterLAN': {'descriptions':{'si':'IP za SimpleArbiter na LAN'}, 'w': True, 'public': True, 'type': 'IP', 'generated': False} } def task(IP_SimpleArbiterLAN, IP_VPNClient1, IP_LANClient1, IP1_VPNClient2, IP2_VPNClient2, IP_LANClient2, IP_VPNClient3, IP_LANClient3): tests = { ('VPNClient1', IP_LANClient1): [ ('VPNClient1_ping_C2', 'ping -c 3 {}'.format(IP1_VPNClient2)), ('VPNClient1_ping_C3', 'ping -c 3 {}'.format(IP_VPNClient3)), ('VPNClient1_traceroute_C3', 'traceroute {}'.format(IP_VPNClient3)), ], ('VPNClient2', IP_LANClient2): [ ('VPNClient2_ping_C1', 'ping -c 3 {}'.format(IP_VPNClient1)), ('VPNClient2_ping_C3', 'ping -c 3 {}'.format(IP_VPNClient3)), ], ('VPNClient3', IP_LANClient3): [ ('VPNClient3_ping_C1', 'ping -c 3 {}'.format(IP_VPNClient1)), ('VPNClient3_ping_C2', 'ping -c 3 {}'.format(IP2_VPNClient2)), ('VPNClient3_traceroute_C1', 'traceroute {}'.format(IP_VPNClient1)), ], } for (name, host), host_tests in tests.items(): host_tests += [ (name+'_ifconfig', '/sbin/ifconfig -a'), (name+'_route', '/sbin/route -n'), ] results = collections.defaultdict(str) for (name, host), host_tests in tests.items(): results.update(kpov_util.ssh_test(host, 'test', 'test', host_tests)) return results def gen_params(user_id, params_meta): params = dict() import random r = random.Random(user_id) net = kpov_util.IPv4_subnet_gen(r, '10.70.0.0/16', 24) params['IP_VPNClient1'], params['IP1_VPNClient2'] = kpov_util.IPv4_addr_gen(r, net, 2) net = kpov_util.IPv4_subnet_gen(r, '10.50.0.0/16', 24) params['IP_VPNClient3'], params['IP2_VPNClient2'] = kpov_util.IPv4_addr_gen(r, net, 2) return params def task_check(results, params): import re score = 0 hints = [] IP_C1 = params['IP_VPNClient1'].replace('.', '\.') IP1_C2 = params['IP1_VPNClient2'].replace('.', '\.') IP2_C2 = params['IP2_VPNClient2'].replace('.', '\.') IP_C3 = params['IP_VPNClient3'].replace('.', '\.') # testi za ifconfig # C1 rs = r"tun0.*\n.*inet.*{}".format(IP_C1) if re.search(rs, results['VPNClient1_ifconfig']): score += 1 else: hints.append("ifconfig on VPNClient1 is not OK") pass # C2 rs = r"tun.*\n.*inet.*{}".format(IP1_C2) if re.search(rs, results['VPNClient2_ifconfig']): rs = r"tun.*\n.*inet.*{}".format(IP2_C2) if re.search(rs, results['VPNClient2_ifconfig']): score += 1 else: hints.append("ifconfig on VPNClient2 is not OK") pass else: hints.append("ifconfig on VPNClient2 is not OK") pass # C3 rs = r"tun0.*\n.*inet.*{}".format(IP_C3) if re.search(rs, results['VPNClient3_ifconfig']): score += 1 else: hints.append("ifconfig on VPNClient3 is not OK") pass # testi za route # C1 rs = r"{}.*tun0".format(IP1_C2) if IP_C3[:-1].endswith('.'): ASD = IP_C3[:-1]+"0" elif IP_C3[:-2].endswith('.'): ASD = IP_C3[:-2]+"0" else: ASD = IP_C3[:-3]+"0" if re.search(rs, results['VPNClient1_route']): rs = r"{} {}.*tun0".format(ASD, IP1_C2) if re.search(rs, results['VPNClient1_route']): score += 1 else: hints.append("route on VPNClient1 is not OK") else: hints.append("route on VPNClient1 is not OK") pass # C2 rs = r"{}.*tun".format(IP_C1) if re.search(rs, results['VPNClient2_route']): rs = r"{}.*tun".format(IP_C3) if re.search(rs, results['VPNClient2_route']): score += 1 else: hints.append("route on VPNClient2 is not OK") else: hints.append("route on VPNClient2 is not OK") pass # C3 rs = r"{}.*tun0".format(IP2_C2) if IP_C1[:-1].endswith('.'): ASD = IP_C1[:-1]+"0" elif IP_C1[:-2].endswith('.'): ASD = IP_C1[:-2]+"0" else: ASD = IP_C1[:-3]+"0" if re.search(rs, results['VPNClient3_route']): rs = r"{} {}.*tun0".format(ASD, IP2_C2) if re.search(rs, results['VPNClient3_route']): score += 1 else: hints.append("route on VPNClient3 is not OK") else: hints.append("route on VPNClient3 is not OK") pass # testi za ping # C1 rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP1_C2) if re.search(rs, results['VPNClient1_ping_C2']): score += 0.5 else: hints.append("ping from VPNClient1 to VPNClient2 is not OK") pass rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C3) if re.search(rs, results['VPNClient1_ping_C3']): score += 0.5 else: hints.append("ping from VPNClient1 to VPNClient3 is not OK") pass # C2 rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C1) if re.search(rs, results['VPNClient2_ping_C1']): score += 0.5 else: hints.append("ping from VPNClient2 to VPNClient1 is not OK") pass rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C3) if re.search(rs, results['VPNClient2_ping_C3']): score += 0.5 else: hints.append("ping from VPNClient2 to VPNClient3 is not OK") pass # C3 rs = r"64 bytes from {}: icmp_seq=[0-9]+ ttl=[0-9]+ time=\d+\.\d+ ms".format(IP_C1) if re.search(rs, results['VPNClient3_ping_C1']): score += 0.5 else: hints.append("ping from VPNClient3 to VPNClient1 is not OK") pass rs = r"64 bytes from {}: icmp_seq=1 ttl=[0-9]+ time=\d+\.\d+ ms".format(IP2_C2) if re.search(rs, results['VPNClient3_ping_C2']): score += 0.5 else: hints.append("ping from VPNClient3 to VPNClient2 is not OK") pass #score = int(score) # testi za tracetoute # C1 rs = r"1 {}".format(IP1_C2) if re.search(rs, results['VPNClient1_traceroute_C3']): rs = r"2 {}".format(IP_C3) if re.search(rs, results['VPNClient1_traceroute_C3']): score += 1 else: hints.append("traceroute from VPNClient1 to VPNClient3 is not OK") pass else: hints.append("traceroute from VPNClient1 to VPNClient3 is not OK") pass # C3 rs = r"1 {}".format(IP2_C2) if re.search(rs, results['VPNClient3_traceroute_C1']): rs = r"2 {}".format(IP_C1) if re.search(rs, results['VPNClient3_traceroute_C1']): score += 1 else: hints.append("traceroute from VPNClient1 to VPNClient3 is not OK") pass else: hints.append("traceroute from VPNClient1 to VPNClient3 is not OK") pass if score > 10 : score -= 1 score = int(score) return score, hints def prepare_disks(templates, task_params, global_params): write_default_config(templates['simpleArbiterDhcp'], global_params)