debian, doc, hwlib (1f23c431) | Commits | VoLTE and OF / voip-of

Browse Code »

Commit 1f23c431a4f2e3c6fc329c8118616290635de213

Authored by Julien LANGLOIS 2014-08-21 11:54:17 +0100

1 parent ca8e9662

debian, doc, hwlib

Inline Side-by-side

Showing 90 changed files with 16486 additions and 0 deletions

Too many changes to show.
Reload with full diff Plain diff Email patch

To preserve performance only 56 of 90 files are displayed.

debian/.gitignore 0 → 100755

View file @1f23c43

	1	+*.debhelper
	2	+*.debhelper.log
	3	+*.substvars
	4	+/automake.mk
	5	+/control
	6	+/corekeeper
	7	+/files
	8	+/nicira-switch
	9	+/openflow
	10	+/openflow-common
	11	+/openflow-common.copyright
	12	+/openflow-controller
	13	+/openflow-datapath-source
	14	+/openflow-dbg
	15	+/openflow-monitor
	16	+/openflow-monitor.copyright
	17	+/openflow-monitor.default
	18	+/openflow-monitor.dirs
	19	+/openflow-monitor.init
	20	+/openflow-monitor.install
	21	+/openflow-pki
	22	+/openflow-pki-server
	23	+/openflow-switch
	24	+/openflow-switch-config
	25	+/openflow-switch.copyright
	26	+/openflow-switchui
	27	+/openflow-switchui.copyright
	28	+/openflow-switchui.default
	29	+/openflow-switchui.dirs
	30	+/openflow-switchui.init
	31	+/openflow-switchui.install
	32	+/openflow-wdt
	33	+/openflow-wdt.copyright
	34	+/openflow-wdt.default
	35	+/openflow-wdt.dirs
	36	+/openflow-wdt.init
	37	+/openflow-wdt.install
	38	+/rules.ext
...	...

debian/changelog 0 → 100755

View file @1f23c43

	1	+openflow (1.0.0) unstable; urgency=low
	2	+
	3	+ * Development version
	4	+
	5	+ -- OpenFlow team <openflow-dev@lists.stanford.edu> Thu, 31 Dec 2009 23:59:59 -0800
	6	+
	7	+openflow (0.9.0-rev1) unstable; urgency=low
	8	+
	9	+ * Development version.
	10	+
	11	+ -- OpenFlow team <openflow-dev@lists.stanford.edu> Fri, 04 Sep 2009 12:00:00 -0800
	12	+
	13	+openflow (0.8.9-rev4) unstable; urgency=low
	14	+
	15	+ * Develoment version.
	16	+
	17	+ -- OpenFlow team <openflow-dev@lists.stanford.edu> Tue, 15 Sep 2009 12:00:00 -0800
	18	+
	19	+openflow (0.8.1) unstable; urgency=low
	20	+
	21	+ * Development version.
	22	+
	23	+ -- OpenFlow team <openflow-dev@lists.stanford.edu> Mon, 19 Nov 2007 14:57:52 -0800
...	...

debian/commands/reconfigure 0 → 100755

View file @1f23c43

	1	+#! /usr/bin/perl
	2	+
	3	+use POSIX;
	4	+use strict;
	5	+use warnings;
	6	+
	7	+my $default = '/etc/default/openflow-switch';
	8	+
	9	+my (%config) = load_config($default);
	10	+if (@ARGV) {
	11	+ foreach my $arg (@ARGV) {
	12	+ my ($key, $value) = $arg =~ /^([^=]+)=(.*)/
	13	+ or die "bad argument '$arg'\n";
	14	+ if ($value ne '') {
	15	+ $config{$key} = $value;
	16	+ } else {
	17	+ delete $config{$key};
	18	+ }
	19	+ }
	20	+ save_config($default, %config);
	21	+}
	22	+print "$_=$config{$_}\n" foreach sort(keys(%config));
	23	+
	24	+sub load_config {
	25	+ my ($file) = @_;
	26	+
	27	+ # Get the list of the variables that the shell sets automatically.
	28	+ my (%auto_vars) = read_vars("set -a && env");
	29	+
	30	+ # Get the variables from $default.
	31	+ my (%config) = read_vars("set -a && . '$default' && env");
	32	+
	33	+ # Subtract.
	34	+ delete @config{keys %auto_vars};
	35	+
	36	+ return %config;
	37	+}
	38	+
	39	+sub read_vars {
	40	+ my ($cmd) = @_;
	41	+ local @ENV;
	42	+ if (!open(VARS, '-\|', $cmd)) {
	43	+ print STDERR "$cmd: failed to execute: $!\n";
	44	+ return ();
	45	+ }
	46	+ my (%config);
	47	+ while (<VARS>) {
	48	+ my ($var, $value) = /^([^=]+)=(.*)$/ or next;
	49	+ $config{$var} = $value;
	50	+ }
	51	+ close(VARS);
	52	+ return %config;
	53	+}
	54	+
	55	+sub shell_escape {
	56	+ local $_ = $_[0];
	57	+ if ($_ eq '') {
	58	+ return '""';
	59	+ } elsif (m&^[-a-zA-Z0-9:./%^_+,]*$&) {
	60	+ return $_;
	61	+ } else {
	62	+ s/'/'\\''/;
	63	+ return "'$_'";
	64	+ }
	65	+}
	66	+
	67	+sub shell_assign {
	68	+ my ($var, $value) = @_;
	69	+ return $var . '=' . shell_escape($value);
	70	+}
	71	+
	72	+sub save_config {
	73	+ my ($file, %config) = @_;
	74	+ my (@lines);
	75	+ if (open(FILE, '<', $file)) {
	76	+ @lines = <FILE>;
	77	+ chomp @lines;
	78	+ close(FILE);
	79	+ }
	80	+
	81	+ # Replace all existing variable assignments.
	82	+ for (my ($i) = 0; $i <= $#lines; $i++) {
	83	+ local $_ = $lines[$i];
	84	+ my ($var, $value) = /^\s([^=#]+)=(.)$/ or next;
	85	+ if (exists($config{$var})) {
	86	+ $lines[$i] = shell_assign($var, $config{$var});
	87	+ delete $config{$var};
	88	+ } else {
	89	+ $lines[$i] = "#$lines[$i]";
	90	+ }
	91	+ }
	92	+
	93	+ # Find a place to put any remaining variable assignments.
	94	+ VAR:
	95	+ for my $var (keys(%config)) {
	96	+ my $assign = shell_assign($var, $config{$var});
	97	+
	98	+ # Replace the last commented-out variable assignment to $var, if any.
	99	+ for (my ($i) = $#lines; $i >= 0; $i--) {
	100	+ local $_ = $lines[$i];
	101	+ if (/^\s#\s$var=/) {
	102	+ $lines[$i] = $assign;
	103	+ next VAR;
	104	+ }
	105	+ }
	106	+
	107	+ # Find a place to add the var: after the final commented line
	108	+ # just after a line that contains "$var:".
	109	+ for (my ($i) = 0; $i <= $#lines; $i++) {
	110	+ if ($lines[$i] =~ /^\s#\s$var:/) {
	111	+ for (my ($j) = $i + 1; $j <= $#lines; $j++) {
	112	+ if ($lines[$j] !~ /^\s*#/) {
	113	+ splice(@lines, $j, 0, $assign);
	114	+ next VAR;
	115	+ }
	116	+ }
	117	+ }
	118	+ }
	119	+
	120	+ # Just append it.
	121	+ push(@lines, $assign);
	122	+ }
	123	+
	124	+ open(NEWFILE, '>', "$file.tmp") or die "$file.tmp: create: $!\n";
	125	+ print NEWFILE join('', map("$_\n", @lines));
	126	+ close(NEWFILE);
	127	+ rename("$file.tmp", $file) or die "$file.tmp: rename to $file: $!\n";
	128	+}
...	...

debian/commands/update 0 → 100755

View file @1f23c43

	1	+#! /bin/sh
	2	+set -e
	3	+apt-get update -qy
	4	+apt-get upgrade -qy
...	...

debian/compat 0 → 100755

View file @1f23c43

	1	+5
...	...

debian/control.in 0 → 100755

View file @1f23c43

	1	+Source: openflow
	2	+Section: net
	3	+Priority: extra
	4	+Maintainer: OpenFlow Team <openflow-dev@lists.stanford.edu>
	5	+Build-Depends: debhelper (>= 5), autoconf (>= 2.60), automake1.10 \| automake1.11 \| automake (>= 1.10), libssl-dev, pkg-config (>= 0.21), po-debconf, bzip2, openssl, libncurses5-dev, libpcre3-dev
	6	+Standards-Version: 3.7.3
	7	+
	8	+Package: openflow-datapath-source
	9	+Architecture: all
	10	+Depends: module-assistant, bzip2, debhelper (>= 5.0.37)
	11	+Suggests: openflow-switch
	12	+Description: Source code for OpenFlow datapath Linux module
	13	+ This package provides the OpenFlow datapath module source code that
	14	+ is needed by the kernel-based OpenFlow switch. The kernel module can
	15	+ be built from it using module-assistant or make-kpkg. README.Debian
	16	+ in this package provides further instructions.
	17	+ .
	18	+ OpenFlow is a protocol for flow-based control over network switching.
	19	+
	20	+Package: openflow-common
	21	+Architecture: any
	22	+Depends: ${shlibs:Depends}, openssl
	23	+Description: OpenFlow common components
	24	+ openflow-common provides components required by both openflow-switch
	25	+ and openflow-controller.
	26	+ .
	27	+ OpenFlow is a protocol for flow-based control over network switching.
	28	+
	29	+Package: openflow-switch
	30	+Architecture: any
	31	+Suggests: openflow-datapath-module
	32	+Depends: ${shlibs:Depends}, ${misc:Depends}, openflow-common, dhcp3-client, module-init-tools, dmidecode, procps, debianutils
	33	+Description: OpenFlow switch implementations
	34	+ openflow-switch provides the userspace components and utilities for
	35	+ the OpenFlow kernel-based switch.
	36	+ .
	37	+ OpenFlow is a protocol for flow-based control over network switching.
	38	+
	39	+Package: openflow-switch-config
	40	+Architecture: any
	41	+Depends: ${shlibs:Depends}, ${misc:Depends}, openflow-switch, libwww-perl, libdigest-sha1-perl
	42	+Description: OpenFlow switch implementations
	43	+ openflow-switch-config provides a utility for interactively configuring
	44	+ the OpenFlow switch provided in the openflow-switch package.
	45	+ .
	46	+ OpenFlow is a protocol for flow-based control over network switching.
	47	+
	48	+Package: openflow-pki
	49	+Architecture: all
	50	+Depends: ${shlibs:Depends}, ${misc:Depends}, openflow-common
	51	+Description: OpenFlow public key infrastructure
	52	+ openflow-pki provides PKI (public key infrastructure) support for
	53	+ OpenFlow switches and controllers, reducing the risk of
	54	+ man-in-the-middle attacks on the OpenFlow network infrastructure.
	55	+ .
	56	+ OpenFlow is a protocol for flow-based control over network switching.
	57	+
	58	+Package: openflow-pki-server
	59	+Architecture: all
	60	+Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, openflow-pki, apache2
	61	+Description: OpenFlow public key infrastructure (HTTP server support)
	62	+ openflow-pki-server provides HTTP access to the OpenFlow PKI (public
	63	+ key infrastructure) maintained on the local machine by the
	64	+ openflow-pki package. This HTTP access is needed for secure and
	65	+ convenient OpenFlow switch setup using the ofp-switch-setup program
	66	+ in the openflow-switch package.
	67	+ .
	68	+ OpenFlow is a protocol for flow-based control over network switching.
	69	+
	70	+Package: openflow-controller
	71	+Architecture: any
	72	+Depends: ${shlibs:Depends}, openflow-common, openflow-pki
	73	+Description: OpenFlow controller implementation
	74	+ The OpenFlow controller enables OpenFlow switches that connect to it
	75	+ to act as MAC-learning Ethernet switches.
	76	+ .
	77	+ OpenFlow is a protocol for flow-based control over network switching.
	78	+
	79	+Package: corekeeper
	80	+Architecture: all
	81	+Depends: tmpreaper
	82	+Description: Core file centralizer and reaper
	83	+ The corekeeper package configures the system to dump all core files to
	84	+ /var/log/core. It also deletes core files older than 7 days.
	85	+
	86	+Package: openflow-dbg
	87	+Architecture: any
	88	+Depends: ${shlibs:Depends}
	89	+Description: Debug symbols for OpenFlow packages
	90	+ This package contains the debug symbols for all the other openflow-*
	91	+ packages. Install it to debug one of them or to examine a core dump
	92	+ produced by one of them.
	93	+
...	...

debian/control.modules.in 0 → 100755

View file @1f23c43

	1	+Source: openflow
	2	+Section: net
	3	+Priority: extra
	4	+Maintainer: OpenFlow Team <openflow-dev@lists.stanford.edu>
	5	+Build-Depends: debhelper (>= 5.0.37)
	6	+Standards-Version: 3.7.3
	7	+
	8	+Package: openflow-datapath-module-_KVERS_
	9	+Architecture: any
	10	+Recommends: kernel-image-_KVERS_, openflow-switch
	11	+Provides: openflow-datapath-module
	12	+Description: OpenFlow Linux datapath kernel module
	13	+ This package contains the OpenFlow loadable datapath kernel modules for
	14	+ the kernel-image-_KVERS_ package.
	15	+ .
	16	+ If you compiled a custom kernel, you will most likely need to compile
	17	+ a custom version of this module as well. The openflow-datapath-source
	18	+ package has been provided for this purpose. Refer to README.Debian
	19	+ provided in that package for further instructions.
...	...

debian/copyright 0 → 100755

View file @1f23c43

	1	+Upstream Authors:
	2	+
	3	+ The Board of Trustees of The Leland Stanford Junior University
	4	+
	5	+Copyright:
	6	+
	7	+ Copyright (C) 2008 The Board of Trustees of The Leland Stanford
	8	+ Junior University
	9	+
	10	+License:
	11	+
	12	+ We are making the OpenFlow specification and associated documentation
	13	+ (Software) available for public use and benefit with the expectation
	14	+ that others will use, modify and enhance the Software and contribute
	15	+ those enhancements back to the community. However, since we would like
	16	+ to make the Software available for broadest use, with as few
	17	+ restrictions as possible permission is hereby granted, free of charge,
	18	+ to any person obtaining a copy of this Software to deal in the Software
	19	+ under the copyrights without restriction, including without limitation
	20	+ the rights to use, copy, modify, merge, publish, distribute, sublicense,
	21	+ and/or sell copies of the Software, and to permit persons to whom the
	22	+ Software is furnished to do so, subject to the following conditions:
	23	+
	24	+ The above copyright notice and this permission notice shall be included
	25	+ in all copies or substantial portions of the Software.
	26	+
	27	+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
	28	+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
	29	+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
	30	+ IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
	31	+ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
	32	+ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
	33	+ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
	34	+
	35	+ The name and trademarks of copyright holder(s) may NOT be used in
	36	+ advertising or publicity pertaining to the Software or any derivatives
	37	+ without specific, written prior permission.
	38	+
...	...

debian/corekeeper.cron.daily 0 → 100755

View file @1f23c43

	1	+#! /bin/sh
	2	+
	3	+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
	4	+
	5	+tmpreaper 7d --mtime --all /var/log/core
...	...

debian/corekeeper.init 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+#
	3	+# Example init.d script with LSB support.
	4	+#
	5	+# Please read this init.d carefully and modify the sections to
	6	+# adjust it to the program you want to run.
	7	+#
	8	+# Copyright (c) 2007 Javier Fernandez-Sanguino <jfs@debian.org>
	9	+#
	10	+# This is free software; you may redistribute it and/or modify
	11	+# it under the terms of the GNU General Public License as
	12	+# published by the Free Software Foundation; either version 2,
	13	+# or (at your option) any later version.
	14	+#
	15	+# This is distributed in the hope that it will be useful, but
	16	+# WITHOUT ANY WARRANTY; without even the implied warranty of
	17	+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	18	+# GNU General Public License for more details.
	19	+#
	20	+# You should have received a copy of the GNU General Public License with
	21	+# the Debian operating system, in /usr/share/common-licenses/GPL; if
	22	+# not, write to the Free Software Foundation, Inc., 59 Temple Place,
	23	+# Suite 330, Boston, MA 02111-1307 USA
	24	+#
	25	+### BEGIN INIT INFO
	26	+# Provides: corekeeper
	27	+# Required-Start:
	28	+# Required-Stop:
	29	+# Should-Start: $syslog
	30	+# Should-Stop:
	31	+# Default-Start: 2 3 4 5
	32	+# Default-Stop: 0 1 6
	33	+# Short-Description: Configure core file dump location
	34	+### END INIT INFO
	35	+
	36	+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
	37	+
	38	+. /lib/lsb/init-functions
	39	+
	40	+set -e
	41	+
	42	+case "$1" in
	43	+ start)
	44	+ log_daemon_msg "Initializing core dump location..."
	45	+ if echo "/var/log/core/core.%e.%t" > /proc/sys/kernel/core_pattern
	46	+ then
	47	+ log_progress_msg "success"
	48	+ log_end_msg 0
	49	+ exit 0
	50	+ else
	51	+ log_end_msg 1
	52	+ exit 1
	53	+ fi
	54	+ ;;
	55	+ stop\|restart\|force-reload\|status\|reload)
	56	+ exit 0
	57	+ ;;
	58	+ *)
	59	+ N=/etc/init.d/$NAME
	60	+ echo "Usage: $N {start\|stop\|restart\|force-reload\|status}" >&2
	61	+ exit 1
	62	+ ;;
	63	+esac
...	...

debian/dirs 0 → 100755

View file @1f23c43

	1	+usr/bin
	2	+usr/sbin
...	...

debian/ofp-switch-setup 0 → 100755

View file @1f23c43

	1	+#! /usr/bin/perl
	2	+
	3	+use POSIX;
	4	+use Debconf::Client::ConfModule ':all';
	5	+use HTTP::Request;
	6	+use LWP::UserAgent;
	7	+use Digest::SHA1 'sha1_hex';
	8	+use strict;
	9	+use warnings;
	10	+
	11	+# XXX should support configuring SWITCH_NETMASK and SWITCH_GATEWAY
	12	+# when the mode is in-band.
	13	+
	14	+my $debconf_owner = 'openflow-switch';
	15	+
	16	+my $default = '/etc/default/openflow-switch';
	17	+my $template = '/usr/share/openflow/switch/default.template';
	18	+my $etc = '/etc/openflow-switch';
	19	+my $rundir = '/var/run';
	20	+my $privkey_file = "$etc/of0-privkey.pem";
	21	+my $req_file = "$etc/of0-req.pem";
	22	+my $cert_file = "$etc/of0-cert.pem";
	23	+my $cacert_file = "$etc/cacert.pem";
	24	+my $ofp_discover_pidfile = "$rundir/ofp-discover.pid";
	25	+
	26	+my $ua = LWP::UserAgent->new;
	27	+$ua->timeout(10);
	28	+$ua->env_proxy;
	29	+
	30	+system("/etc/init.d/openflow-switch stop 1>&2");
	31	+kill_ofp_discover();
	32	+
	33	+version('2.0');
	34	+capb('backup');
	35	+title('OpenFlow Switch Setup');
	36	+
	37	+my (%netdevs) = find_netdevs();
	38	+db_subst('netdevs', 'choices',
	39	+ join(', ', map($netdevs{$_}, sort(keys(%netdevs)))));
	40	+db_set('netdevs', join(', ', grep(!/IP/, values(%netdevs))));
	41	+
	42	+my %oldconfig;
	43	+if (-e $default) {
	44	+ %oldconfig = load_config($default);
	45	+
	46	+ my (%map) =
	47	+ (NETDEVS => sub {
	48	+ db_set('netdevs', join(', ', map($netdevs{$_},
	49	+ grep(exists $netdevs{$_}, split))))
	50	+ },
	51	+ MODE => sub {
	52	+ db_set('mode',
	53	+ $_ eq 'in-band' \|\| $_ eq 'out-of-band' ? $_ : 'discovery')
	54	+ },
	55	+ SWITCH_IP => sub { db_set('switch-ip', $_) },
	56	+ CONTROLLER => sub { db_set('controller-vconn', $_) },
	57	+ PRIVKEY => sub { $privkey_file = $_ },
	58	+ CERT => sub { $cert_file = $_ },
	59	+ CACERT => sub { $cacert_file = $_ },
	60	+ );
	61	+
	62	+ for my $key (keys(%map)) {
	63	+ local $_ = $oldconfig{$key};
	64	+ &{$map{$key}}() if defined && !/^\s*$/;
	65	+ }
	66	+} elsif (-e $template) {
	67	+ %oldconfig = load_config($template);
	68	+}
	69	+
	70	+my $cacert_preverified = -e $cacert_file;
	71	+my ($req, $req_fingerprint);
	72	+
	73	+my %options;
	74	+
	75	+my (@states) =
	76	+ (sub {
	77	+ # User backed up from first dialog box.
	78	+ exit(10);
	79	+ },
	80	+ sub {
	81	+ # Prompt for ports to include in switch.
	82	+ db_input('netdevs');
	83	+ return;
	84	+ },
	85	+ sub {
	86	+ # Validate the chosen ports.
	87	+ my (@netdevs) = split(', ', db_get('netdevs'));
	88	+ if (!@netdevs) {
	89	+ # No ports chosen. Disable switch.
	90	+ db_input('no-netdevs');
	91	+ return 'prev' if db_go();
	92	+ return 'done';
	93	+ } elsif (my (@conf_netdevs) = grep(/IP/, @netdevs)) {
	94	+ # Point out that some ports have configured IP addresses.
	95	+ db_subst('configured-netdevs', 'configured-netdevs',
	96	+ join(', ', @conf_netdevs));
	97	+ db_input('configured-netdevs');
	98	+ return;
	99	+ } else {
	100	+ # Otherwise proceed.
	101	+ return 'skip';
	102	+ }
	103	+ },
	104	+ sub {
	105	+ # Discovery or in-band or out-of-band controller?
	106	+ db_input('mode');
	107	+ return;
	108	+ },
	109	+ sub {
	110	+ return 'skip' if db_get('mode') ne 'discovery';
	111	+ for (;;) {
	112	+ # Notify user that we are going to do discovery.
	113	+ db_input('discover');
	114	+ return 'prev' if db_go();
	115	+ print STDERR "Please wait up to 30 seconds for discovery...\n";
	116	+
	117	+ # Make sure that there's no running discovery process.
	118	+ kill_ofp_discover();
	119	+
	120	+ # Do discovery.
	121	+ %options = ();
	122	+ open(DISCOVER, '-\|', 'ofp-discover --timeout=30 --pidfile '
	123	+ . join(' ', netdev_names()));
	124	+ while (<DISCOVER>) {
	125	+ chomp;
	126	+ if (my ($name, $value) = /^([^=]+)=(.*)$/) {
	127	+ if ($value =~ /^"(.*)"$/) {
	128	+ $value = $1;
	129	+ $value =~ s/\\([0-7][0-7][0-7])/chr($1)/ge;
	130	+ } else {
	131	+ $value =~ s/^(0x[[:xdigit:]]+)$/hex($1)/e;
	132	+ $value = '' if $value eq 'empty';
	133	+ next if $value eq 'null'; # Shouldn't happen.
	134	+ }
	135	+ $options{$name} = $value;
	136	+ }
	137	+ last if /^$/;
	138	+ }
	139	+
	140	+ # Check results.
	141	+ my $vconn = $options{'ofp-controller-vconn'};
	142	+ my $pki_uri = $options{'ofp-pki-uri'};
	143	+ return 'next'
	144	+ if (defined($vconn)
	145	+ && is_valid_vconn($vconn)
	146	+ && (!is_ssl_vconn($vconn) \|\| defined($pki_uri)));
	147	+
	148	+ # Try again?
	149	+ kill_ofp_discover();
	150	+ db_input('discovery-failure');
	151	+ db_go();
	152	+ }
	153	+ },
	154	+ sub {
	155	+ return 'skip' if db_get('mode') ne 'discovery';
	156	+
	157	+ my $vconn = $options{'ofp-controller-vconn'};
	158	+ my $pki_uri = $options{'ofp-pki-uri'};
	159	+ db_subst('discovery-success', 'controller-vconn', $vconn);
	160	+ db_subst('discovery-success',
	161	+ 'pki-uri', is_ssl_vconn($vconn) ? $pki_uri : "no PKI in use");
	162	+ db_input('discovery-success');
	163	+ return 'prev' if db_go();
	164	+ db_set('controller-vconn', $vconn);
	165	+ db_set('pki-uri', $pki_uri);
	166	+ return 'next';
	167	+ },
	168	+ sub {
	169	+ return 'skip' if db_get('mode') ne 'in-band';
	170	+ for (;;) {
	171	+ db_input('switch-ip');
	172	+ return 'prev' if db_go();
	173	+
	174	+ my $ip = db_get('switch-ip');
	175	+ return 'next' if $ip =~ /^dhcp\|\d+\.\d+.\d+.\d+$/i;
	176	+
	177	+ db_input('switch-ip-error');
	178	+ db_go();
	179	+ }
	180	+ },
	181	+ sub {
	182	+ return 'skip' if db_get('mode') eq 'discovery';
	183	+ for (;;) {
	184	+ my $old_vconn = db_get('controller-vconn');
	185	+ db_input('controller-vconn');
	186	+ return 'prev' if db_go();
	187	+
	188	+ my $vconn = db_get('controller-vconn');
	189	+ if (is_valid_vconn($vconn)) {
	190	+ if ($old_vconn ne $vconn \|\| db_get('pki-uri') eq '') {
	191	+ db_set('pki-uri', pki_host_to_uri($2));
	192	+ }
	193	+ return 'next';
	194	+ }
	195	+
	196	+ db_input('controller-vconn-error');
	197	+ db_go();
	198	+ }
	199	+ },
	200	+ sub {
	201	+ return 'skip' if !ssl_enabled();
	202	+
	203	+ if (! -e $privkey_file) {
	204	+ my $old_umask = umask(077);
	205	+ run_cmd("ofp-pki req $etc/of0 >&2 2>/dev/null");
	206	+ chmod(0644, $req_file) or die "$req_file: chmod: $!\n";
	207	+ umask($old_umask);
	208	+ }
	209	+
	210	+ if (! -e $cert_file) {
	211	+ open(REQ, '<', $req_file) or die "$req_file: open: $!\n";
	212	+ $req = join('', <REQ>);
	213	+ close(REQ);
	214	+ $req_fingerprint = sha1_hex($req);
	215	+ }
	216	+ return 'skip';
	217	+ },
	218	+ sub {
	219	+ return 'skip' if !ssl_enabled();
	220	+ return 'skip' if -e $cacert_file && -e $cert_file;
	221	+
	222	+ db_input('pki-uri');
	223	+ return 'prev' if db_go();
	224	+ return;
	225	+ },
	226	+ sub {
	227	+ return 'skip' if !ssl_enabled();
	228	+ return 'skip' if -e $cacert_file;
	229	+
	230	+ my $pki_uri = db_get('pki-uri');
	231	+ if ($pki_uri !~ /:/) {
	232	+ $pki_uri = pki_host_to_uri($pki_uri);
	233	+ } else {
	234	+ # Trim trailing slashes.
	235	+ $pki_uri =~ s%/+$%%;
	236	+ }
	237	+ db_set('pki-uri', $pki_uri);
	238	+
	239	+ my $url = "$pki_uri/controllerca/cacert.pem";
	240	+ my $response = $ua->get($url, ':content_file' => $cacert_file);
	241	+ if ($response->is_success) {
	242	+ return 'next';
	243	+ }
	244	+
	245	+ db_subst('fetch-cacert-failed', 'url', $url);
	246	+ db_subst('fetch-cacert-failed', 'error', $response->status_line);
	247	+ db_subst('fetch-cacert-failed', 'pki-uri', $pki_uri);
	248	+ db_input('fetch-cacert-failed');
	249	+ db_go();
	250	+ return 'prev';
	251	+ },
	252	+ sub {
	253	+ return 'skip' if !ssl_enabled();
	254	+ return 'skip' if -e $cert_file;
	255	+
	256	+ for (;;) {
	257	+ db_set('send-cert-req', 'yes');
	258	+ db_input('send-cert-req');
	259	+ return 'prev' if db_go();
	260	+ return 'next' if db_get('send-cert-req') eq 'no';
	261	+
	262	+ my $pki_uri = db_get('pki-uri');
	263	+ my ($pki_base_uri) = $pki_uri =~ m%^([^/]+://[^/]+)/%;
	264	+ my $url = "$pki_base_uri/cgi-bin/ofp-pki-cgi";
	265	+ my $response = $ua->post($url, {'type' => 'switch',
	266	+ 'req' => $req});
	267	+ return 'next' if $response->is_success;
	268	+
	269	+ db_subst('send-cert-req-failed', 'url', $url);
	270	+ db_subst('send-cert-req-failed', 'error',
	271	+ $response->status_line);
	272	+ db_subst('send-cert-req-failed', 'pki-uri', $pki_uri);
	273	+ db_input('send-cert-req-failed');
	274	+ db_go();
	275	+ }
	276	+ },
	277	+ sub {
	278	+ return 'skip' if !ssl_enabled();
	279	+ return 'skip' if $cacert_preverified;
	280	+
	281	+ my ($cacert_fingerprint) = x509_fingerprint($cacert_file);
	282	+ db_subst('verify-controller-ca', 'fingerprint', $cacert_fingerprint);
	283	+ db_input('verify-controller-ca');
	284	+ return 'prev' if db_go();
	285	+ return 'next' if db_get('verify-controller-ca') eq 'yes';
	286	+ unlink($cacert_file);
	287	+ return 'prev';
	288	+ },
	289	+ sub {
	290	+ return 'skip' if !ssl_enabled();
	291	+ return 'skip' if -e $cert_file;
	292	+
	293	+ for (;;) {
	294	+ db_set('fetch-switch-cert', 'yes');
	295	+ db_input('fetch-switch-cert');
	296	+ return 'prev' if db_go();
	297	+ exit(1) if db_get('fetch-switch-cert') eq 'no';
	298	+
	299	+ my $pki_uri = db_get('pki-uri');
	300	+ my $url = "$pki_uri/switchca/certs/$req_fingerprint-cert.pem";
	301	+ my $response = $ua->get($url, ':content_file' => $cert_file);
	302	+ if ($response->is_success) {
	303	+ return 'next';
	304	+ }
	305	+
	306	+ db_subst('fetch-switch-cert-failed', 'url', $url);
	307	+ db_subst('fetch-switch-cert-failed', 'error',
	308	+ $response->status_line);
	309	+ db_subst('fetch-switch-cert-failed', 'pki-uri', $pki_uri);
	310	+ db_input('fetch-switch-cert-failed');
	311	+ db_go();
	312	+ }
	313	+ },
	314	+ sub {
	315	+ db_input('complete');
	316	+ db_go();
	317	+ return;
	318	+ },
	319	+ sub {
	320	+ return 'done';
	321	+ },
	322	+);
	323	+
	324	+my $state = 1;
	325	+my $direction = 1;
	326	+for (;;) {
	327	+ my $ret = &{$states[$state]}();
	328	+ $ret = db_go() ? 'prev' : 'next' if !defined $ret;
	329	+ if ($ret eq 'next') {
	330	+ $direction = 1;
	331	+ } elsif ($ret eq 'prev') {
	332	+ $direction = -1;
	333	+ } elsif ($ret eq 'skip') {
	334	+ # Nothing to do.
	335	+ } elsif ($ret eq 'done') {
	336	+ last;
	337	+ } else {
	338	+ die "unknown ret $ret";
	339	+ }
	340	+ $state += $direction;
	341	+}
	342	+
	343	+my %config = %oldconfig;
	344	+$config{NETDEVS} = join(' ', netdev_names());
	345	+$config{MODE} = db_get('mode');
	346	+if (db_get('mode') eq 'in-band') {
	347	+ $config{SWITCH_IP} = db_get('switch-ip');
	348	+}
	349	+if (db_get('mode') ne 'discovery') {
	350	+ $config{CONTROLLER} = db_get('controller-vconn');
	351	+}
	352	+$config{PRIVKEY} = $privkey_file;
	353	+$config{CERT} = $cert_file;
	354	+$config{CACERT} = $cacert_file;
	355	+save_config($default, %config);
	356	+
	357	+dup2(2, 1); # Get stdout back.
	358	+kill_ofp_discover();
	359	+system("/etc/init.d/openflow-switch start");
	360	+
	361	+sub ssl_enabled {
	362	+ return is_ssl_vconn(db_get('controller-vconn'));
	363	+}
	364	+
	365	+sub db_subst {
	366	+ my ($question, $key, $value) = @_;
	367	+ $question = "$debconf_owner/$question";
	368	+ my ($ret, $seen) = subst($question, $key, $value);
	369	+ if ($ret && $ret != 30) {
	370	+ die "Error substituting $value for $key in debconf question "
	371	+ . "$question: $seen";
	372	+ }
	373	+}
	374	+
	375	+sub db_set {
	376	+ my ($question, $value) = @_;
	377	+ $question = "$debconf_owner/$question";
	378	+ my ($ret, $seen) = set($question, $value);
	379	+ if ($ret && $ret != 30) {
	380	+ die "Error setting debconf question $question to $value: $seen";
	381	+ }
	382	+}
	383	+
	384	+sub db_get {
	385	+ my ($question) = @_;
	386	+ $question = "$debconf_owner/$question";
	387	+ my ($ret, $seen) = get($question);
	388	+ if ($ret) {
	389	+ die "Error getting debconf question $question answer: $seen";
	390	+ }
	391	+ return $seen;
	392	+}
	393	+
	394	+sub db_fset {
	395	+ my ($question, $flag, $value) = @_;
	396	+ $question = "$debconf_owner/$question";
	397	+ my ($ret, $seen) = fset($question, $flag, $value);
	398	+ if ($ret && $ret != 30) {
	399	+ die "Error setting debconf question $question flag $flag to $value: "
	400	+ . "$seen";
	401	+ }
	402	+}
	403	+
	404	+sub db_fget {
	405	+ my ($question, $flag) = @_;
	406	+ $question = "$debconf_owner/$question";
	407	+ my ($ret, $seen) = fget($question, $flag);
	408	+ if ($ret) {
	409	+ die "Error getting debconf question $question flag $flag: $seen";
	410	+ }
	411	+ return $seen;
	412	+}
	413	+
	414	+sub db_input {
	415	+ my ($question) = @_;
	416	+ db_fset($question, "seen", "false");
	417	+
	418	+ $question = "$debconf_owner/$question";
	419	+ my ($ret, $seen) = input('high', $question);
	420	+ if ($ret && $ret != 30) {
	421	+ die "Error requesting debconf question $question: $seen";
	422	+ }
	423	+ return $ret;
	424	+}
	425	+
	426	+sub db_go {
	427	+ my ($ret, $seen) = go();
	428	+ if (!defined($ret)) {
	429	+ exit(1); # Cancel button was pushed.
	430	+ }
	431	+ if ($ret && $ret != 30) {
	432	+ die "Error asking debconf questions: $seen";
	433	+ }
	434	+ return $ret;
	435	+}
	436	+
	437	+sub run_cmd {
	438	+ my ($cmd) = @_;
	439	+ return if system($cmd) == 0;
	440	+
	441	+ if ($? == -1) {
	442	+ die "$cmd: failed to execute: $!\n";
	443	+ } elsif ($? & 127) {
	444	+ die sprintf("$cmd: child died with signal %d, %s coredump\n",
	445	+ ($? & 127), ($? & 128) ? 'with' : 'without');
	446	+ } else {
	447	+ die sprintf("$cmd: child exited with value %d\n", $? >> 8);
	448	+ }
	449	+}
	450	+
	451	+sub x509_fingerprint {
	452	+ my ($file) = @_;
	453	+ my $cmd = "openssl x509 -noout -in $file -fingerprint";
	454	+ open(OPENSSL, '-\|', $cmd) or die "$cmd: failed to execute: $!\n";
	455	+ my $line = <OPENSSL>;
	456	+ close(OPENSSL);
	457	+ my ($fingerprint) = $line =~ /SHA1 Fingerprint=(.*)/;
	458	+ return $line if !defined $fingerprint;
	459	+ $fingerprint =~ s/://g;
	460	+ return $fingerprint;
	461	+}
	462	+
	463	+sub find_netdevs {
	464	+ my ($netdev, %netdevs);
	465	+ open(IFCONFIG, "/sbin/ifconfig -a\|") or die "ifconfig failed: $!";
	466	+ while (<IFCONFIG>) {
	467	+ if (my ($nd) = /^([^\s]+)/) {
	468	+ $netdev = $nd;
	469	+ $netdevs{$netdev} = "$netdev";
	470	+ if (my ($hwaddr) = /HWaddr (\S+)/) {
	471	+ $netdevs{$netdev} .= " (MAC: $hwaddr)";
	472	+ }
	473	+ } elsif (my ($ip4) = /^\s*inet addr:(\S+)/) {
	474	+ $netdevs{$netdev} .= " (IP: $ip4)";
	475	+ } elsif (my ($ip6) = /^\s*inet6 addr:(\S+)/) {
	476	+ $netdevs{$netdev} .= " (IPv6: $ip6)";
	477	+ }
	478	+ }
	479	+ foreach my $nd (keys(%netdevs)) {
	480	+ delete $netdevs{$nd} if $nd eq 'lo' \|\| $nd =~ /^wmaster/;
	481	+ }
	482	+ close(IFCONFIG);
	483	+ return %netdevs;
	484	+}
	485	+
	486	+sub load_config {
	487	+ my ($file) = @_;
	488	+
	489	+ # Get the list of the variables that the shell sets automatically.
	490	+ my (%auto_vars) = read_vars("set -a && env");
	491	+
	492	+ # Get the variables from $default.
	493	+ my (%config) = read_vars("set -a && . '$default' && env");
	494	+
	495	+ # Subtract.
	496	+ delete @config{keys %auto_vars};
	497	+
	498	+ return %config;
	499	+}
	500	+
	501	+sub read_vars {
	502	+ my ($cmd) = @_;
	503	+ local @ENV;
	504	+ if (!open(VARS, '-\|', $cmd)) {
	505	+ print STDERR "$cmd: failed to execute: $!\n";
	506	+ return ();
	507	+ }
	508	+ my (%config);
	509	+ while (<VARS>) {
	510	+ my ($var, $value) = /^([^=]+)=(.*)$/ or next;
	511	+ $config{$var} = $value;
	512	+ }
	513	+ close(VARS);
	514	+ return %config;
	515	+}
	516	+
	517	+sub shell_escape {
	518	+ local $_ = $_[0];
	519	+ if ($_ eq '') {
	520	+ return '""';
	521	+ } elsif (m&^[-a-zA-Z0-9:./%^_+,]*$&) {
	522	+ return $_;
	523	+ } else {
	524	+ s/'/'\\''/;
	525	+ return "'$_'";
	526	+ }
	527	+}
	528	+
	529	+sub shell_assign {
	530	+ my ($var, $value) = @_;
	531	+ return $var . '=' . shell_escape($value);
	532	+}
	533	+
	534	+sub save_config {
	535	+ my ($file, %config) = @_;
	536	+ my (@lines);
	537	+ if (open(FILE, '<', $file)) {
	538	+ @lines = <FILE>;
	539	+ chomp @lines;
	540	+ close(FILE);
	541	+ }
	542	+
	543	+ # Replace all existing variable assignments.
	544	+ for (my ($i) = 0; $i <= $#lines; $i++) {
	545	+ local $_ = $lines[$i];
	546	+ my ($var, $value) = /^\s([^=#]+)=(.)$/ or next;
	547	+ if (exists($config{$var})) {
	548	+ $lines[$i] = shell_assign($var, $config{$var});
	549	+ delete $config{$var};
	550	+ } else {
	551	+ $lines[$i] = "#$lines[$i]";
	552	+ }
	553	+ }
	554	+
	555	+ # Find a place to put any remaining variable assignments.
	556	+ VAR:
	557	+ for my $var (keys(%config)) {
	558	+ my $assign = shell_assign($var, $config{$var});
	559	+
	560	+ # Replace the last commented-out variable assignment to $var, if any.
	561	+ for (my ($i) = $#lines; $i >= 0; $i--) {
	562	+ local $_ = $lines[$i];
	563	+ if (/^\s#\s$var=/) {
	564	+ $lines[$i] = $assign;
	565	+ next VAR;
	566	+ }
	567	+ }
	568	+
	569	+ # Find a place to add the var: after the final commented line
	570	+ # just after a line that contains "$var:".
	571	+ for (my ($i) = 0; $i <= $#lines; $i++) {
	572	+ if ($lines[$i] =~ /^\s#\s$var:/) {
	573	+ for (my ($j) = $i + 1; $j <= $#lines; $j++) {
	574	+ if ($lines[$j] !~ /^\s*#/) {
	575	+ splice(@lines, $j, 0, $assign);
	576	+ next VAR;
	577	+ }
	578	+ }
	579	+ }
	580	+ }
	581	+
	582	+ # Just append it.
	583	+ push(@lines, $assign);
	584	+ }
	585	+
	586	+ open(NEWFILE, '>', "$file.tmp") or die "$file.tmp: create: $!\n";
	587	+ print NEWFILE join('', map("$_\n", @lines));
	588	+ close(NEWFILE);
	589	+ rename("$file.tmp", $file) or die "$file.tmp: rename to $file: $!\n";
	590	+}
	591	+
	592	+sub pki_host_to_uri {
	593	+ my ($pki_host) = @_;
	594	+ return "http://$pki_host/openflow/pki";
	595	+}
	596	+
	597	+sub kill_ofp_discover {
	598	+ # Delegate this to a subprocess because there is no portable way
	599	+ # to invoke fcntl(F_GETLK) from Perl.
	600	+ system("ofp-kill --force $ofp_discover_pidfile");
	601	+}
	602	+
	603	+sub netdev_names {
	604	+ return map(/^(\S+)/, split(', ', db_get('netdevs')));
	605	+}
	606	+
	607	+sub is_valid_vconn {
	608	+ my ($vconn) = @_;
	609	+ return scalar($vconn =~ /^(tcp\|ssl):([^:]+)(:.*)?/);
	610	+}
	611	+
	612	+sub is_ssl_vconn {
	613	+ my ($vconn) = @_;
	614	+ return scalar($vconn =~ /^ssl:/);
	615	+}
...	...

debian/ofp-switch-setup.8 0 → 100755

View file @1f23c43

	1	+.TH ofp-switch-setup 8 "June 2008" "OpenFlow" "OpenFlow Manual"
	2	+
	3	+.SH NAME
	4	+ofp\-switch\-setup \- interactive setup for OpenFlow switch
	5	+
	6	+.SH SYNOPSIS
	7	+.B ofp\-switch\-setup
	8	+
	9	+.SH DESCRIPTION
	10	+The \fBofp\-switch\-setup\fR program is an interactive program that
	11	+assists the system administrator in configuring an OpenFlow switch,
	12	+including the underlying public key infrastructure (PKI).
	13	+
	14	+.SH OPTIONS
	15	+ofp\-switch\-setup does not accept any command-line options.
	16	+
	17	+.SH FILES
	18	+.IP /etc/default/openflow-switch
	19	+Main configuration file for OpenFlow switch.
	20	+
	21	+.IP /etc/openflow-switch/cacert.pem
	22	+Default location of CA certificate for OpenFlow controllers.
	23	+
	24	+.IP /etc/openflow-switch/of0-cert.pem
	25	+Default location of certificate for the OpenFlow switch's private key.
	26	+
	27	+.IP /etc/openflow-switch/of0-privkey.pem
	28	+Default location of the OpenFlow switch's private key. This file
	29	+should be readable only by \fBroot\fR.
	30	+
	31	+.IP /etc/openflow-switch/of0-req.pem
	32	+Default location of certificate request for the OpenFlow switch's
	33	+certificate. This file is not used after the signed certificate
	34	+(typically \fB/etc/openflow-switch/of0-cert.pem\fR, above) has been
	35	+obtained from the OpenFlow PKI server.
	36	+
	37	+.SH "SEE ALSO"
	38	+
	39	+.BR ofp-pki (8),
	40	+.BR dpctl (8),
	41	+.BR secchan (8)
...	...

debian/openflow-common.dirs 0 → 100755

View file @1f23c43

	1	+var/log/openflow
...	...

debian/openflow-common.install 0 → 100755

View file @1f23c43

	1	+_debian/utilities/ofp-parse-leaks usr/bin
	2	+_debian/utilities/ofp-pki usr/sbin
	3	+_debian/utilities/vlogconf usr/sbin
...	...

debian/openflow-common.manpages 0 → 100755

View file @1f23c43

	1	+_debian/utilities/vlogconf.8
	2	+_debian/utilities/ofp-pki.8
...	...

debian/openflow-controller.README.Debian 0 → 100755

View file @1f23c43

	1	+README.Debian for openflow-controller
	2	+-------------------------------------
	3	+
	4	+* To (re)configure the controller, edit /etc/default/openflow-controller
	5	+ and run "/etc/init.d/openflow-controller restart".
	6	+
	7	+* To enable OpenFlow switches to automatically discover the location
	8	+ of the controller, you must install and configure a DHCP server.
	9	+ The secchan(8) manpage (found in the openflow-switch package) gives
	10	+ a working example configuration file for the ISC DHCP server.
...	...

debian/openflow-controller.default 0 → 100755

View file @1f23c43

	1	+# This is a POSIX shell fragment -- sh --
	2	+
	3	+# LISTEN: What OpenFlow connection methods should the controller listen on?
	4	+#
	5	+# This is a space-delimited list of connection methods:
	6	+#
	7	+# * "pssl:[PORT]": Listen for SSL connections on the specified PORT
	8	+# (default: 6633). The private key, certificate, and CA certificate
	9	+# must be specified below.
	10	+#
	11	+# * "pctp:[PORT]": Listen for TCP connections on the specified PORT
	12	+# (default: 6633). Not recommended for security reasons.
	13	+#
	14	+# * "nl:DP_IDX": Listen on local datapath DP_IDX. Used only if this
	15	+# machine is also an OpenFlow switch and not running the secure
	16	+# channel, and only if you know what you're doing.
	17	+#
	18	+LISTEN="pssl:"
	19	+
	20	+# PRIVKEY: Name of file containing controller's private key.
	21	+# Required if SSL enabled.
	22	+PRIVKEY=/etc/openflow-controller/privkey.pem
	23	+
	24	+# CERT: Name of file containing certificate for private key.
	25	+# Required if SSL enabled.
	26	+CERT=/etc/openflow-controller/cert.pem
	27	+
	28	+# CACERT: Name of file containing switch CA certificate.
	29	+# Required if SSL enabled.
	30	+CACERT=/etc/openflow-controller/cacert.pem
	31	+
	32	+# Additional options to pass to controller, e.g. "--hub"
	33	+DAEMON_OPTS=""
...	...

debian/openflow-controller.dirs 0 → 100755

View file @1f23c43

	1	+etc/openflow-controller
...	...

debian/openflow-controller.init 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+#
	3	+# Copyright (c) 2007 Javier Fernandez-Sanguino <jfs@debian.org>
	4	+#
	5	+# This is free software; you may redistribute it and/or modify
	6	+# it under the terms of the GNU General Public License as
	7	+# published by the Free Software Foundation; either version 2,
	8	+# or (at your option) any later version.
	9	+#
	10	+# This is distributed in the hope that it will be useful, but
	11	+# WITHOUT ANY WARRANTY; without even the implied warranty of
	12	+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	+# GNU General Public License for more details.
	14	+#
	15	+# You should have received a copy of the GNU General Public License with
	16	+# the Debian operating system, in /usr/share/common-licenses/GPL; if
	17	+# not, write to the Free Software Foundation, Inc., 59 Temple Place,
	18	+# Suite 330, Boston, MA 02111-1307 USA
	19	+#
	20	+### BEGIN INIT INFO
	21	+# Provides: openflow-controller
	22	+# Required-Start: $network $local_fs
	23	+# Required-Stop:
	24	+# Should-Start: $named
	25	+# Should-Stop:
	26	+# Default-Start: 2 3 4 5
	27	+# Default-Stop: 0 1 6
	28	+# Short-Description: OpenFlow controller
	29	+### END INIT INFO
	30	+
	31	+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
	32	+
	33	+DAEMON=/usr/sbin/controller # Introduce the server's location here
	34	+NAME=controller # Introduce the short server's name here
	35	+DESC=controller # Introduce a short description here
	36	+LOGDIR=/var/log/openflow # Log directory to use
	37	+
	38	+PIDFILE=/var/run/$NAME.pid
	39	+
	40	+test -x $DAEMON \|\| exit 0
	41	+
	42	+. /lib/lsb/init-functions
	43	+
	44	+# Default options, these can be overriden by the information
	45	+# at /etc/default/$NAME
	46	+DAEMON_OPTS="" # Additional options given to the server
	47	+
	48	+DODTIME=10 # Time to wait for the server to die, in seconds
	49	+ # If this value is set too low you might not
	50	+ # let some servers to die gracefully and
	51	+ # 'restart' will not work
	52	+
	53	+LOGFILE=$LOGDIR/$NAME.log # Server logfile
	54	+#DAEMONUSER= # User to run the daemons as. If this value
	55	+ # is set start-stop-daemon will chuid the server
	56	+
	57	+# Include defaults if available
	58	+default=/etc/default/openflow-controller
	59	+if [ -f $default ] ; then
	60	+ . $default
	61	+fi
	62	+
	63	+# Check that the user exists (if we set a user)
	64	+# Does the user exist?
	65	+if [ -n "$DAEMONUSER" ] ; then
	66	+ if getent passwd \| grep -q "^$DAEMONUSER:"; then
	67	+ # Obtain the uid and gid
	68	+ DAEMONUID=`getent passwd \|grep "^$DAEMONUSER:" \| awk -F : '{print $3}'`
	69	+ DAEMONGID=`getent passwd \|grep "^$DAEMONUSER:" \| awk -F : '{print $4}'`
	70	+ else
	71	+ log_failure_msg "The user $DAEMONUSER, required to run $NAME does not exist."
	72	+ exit 1
	73	+ fi
	74	+fi
	75	+
	76	+
	77	+set -e
	78	+
	79	+running_pid() {
	80	+# Check if a given process pid's cmdline matches a given name
	81	+ pid=$1
	82	+ name=$2
	83	+ [ -z "$pid" ] && return 1
	84	+ [ ! -d /proc/$pid ] && return 1
	85	+ cmd=`cat /proc/$pid/cmdline \| tr "\000" "\n"\|head -n 1 \|cut -d : -f 1`
	86	+ # Is this the expected server
	87	+ [ "$cmd" != "$name" ] && return 1
	88	+ return 0
	89	+}
	90	+
	91	+running() {
	92	+# Check if the process is running looking at /proc
	93	+# (works for all users)
	94	+
	95	+ # No pidfile, probably no daemon present
	96	+ [ ! -f "$PIDFILE" ] && return 1
	97	+ pid=`cat $PIDFILE`
	98	+ running_pid $pid $DAEMON \|\| return 1
	99	+ return 0
	100	+}
	101	+
	102	+start_server() {
	103	+ if [ -z "$LISTEN" ]; then
	104	+ echo "$default: No connection methods configured, controller disabled" >&2
	105	+ exit 0
	106	+ fi
	107	+
	108	+ SSL_OPTS=
	109	+ case $LISTEN in
	110	+ ssl)
	111	+ : ${PRIVKEY:=/etc/openflow-controller/privkey.pem}
	112	+ : ${CERT:=/etc/openflow-controller/cert.pem}
	113	+ : ${CACERT:=/etc/openflow-controller/cacert.pem}
	114	+ if test ! -e "$PRIVKEY" \|\| test ! -e "$CERT" \|\|
	115	+ test ! -e "$CACERT"; then
	116	+ if test ! -e "$PRIVKEY"; then
	117	+ echo "$PRIVKEY: private key missing" >&2
	118	+ fi
	119	+ if test ! -e "$CERT"; then
	120	+ echo "$CERT: certificate for private key missing" >&2
	121	+ fi
	122	+ if test ! -e "$CACERT"; then
	123	+ echo "$CACERT: CA certificate missing" >&2
	124	+ fi
	125	+ exit 1
	126	+ fi
	127	+ SSL_OPTS="--private-key=$PRIVKEY --certificate=$CERT --ca-cert=$CACERT"
	128	+ ;;
	129	+ esac
	130	+
	131	+# Start the process using the wrapper
	132	+ if [ -z "$DAEMONUSER" ] ; then
	133	+ start-stop-daemon --start --pidfile $PIDFILE \
	134	+ --exec $DAEMON -- --detach --pidfile=$PIDFILE \
	135	+ $LISTEN $DAEMON_OPTS $SSL_OPTS
	136	+ errcode=$?
	137	+ else
	138	+# if we are using a daemonuser then change the user id
	139	+ start-stop-daemon --start --quiet --pidfile $PIDFILE \
	140	+ --chuid $DAEMONUSER --exec $DAEMON -- \
	141	+ --detach --pidfile=$PIDFILE $LISTEN $DAEMON_OPTS \
	142	+ $SSL_OPTS
	143	+ errcode=$?
	144	+ fi
	145	+ return $errcode
	146	+}
	147	+
	148	+stop_server() {
	149	+# Stop the process using the wrapper
	150	+ if [ -z "$DAEMONUSER" ] ; then
	151	+ start-stop-daemon --stop --quiet --pidfile $PIDFILE \
	152	+ --exec $DAEMON
	153	+ errcode=$?
	154	+ else
	155	+# if we are using a daemonuser then look for process that match
	156	+ start-stop-daemon --stop --quiet --pidfile $PIDFILE \
	157	+ --user $DAEMONUSER --exec $DAEMON
	158	+ errcode=$?
	159	+ fi
	160	+
	161	+ return $errcode
	162	+}
	163	+
	164	+reload_server() {
	165	+ [ ! -f "$PIDFILE" ] && return 1
	166	+ pid=`cat $PIDFILE` # This is the daemon's pid
	167	+ # Send a SIGHUP
	168	+ kill -1 $pid
	169	+ return $?
	170	+}
	171	+
	172	+force_stop() {
	173	+# Force the process to die killing it manually
	174	+ [ ! -e "$PIDFILE" ] && return
	175	+ if running ; then
	176	+ kill -15 $pid
	177	+ # Is it really dead?
	178	+ sleep "$DIETIME"s
	179	+ if running ; then
	180	+ kill -9 $pid
	181	+ sleep "$DIETIME"s
	182	+ if running ; then
	183	+ echo "Cannot kill $NAME (pid=$pid)!"
	184	+ exit 1
	185	+ fi
	186	+ fi
	187	+ fi
	188	+ rm -f $PIDFILE
	189	+}
	190	+
	191	+
	192	+case "$1" in
	193	+ start)
	194	+ log_daemon_msg "Starting $DESC " "$NAME"
	195	+ # Check if it's running first
	196	+ if running ; then
	197	+ log_progress_msg "apparently already running"
	198	+ log_end_msg 0
	199	+ exit 0
	200	+ fi
	201	+ if start_server && running ; then
	202	+ # It's ok, the server started and is running
	203	+ log_end_msg 0
	204	+ else
	205	+ # Either we could not start it or it is not running
	206	+ # after we did
	207	+ # NOTE: Some servers might die some time after they start,
	208	+ # this code does not try to detect this and might give
	209	+ # a false positive (use 'status' for that)
	210	+ log_end_msg 1
	211	+ fi
	212	+ ;;
	213	+ stop)
	214	+ log_daemon_msg "Stopping $DESC" "$NAME"
	215	+ if running ; then
	216	+ # Only stop the server if we see it running
	217	+ stop_server
	218	+ log_end_msg $?
	219	+ else
	220	+ # If it's not running don't do anything
	221	+ log_progress_msg "apparently not running"
	222	+ log_end_msg 0
	223	+ exit 0
	224	+ fi
	225	+ ;;
	226	+ force-stop)
	227	+ # First try to stop gracefully the program
	228	+ $0 stop
	229	+ if running; then
	230	+ # If it's still running try to kill it more forcefully
	231	+ log_daemon_msg "Stopping (force) $DESC" "$NAME"
	232	+ force_stop
	233	+ log_end_msg $?
	234	+ fi
	235	+ ;;
	236	+ restart\|force-reload)
	237	+ log_daemon_msg "Restarting $DESC" "$NAME"
	238	+ stop_server
	239	+ # Wait some sensible amount, some server need this
	240	+ [ -n "$DIETIME" ] && sleep $DIETIME
	241	+ start_server
	242	+ running
	243	+ log_end_msg $?
	244	+ ;;
	245	+ status)
	246	+
	247	+ log_daemon_msg "Checking status of $DESC" "$NAME"
	248	+ if running ; then
	249	+ log_progress_msg "running"
	250	+ log_end_msg 0
	251	+ else
	252	+ log_progress_msg "apparently not running"
	253	+ log_end_msg 1
	254	+ exit 1
	255	+ fi
	256	+ ;;
	257	+ # Use this if the daemon cannot reload
	258	+ reload)
	259	+ log_warning_msg "Reloading $NAME daemon: not implemented, as the daemon"
	260	+ log_warning_msg "cannot re-read the config file (use restart)."
	261	+ ;;
	262	+ *)
	263	+ N=/etc/init.d/$NAME
	264	+ echo "Usage: $N {start\|stop\|force-stop\|restart\|force-reload\|status}" >&2
	265	+ exit 1
	266	+ ;;
	267	+esac
	268	+
	269	+exit 0
...	...

debian/openflow-controller.install 0 → 100755

View file @1f23c43

	1	+_debian/controller/controller usr/sbin
...	...

debian/openflow-controller.manpages 0 → 100755

View file @1f23c43

	1	+_debian/controller/controller.8
...	...

debian/openflow-controller.postinst 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+# postinst script for openflow-controller
	3	+#
	4	+# see: dh_installdeb(1)
	5	+
	6	+set -e
	7	+
	8	+# summary of how this script can be called:
	9	+# * <postinst> `configure' <most-recently-configured-version>
	10	+# * <old-postinst> `abort-upgrade' <new version>
	11	+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
	12	+# <new-version>
	13	+# * <postinst> `abort-remove'
	14	+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
	15	+# <failed-install-package> <version> `removing'
	16	+# <conflicting-package> <version>
	17	+# for details, see http://www.debian.org/doc/debian-policy/ or
	18	+# the debian-policy package
	19	+
	20	+
	21	+case "$1" in
	22	+ configure)
	23	+ cd /etc/openflow-controller
	24	+ if ! test -e cacert.pem; then
	25	+ ln -s /usr/share/openflow/pki/switchca/cacert.pem cacert.pem
	26	+ fi
	27	+ if ! test -e privkey.pem \|\| ! test -e cert.pem; then
	28	+ oldumask=$(umask)
	29	+ umask 077
	30	+ ofp-pki req+sign tmp controller >/dev/null
	31	+ mv tmp-privkey.pem privkey.pem
	32	+ mv tmp-cert.pem cert.pem
	33	+ mv tmp-req.pem req.pem
	34	+ chmod go+r cert.pem req.pem
	35	+ umask $oldumask
	36	+ fi
	37	+ ;;
	38	+
	39	+ abort-upgrade\|abort-remove\|abort-deconfigure)
	40	+ ;;
	41	+
	42	+ *)
	43	+ echo "postinst called with unknown argument \`$1'" >&2
	44	+ exit 1
	45	+ ;;
	46	+esac
	47	+
	48	+#DEBHELPER#
	49	+
	50	+exit 0
	51	+
	52	+
...	...

debian/openflow-datapath-module-_KVERS_.postinst.modules.in 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+# postinst script for #PACKAGE#
	3	+#
	4	+# see: dh_installdeb(1)
	5	+
	6	+set -e
	7	+
	8	+depmod -a
	9	+
	10	+#DEBHELPER#
	11	+
	12	+# If the switch is running, restart it. This ensures that we are using the
	13	+# latest kernel module, because the init script will unload and reload the
	14	+# module.
	15	+#
	16	+# (Ideally we'd only want to do this if this package corresponds to the
	17	+# running kernel, but I don't know a reliable way to check.)
	18	+INIT=/etc/init.d/openflow-switch
	19	+if test -x $INIT && $INIT status; then
	20	+ $INIT restart \|\| true
	21	+fi
	22	+
	23	+exit 0
	24	+
	25	+
...	...

debian/openflow-datapath-source.README.Debian 0 → 100755

View file @1f23c43

	1	+OpenFlow for Debian
	2	+-------------------
	3	+
	4	+* How do I build this module the Debian way?
	5	+
	6	+ - Building with module-assistant:
	7	+
	8	+ $ module-assistant auto-install openflow
	9	+ or
	10	+ $ m-a a-i openflow
	11	+
	12	+ If kernel source or headers are in a non-standard directory, add
	13	+ the option -k /path/to/kernel/source with the correct path.
	14	+
	15	+ - Building with make-kpkg
	16	+
	17	+ $ cd /usr/src/
	18	+ $ tar jxvf openflow.tar.bz2
	19	+ $ cd /usr/src/kernel-source-2.6.9
	20	+ $ make-kpkg --added-modules=openflow modules
	21	+
	22	+ - Building without make-kpkg
	23	+
	24	+ $ cd /usr/src/
	25	+ $ tar jxvf openflow.tar.bz2
	26	+ $ cd modules/openflow
	27	+ $ fakeroot debian/rules kdist_image
	28	+
	29	+ If you run this as root, fakeroot is not needed.
	30	+
	31	+ -- OpenFlow Team <openflow-dev@lists.stanford.edu>, Thu, 12 Jun 2008 16:42:38 -0700
...	...

debian/openflow-datapath-source.copyright 0 → 100755

View file @1f23c43

	1	+Upstream Authors:
	2	+
	3	+ The Board of Trustees of The Leland Stanford Junior University
	4	+
	5	+Copyright:
	6	+
	7	+ Copyright (C) 2008 The Board of Trustees of The Leland Stanford
	8	+ Junior University
	9	+
	10	+License:
	11	+
	12	+ Files in the datapath/ and its sub-directories are covered under the GNU
	13	+ General Public License Version 2.
	14	+
	15	+ On Debian systems, the complete text of the GNU General
	16	+ Public License can be found in `/usr/share/common-licenses/GPL'.
...	...

debian/openflow-datapath-source.dirs 0 → 100755

View file @1f23c43

	1	+usr/src/modules/openflow-datapath/debian
...	...

debian/openflow-datapath-source.install 0 → 100755

View file @1f23c43

	1	+debian/changelog usr/src/modules/openflow-datapath/debian
	2	+debian/control usr/src/modules/openflow-datapath/debian
	3	+debian/compat usr/src/modules/openflow-datapath/debian
	4	+debian/*.modules.in usr/src/modules/openflow-datapath/debian
	5	+debian/rules usr/src/modules/openflow-datapath/debian
	6	+_debian/openflow.tar.gz usr/src/modules/openflow-datapath
...	...

debian/openflow-pki-server.apache2 0 → 100755

View file @1f23c43

	1	+Alias /openflow/pki/ /usr/share/openflow/pki/
...	...

debian/openflow-pki-server.dirs 0 → 100755

View file @1f23c43

	1	+etc/apache2/sites-available
...	...

debian/openflow-pki-server.install 0 → 100755

View file @1f23c43

	1	+_debian/utilities/ofp-pki-cgi usr/lib/cgi-bin
...	...

debian/openflow-pki-server.postinst 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+# postinst script for openflow
	3	+#
	4	+# see: dh_installdeb(1)
	5	+
	6	+set -e
	7	+
	8	+# summary of how this script can be called:
	9	+# * <postinst> `configure' <most-recently-configured-version>
	10	+# * <old-postinst> `abort-upgrade' <new version>
	11	+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
	12	+# <new-version>
	13	+# * <postinst> `abort-remove'
	14	+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
	15	+# <failed-install-package> <version> `removing'
	16	+# <conflicting-package> <version>
	17	+# for details, see http://www.debian.org/doc/debian-policy/ or
	18	+# the debian-policy package
	19	+
	20	+case "$1" in
	21	+ configure)
	22	+ # Enable site under Apache.
	23	+ a2ensite openflow-pki >/dev/null
	24	+ if command -v invoke-rc.d >/dev/null 2>&1; then
	25	+ invoke-rc.d apache2 force-reload \|\| :
	26	+ else
	27	+ [ -x /etc/init.d/apache2 ] && /etc/init.d/apache2 force-reload \|\| :
	28	+ fi
	29	+ ;;
	30	+
	31	+ abort-upgrade\|abort-remove\|abort-deconfigure)
	32	+ ;;
	33	+
	34	+ *)
	35	+ echo "postinst called with unknown argument \`$1'" >&2
	36	+ exit 1
	37	+ ;;
	38	+esac
	39	+
	40	+#DEBHELPER#
	41	+
	42	+exit 0
	43	+
	44	+
...	...

debian/openflow-pki.postinst 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+# postinst script for openflow
	3	+#
	4	+# see: dh_installdeb(1)
	5	+
	6	+set -e
	7	+
	8	+# summary of how this script can be called:
	9	+# * <postinst> `configure' <most-recently-configured-version>
	10	+# * <old-postinst> `abort-upgrade' <new version>
	11	+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
	12	+# <new-version>
	13	+# * <postinst> `abort-remove'
	14	+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
	15	+# <failed-install-package> <version> `removing'
	16	+# <conflicting-package> <version>
	17	+# for details, see http://www.debian.org/doc/debian-policy/ or
	18	+# the debian-policy package
	19	+
	20	+case "$1" in
	21	+ configure)
	22	+ # Create certificate authorities.
	23	+ if test ! -d /usr/share/openflow/pki; then
	24	+ ofp-pki init
	25	+ fi
	26	+ ;;
	27	+
	28	+ abort-upgrade\|abort-remove\|abort-deconfigure)
	29	+ ;;
	30	+
	31	+ *)
	32	+ echo "postinst called with unknown argument \`$1'" >&2
	33	+ exit 1
	34	+ ;;
	35	+esac
	36	+
	37	+#DEBHELPER#
	38	+
	39	+exit 0
	40	+
	41	+
...	...

debian/openflow-switch-config.dirs 0 → 100755

View file @1f23c43

	1	+/usr/share/lintian/overrides
...	...

debian/openflow-switch-config.install 0 → 100755

View file @1f23c43

	1	+debian/ofp-switch-setup usr/sbin
...	...

debian/openflow-switch-config.manpages 0 → 100755

View file @1f23c43

	1	+debian/ofp-switch-setup.8
...	...

debian/openflow-switch-config.overrides 0 → 100755

View file @1f23c43

	1	+debconf-is-not-a-registry
...	...

debian/openflow-switch-config.templates 0 → 100755

View file @1f23c43

	1	+Template: openflow-switch/netdevs
	2	+Type: multiselect
	3	+_Choices: ${choices}
	4	+_Description: OpenFlow switch network devices:
	5	+ Choose the network devices that should become part of the OpenFlow
	6	+ switch. At least two devices must be selected for this machine to be
	7	+ a useful switch. Unselecting all network devices will disable the
	8	+ OpenFlow switch entirely.
	9	+ .
	10	+ The network devices that you select should not be configured with IP
	11	+ or IPv6 addresses, even if the switch contacts the controller over
	12	+ one of the selected network devices. This is because a running
	13	+ OpenFlow switch takes over network devices at a low level: they
	14	+ become part of the switch and cannot be used for other purposes.
	15	+
	16	+Template: openflow-switch/no-netdevs
	17	+Type: error
	18	+_Description: No network devices were selected.
	19	+ No network devices were selected for inclusion in the OpenFlow switch.
	20	+ The switch will be disabled.
	21	+
	22	+Template: openflow-switch/configured-netdevs
	23	+Type: note
	24	+_Description: Some Network Devices Have IP or IPv6 Addresses
	25	+ The following network devices selected to be part of the OpenFlow switch
	26	+ have IP or IPv6 addresses configured:
	27	+ .
	28	+ ${configured-netdevs}
	29	+ .
	30	+ This is usually a mistake, even if the switch contacts the controller over
	31	+ one of the selected network devices. This is because a running
	32	+ OpenFlow switch takes over network devices at a low level: they
	33	+ become part of the switch and cannot be used for other purposes.
	34	+ .
	35	+ If this is an unintentional mistake, move back and fix the selection,
	36	+ or de-configure the IP or IPv6 from these network devices.
	37	+
	38	+Template: openflow-switch/mode
	39	+Type: select
	40	+_Choices: discovery, in-band, out-of-band
	41	+Default: discovery
	42	+_Description: Switch-to-controller access method:
	43	+ The OpenFlow switch must be able to contact the OpenFlow controller over
	44	+ the network. It can do so in one of three ways:
	45	+ .
	46	+ discovery: A single network is used for OpenFlow traffic and other
	47	+ data traffic; that is, the switch contacts the controller over one of
	48	+ the network devices selected as OpenFlow switch network devices in
	49	+ the previous question. The switch automatically determines the
	50	+ location of the controller using a DHCP request with an
	51	+ OpenFlow-specific vendor option. This is the most common case.
	52	+ .
	53	+ in-band: As above, but the location of the controller is manually
	54	+ configured.
	55	+ .
	56	+ out-of-band: OpenFlow traffic uses a network separate from the data traffic
	57	+ that it controls. If this is the case, the control network must already
	58	+ be configured on a network device other than one of those selected as
	59	+ an OpenFlow switch netdev in the previous question.
	60	+
	61	+Template: openflow-switch/discover
	62	+Type: note
	63	+_Description: Preparing to discover controller.
	64	+ The setup program will now attempt to discover the OpenFlow controller.
	65	+ Controller discovery may take up to 30 seconds. Please be patient.
	66	+ .
	67	+ See secchan(8) for instructions on how to configure a DHCP server for
	68	+ controller discovery.
	69	+
	70	+Template: openflow-switch/discovery-failure
	71	+Type: error
	72	+_Description: Controller discovery failed.
	73	+ The controller's location could not be determined automatically.
	74	+ .
	75	+ Ensure that the OpenFlow DHCP server is properly configured. See
	76	+ secchan(8) for instructions on how to configure a DHCP server for
	77	+ controller discovery.
	78	+
	79	+Template: openflow-switch/discovery-success
	80	+Type: boolean
	81	+Default: true
	82	+_Description: Use discovered settings?
	83	+ Controller discovery obtained the following settings:
	84	+ .
	85	+ Controller location: ${controller-vconn}
	86	+ .
	87	+ PKI URL: ${pki-uri}
	88	+ .
	89	+ Please verify that these settings are correct.
	90	+
	91	+Template: openflow-switch/switch-ip
	92	+Type: string
	93	+Default: dhcp
	94	+_Description: Switch IP address:
	95	+ For in-band communication with the controller, the OpenFlow switch must
	96	+ be able to determine its own IP address. Its IP address may be configured
	97	+ statically or dynamically.
	98	+ .
	99	+ For static configuration, specify the switch's IP address as a string.
	100	+ .
	101	+ For dynamic configuration with DHCP (the most common case), specify "dhcp".
	102	+ Configuration with DHCP will only work reliably if the network topology
	103	+ allows the switch to contact the DHCP server before it connects to the
	104	+ OpenFlow controller.
	105	+
	106	+Template: openflow-switch/switch-ip-error
	107	+Type: error
	108	+_Description: The switch IP address is invalid.
	109	+ The switch IP address must specified as "dhcp" or a valid IP address in
	110	+ dotted-octet form (e.g. "1.2.3.4").
	111	+
	112	+Template: openflow-switch/controller-vconn
	113	+Type: string
	114	+_Description: Controller location:
	115	+ Specify how the OpenFlow switch should connect to the OpenFlow controller.
	116	+ The value should be in form "ssl:HOST[:PORT]" to connect to the controller
	117	+ over SSL (recommended for security) or "tcp:HOST[:PORT]" to connect over
	118	+ cleartext TCP.
	119	+
	120	+Template: openflow-switch/controller-vconn-error
	121	+Type: error
	122	+_Description: The controller location is invalid.
	123	+ The controller location must be specifed as "ssl:HOST[:PORT]" to
	124	+ connect to the controller over SSL (recommended for security) or
	125	+ "tcp:HOST[:PORT]" to connect over cleartext TCP.
	126	+
	127	+Template: openflow-switch/pki-uri
	128	+Type: string
	129	+_Description: OpenFlow PKI server host name or URL:
	130	+ Specify a URL to the OpenFlow public key infrastructure (PKI). If a
	131	+ host name or IP address is specified in place of a URL, then
	132	+ http://<host>/openflow/pki/ will be used,
	133	+ where <host> is the specified host name or IP address.
	134	+ .
	135	+ The OpenFlow PKI is usually on the same machine as the OpenFlow
	136	+ controller.
	137	+ .
	138	+ The setup process will connect to the OpenFlow PKI server over
	139	+ HTTP, using the system's configured default HTTP proxy (if any).
	140	+
	141	+Template: openflow-switch/fetch-cacert-failed
	142	+Type: error
	143	+_Description: The switch CA certificate could not be retrieved.
	144	+ Retrieval of ${url} failed, with the following status: "${error}".
	145	+ .
	146	+ Ensure that the OpenFlow PKI server is correctly configured and
	147	+ available at ${pki-uri}. If the system is configured to use an HTTP
	148	+ proxy, also make sure that the HTTP proxy is available and that the
	149	+ PKI server can be reached through it.
	150	+
	151	+Template: openflow-switch/verify-controller-ca
	152	+Type: select
	153	+_Choices: yes, no
	154	+Default: yes
	155	+_Description: Is ${fingerprint} the controller CA's fingerprint?
	156	+ If a man-in-the-middle attack is possible in your network
	157	+ environment, check that the controller CA's fingerprint is really
	158	+ ${fingerprint}. Answer "yes" if it matches, "no" if
	159	+ there is a discrepancy.
	160	+ .
	161	+ If a man-in-the-middle attack is not a concern, there is no need to
	162	+ verify the fingerprint. Simply answer "yes".
	163	+
	164	+Template: openflow-switch/send-cert-req
	165	+Type: select
	166	+_Choices: yes, no
	167	+Default: yes
	168	+_Description: Send certificate request to switch CA?
	169	+ Before it can connect to the controller over SSL, the OpenFlow
	170	+ switch's key must be signed by the switch certificate authority (CA)
	171	+ located on the OpenFlow PKI server, which is usually collocated with
	172	+ the OpenFlow controller. A signing request can be sent to the PKI
	173	+ server now.
	174	+ .
	175	+ Answer "yes" to send a signing request to the switch CA now. This is
	176	+ ordinarily the correct choice. There is no harm in sending a given
	177	+ signing request more than once.
	178	+ .
	179	+ Answer "no" to skip sending a signing request to the switch CA.
	180	+ Unless the request has already been sent to the switch CA, manual
	181	+ sending of the request and signing will be necessary.
	182	+
	183	+Template: openflow-switch/send-cert-req-failed
	184	+Type: error
	185	+_Description: The certificate request could not be sent.
	186	+ Posting to ${url} failed, with the following status: "${error}".
	187	+ .
	188	+ Ensure that the OpenFlow PKI server is correctly configured and
	189	+ available at ${pki-uri}.
	190	+
	191	+Template: openflow-switch/fetch-switch-cert
	192	+Type: select
	193	+_Choices: yes, no
	194	+_Description: Fetch signed switch certificate from PKI server?
	195	+ Before it can connect to the controller over SSL, the OpenFlow
	196	+ switch's key must be signed by the switch certificate authority (CA)
	197	+ located on the OpenFlow PKI server, which is usually collocated with
	198	+ the OpenFlow controller.
	199	+ .
	200	+ At this point, a signing request has been sent to the switch CA (or
	201	+ sending a request has been manually skipped), but the signed
	202	+ certificate has not yet been retrieved. Manual action may need to be
	203	+ taken at the PKI server to approve the signing request.
	204	+ .
	205	+ Answer "yes" to attempt to retrieve the signed switch certificate
	206	+ from the switch CA. If the switch certificate request has been
	207	+ signed at the PKI server, this is the correct choice.
	208	+ .
	209	+ Answer "no" to postpone switch configuration. The configuration
	210	+ process must be restarted later, when the switch certificate request
	211	+ has been signed.
	212	+
	213	+Template: openflow-switch/fetch-switch-cert-failed
	214	+Type: error
	215	+_Description: Signed switch certificate could not be retrieved.
	216	+ The signed switch certificate could not be retrieved from the switch
	217	+ CA: retrieval of ${url} failed, with the following status: "${error}".
	218	+ .
	219	+ This probably indicates that the switch's certificate request has not
	220	+ yet been signed. If this is the problem, it may be fixed by signing
	221	+ the certificate request at ${pki-uri}, then trying to fetch the
	222	+ signed switch certificate again.
	223	+
	224	+Template: openflow-switch/complete
	225	+Type: note
	226	+_Description: OpenFlow Switch Setup Finished
	227	+ Setup of this OpenFlow switch is finished. Complete the setup procedure
	228	+ to enable the switch.
...	...

debian/openflow-switch.README.Debian 0 → 100755

View file @1f23c43

	1	+README.Debian for openflow-switch
	2	+---------------------------------
	3	+
	4	+* The switch must be configured before it can be used. To configure
	5	+ it interactively, install the openflow-switch-config package and run
	6	+ the ofp-switch-setup program. Alternatively, edit
	7	+ /etc/default/openflow-switch by hand, then start the switch manually
	8	+ with "/etc/init.d/openflow-switch start".
	9	+
	10	+* To use the Linux kernel-based switch implementation, you will need
	11	+ to build and install the OpenFlow kernel module. To do so, install
	12	+ the openflow-datapath-source package, then follow the instructions
	13	+ given in /usr/share/doc/openflow-datapath-source/README.Debian
	14	+
	15	+* This package does not yet support the userspace datapath-based
	16	+ switch implementation.
	17	+
	18	+ -- Ben Pfaff <blp@nicira.com>, Tue, 6 Jan 2009 13:52:33 -0800
...	...

debian/openflow-switch.dirs 0 → 100755

View file @1f23c43

	1	+/etc/openflow-switch
	2	+/usr/share/openflow/switch
...	...

debian/openflow-switch.init 0 → 100755

View file @1f23c43

	1	+#! /bin/sh
	2	+#
	3	+# /etc/init.d/openflow-switch
	4	+#
	5	+# Written by Miquel van Smoorenburg <miquels@cistron.nl>.
	6	+# Modified for Debian by Ian Murdock <imurdock@gnu.ai.mit.edu>.
	7	+# Further changes by Javier Fernandez-Sanguino <jfs@debian.org>
	8	+# Modified for openflow-switch.
	9	+#
	10	+# Version: @(#)skeleton 1.9 26-Feb-2001 miquels@cistron.nl
	11	+#
	12	+### BEGIN INIT INFO
	13	+# Provides: openflow-switch
	14	+# Required-Start: $network $named $remote_fs $syslog
	15	+# Required-Stop:
	16	+# Default-Start: 2 3 4 5
	17	+# Default-Stop: 0 1 6
	18	+# Short-Description: OpenFlow switch
	19	+### END INIT INFO
	20	+
	21	+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
	22	+DAEMON=/usr/sbin/secchan
	23	+NAME=secchan
	24	+DESC=secchan
	25	+
	26	+test -x $DAEMON \|\| exit 0
	27	+
	28	+NICIRA_OUI="002320"
	29	+
	30	+LOGDIR=/var/log/openflow
	31	+PIDFILE=/var/run/$NAME.pid
	32	+DHCLIENT_PIDFILE=/var/run/dhclient.of0.pid
	33	+DODTIME=1 # Time to wait for the server to die, in seconds
	34	+ # If this value is set too low you might not
	35	+ # let some servers to die gracefully and
	36	+ # 'restart' will not work
	37	+
	38	+# Include secchan defaults if available
	39	+unset NETDEVS
	40	+unset MODE
	41	+unset SWITCH_IP
	42	+unset CONTROLLER
	43	+unset PRIVKEY
	44	+unset CERT
	45	+unset CACERT
	46	+unset CACERT_MODE
	47	+unset MGMT_VCONNS
	48	+unset COMMANDS
	49	+unset DAEMON_OPTS
	50	+unset CORE_LIMIT
	51	+unset DATAPATH_ID
	52	+default=/etc/default/openflow-switch
	53	+if [ -f $default ] ; then
	54	+ . $default
	55	+fi
	56	+
	57	+set -e
	58	+
	59	+running_pid()
	60	+{
	61	+ # Check if a given process pid's cmdline matches a given name
	62	+ pid=$1
	63	+ name=$2
	64	+ [ -z "$pid" ] && return 1
	65	+ [ ! -d /proc/$pid ] && return 1
	66	+ cmd=`cat /proc/$pid/cmdline \| tr "\000" "\n"\|head -n 1 \|cut -d : -f 1`
	67	+ # Is this the expected child?
	68	+ case $cmd in
	69	+ $name\|*/$name)
	70	+ return 0
	71	+ ;;
	72	+ *)
	73	+ return 1
	74	+ ;;
	75	+ esac
	76	+}
	77	+
	78	+running()
	79	+{
	80	+# Check if the process is running looking at /proc
	81	+# (works for all users)
	82	+
	83	+ # No pidfile, probably no daemon present
	84	+ [ ! -f "$PIDFILE" ] && return 1
	85	+ # Obtain the pid and check it against the binary name
	86	+ pid=`cat $PIDFILE`
	87	+ running_pid $pid $NAME \|\| return 1
	88	+ return 0
	89	+}
	90	+
	91	+force_stop() {
	92	+# Forcefully kill the process
	93	+ [ ! -f "$PIDFILE" ] && return
	94	+ if running ; then
	95	+ kill -15 $pid
	96	+ # Is it really dead?
	97	+ [ -n "$DODTIME" ] && sleep "$DODTIME"s
	98	+ if running ; then
	99	+ kill -9 $pid
	100	+ [ -n "$DODTIME" ] && sleep "$DODTIME"s
	101	+ if running ; then
	102	+ echo "Cannot kill $NAME (pid=$pid)!"
	103	+ exit 1
	104	+ fi
	105	+ fi
	106	+ fi
	107	+ rm -f $PIDFILE
	108	+ return 0
	109	+}
	110	+
	111	+must_succeed() {
	112	+ echo -n "$1: "
	113	+ shift
	114	+ if "$@"; then
	115	+ echo "success."
	116	+ else
	117	+ echo " ERROR."
	118	+ exit 1
	119	+ fi
	120	+}
	121	+
	122	+check_op() {
	123	+ echo -n "$1: "
	124	+ shift
	125	+ if "$@"; then
	126	+ echo "success."
	127	+ else
	128	+ echo " ERROR."
	129	+ fi
	130	+}
	131	+
	132	+configure_ssl() {
	133	+ if (test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap) \
	134	+ \|\| test ! -e "$PRIVKEY" \|\| test ! -e "$CERT" \
	135	+ \|\| (test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap); then
	136	+ if test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap
	137	+ then
	138	+ echo "CACERT_MODE is not set to 'secure' or 'bootstrap'"
	139	+ fi
	140	+ if test ! -e "$PRIVKEY"; then
	141	+ echo "$PRIVKEY: private key missing" >&2
	142	+ fi
	143	+ if test ! -e "$CERT"; then
	144	+ echo "$CERT: certificate for private key missing" >&2
	145	+ fi
	146	+ if test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap; then
	147	+ echo "$CACERT: CA certificate missing (and CA certificate bootstrapping not enabled)" >&2
	148	+ fi
	149	+ echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
	150	+ if test "$MODE" = discovery; then
	151	+ echo "You may also delete or rename $PRIVKEY to disable SSL requirement" >&2
	152	+ fi
	153	+ exit 1
	154	+ fi
	155	+
	156	+ SSL_OPTS="--private-key=$PRIVKEY --certificate=$CERT"
	157	+ if test ! -e "$CACERT" && test "$CACERT_MODE" = bootstrap; then
	158	+ SSL_OPTS="$SSL_OPTS --bootstrap-ca-cert=$CACERT"
	159	+ else
	160	+ SSL_OPTS="$SSL_OPTS --ca-cert=$CACERT"
	161	+ fi
	162	+}
	163	+
	164	+check_int_var() {
	165	+ eval value=\$$1
	166	+ if test -n "$value"; then
	167	+ if expr "X$value" : 'X[0-9][0-9]*$'; then
	168	+ if test $value -lt $2; then
	169	+ echo "warning: The $1 option may not be set to a value below $2, treating as $2" >&2
	170	+ eval $1=$2
	171	+ fi
	172	+ else
	173	+ echo "warning: The $1 option must be set to a number, ignoring" >&2
	174	+ unset $1
	175	+ fi
	176	+ fi
	177	+}
	178	+
	179	+check_new_option() {
	180	+ case $DAEMON_OPTS in
	181	+ $1)
	182	+ echo "warning: The $1 option in DAEMON_OPTS may now be set with the $2 variable in $default. The setting in DAEMON_OPTS will override the $2 variable, which will prevent the switch UI from configuring $1." >&2
	183	+ ;;
	184	+ esac
	185	+}
	186	+
	187	+case "$1" in
	188	+ start)
	189	+ if test -z "$NETDEVS"; then
	190	+ echo "$default: No network devices configured, switch disabled" >&2
	191	+ echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
	192	+ exit 0
	193	+ fi
	194	+ if test "$MODE" = discovery; then
	195	+ unset CONTROLLER
	196	+ elif test "$MODE" = in-band \|\| test "$MODE" = out-of-band; then
	197	+ if test -z "$CONTROLLER"; then
	198	+ echo "$default: No controller configured and not configured for discovery, switch disabled" >&2
	199	+ echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
	200	+ exit 0
	201	+ fi
	202	+ else
	203	+ echo "$default: MODE must set to 'discovery', 'in-band', or 'out-of-band'" >&2
	204	+ echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
	205	+ exit 1
	206	+ fi
	207	+ : ${PRIVKEY:=/etc/openflow-switch/of0-privkey.pem}
	208	+ : ${CERT:=/etc/openflow-switch/of0-cert.pem}
	209	+ : ${CACERT:=/etc/openflow-switch/cacert.pem}
	210	+ case $CONTROLLER in
	211	+ '')
	212	+ # Discovery mode.
	213	+ if test -e "$PRIVKEY"; then
	214	+ configure_ssl
	215	+ fi
	216	+ ;;
	217	+ tcp:*)
	218	+ ;;
	219	+ ssl:*)
	220	+ configure_ssl
	221	+ ;;
	222	+ *)
	223	+ echo "$default: CONTROLLER must be in the form 'ssl:HOST[:PORT]' or 'tcp:HOST[:PORT]' when not in discovery mode" >&2
	224	+ echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
	225	+ exit 1
	226	+ esac
	227	+ case $DISCONNECTED_MODE in
	228	+ ''\|switch\|drop) ;;
	229	+ *) echo "$default: warning: DISCONNECTED_MODE is not 'switch' or 'drop'" >&2 ;;
	230	+ esac
	231	+
	232	+ check_int_var RATE_LIMIT 100
	233	+ check_int_var INACTIVITY_PROBE 5
	234	+ check_int_var MAX_BACKOFF 1
	235	+
	236	+ check_new_option --fail DISCONNECTED_MODE
	237	+ check_new_option --stp STP
	238	+ check_new_option --rate-limit RATE_LIMIT
	239	+ check_new_option --inactivity INACTIVITY_PROBE
	240	+ check_new_option --max-backoff MAX_BACKOFF
	241	+ case $DAEMON_OPTS in
	242	+ --rate-limit)
	243	+ echo "$default: --rate-limit may now be set with RATE_LIMIT" >&2
	244	+ esac
	245	+
	246	+ echo -n "Loading openflow_mod: "
	247	+ if grep -q '^openflow_mod$' /proc/modules; then
	248	+ echo "already loaded, nothing to do."
	249	+ elif modprobe openflow_mod; then
	250	+ echo "success."
	251	+ else
	252	+ echo "ERROR."
	253	+ echo "openflow_mod has probably not been built for this kernel."
	254	+ if ! test -d /usr/share/doc/openflow-datapath-source; then
	255	+ echo "Install the openflow-datapath-source package, then read"
	256	+ echo "/usr/share/doc/openflow-datapath-source/README.Debian"
	257	+ else
	258	+ echo "For instructions, read"
	259	+ echo "/usr/share/doc/openflow-datapath-source/README.Debian"
	260	+ fi
	261	+ exit 1
	262	+ fi
	263	+
	264	+ for netdev in $NETDEVS; do
	265	+ check_op "Removing IP address from $netdev" ifconfig $netdev 0.0.0.0
	266	+ done
	267	+
	268	+ must_succeed "Adding datapath" dpctl adddp nl:0
	269	+ for netdev in $NETDEVS; do
	270	+ must_succeed "Adding $netdev to datapath" dpctl addif nl:0 $netdev
	271	+ done
	272	+
	273	+ xx='[0-9abcdefABCDEF][0-9abcdefABCDEF]'
	274	+ case $DATAPATH_ID in
	275	+ '')
	276	+ # Check if the DMI System UUID contains a Nicira mac address
	277	+ # that should be used for this datapath. The UUID is assumed
	278	+ # to be RFC 4122 compliant.
	279	+ DMIDECODE=`which dmidecode`
	280	+ if [ -n $DMIDECODE ]; then
	281	+ UUID_MAC=`$DMIDECODE -s system-uuid \| cut -d'-' -f 5`
	282	+ case $UUID_MAC in
	283	+ $NICIRA_OUI*)
	284	+ ifconfig of0 down
	285	+ must_succeed "Setting of0 MAC address to $UUID_MAC" ifconfig of0 hw ether $UUID_MAC
	286	+ ifconfig of0 up
	287	+ ;;
	288	+ esac
	289	+ fi
	290	+ ;;
	291	+ $xx:$xx:$xx:$xx:$xx:$xx)
	292	+ ifconfig of0 down
	293	+ must_succeed "Setting of0 MAC address to $DATAPATH_ID" ifconfig of0 hw ether $DATAPATH_ID
	294	+ ifconfig of0 up
	295	+ ;;
	296	+ *)
	297	+ echo "DATAPATH_ID is not a valid MAC address in the form XX:XX:XX:XX:XX:XX, ignoring" >&2
	298	+ ;;
	299	+ esac
	300	+
	301	+ if test "$MODE" = in-band; then
	302	+ if test "$SWITCH_IP" = dhcp; then
	303	+ must_succeed "Temporarily disabling of0" ifconfig of0 down
	304	+ else
	305	+ COMMAND="ifconfig of0 $SWITCH_IP"
	306	+ if test -n "$SWITCH_NETMASK"; then
	307	+ COMMAND="$COMMAND netmask $SWITCH_NETMASK"
	308	+ fi
	309	+ must_succeed "Configuring of0: $COMMAND" $COMMAND
	310	+ if test -n "$SWITCH_GATEWAY"; then
	311	+ # This can fail because the route already exists,
	312	+ # so we don't insist that it succeed.
	313	+ COMMAND="route add default gw $SWITCH_GATEWAY"
	314	+ check_op "Adding default route: $COMMAND" $COMMAND
	315	+ fi
	316	+ fi
	317	+ else
	318	+ must_succeed "Disabling of0" ifconfig of0 down
	319	+ fi
	320	+
	321	+ if test -n "$CORE_LIMIT"; then
	322	+ check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT"
	323	+ fi
	324	+
	325	+ # Compose secchan options.
	326	+ set --
	327	+ set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err
	328	+ set -- "$@" --log-file
	329	+ set -- "$@" --detach --pidfile=$PIDFILE
	330	+ for vconn in $MGMT_VCONNS; do
	331	+ set -- "$@" --listen="$vconn"
	332	+ done
	333	+ if test -n "$MONITOR_VCONN"; then
	334	+ set -- "$@" --monitor="$MONITOR_VCONN"
	335	+ fi
	336	+ if test -n "$COMMANDS"; then
	337	+ set -- "$@" --command-acl="$COMMANDS"
	338	+ fi
	339	+ case $STP in
	340	+ yes) set -- "$@" --stp ;;
	341	+ no) set -- "$@" --no-stp ;;
	342	+ esac
	343	+ case $DISCONNECTED_MODE in
	344	+ switch) set -- "$@" --fail=open ;;
	345	+ drop) set -- "$@" --fail=closed ;;
	346	+ esac
	347	+ if test -n "$RATE_LIMIT"; then
	348	+ set -- "$@" --rate-limit=$RATE_LIMIT
	349	+ fi
	350	+ if test -n "$INACTIVITY_PROBE"; then
	351	+ set -- "$@" --inactivity-probe=$INACTIVITY_PROBE
	352	+ fi
	353	+ if test -n "$MAX_BACKOFF"; then
	354	+ set -- "$@" --max-backoff=$MAX_BACKOFF
	355	+ fi
	356	+ set -- "$@" $SSL_OPTS $DAEMON_OPTS
	357	+ if test "$MODE" = out-of-band; then
	358	+ set -- "$@" --out-of-band
	359	+ fi
	360	+ set -- "$@" nl:0 "$CONTROLLER"
	361	+ echo -n "Starting $DESC: "
	362	+ start-stop-daemon --start --quiet --pidfile $PIDFILE \
	363	+ --exec $DAEMON -- "$@"
	364	+ if running; then
	365	+ echo "$NAME."
	366	+ else
	367	+ echo " ERROR."
	368	+ fi
	369	+
	370	+ if test "$MODE" = in-band && test "$SWITCH_IP" = dhcp; then
	371	+ echo -n "Starting dhclient on of0: "
	372	+ start-stop-daemon --start --quiet --pidfile $DHCLIENT_PIDFILE \
	373	+ --exec /sbin/dhclient -- -q -pf $DHCLIENT_PIDFILE of0
	374	+ if running; then
	375	+ echo "dhclient."
	376	+ else
	377	+ echo " ERROR."
	378	+ fi
	379	+ fi
	380	+ ;;
	381	+ stop)
	382	+ if test -e /var/run/dhclient.of0.pid; then
	383	+ echo -n "Stopping dhclient on of0: "
	384	+ start-stop-daemon --stop --quiet --oknodo \
	385	+ --pidfile $DHCLIENT_PIDFILE --exec /sbin/dhclient
	386	+ echo "dhclient."
	387	+ fi
	388	+
	389	+ echo -n "Stopping $DESC: "
	390	+ start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE \
	391	+ --exec $DAEMON
	392	+ echo "$NAME."
	393	+
	394	+ for netdev in $NETDEVS; do
	395	+ check_op "Removing $netdev from datapath" dpctl delif nl:0 $netdev
	396	+ done
	397	+ check_op "Deleting datapath" dpctl deldp nl:0
	398	+ check_op "Unloading kernel module" modprobe -r openflow_mod
	399	+ ;;
	400	+ force-stop)
	401	+ echo -n "Forcefully stopping $DESC: "
	402	+ force_stop
	403	+ if ! running; then
	404	+ echo "$NAME."
	405	+ else
	406	+ echo " ERROR."
	407	+ fi
	408	+ ;;
	409	+ reload)
	410	+ ;;
	411	+ force-reload)
	412	+ start-stop-daemon --stop --test --quiet --pidfile \
	413	+ $PIDFILE --exec $DAEMON \
	414	+ && $0 restart \
	415	+ \|\| exit 0
	416	+ ;;
	417	+ restart)
	418	+ $0 stop \|\| true
	419	+ $0 start
	420	+ ;;
	421	+ status)
	422	+ echo -n "$NAME is "
	423	+ if running ; then
	424	+ echo "running"
	425	+ else
	426	+ echo " not running."
	427	+ exit 1
	428	+ fi
	429	+ ;;
	430	+ *)
	431	+ N=/etc/init.d/$NAME
	432	+ echo "Usage: $N {start\|stop\|restart\|force-reload\|status\|force-stop}" >&2
	433	+ exit 1
	434	+ ;;
	435	+esac
	436	+
	437	+exit 0
...	...

debian/openflow-switch.install 0 → 100755

View file @1f23c43

	1	+_debian/secchan/ofprotocol usr/sbin
	2	+_debian/utilities/dpctl usr/sbin
	3	+_debian/utilities/ofp-discover usr/sbin
	4	+_debian/utilities/ofp-kill usr/sbin
	5	+debian/openflow/usr/share/openflow/commands/* usr/share/openflow/commands
	6	+debian/commands/* usr/share/openflow/commands
...	...

debian/openflow-switch.logrotate 0 → 100755

View file @1f23c43

	1	+/var/log/openflow/secchan.log {
	2	+ daily
	3	+ compress
	4	+ create 640 root adm
	5	+ delaycompress
	6	+ missingok
	7	+ rotate 30
	8	+ postrotate
	9	+ vlogconf --target /var/run/secchan.pid --reopen
	10	+ endscript
	11	+}
...	...

debian/openflow-switch.manpages 0 → 100755

View file @1f23c43

	1	+_debian/secchan/ofprotocol.8
	2	+_debian/utilities/ofp-discover.8
	3	+_debian/utilities/ofp-kill.8
	4	+_debian/utilities/dpctl.8
...	...

debian/openflow-switch.postinst 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+# postinst script for openflow-switch
	3	+#
	4	+# see: dh_installdeb(1)
	5	+
	6	+set -e
	7	+
	8	+# summary of how this script can be called:
	9	+# * <postinst> `configure' <most-recently-configured-version>
	10	+# * <old-postinst> `abort-upgrade' <new version>
	11	+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
	12	+# <new-version>
	13	+# * <postinst> `abort-remove'
	14	+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
	15	+# <failed-install-package> <version> `removing'
	16	+# <conflicting-package> <version>
	17	+# for details, see http://www.debian.org/doc/debian-policy/ or
	18	+# the debian-policy package
	19	+
	20	+
	21	+case "$1" in
	22	+ configure)
	23	+ DEFAULT=/etc/default/openflow-switch
	24	+ TEMPLATE=/usr/share/openflow/switch/default.template
	25	+ if ! test -e $DEFAULT; then
	26	+ cp $TEMPLATE $DEFAULT
	27	+ else
	28	+ for var in $(awk -F'[ :]' '/^# [_A-Z0-9]+:/{print $2}' $TEMPLATE)
	29	+ do
	30	+ if ! grep $var $DEFAULT >/dev/null 2>&1; then
	31	+ echo >> $DEFAULT
	32	+ sed -n "/$var:/,/$var=/p" $TEMPLATE >> $DEFAULT
	33	+ fi
	34	+ done
	35	+ fi
	36	+ ;;
	37	+
	38	+ abort-upgrade\|abort-remove\|abort-deconfigure)
	39	+ ;;
	40	+
	41	+ *)
	42	+ echo "postinst called with unknown argument \`$1'" >&2
	43	+ exit 1
	44	+ ;;
	45	+esac
	46	+
	47	+#DEBHELPER#
	48	+
	49	+exit 0
	50	+
	51	+
...	...

debian/openflow-switch.postrm 0 → 100755

View file @1f23c43

	1	+#!/bin/sh
	2	+# postrm script for openflow-switch
	3	+#
	4	+# see: dh_installdeb(1)
	5	+
	6	+set -e
	7	+
	8	+# summary of how this script can be called:
	9	+# * <postrm> `remove'
	10	+# * <postrm> `purge'
	11	+# * <old-postrm> `upgrade' <new-version>
	12	+# * <new-postrm> `failed-upgrade' <old-version>
	13	+# * <new-postrm> `abort-install'
	14	+# * <new-postrm> `abort-install' <old-version>
	15	+# * <new-postrm> `abort-upgrade' <old-version>
	16	+# * <disappearer's-postrm> `disappear' <overwriter>
	17	+# <overwriter-version>
	18	+# for details, see http://www.debian.org/doc/debian-policy/ or
	19	+# the debian-policy package
	20	+
	21	+
	22	+case "$1" in
	23	+ purge)
	24	+ rm -f /etc/default/openflow-switch
	25	+ ;;
	26	+
	27	+ remove\|upgrade\|failed-upgrade\|abort-install\|abort-upgrade\|disappear)
	28	+ ;;
	29	+
	30	+ *)
	31	+ echo "postrm called with unknown argument \`$1'" >&2
	32	+ exit 1
	33	+ ;;
	34	+esac
	35	+
	36	+# dh_installdeb will replace this with shell code automatically
	37	+# generated by other debhelper scripts.
	38	+
	39	+#DEBHELPER#
	40	+
	41	+exit 0
	42	+
	43	+
...	...

debian/openflow-switch.template 0 → 100755

View file @1f23c43

	1	+# This is a POSIX shell fragment -- sh --
	2	+
	3	+# To configure the secure channel, fill in the following properly and
	4	+# uncomment them. Afterward, the secure channel will come up
	5	+# automatically at boot time. It can be started immediately with
	6	+# /etc/init.d/openflow-switch start
	7	+# Alternatively, use the ofp-switch-setup program (from the
	8	+# openflow-switch-config package) to do everything automatically.
	9	+
	10	+# NETDEVS: Which network devices should the OpenFlow switch include?
	11	+#
	12	+# List the network devices that should become part of the OpenFlow
	13	+# switch, separated by spaces. At least two devices must be selected
	14	+# for this machine to be a useful switch. Unselecting all network
	15	+# devices will disable the OpenFlow switch entirely.
	16	+#
	17	+# The network devices that you select should not be configured with IP
	18	+# or IPv6 addresses, even if the switch contacts the controller over
	19	+# one of the selected network devices. This is because a running
	20	+# OpenFlow switch takes over network devices at a low level: they
	21	+# become part of the switch and cannot be used for other purposes.
	22	+#NETDEVS=""
	23	+
	24	+# MODE: The OpenFlow switch has three modes that determine how it
	25	+# reaches the controller:
	26	+#
	27	+# * in-band with discovery: A single network is used for OpenFlow
	28	+# traffic and other data traffic; that is, the switch contacts the
	29	+# controller over one of the network devices selected as OpenFlow
	30	+# switch ports. The switch automatically determines the location of
	31	+# the controller using a DHCP request with an OpenFlow-specific
	32	+# vendor option. This is the most common case.
	33	+#
	34	+# * in-band: As above, but the location of the controller is manually
	35	+# configured.
	36	+#
	37	+# * out-of-band: OpenFlow traffic uses a network separate from the
	38	+# data traffic that it controls. If this is the case, the control
	39	+# network must already be configured on a network device other than
	40	+# one of those selected as an OpenFlow switch port in the previous
	41	+# question.
	42	+#
	43	+# Set MODE to 'discovery', 'in-band', or 'out-of-band' for these
	44	+# respective cases.
	45	+MODE=discovery
	46	+
	47	+# SWITCH_IP: In 'in-band' mode, the switch's IP address may be
	48	+# configured statically or dynamically:
	49	+#
	50	+# * For static configuration, specify the switch's IP address as a
	51	+# string. In this case you may also set SWITCH_NETMASK and
	52	+# SWITCH_GATEWAY appropriately (see below).
	53	+#
	54	+# * For dynamic configuration with DHCP (the most common case),
	55	+# specify "dhcp". Configuration with DHCP will only work reliably
	56	+# if the network topology allows the switch to contact the DHCP
	57	+# server before it connects to the OpenFlow controller.
	58	+#
	59	+# This setting has no effect unless MODE is set to 'in-band'.
	60	+SWITCH_IP=dhcp
	61	+
	62	+# SWITCH_NETMASK: IP netmask to use in 'in-band' mode when the switch
	63	+# IP address is not 'dhcp'.
	64	+#SWITCH_NETMASK=255.255.255.0
	65	+
	66	+# SWITCH_GATEWAY: IP gateway to use in 'in-band' mode when the switch
	67	+# IP address is not 'dhcp'.
	68	+#SWITCH_GATEWAY=192.168.1.1
	69	+
	70	+# CONTROLLER: Location of controller.
	71	+# One of the following formats:
	72	+# tcp:HOST[:PORT] via TCP to PORT (default: 6633) on HOST
	73	+# ssl:HOST[:PORT] via SSL to PORT (default: 6633) on HOST
	74	+# The default below assumes that the controller is running locally.
	75	+# This setting has no effect when MODE is set to 'discovery'.
	76	+#CONTROLLER="tcp:127.0.0.1"
	77	+
	78	+# PRIVKEY: Name of file containing switch's private key.
	79	+# Required if SSL enabled.
	80	+#PRIVKEY=/etc/openflow-switch/of0-privkey.pem
	81	+
	82	+# CERT: Name of file containing certificate for private key.
	83	+# Required if SSL enabled.
	84	+#CERT=/etc/openflow-switch/of0-cert.pem
	85	+
	86	+# CACERT: Name of file containing controller CA certificate.
	87	+# Required if SSL enabled.
	88	+#CACERT=/etc/openflow-switch/cacert.pem
	89	+
	90	+# CACERT_MODE: Two modes are available:
	91	+#
	92	+# * secure: The controller CA certificate named in CACERT above must exist.
	93	+# (You must copy it manually from the PKI server or another trusted source.)
	94	+#
	95	+# * bootstrap: If the controller CA certificate named in CACERT above does
	96	+# not exist, the switch will obtain it from the controller the first time
	97	+# it connects and save a copy to the file named in CACERT. This is insecure,
	98	+# in the same way that initial connections with ssh are insecure, but
	99	+# it is convenient.
	100	+#
	101	+# Set CACERT_MODE to 'secure' or 'bootstrap' for these respective cases.
	102	+#CACERT_MODE=secure
	103	+
	104	+# MGMT_VCONNS: List of vconns (space-separated) on which secchan
	105	+# should listen for management connections from dpctl, etc.
	106	+# openflow-switchui by default connects to
	107	+# unix:/var/run/secchan.mgmt, so do not disable this if you want to
	108	+# use openflow-switchui.
	109	+MGMT_VCONNS="punix:/var/run/secchan.mgmt"
	110	+
	111	+# MONITOR_VCONN: Name of vconn on which secchan should listen for
	112	+# monitoring connections from dpctl.
	113	+MONITOR_VCONN="punix:/var/run/secchan.monitor"
	114	+
	115	+# COMMANDS: Access control list for the commands that can be executed
	116	+# remotely over the OpenFlow protocol, as a comma-separated list of
	117	+# shell glob patterns. Negative patterns (beginning with !) act as a
	118	+# blacklist. To be executable, a command name must match one positive
	119	+# pattern and not match any negative patterns.
	120	+#COMMANDS="reboot,update"
	121	+
	122	+# DISCONNECTED_MODE: Switch behavior when attempts to connect to the
	123	+# controller repeatedly fail, either 'switch', to act as an L2 switch
	124	+# in this case, or 'drop', to drop all packets (except those necessary
	125	+# to connect to the controller). If unset, the default is 'drop'.
	126	+#DISCONNECTED_MODE=switch
	127	+
	128	+# STP: Enable or disabled 802.1D-1998 Spanning Tree Protocol. Set to
	129	+# 'yes' to enable STP, 'no' to disable it. If unset, secchan's
	130	+# current default is 'no' (but this may change in the future).
	131	+#STP=no
	132	+
	133	+# RATE_LIMIT: Maximum number of received frames, that do not match any
	134	+# existing switch flow, to forward up to the controller per second.
	135	+# The valid range is 100 and up. If unset, this rate will not be
	136	+# limited.
	137	+#RATE_LIMIT=1000
	138	+
	139	+# INACTIVITY_PROBE: The maximum number of seconds of inactivity on the
	140	+# controller connection before secchan sends an inactivity probe
	141	+# message to the controller. The valid range is 5 and up. If unset,
	142	+# secchan defaults to 15 seconds.
	143	+#INACTIVITY_PROBE=5
	144	+
	145	+# MAX_BACKOFF: The maximum time that secchan will wait between
	146	+# attempts to connect to the controller. The valid range is 1 and up.
	147	+# If unset, secchan defaults to 15 seconds.
	148	+#MAX_BACKOFF=15
	149	+
	150	+# DAEMON_OPTS: Additional options to pass to secchan, e.g. "--fail=open"
	151	+DAEMON_OPTS=""
	152	+
	153	+# CORE_LIMIT: Maximum size for core dumps.
	154	+#
	155	+# Leaving this unset will use the system default. Setting it to 0
	156	+# will disable core dumps. Setting it to "unlimited" will dump all
	157	+# core files regardless of size.
	158	+#CORE_LIMIT=unlimited
	159	+
	160	+# DATAPATH_ID: Identifier for this switch.
	161	+#
	162	+# By default, the switch checks if the DMI System UUID contains a Nicira
	163	+# mac address to use as a datapath ID. If not, then the switch generates
	164	+# a new, random datapath ID every time it starts up. By setting this
	165	+# value, the supplied datapath ID will always be used.
	166	+#
	167	+# Set DATAPATH_ID to a MAC address in the form XX:XX:XX:XX:XX:XX where each
	168	+# X is a hexadecimal digit (0-9 or a-f).
	169	+#DATAPATH_ID=XX:XX:XX:XX:XX:XX
...	...

debian/po/POTFILES.in 0 → 100755

View file @1f23c43

	1	+[type: gettext/rfc822deb] openflow-switch-config.templates
...	...

debian/po/templates.pot 0 → 100755

View file @1f23c43

	1	+# SOME DESCRIPTIVE TITLE.
	2	+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
	3	+# This file is distributed under the same license as the PACKAGE package.
	4	+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
	5	+#
	6	+#, fuzzy
	7	+msgid ""
	8	+msgstr ""
	9	+"Project-Id-Version: PACKAGE VERSION\n"
	10	+"Report-Msgid-Bugs-To: openflow-dev@lists.stanford.edu\n"
	11	+"POT-Creation-Date: 2008-10-31 10:13-0700\n"
	12	+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
	13	+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
	14	+"Language-Team: LANGUAGE <LL@li.org>\n"
	15	+"MIME-Version: 1.0\n"
	16	+"Content-Type: text/plain; charset=CHARSET\n"
	17	+"Content-Transfer-Encoding: 8bit\n"
	18	+
	19	+#. Type: multiselect
	20	+#. Choices
	21	+#: ../openflow-switch-config.templates:1001
	22	+msgid "${choices}"
	23	+msgstr ""
	24	+
	25	+#. Type: multiselect
	26	+#. Description
	27	+#: ../openflow-switch-config.templates:1002
	28	+msgid "OpenFlow switch network devices:"
	29	+msgstr ""
	30	+
	31	+#. Type: multiselect
	32	+#. Description
	33	+#: ../openflow-switch-config.templates:1002
	34	+msgid ""
	35	+"Choose the network devices that should become part of the OpenFlow switch. "
	36	+"At least two devices must be selected for this machine to be a useful "
	37	+"switch. Unselecting all network devices will disable the OpenFlow switch "
	38	+"entirely."
	39	+msgstr ""
	40	+
	41	+#. Type: multiselect
	42	+#. Description
	43	+#: ../openflow-switch-config.templates:1002
	44	+msgid ""
	45	+"The network devices that you select should not be configured with IP or IPv6 "
	46	+"addresses, even if the switch contacts the controller over one of the "
	47	+"selected network devices. This is because a running OpenFlow switch takes "
	48	+"over network devices at a low level: they become part of the switch and "
	49	+"cannot be used for other purposes."
	50	+msgstr ""
	51	+
	52	+#. Type: error
	53	+#. Description
	54	+#: ../openflow-switch-config.templates:2001
	55	+msgid "No network devices were selected."
	56	+msgstr ""
	57	+
	58	+#. Type: error
	59	+#. Description
	60	+#: ../openflow-switch-config.templates:2001
	61	+msgid ""
	62	+"No network devices were selected for inclusion in the OpenFlow switch. The "
	63	+"switch will be disabled."
	64	+msgstr ""
	65	+
	66	+#. Type: note
	67	+#. Description
	68	+#: ../openflow-switch-config.templates:3001
	69	+msgid "Some Network Devices Have IP or IPv6 Addresses"
	70	+msgstr ""
	71	+
	72	+#. Type: note
	73	+#. Description
	74	+#: ../openflow-switch-config.templates:3001
	75	+msgid ""
	76	+"The following network devices selected to be part of the OpenFlow switch "
	77	+"have IP or IPv6 addresses configured:"
	78	+msgstr ""
	79	+
	80	+#. Type: note
	81	+#. Description
	82	+#: ../openflow-switch-config.templates:3001
	83	+msgid "${configured-netdevs}"
	84	+msgstr ""
	85	+
	86	+#. Type: note
	87	+#. Description
	88	+#: ../openflow-switch-config.templates:3001
	89	+msgid ""
	90	+"This is usually a mistake, even if the switch contacts the controller over "
	91	+"one of the selected network devices. This is because a running OpenFlow "
	92	+"switch takes over network devices at a low level: they become part of the "
	93	+"switch and cannot be used for other purposes."
	94	+msgstr ""
	95	+
	96	+#. Type: note
	97	+#. Description
	98	+#: ../openflow-switch-config.templates:3001
	99	+msgid ""
	100	+"If this is an unintentional mistake, move back and fix the selection, or de-"
	101	+"configure the IP or IPv6 from these network devices."
	102	+msgstr ""
	103	+
	104	+#. Type: select
	105	+#. Choices
	106	+#: ../openflow-switch-config.templates:4001
	107	+msgid "discovery, in-band, out-of-band"
	108	+msgstr ""
	109	+
	110	+#. Type: select
	111	+#. Description
	112	+#: ../openflow-switch-config.templates:4002
	113	+msgid "Switch-to-controller access method:"
	114	+msgstr ""
	115	+
	116	+#. Type: select
	117	+#. Description
	118	+#: ../openflow-switch-config.templates:4002
	119	+msgid ""
	120	+"The OpenFlow switch must be able to contact the OpenFlow controller over the "
	121	+"network. It can do so in one of three ways:"
	122	+msgstr ""
	123	+
	124	+#. Type: select
	125	+#. Description
	126	+#: ../openflow-switch-config.templates:4002
	127	+msgid ""
	128	+"discovery: A single network is used for OpenFlow traffic and other data "
	129	+"traffic; that is, the switch contacts the controller over one of the network "
	130	+"devices selected as OpenFlow switch network devices in the previous "
	131	+"question. The switch automatically determines the location of the "
	132	+"controller using a DHCP request with an OpenFlow-specific vendor option. "
	133	+"This is the most common case."
	134	+msgstr ""
	135	+
	136	+#. Type: select
	137	+#. Description
	138	+#: ../openflow-switch-config.templates:4002
	139	+msgid ""
	140	+"in-band: As above, but the location of the controller is manually configured."
	141	+msgstr ""
	142	+
	143	+#. Type: select
	144	+#. Description
	145	+#: ../openflow-switch-config.templates:4002
	146	+msgid ""
	147	+"out-of-band: OpenFlow traffic uses a network separate from the data traffic "
	148	+"that it controls. If this is the case, the control network must already be "
	149	+"configured on a network device other than one of those selected as an "
	150	+"OpenFlow switch netdev in the previous question."
	151	+msgstr ""
	152	+
	153	+#. Type: note
	154	+#. Description
	155	+#: ../openflow-switch-config.templates:5001
	156	+msgid "Preparing to discover controller."
	157	+msgstr ""
	158	+
	159	+#. Type: note
	160	+#. Description
	161	+#: ../openflow-switch-config.templates:5001
	162	+msgid ""
	163	+"The setup program will now attempt to discover the OpenFlow controller. "
	164	+"Controller discovery may take up to 30 seconds. Please be patient."
	165	+msgstr ""
	166	+
	167	+#. Type: note
	168	+#. Description
	169	+#: ../openflow-switch-config.templates:5001
	170	+msgid ""
	171	+"See secchan(8) for instructions on how to configure a DHCP server for "
	172	+"controller discovery."
	173	+msgstr ""
	174	+
	175	+#. Type: error
	176	+#. Description
	177	+#: ../openflow-switch-config.templates:6001
	178	+msgid "Controller discovery failed."
	179	+msgstr ""
	180	+
	181	+#. Type: error
	182	+#. Description
	183	+#: ../openflow-switch-config.templates:6001
	184	+msgid "The controller's location could not be determined automatically."
	185	+msgstr ""
	186	+
	187	+#. Type: error
	188	+#. Description
	189	+#: ../openflow-switch-config.templates:6001
	190	+msgid ""
	191	+"Ensure that the OpenFlow DHCP server is properly configured. See secchan(8) "
	192	+"for instructions on how to configure a DHCP server for controller discovery."
	193	+msgstr ""
	194	+
	195	+#. Type: boolean
	196	+#. Description
	197	+#: ../openflow-switch-config.templates:7001
	198	+msgid "Use discovered settings?"
	199	+msgstr ""
	200	+
	201	+#. Type: boolean
	202	+#. Description
	203	+#: ../openflow-switch-config.templates:7001
	204	+msgid "Controller discovery obtained the following settings:"
	205	+msgstr ""
	206	+
	207	+#. Type: boolean
	208	+#. Description
	209	+#: ../openflow-switch-config.templates:7001
	210	+msgid "Controller location: ${controller-vconn}"
	211	+msgstr ""
	212	+
	213	+#. Type: boolean
	214	+#. Description
	215	+#: ../openflow-switch-config.templates:7001
	216	+msgid "PKI URL: ${pki-uri}"
	217	+msgstr ""
	218	+
	219	+#. Type: boolean
	220	+#. Description
	221	+#: ../openflow-switch-config.templates:7001
	222	+msgid "Please verify that these settings are correct."
	223	+msgstr ""
	224	+
	225	+#. Type: string
	226	+#. Description
	227	+#: ../openflow-switch-config.templates:8001
	228	+msgid "Switch IP address:"
	229	+msgstr ""
	230	+
	231	+#. Type: string
	232	+#. Description
	233	+#: ../openflow-switch-config.templates:8001
	234	+msgid ""
	235	+"For in-band communication with the controller, the OpenFlow switch must be "
	236	+"able to determine its own IP address. Its IP address may be configured "
	237	+"statically or dynamically."
	238	+msgstr ""
	239	+
	240	+#. Type: string
	241	+#. Description
	242	+#: ../openflow-switch-config.templates:8001
	243	+msgid "For static configuration, specify the switch's IP address as a string."
	244	+msgstr ""
	245	+
	246	+#. Type: string
	247	+#. Description
	248	+#: ../openflow-switch-config.templates:8001
	249	+msgid ""
	250	+"For dynamic configuration with DHCP (the most common case), specify \"dhcp"
	251	+"\". Configuration with DHCP will only work reliably if the network topology "
	252	+"allows the switch to contact the DHCP server before it connects to the "
	253	+"OpenFlow controller."
	254	+msgstr ""
	255	+
	256	+#. Type: error
	257	+#. Description
	258	+#: ../openflow-switch-config.templates:9001
	259	+msgid "The switch IP address is invalid."
	260	+msgstr ""
	261	+
	262	+#. Type: error
	263	+#. Description
	264	+#: ../openflow-switch-config.templates:9001
	265	+msgid ""
	266	+"The switch IP address must specified as \"dhcp\" or a valid IP address in "
	267	+"dotted-octet form (e.g. \"1.2.3.4\")."
	268	+msgstr ""
	269	+
	270	+#. Type: string
	271	+#. Description
	272	+#: ../openflow-switch-config.templates:10001
	273	+msgid "Controller location:"
	274	+msgstr ""
	275	+
	276	+#. Type: string
	277	+#. Description
	278	+#: ../openflow-switch-config.templates:10001
	279	+msgid ""
	280	+"Specify how the OpenFlow switch should connect to the OpenFlow controller. "
	281	+"The value should be in form \"ssl:HOST[:PORT]\" to connect to the controller "
	282	+"over SSL (recommended for security) or \"tcp:HOST[:PORT]\" to connect over "
	283	+"cleartext TCP."
	284	+msgstr ""
	285	+
	286	+#. Type: error
	287	+#. Description
	288	+#: ../openflow-switch-config.templates:11001
	289	+msgid "The controller location is invalid."
	290	+msgstr ""
	291	+
	292	+#. Type: error
	293	+#. Description
	294	+#: ../openflow-switch-config.templates:11001
	295	+msgid ""
	296	+"The controller location must be specifed as \"ssl:HOST[:PORT]\" to connect "
	297	+"to the controller over SSL (recommended for security) or \"tcp:HOST[:PORT]\" "
	298	+"to connect over cleartext TCP."
	299	+msgstr ""
	300	+
	301	+#. Type: string
	302	+#. Description
	303	+#: ../openflow-switch-config.templates:12001
	304	+msgid "OpenFlow PKI server host name or URL:"
	305	+msgstr ""
	306	+
	307	+#. Type: string
	308	+#. Description
	309	+#: ../openflow-switch-config.templates:12001
	310	+msgid ""
	311	+"Specify a URL to the OpenFlow public key infrastructure (PKI). If a host "
	312	+"name or IP address is specified in place of a URL, then http://<host>/"
	313	+"openflow/pki/ will be used, where <host> is the specified host name or IP "
	314	+"address."
	315	+msgstr ""
	316	+
	317	+#. Type: string
	318	+#. Description
	319	+#: ../openflow-switch-config.templates:12001
	320	+msgid ""
	321	+"The OpenFlow PKI is usually on the same machine as the OpenFlow controller."
	322	+msgstr ""
	323	+
	324	+#. Type: string
	325	+#. Description
	326	+#: ../openflow-switch-config.templates:12001
	327	+msgid ""
	328	+"The setup process will connect to the OpenFlow PKI server over HTTP, using "
	329	+"the system's configured default HTTP proxy (if any)."
	330	+msgstr ""
	331	+
	332	+#. Type: error
	333	+#. Description
	334	+#: ../openflow-switch-config.templates:13001
	335	+msgid "The switch CA certificate could not be retrieved."
	336	+msgstr ""
	337	+
	338	+#. Type: error
	339	+#. Description
	340	+#: ../openflow-switch-config.templates:13001
	341	+msgid "Retrieval of ${url} failed, with the following status: \"${error}\"."
	342	+msgstr ""
	343	+
	344	+#. Type: error
	345	+#. Description
	346	+#: ../openflow-switch-config.templates:13001
	347	+msgid ""
	348	+"Ensure that the OpenFlow PKI server is correctly configured and available at "
	349	+"${pki-uri}. If the system is configured to use an HTTP proxy, also make "
	350	+"sure that the HTTP proxy is available and that the PKI server can be reached "
	351	+"through it."
	352	+msgstr ""
	353	+
	354	+#. Type: select
	355	+#. Choices
	356	+#. Type: select
	357	+#. Choices
	358	+#. Type: select
	359	+#. Choices
	360	+#: ../openflow-switch-config.templates:14001
	361	+#: ../openflow-switch-config.templates:15001
	362	+#: ../openflow-switch-config.templates:17001
	363	+msgid "yes, no"
	364	+msgstr ""
	365	+
	366	+#. Type: select
	367	+#. Description
	368	+#: ../openflow-switch-config.templates:14002
	369	+msgid "Is ${fingerprint} the controller CA's fingerprint?"
	370	+msgstr ""
	371	+
	372	+#. Type: select
	373	+#. Description
	374	+#: ../openflow-switch-config.templates:14002
	375	+msgid ""
	376	+"If a man-in-the-middle attack is possible in your network environment, check "
	377	+"that the controller CA's fingerprint is really ${fingerprint}. Answer \"yes"
	378	+"\" if it matches, \"no\" if there is a discrepancy."
	379	+msgstr ""
	380	+
	381	+#. Type: select
	382	+#. Description
	383	+#: ../openflow-switch-config.templates:14002
	384	+msgid ""
	385	+"If a man-in-the-middle attack is not a concern, there is no need to verify "
	386	+"the fingerprint. Simply answer \"yes\"."
	387	+msgstr ""
	388	+
	389	+#. Type: select
	390	+#. Description
	391	+#: ../openflow-switch-config.templates:15002
	392	+msgid "Send certificate request to switch CA?"
	393	+msgstr ""
	394	+
	395	+#. Type: select
	396	+#. Description
	397	+#: ../openflow-switch-config.templates:15002
	398	+msgid ""
	399	+"Before it can connect to the controller over SSL, the OpenFlow switch's key "
	400	+"must be signed by the switch certificate authority (CA) located on the "
	401	+"OpenFlow PKI server, which is usually collocated with the OpenFlow "
	402	+"controller. A signing request can be sent to the PKI server now."
	403	+msgstr ""
	404	+
	405	+#. Type: select
	406	+#. Description
	407	+#: ../openflow-switch-config.templates:15002
	408	+msgid ""
	409	+"Answer \"yes\" to send a signing request to the switch CA now. This is "
	410	+"ordinarily the correct choice. There is no harm in sending a given signing "
	411	+"request more than once."
	412	+msgstr ""
	413	+
	414	+#. Type: select
	415	+#. Description
	416	+#: ../openflow-switch-config.templates:15002
	417	+msgid ""
	418	+"Answer \"no\" to skip sending a signing request to the switch CA. Unless the "
	419	+"request has already been sent to the switch CA, manual sending of the "
	420	+"request and signing will be necessary."
	421	+msgstr ""
	422	+
	423	+#. Type: error
	424	+#. Description
	425	+#: ../openflow-switch-config.templates:16001
	426	+msgid "The certificate request could not be sent."
	427	+msgstr ""
	428	+
	429	+#. Type: error
	430	+#. Description
	431	+#: ../openflow-switch-config.templates:16001
	432	+msgid "Posting to ${url} failed, with the following status: \"${error}\"."
	433	+msgstr ""
	434	+
	435	+#. Type: error
	436	+#. Description
	437	+#: ../openflow-switch-config.templates:16001
	438	+msgid ""
	439	+"Ensure that the OpenFlow PKI server is correctly configured and available at "
	440	+"${pki-uri}."
	441	+msgstr ""
	442	+
	443	+#. Type: select
	444	+#. Description
	445	+#: ../openflow-switch-config.templates:17002
	446	+msgid "Fetch signed switch certificate from PKI server?"
	447	+msgstr ""
	448	+
	449	+#. Type: select
	450	+#. Description
	451	+#: ../openflow-switch-config.templates:17002
	452	+msgid ""
	453	+"Before it can connect to the controller over SSL, the OpenFlow switch's key "
	454	+"must be signed by the switch certificate authority (CA) located on the "
	455	+"OpenFlow PKI server, which is usually collocated with the OpenFlow "
	456	+"controller."
	457	+msgstr ""
	458	+
	459	+#. Type: select
	460	+#. Description
	461	+#: ../openflow-switch-config.templates:17002
	462	+msgid ""
	463	+"At this point, a signing request has been sent to the switch CA (or sending "
	464	+"a request has been manually skipped), but the signed certificate has not yet "
	465	+"been retrieved. Manual action may need to be taken at the PKI server to "
	466	+"approve the signing request."
	467	+msgstr ""
	468	+
	469	+#. Type: select
	470	+#. Description
	471	+#: ../openflow-switch-config.templates:17002
	472	+msgid ""
	473	+"Answer \"yes\" to attempt to retrieve the signed switch certificate from the "
	474	+"switch CA. If the switch certificate request has been signed at the PKI "
	475	+"server, this is the correct choice."
	476	+msgstr ""
	477	+
	478	+#. Type: select
	479	+#. Description
	480	+#: ../openflow-switch-config.templates:17002
	481	+msgid ""
	482	+"Answer \"no\" to postpone switch configuration. The configuration process "
	483	+"must be restarted later, when the switch certificate request has been signed."
	484	+msgstr ""
	485	+
	486	+#. Type: error
	487	+#. Description
	488	+#: ../openflow-switch-config.templates:18001
	489	+msgid "Signed switch certificate could not be retrieved."
	490	+msgstr ""
	491	+
	492	+#. Type: error
	493	+#. Description
	494	+#: ../openflow-switch-config.templates:18001
	495	+msgid ""
	496	+"The signed switch certificate could not be retrieved from the switch CA: "
	497	+"retrieval of ${url} failed, with the following status: \"${error}\"."
	498	+msgstr ""
	499	+
	500	+#. Type: error
	501	+#. Description
	502	+#: ../openflow-switch-config.templates:18001
	503	+msgid ""
	504	+"This probably indicates that the switch's certificate request has not yet "
	505	+"been signed. If this is the problem, it may be fixed by signing the "
	506	+"certificate request at ${pki-uri}, then trying to fetch the signed switch "
	507	+"certificate again."
	508	+msgstr ""
	509	+
	510	+#. Type: note
	511	+#. Description
	512	+#: ../openflow-switch-config.templates:19001
	513	+msgid "OpenFlow Switch Setup Finished"
	514	+msgstr ""
	515	+
	516	+#. Type: note
	517	+#. Description
	518	+#: ../openflow-switch-config.templates:19001
	519	+msgid ""
	520	+"Setup of this OpenFlow switch is finished. Complete the setup procedure to "
	521	+"enable the switch."
	522	+msgstr ""
...	...

debian/rules 0 → 100755

View file @1f23c43

	1	+#!/usr/bin/make -f
	2	+# -- makefile --
	3	+# Sample debian/rules that uses debhelper.
	4	+#
	5	+# This file was originally written by Joey Hess and Craig Small.
	6	+# As a special exception, when this file is copied by dh-make into a
	7	+# dh-make output file, you may use that output file without restriction.
	8	+# This special exception was added by Craig Small in version 0.37 of dh-make.
	9	+#
	10	+# Modified to make a template file for a multi-binary package with separated
	11	+# build-arch and build-indep targets by Bill Allombert 2001
	12	+
	13	+# Uncomment this to turn on verbose mode.
	14	+#export DH_VERBOSE=1
	15	+
	16	+# This has to be exported to make some magic below work.
	17	+export DH_OPTIONS
	18	+
	19	+# prefix of the target package name
	20	+PACKAGE=openflow-datapath-module
	21	+# modifieable for experiments or debugging m-a
	22	+MA_DIR ?= /usr/share/modass
	23	+# load generic variable handling
	24	+-include $(MA_DIR)/include/generic.make
	25	+# load default rules
	26	+-include $(MA_DIR)/include/common-rules.make
	27	+
	28	+-include debian/rules.ext
	29	+
	30	+DATAPATH_CONFIGURE_OPTS = --enable-snat
	31	+
	32	+# Official build number. Leave set to 0 if not an official build.
	33	+BUILD_NUMBER = 0
	34	+
	35	+configure: configure-stamp
	36	+configure-stamp:
	37	+ dh_testdir
	38	+ test -e configure \|\| ./boot.sh
	39	+ test -d _debian \|\| mkdir _debian
	40	+ cd _debian && ( \
	41	+ test -e Makefile \|\| \
	42	+ ../configure --prefix=/usr --localstatedir=/var --enable-ssl \
	43	+ --with-build-number=$(BUILD_NUMBER) \
	44	+ $(DATAPATH_CONFIGURE_OPTS))
	45	+ $(ext_configure)
	46	+ touch configure-stamp
	47	+
	48	+#Architecture
	49	+build: build-arch build-indep
	50	+
	51	+build-arch: build-arch-stamp
	52	+build-arch-stamp: configure-stamp
	53	+ $(MAKE) -C _debian
	54	+ $(ext_build_arch)
	55	+ touch $@
	56	+
	57	+build-indep: build-indep-stamp
	58	+build-indep-stamp: configure-stamp
	59	+ $(MAKE) -C _debian dist distdir=openflow
	60	+ $(ext_build_indep)
	61	+ touch $@
	62	+
	63	+clean:
	64	+ dh_testdir
	65	+ dh_testroot
	66	+ rm -f build-arch-stamp build-indep-stamp configure-stamp
	67	+ rm -rf _debian
	68	+ [ ! -f Makefile ] \|\| $(MAKE) distclean
	69	+ $(ext_clean)
	70	+ dh_clean
	71	+ debconf-updatepo
	72	+
	73	+MAJOR=$(shell echo $(KVERS) \| sed -e 's/$...$.*/\1/')
	74	+ifeq ($(MAJOR),2.6)
	75	+KO=k
	76	+l2x=l26
	77	+dpdir=datapath/linux-2.6
	78	+else
	79	+KO=
	80	+l2x=l24
	81	+dpdir=datapath/linux-2.4
	82	+endif
	83	+
	84	+kdist_clean:
	85	+ dh_clean
	86	+ rm -rf openflow
	87	+
	88	+kdist_config: prep-deb-files
	89	+
	90	+binary-modules: DSTDIR = $(CURDIR)/debian/$(PKGNAME)/lib/modules/$(KVERS)
	91	+binary-modules: prep-deb-files
	92	+ dh_testdir
	93	+ dh_testroot
	94	+ dh_clean -k
	95	+ tar xzf openflow.tar.gz
	96	+ cd openflow && ./configure --with-$(l2x)=$(KSRC) $(DATAPATH_CONFIGURE_OPTS) --with-build-number=$(BUILD_NUMBER)
	97	+ cd openflow && $(MAKE) -C $(dpdir)
	98	+ install -d -m755 $(DSTDIR)
	99	+ install -m644 openflow/$(dpdir)/*_mod.$(KO)o $(DSTDIR)/
	100	+ dh_installdocs
	101	+ dh_installchangelogs
	102	+ dh_compress
	103	+ dh_fixperms
	104	+ dh_installdeb
	105	+ dh_gencontrol
	106	+ dh_md5sums
	107	+ dh_builddeb --destdir=$(DEB_DESTDIR)
	108	+
	109	+install: install-indep install-arch
	110	+install-indep: build-indep
	111	+ dh_testdir
	112	+ dh_testroot
	113	+ dh_clean -k -i
	114	+ dh_installdirs -i
	115	+ dh_install -i
	116	+ cd debian/openflow-datapath-source/usr/src && tar -c modules \| bzip2 -9 > openflow-datapath.tar.bz2 && rm -rf modules
	117	+ install -m644 debian/openflow-pki-server.apache2 debian/openflow-pki-server/etc/apache2/sites-available/openflow-pki
	118	+ install -m1777 -d debian/corekeeper/var/log/core
	119	+ $(ext_install_indep)
	120	+
	121	+install-arch: build-arch
	122	+ dh_testdir
	123	+ dh_testroot
	124	+ dh_clean -k -s
	125	+ dh_installdirs -s
	126	+ $(MAKE) -C _debian DESTDIR=$(CURDIR)/debian/openflow install
	127	+ cp debian/openflow-switch-config.overrides debian/openflow-switch-config/usr/share/lintian/overrides/openflow-switch-config
	128	+ cp debian/openflow-switch.template debian/openflow-switch/usr/share/openflow/switch/default.template
	129	+ dh_install -s
	130	+ $(ext_install_arch)
	131	+
	132	+# Must not depend on anything. This is to be called by
	133	+# binary-arch/binary-indep
	134	+# in another 'make' thread.
	135	+binary-common:
	136	+ dh_testdir
	137	+ dh_testroot
	138	+ dh_installchangelogs
	139	+ dh_installdocs
	140	+ dh_installexamples
	141	+ dh_installdebconf
	142	+ dh_installlogrotate
	143	+ dh_installinit
	144	+ dh_installcron
	145	+ dh_installman
	146	+ dh_link
	147	+ dh_strip --dbg-package=openflow-dbg
	148	+ dh_compress
	149	+ dh_fixperms -X var/log/core
	150	+ dh_perl
	151	+ dh_makeshlibs
	152	+ dh_installdeb
	153	+ dh_shlibdeps
	154	+ dh_gencontrol
	155	+ dh_md5sums
	156	+ dh_builddeb
	157	+binary-indep: install-indep
	158	+ $(MAKE) -f debian/rules DH_OPTIONS=-i binary-common
	159	+binary-arch: install-arch
	160	+ $(MAKE) -f debian/rules DH_OPTIONS=-s binary-common
	161	+
	162	+binary: binary-arch binary-indep
	163	+.PHONY: build clean binary-indep binary-arch binary install install-indep install-arch configure
...	...

doc/of-spec/.gitignore 0 → 100755

View file @1f23c43

	1	+/*.aux
	2	+/*.log
	3	+/*.out
	4	+/*.pdf
	5	+/*.ps
	6	+/define
	7	+/enum
	8	+/struct
...	...

doc/of-spec/Makefile 0 → 100755

View file @1f23c43

	1	+TARGET=openflow-spec-v1.0.0
	2	+
	3	+BIBTEX := bibtex
	4	+TGIF := tgif
	5	+XFIG := xfig
	6	+GNUPLOT:= gnuplot
	7	+
	8	+SOURCES=openflow-spec-v1.0.0.tex\
	9	+ appendix.tex
	10	+
	11	+all: $(TARGET).ps
	12	+pdf: all
	13	+
	14	+$(TARGET).pdf: Makefile $(SOURCES)
	15	+ ./make_latex_input.pl
	16	+ texi2pdf $(TARGET).tex
	17	+
	18	+color: $(TARGET).pdf
	19	+ pdflatex $(TARGET).tex
	20	+ pdftops $(TARGET).pdf
	21	+
	22	+$(TARGET).ps: $(TARGET).pdf
	23	+ pdftops $(TARGET).pdf
	24	+
	25	+%.pdf : %.fig #Makefile
	26	+ fig2dev -L pdf -b 1 $< $@
	27	+
	28	+%.eps : %.dia #Makefile
	29	+ dia --nosplash -e $@ $<
	30	+
	31	+%.eps : %.obj
	32	+ TMPDIR=/tmp $(TGIF) -print -eps $<
	33	+
	34	+
	35	+%.pdf : %.eps #Makefile
	36	+ epstopdf $<
	37	+
	38	+clean:
	39	+ rm -f .aux .log .out .bbl .blg ~ *.bak $(TARGET).ps $(TARGET).pdf
	40	+ rm -rf define enum struct
...	...

doc/of-spec/README 0 → 100755

View file @1f23c43

	1	+To build the latest OpenFlow specification, you should just be able to
	2	+type "make". For this to work, you'll need to have the texinfo and
	3	+"listings.sty" packages installed.
...	...

doc/of-spec/appendix.tex 0 → 100755

View file @1f23c43

	1	+%\appendix
	2	+\section{Appendix A: The OpenFlow Protocol}
	3	+The heart of the OpenFlow spec is the set of structures used for OpenFlow Protocol messages.
	4	+\\\\
	5	+The structures, defines, and enumerations described below are derived from the file \verb\|include/openflow/openflow.h\|, which is part of the standard OpenFlow distribution. All structures are packed with padding and 8-byte aligned, as checked by the assertion statements. All OpenFlow messages are sent in big-endian format.
	6	+
	7	+\subsection{OpenFlow Header}
	8	+Each OpenFlow message begins with the OpenFlow header:
	9	+
	10	+\input{struct/ofp_header}
	11	+The version specifies the OpenFlow protocol version being used. During the current draft phase of the OpenFlow Protocol, the most significant bit will be set to indicate an experimental version and the lower bits will indicate a revision number. The current version is \input{define/OFP_VERSION}. The final version for a Type 0 switch will be 0x00. The length field indicates the total length of the message, so no additional framing is used to distinguish one frame from the next. The type can have the following values:
	12	+
	13	+\input{enum/ofp_type}
	14	+
	15	+\subsection{Common Structures}
	16	+This section describes structures used by multiple messages.
	17	+
	18	+\subsubsection{Port Structures}
	19	+Physical ports are described with the following structure:
	20	+
	21	+\input{struct/ofp_phy_port}
	22	+The \verb\|port_no\| field is a value the datapath associates with a physical port. The \verb\|hw_addr\| field typically is the MAC address for the port; \verb\|OFP_MAX_ETH_ALEN\| is 6. The name field is a null-terminated string containing a human-readable name for the interface. The value of \verb\|OFP_MAX_PORT_NAME_LEN\| is 16.
	23	+\\\\
	24	+The \verb\|config\| field describes spanning tree and administrative settings with the following structure:
	25	+
	26	+\input{enum/ofp_port_config}
	27	+The port config bits indicate whether a port has been administratively brought down, options for handling 802.1D spanning tree packets, and how to handle incoming and outgoing packets. These bits, configured over multiple switches, enable an OpenFlow network to safely flood packets along either a custom or 802.1D spanning tree.
	28	+\\\\
	29	+The controller may set \verb\|OFPPFL_NO_STP\| to 0 to enable STP on a port or to 1 to disable STP on a port. (The latter corresponds to the Disabled STP port state.) The default is switch implementation-defined; the OpenFlow reference implementation by default sets this bit to 0 (enabling STP).
	30	+\\\\
	31	+When \verb\|OFPPFL_NO_STP\| is 0, STP controls the \verb\|OFPPFL_NO_FLOOD\| and \verb\|OFPPFL_STP_\| bits directly. \verb\|OFPPFL_NO_FLOOD\| is set to 0 when the STP port state is Forwarding, otherwise to 1. The bits in \verb\|OFPPFL_STP_MASK\| are set to one of the other \verb\|OFPPFL_STP_\| values according to the current STP port state.
	32	+\\\\
	33	+When the port flags are changed by STP, the switch sends an \verb\|OFPT_PORT_STATUS\| message to notify the controller of the change. The \verb\|OFPPFL_NO_RECV\|, \verb\|OFPPFL_NO_RECV_STP\|, \verb\|OFPPFL_NO_FWD\|, and \verb\|OFPPFL_NO_PACKET_IN\| bits in the OpenFlow port flags may be useful for the controller to implement STP, although they interact poorly with in-band control.
	34	+\\\\
	35	+The \verb\|state\| field describes the spanning tree state and whether a physical link is present, with the following structure:
	36	+
	37	+\input{enum/ofp_port_state}
	38	+All port state bits are read-only, representing spanning tree and physical link state.
	39	+\\\\
	40	+The port numbers use the following conventions:
	41	+
	42	+\input{enum/ofp_port}
	43	+The \verb\|curr\|, \verb\|advertised\|, \verb\|supported\|, and \verb\|peer\| fields indicate link modes (10M to 10G full and half-duplex), link type (copper/fiber) and link features (autonegotiation and pause). Port features are represent by the following structure:
	44	+
	45	+\input{enum/ofp_port_features}
	46	+Multiple of these flags may be set simultaneously.
	47	+
	48	+\subsubsection{\qosupd{Queue Structures}}
	49	+\label{cts:qos}
	50	+\qosupd{An OpenFlow switch provides limited Quality-of-Service support
	51	+ (QoS) through a simple queuing
	52	+mechanism. One (or more) queues can attach to a port and be used to map flows
	53	+on it. Flows mapped to a specific queue will be treated according to
	54	+that queue's configuration (e.g. min rate).
	55	+\\\\
	56	+A queue is described by the} \verb\|ofp_packet_queue\| \qosupd{structure:
	57	+\input{struct/ofp_packet_queue}
	58	+Each queue is further described by a set of properties, each of a
	59	+specific type and configuration.
	60	+\input{enum/ofp_queue_properties}
	61	+Each queue property description starts with a common header:
	62	+\input{struct/ofp_queue_prop_header}
	63	+Currently, there is only a minimum-rate type queue, described by the}
	64	+\verb\|ofp_queue_prop_min_rate\| \qosupd{structure:
	65	+\input{struct/ofp_queue_prop_min_rate}}
	66	+
	67	+\subsubsection{Flow Match Structures}
	68	+When describing a flow entry, the following structure is used:
	69	+
	70	+\input{struct/ofp_match}
	71	+The \verb\|wildcards\| field has a number of flags that may be set:
	72	+
	73	+\input{enum/ofp_flow_wildcards}
	74	+If no wildcards are set, then the \verb\|ofp_match\| exactly describes a flow, over the entire OpenFlow 12-tuple. On the other extreme, if all the wildcard flags are set, then every flow will match.
	75	+\\\\
	76	+The source and destination netmasks are each specified with a 6-bit number in the wildcard description. It is interpreted similar to the CIDR suffix, but with the opposite meaning, since this is being used to indicate which bits in the IP address should be treated as ``wild". For example, a CIDR suffix of "24" means to use a netmask of ``255.255.255.0". However, a wildcard mask value of ``24" means that the least-significant 24-bits are wild, so it forms a netmask of ``255.0.0.0".
	77	+
	78	+\subsubsection{Flow Action Structures}
	79	+A number of actions may be associated with flows or packets. The currently defined action types are:
	80	+
	81	+\input{enum/ofp_action_type}
	82	+Output \qosupd{and enqueue} actions are described in Section \ref{ft:actions}, while Field-Modify actions are described in Table \ref{table:field modify actions}. An action definition contains the action type, length, and any associated data:
	83	+
	84	+\input{struct/ofp_action_header}
	85	+An \verb\|action_output\| has the following fields:
	86	+
	87	+\input{struct/ofp_action_output}
	88	+The \verb\|max_len\| indicates the maximum amount of data from a packet that should be sent when the port is \verb\|OFPP_CONTROLLER\|. If \verb\|max_len\| is zero, the switch must send a zero-size \verb\|packet_in\| message. The \verb\|port\| specifies the physical port from which packets should be sent.
	89	+ \\\\
	90	+\qosupd{The enqueue action maps a flow to an already-configured queue, regardless of the TOS and VLAN PCP bits.
	91	+ The packet should not change after an enqueue action. If the switch
	92	+ needs to set the TOS/PCP bits for internal handling, the original values
	93	+ should be restored before sending the packet out.
	94	+\\\\
	95	+A switch may support only queues that are tied to specific PCP/TOS
	96	+bits. In that case, we cannot map an arbitrary flow to a specific
	97	+queue, therefore the action ENQUEUE is not supported. The user can
	98	+still use these queues and map
	99	+flows to them by setting the relevant fields (TOS, VLAN PCP).
	100	+\\\\
	101	+The enqueue action has the following fields:
	102	+
	103	+\input{struct/ofp_action_enqueue}}
	104	+An \verb\|action_vlan_vid\| has the following fields:
	105	+
	106	+\input{struct/ofp_action_vlan_vid}
	107	+The \verb\|vlan_vid\| field is 16 bits long, when an actual VLAN id is only 12 bits. The value \verb\|0xffff\| is used to indicate that no VLAN id was set.
	108	+\\\\
	109	+An \verb\|action_vlan_pcp\| has the following fields:
	110	+
	111	+\input{struct/ofp_action_vlan_pcp}
	112	+The \verb\|vlan_pcp\| field is 8 bits long, but only the lower 3 bits have meaning.
	113	+\\\\
	114	+An \verb\|action_strip_vlan\| takes no arguments and consists only of a generic \verb\|ofp_action_header\|. This action strips the VLAN tag if one is present.
	115	+\\\\
	116	+An \verb\|action_dl_addr\| has the following fields:
	117	+
	118	+\input{struct/ofp_action_dl_addr}
	119	+The \verb\|dl_addr\| field is the MAC address to set.
	120	+\\\\
	121	+An \verb\|action_nw_addr\| has the following fields:
	122	+
	123	+\input{struct/ofp_action_nw_addr}
	124	+The \verb\|nw_addr\| field is the IP address to set.
	125	+\\\\
	126	+An \verb\|action_nw_tos\| has the following fields:
	127	+
	128	+\input{struct/ofp_action_nw_tos}
	129	+The \verb\|nw_tos\| field is the 6 upper bits of the ToS field to set, in the original bit positions (shifted to the left by 2).
	130	+\\\\
	131	+An \verb\|action_tp_port\| has the following fields:
	132	+
	133	+\input{struct/ofp_action_tp_port}
	134	+The \verb\|tp_port\| field is the TCP/UDP/other port to set.
	135	+\\\\
	136	+An \verb\|action_vendor\| has the following fields:
	137	+
	138	+\input{struct/ofp_action_vendor_header}
	139	+The \verb\|vendor\| field is the Vendor ID, which takes the same form as in struct \verb\|ofp_vendor\|.
	140	+
	141	+\subsection{Controller-to-Switch Messages}
	142	+
	143	+\subsubsection{Handshake}
	144	+\label{cts:handshake}
	145	+Upon TLS session establishment, the controller sends an \verb\|OFPT_FEATURES_REQUEST\| message. This message does not contain a body beyond the OpenFlow header. The switch responds with an \verb\|OFPT_FEATURES_REPLY\| message:
	146	+
	147	+\input{struct/ofp_switch_features}
	148	+The \verb\|datapath_id\| field uniquely identifies a datapath. The lower 48 bits are intended for the switch MAC address, while the top 16 bits are up to the implementer. An example use of the top 16 bits would be a VLAN ID to distinguish multiple virtual switch instances on a single physical switch. This field should be treated as an opaque bit string by controllers.
	149	+\\\\
	150	+The \verb\|n_tables\| field describes the number of tables supported by the switch, each of which can have a different set of supported wildcard bits and number of entries. When the controller and switch first communicate, the controller will find out how many tables the switch supports from the Features Reply. If it wishes to understand the size, types, and order in which tables are consulted, the controller sends a \verb\|OFPST_TABLE\| stats request. A switch must return these tables in the order the packets traverse the tables, with all exact-match tables listed before all tables with wildcards.
	151	+\\\\
	152	+The \verb\|capabilities\| field uses the following flags:
	153	+
	154	+\input{enum/ofp_capabilities}
	155	+The \verb\|actions\| field is a bitmap of actions supported by the switch. The list of actions is found in Section~\ref{ft:actions}; all actions marked Required must be supported. Vendor actions should \emph{not} be reported via this bitmask. The bitmask uses the values from \verb\|ofp_action_type\| as the number of bits to shift left for an associated action. For example, \verb\|OFPAT_SET_DL_VLAN\| would use the flag \verb\|0x00000002\|.
	156	+\\\\
	157	+The \verb\|ports\| field is an array of \verb\|ofp_phy_port\| structures that describe all the physical ports in the system that support OpenFlow. The number of port elements is inferred from the length field in the OpenFlow header.
	158	+
	159	+\subsubsection{Switch Configuration}
	160	+The controller is able to set and query configuration parameters in the switch with the \verb\|OFPT_SET_CONFIG\| and \verb\|OFPT_GET_CONFIG_REQUEST\| messages, respectively. The switch responds to a configuration request with an \verb\|OFPT_GET_CONFIG_REPLY\| message; it does not reply to a request to set the configuration.
	161	+\\\\
	162	+There is no body for \verb\|OFPT_GET_CONFIG_REQUEST\| beyond the OpenFlow header. The \verb\|OFPT_SET_CONFIG\| and \verb\|OFPT_GET_CONFIG_REPLY\| use the following:
	163	+
	164	+\input{struct/ofp_switch_config}
	165	+The configuration flags include the following:
	166	+
	167	+\input{enum/ofp_config_flags}
	168	+The \verb\|OFPC_FRAG_*\| flags indicate whether IP fragments should be treated normally, dropped, or reassembled. ``Normal" handling of fragments means that an attempt should be made to pass the fragments through the OpenFlow tables. If any field is not present (e.g., the TCP/UDP ports didn't fit), then the packet should not match any entry that has that field set.
	169	+\\\\
	170	+The \verb\|miss_send_len\| field defines the number of bytes of each packet sent to the controller as a result of both flow table misses and flow table hits with the controller as the destination. If this field equals 0, the switch must send a zero-size \verb\|packet_in\| message.
	171	+
	172	+\subsubsection{Modify State Messages}
	173	+\paragraph{Modify Flow Entry Message}
	174	+Modifications to the flow table from the controller are done with the \verb\|OFPT_FLOW_MOD\| message:
	175	+
	176	+\input{struct/ofp_flow_mod}
	177	+The \verb\|cookie\| field is an opaque data value that is set by the
	178	+controller. It is not used in any matching functions, and thus does not
	179	+need to reside in hardware. The value -1 (0xffffffffffffffff) is
	180	+reserved and must not be used. It is required that when \verb\|command\| is
	181	+\verb\|OFPC_MODIFY\| or \verb\|OFPC_MODIFY_STRICT\| that matched flows have
	182	+their \verb\|cookie\| field updated appropriately.
	183	+\\\\
	184	+The \verb\|command\| field must be one of the following:
	185	+
	186	+\input{enum/ofp_flow_mod_command}
	187	+The differences between \verb\|OFPFC_MODIFY\| and \verb\|OFPFC_MODIFY_STRICT\| are explained in Section \ref{flow_table:sec_chan:flow_mod} and differences between \verb\|OFPFC_DELETE\| and \verb\|OFPFC_DELETE_STRICT\| are explained in Section \ref{flow_table:sec_chan:flow_removal}.
	188	+\\\\
	189	+The \verb\|idle_timeout\| and \verb\|hard_timeout\| fields control how quickly flows expire.
	190	+\\\\
	191	+If the \verb\|idle_timeout\| is set and the \verb\|hard_timeout\| is zero, the entry must expire after \verb\|idle_timeout\| seconds with no received traffic. If the \verb\|idle_timeout\| is zero and the \verb\|hard_timeout\| is set, the entry must expire in \verb\|hard_timeout\| seconds regardless of whether or not packets are hitting the entry.
	192	+\\\\
	193	+If both \verb\|idle_timeout\| and \verb\|hard_timeout\| are set, the flow will timeout after \verb\|idle_timeout\| seconds with no traffic, or \verb\|hard_timeout\| seconds, whichever comes first. If both \verb\|idle_timeout\| and \verb\|hard_timeout\| are zero, the entry is considered permanent and will never time out. It can still be removed with a \verb\|flow_mod\| message of type \verb\|OFPFC_DELETE\|.
	194	+\\\\
	195	+The \verb\|priority\| field is only relevant for flow entries with wildcard fields. The priority field indicates table priority, where higher numbers are higher priorities; the switch must keep the highest-priority wildcard entries in the lowest-numbered (fastest) wildcard table, to ensure correctness. It is the responsibility of each switch implementer to ensure that exact entries always match before wildcards entries, regardless of the table configuration.
	196	+\\\\
	197	+The \verb\|buffer_id\| refers to a buffered packet sent by the \verb\|OFPT_PACKET_IN\| message.
	198	+\\\\
	199	+The \verb\|out_port\| field optionally filters the scope of DELETE and DELETE\_STRICT messages by output port. If \verb\|out_port\| contains a value other than \verb\|OFPP_NONE\|, it introduces a constraint when matching. This constraint is that the rule must contain an output action directed at that port. Other constraints such as \verb\|ofp_match\| structs and priorities are still used; this is purely an \emph{additional} constraint. Note that to disable output port filtering, \verb\|out_port\| must be set to \verb\|OFPP_NONE\|, since 0 is a valid port id. This field is ignored by ADD, MODIFY, and MODIFY\_STRICT messages.
	200	+\\\\
	201	+The \verb\|flags\| field may include the follow flags:
	202	+
	203	+\input{enum/ofp_flow_mod_flags}
	204	+When the \verb\|OFPFF_SEND_FLOW_REM\| flag is set, the switch must send a flow removed message when the flow expires. The default is for the switch to not send flow removed messages for newly added flows.
	205	+\\\\
	206	+When the \verb\|OFPFF_CHECK_OVERLAP\| flag is set, the switch must check that there are no conflicting entries with the same priority. If there is one, the flow mod fails and an error code is returned.
	207	+\\\\
	208	+When the \verb\|OFPFF_EMERG_\| flag is set, the switch must consider this flow entry as an emergency entry, and only use it for forwarding when disconnected from the controller.
	209	+
	210	+\paragraph{Port Modification Message}
	211	+The controller uses the \verb\|OFPT_PORT_MOD\| message to modify the behavior of the physical port:
	212	+
	213	+\input{struct/ofp_port_mod}
	214	+The \verb\|mask\| field is used to select bits in the \verb\|config\| field to change. The \verb\|advertise\| field has no mask; all port features change together.
	215	+
	216	+\subsubsection{\qosupd{Queue Configuration Messages}}
	217	+\qosupd{Queue configuration takes place outside the OpenFlow protocol, either
	218	+ through a command line tool or through an external dedicated configuration
	219	+protocol.
	220	+\\\\
	221	+The controller can query the switch for configured queues on a port
	222	+using the following structure:
	223	+\input{struct/ofp_queue_get_config_request}
	224	+The switch replies back with an} \verb\|ofp_queue_get_config_reply\| \qosupd{command, containing
	225	+a list of configured queues.
	226	+
	227	+\input{struct/ofp_queue_get_config_reply}
	228	+}
	229	+
	230	+\subsubsection{Read State Messages}
	231	+While the system is running, the datapath may be queried about its current state using the \verb\|OFPT_STATS_REQUEST\| message:
	232	+
	233	+\input{struct/ofp_stats_request}
	234	+The switch responds with one or more \verb\|OFPT_STATS_REPLY\| messages:
	235	+
	236	+\input{struct/ofp_stats_reply}
	237	+The only value defined for \verb\|flags\| in a reply is whether more replies will follow this one - this has the value \verb\|0x0001\|. To ease implementation, the switch is allowed to send replies with no additional entries. However, it must always send another reply following a message with the �more� flag set. The transaction ids (xid) of replies must always match the request that prompted them.
	238	+\\\\
	239	+In both the request and response, the \verb\|type\| field specifies the kind of information being passed and determines how the \verb\|body\| field is interpreted:
	240	+
	241	+\input{enum/ofp_stats_types}
	242	+
	243	+\paragraph{Description Statistics}
	244	+Information about the switch manufacturer, hardware revision, software revision, serial number, and a description field is available from the \verb\|OFPST_DESC\| stats request type:
	245	+
	246	+\input{struct/ofp_desc_stats}
	247	+Each entry is ASCII formatted and padded on the right with null bytes (\textbackslash0). \verb\|DESC_STR_LEN\| is \input{define/DESC_STR_LEN}and \verb\|SERIAL_NUM_LEN\| is \input{define/SERIAL_NUM_LEN}. Note: \footnote{Added to address concerns raised in \url{https://mailman.stanford.edu/pipermail/openflow-spec/2009-September/000504.html}} the \verb\|dp_desc\| field is a free-form string to describe the datapath for debugging purposes, e.g., ``switch3 in room 3120''. As such, it is not guaranteed to be unique and should not be used as the primary identifier for the datapath---use the \verb\|datapath_id\| field from the switch features instead (\S~\ref{cts:handshake}).
	248	+
	249	+\paragraph{Individual Flow Statistics}
	250	+Information about individual flows is requested with the \verb\|OFPST_FLOW\| stats request type:
	251	+
	252	+\input{struct/ofp_flow_stats_request}
	253	+The \verb\|match\| field contains a description of the flows that should be matched and may contain wildcards. This field's matching behavior is described in Section \ref{flow_table:sec_chan:flow_add}.
	254	+\\\\
	255	+The \verb\|table_id\| field indicates the index of a single table to read, or \verb\|0xff\| for all tables.
	256	+\\\\
	257	+The \verb\|out_port\| field optionally filters by output port. If \verb\|out_port\| contains a value other than \verb\|OFPP_NONE\|, it introduces a constraint when matching. This constraint is that the rule must contain an output action directed at that port. Other constraints such as \verb\|ofp_match\| structs are still used; this is purely an \emph{additional} constraint. Note that to disable output port filtering, \verb\|out_port\| must be set to \verb\|OFPP_NONE\|, since 0 is a valid port id.
	258	+\\\\
	259	+The \verb\|body\| of the reply consists of an array of the following:
	260	+
	261	+\input{struct/ofp_flow_stats}
	262	+The fields consist of those provided in the \verb\|flow_mod\| that created these, plus the table into which the entry was inserted, the packet count, and the byte count.
	263	+\\\\
	264	+\label{flow_duration_info}The \verb\|duration_sec\| and \verb\|duration_nsec\| fields indicate the elapsed time the flow has been installed in the switch. The total duration in nanoseconds can be computed as $\verb\|duration_sec\|*10^{9}$ + \verb\|duration_nsec\|. Implementations are required to provide millisecond precision; higher precision is encouraged where available.
	265	+
	266	+\paragraph{Aggregate Flow Statistics}
	267	+Aggregate information about multiple flows is requested with the \verb\|OFPST_AGGREGATE\| stats request type:
	268	+
	269	+\input{struct/ofp_aggregate_stats_request}
	270	+The \verb\|match\| field contains a description of the flows that should be matched and may contain wildcards. This field's matching behavior is described in Section \ref{flow_table:sec_chan:flow_add}.
	271	+\\\\
	272	+The \verb\|table_id\| field indicates the index of a single table to read, or \verb\|0xff\| for all tables.
	273	+\\\\
	274	+The \verb\|out_port\| field optionally filters by output port. If \verb\|out_port\| contains a value other than \verb\|OFPP_NONE\|, it introduces a constraint when matching. This constraint is that the rule must contain an output action directed at that port. Other constraints such as \verb\|ofp_match\| structs are still used; this is purely an \emph{additional} constraint. Note that to disable output port filtering, \verb\|out_port\| must be set to \verb\|OFPP_NONE\|, since 0 is a valid port id.
	275	+\\\\
	276	+The \verb\|body\| of the reply consists of the following:
	277	+
	278	+\input{struct/ofp_aggregate_stats_reply}
	279	+
	280	+\paragraph{Table Statistics}
	281	+Information about tables is requested with the \verb\|OFPST_TABLE\| stats request type. The request does not contain any data in the body.
	282	+\\\\
	283	+The body of the reply consists of an array of the following:
	284	+
	285	+\input{struct/ofp_table_stats}
	286	+The \verb\|body\| contains a \verb\|wildcards\| field, which indicates the fields for which that particular table supports wildcarding. For example, a direct look-up hash table would have that field set to zero, while a sequentially searched table would have it set to \verb\|OFPFW_ALL\|. The entries are returned in the order that packets traverse the tables.
	287	+\\\\
	288	+\verb\|OFP_MAX_TABLE_NAME_LEN\| is \input{define/OFP_MAX_TABLE_NAME_LEN}.
	289	+
	290	+\paragraph{Port Statistics}
	291	+Information about physical ports is requested with the \verb\|OFPST_PORT\| stats request type:
	292	+
	293	+\input{struct/ofp_port_stats_request}
	294	+The \verb\|port_no\| field optionally filters the stats request to the given port. To request all port statistics, \verb\|port_no\| must be set to \verb\|OFPP_NONE\|.
	295	+\\\\
	296	+The \verb\|body\| of the reply consists of an array of the following:
	297	+
	298	+\input{struct/ofp_port_stats}
	299	+The switch should return a value of -1 for unavailable counters.
	300	+
	301	+\paragraph{\qosupd{Queue Statistics}}
	302	+\qosupd{The} \verb\|OFPST_QUEUE\| \qosupd{stats request message provides
	303	+ queue statistics for one or more ports.
	304	+ The request body consists of a} \verb\|port_no\| \qosupd{field
	305	+identifying the port and a} \verb\|queue_id\|. \verb\|OFPP_ALL\|
	306	+\qosupd{refers to all ports, while} \verb\|OFPQ_ALL\| \qosupd{refers to all queues configured
	307	+at a port.
	308	+
	309	+\input{struct/ofp_queue_stats_request}
	310	+The body of the reply consists of an array of
	311	+the following structure:
	312	+
	313	+\input{struct/ofp_queue_stats}}
	314	+
	315	+\paragraph{Vendor Statistics}
	316	+Vendor-specific stats messages are requested with the \verb\|OFPST_VENDOR\| stats type. The first four bytes of the message are the vendor identifier. The rest of the body is vendor-defined.
	317	+\\\\
	318	+The \verb\|vendor\| field is a 32-bit value that uniquely identifies the vendor. If the most significant byte is zero, the next three bytes are the vendor's IEEE OUI. If vendor does not have (or wish to use) their OUI, they should contact the OpenFlow consortium to obtain one.
	319	+
	320	+\subsubsection{Send Packet Message}
	321	+When the controller wishes to send a packet out through the datapath, it uses the \verb\|OFPT_PACKET_OUT\| message:
	322	+
	323	+\input{struct/ofp_packet_out}
	324	+The \verb\|buffer_id\| is the same given in the \verb\|ofp_packet_in\| message. If the \verb\|buffer_id\| is -1, then the packet data is included in the data array. If \verb\|OFPP_TABLE\| is specified as the output port of an action, the \verb\|in_port\| in the \verb\|packet_out\| message is used in the flow table lookup.
	325	+
	326	+\subsubsection{Barrier Message}
	327	+When the controller wants to ensure message dependencies have been met or wants to receive notifications for completed operations, it may use an \verb\|OFPT_BARRIER_REQUEST\| message. This message has no body. Upon receipt, the switch must finish processing all previously-received messages before executing any messages beyond the Barrier Request. When such processing is complete, the switch must send an \verb\|OFPT_BARRIER_REPLY\| message with the \verb\|xid\| of the original request.
	328	+
	329	+\subsection{Asynchronous Messages}
	330	+\subsubsection{Packet-In Message}
	331	+When packets are received by the datapath and sent to the controller, they use the \verb\|OFPT_PACKET_IN\| message:
	332	+
	333	+\input{struct/ofp_packet_in}
	334	+The \verb\|buffer_id\| is an opaque value used by the datapath to identify a buffered packet. When a packet is buffered, some number of bytes from the message will be included in the data portion of the message. If the packet is sent because of a ``send to controller'' action, then \verb\|max_len\| bytes from the \verb\|action_output\| of the flow setup request are sent. If the packet is sent because of a flow table miss, then at least \verb\|miss_send_len\| bytes from the \verb\|OFPT_SET_CONFIG\| message are sent. The default \verb\|miss_send_len\| is \input{define/OFP_DEFAULT_MISS_SEND_LEN}bytes. If the packet is not buffered, the entire packet is included in the data portion, and the \verb\|buffer_id\| is -1.
	335	+\\\\
	336	+Switches that implement buffering are expected to expose, through documentation, both the amount of available buffering, and the length of time before buffers may be reused. A switch must gracefully handle the case where a buffered \verb\|packet_in\| message yields no response from the controller. A switch should prevent a buffer from being reused until it has been handled by the controller, or some amount of time (indicated in documentation) has passed.
	337	+\\\\
	338	+The reason field can be any of these values:
	339	+
	340	+\input{enum/ofp_packet_in_reason}
	341	+
	342	+\subsubsection{Flow Removed Message}
	343	+If the controller has requested to be notified when flows time out, the datapath does this with the \verb\|OFPT_FLOW_REMOVED\| message:
	344	+
	345	+\input{struct/ofp_flow_removed}
	346	+The \verb\|match\|, \verb\|cookie\|, and \verb\|priority\| fields are the same as those used in the flow setup request.
	347	+\\\\
	348	+The \verb\|reason\| field is one of the following:
	349	+
	350	+\input{enum/ofp_flow_removed_reason}
	351	+The \verb\|duration_sec\| and \verb\|duration_nsec\| fields are described in Section \ref{flow_duration_info}.
	352	+\\\\
	353	+The \verb\|idle_timeout\| field is directly copied from the flow mod that created this entry.
	354	+\\\\
	355	+With the above three fields, one can find both the amount of time the flow was active, as well as the amount of time the flow received traffic.
	356	+\\\\
	357	+The \verb\|packet_count\| and \verb\|byte_count\| indicate the number of packets and bytes that were associated with this flow, respectively.
	358	+
	359	+\subsubsection{Port Status Message}
	360	+As physical ports are added, modified, and removed from the datapath, the controller needs to be informed with the \verb\|OFPT_PORT_STATUS\| message:
	361	+
	362	+\input{struct/ofp_port_status}
	363	+The \verb\|status\| can be one of the following values:
	364	+
	365	+\input{enum/ofp_port_reason}
	366	+
	367	+\subsubsection{Error Message}
	368	+There are times that the switch needs to notify the controller of a problem. This is done with the \verb\|OFPT_ERROR_MSG\| message:
	369	+
	370	+\input{struct/ofp_error_msg}
	371	+The \verb\|type\| value indicates the high-level type of error. The \verb\|code\| value is interpreted based on the type. The \verb\|data\| is variable length and interpreted based on the \verb\|type\| and \verb\|code\|; in most cases this is the message that caused the problem.
	372	+\\\\
	373	+Error codes ending in \verb\|_EPERM\| correspond to a permissions error generated by an entity between a controller and switch, such as an OpenFlow hypervisor.
	374	+\\\\
	375	+Currently defined error types are:
	376	+
	377	+\input{enum/ofp_error_type}
	378	+For the \verb\|OFPET_HELLO_FAILED\| error \verb\|type\|, the following \verb\|code\|s are currently defined:
	379	+
	380	+\input{enum/ofp_hello_failed_code}
	381	+The \verb\|data\| field contains an ASCII text string that adds detail on why the error occurred.
	382	+\\\\
	383	+For the \verb\|OFPET_BAD_REQUEST\| error \verb\|type\|, the following \verb\|code\|s are currently defined:
	384	+
	385	+\input{enum/ofp_bad_request_code}
	386	+The \verb\|data\| field contains at least 64 bytes of the failed request.
	387	+\\\\
	388	+For the \verb\|OFPET_BAD_ACTION\| error \verb\|type\|, the following \verb\|code\|s are currently defined:
	389	+
	390	+\input{enum/ofp_bad_action_code}
	391	+The \verb\|data\| field contains at least 64 bytes of the failed request.
	392	+\\\\
	393	+For the \verb\|OFPET_FLOW_MOD_FAILED\| error \verb\|type\|, the following \verb\|code\|s are currently defined:
	394	+
	395	+\input{enum/ofp_flow_mod_failed_code}
	396	+The \verb\|data\| field contains at least 64 bytes of the failed request.
	397	+\\\\
	398	+For the \verb\|OFPET_PORT_MOD_FAILED\| error \verb\|type\|, the following \verb\|code\|s are currently defined:
	399	+
	400	+\input{enum/ofp_port_mod_failed_code}
	401	+The \verb\|data\| field contains at least 64 bytes of the failed request.
	402	+\\\\
	403	+For the \verb\|OFPET_QUEUE_OP_FAILED\| error \verb\|type\|, the following \verb\|code\|s are currently defined:
	404	+
	405	+\input{enum/ofp_queue_op_failed_code}
	406	+The \verb\|data\| field contains at least 64 bytes of the failed request.
	407	+\\\\
	408	+If the error message is in response to a specific message from the controller, e.g., \verb\|OFPET_BAD_REQUEST\|, \verb\|OFPET_BAD_ACTION\|, or \verb\|OFPET_FLOW_MOD_FAILED\|, then the \verb\|xid\| field of the header should match that of the offending message.
	409	+
	410	+\subsection{Symmetric Messages}
	411	+\subsubsection{Hello}
	412	+The \verb\|OFPT_HELLO\| message has no body; that is, it consists only of an OpenFlow header. Implementations must be prepared to receive a hello message that includes a body, ignoring its contents, to allow for later extensions.
	413	+
	414	+\subsubsection{Echo Request}
	415	+An Echo Request message consists of an OpenFlow header plus an arbitrary-length data field. The data field might be a message timestamp to check latency, various lengths to measure bandwidth, or zero-size to verify liveness between the switch and controller.
	416	+
	417	+\subsubsection{Echo Reply}
	418	+An Echo Reply message consists of an OpenFlow header plus the unmodified data field of an echo request message.
	419	+\\\\
	420	+In an OpenFlow protocol implementation divided into multiple layers, the echo request/reply logic should be implemented in the "deepest" practical layer. For example, in the OpenFlow reference implementation that includes a userspace process that relays to a kernel module, echo request/reply is implemented in the kernel module. Receiving a correctly formatted echo reply then shows a greater likelihood of correct end-to-end functionality than if the echo request/reply were implemented in the userspace process, as well as providing more accurate end-to-end latency timing.
	421	+
	422	+\subsubsection{Vendor}
	423	+The Vendor message is defined as follows:
	424	+
	425	+\input{struct/ofp_vendor_header}
	426	+The \verb\|vendor\| field is a 32-bit value that uniquely identifies the vendor. If the most significant byte is zero, the next three bytes are the vendor's IEEE OUI. If vendor does not have (or wish to use) their OUI, they should contact the OpenFlow consortium to obtain one. The rest of the body is uninterpreted.
	427	+\\\\
	428	+If a switch does not understand a vendor extension, it must send an \verb\|OFPT_ERROR\| message with a \verb\|OFPBRC_BAD_VENDOR\| error code and \verb\|OFPET_BAD_REQUEST\| error type.
	429	+
...	...

doc/of-spec/credits.tex 0 → 100755

View file @1f23c43

	1	+\section{Appendix B: Credits}
	2	+
	3	+Current Maintainer: Brandon Heller (brandonh@stanford.edu).
	4	+\\\\
	5	+Spec contributions, in alphabetical order:
	6	+\\\\
	7	+Ben Pfaff,
	8	+Brandon Heller,
	9	+Dan Talayco,
	10	+David Erickson,
	11	+Glen Gibb,
	12	+Guido Appenzeller,
	13	+Jean Tourrilhes,
	14	+Justin Pettit,
	15	+KK Yap,
	16	+Martin Casado,
	17	+Masayoshi Kobayashi,
	18	+Nick McKeown,
	19	+Peter Balland,
	20	+Reid Price,
	21	+Rob Sherwood,
	22	+Yiannis Yiakoumis.
0	23	\ No newline at end of file
...	...

doc/of-spec/figure_flow_table_secchan.png 0 → 100755

View file @1f23c43

66.3 KB

VoLTE and OF / voip-of · Commits

GitLab

debian, doc, hwlib

Too many changes to show.
Reload with full diff Plain diff Email patch

GitLab

debian, doc, hwlib

Too many changes to show. Reload with full diff Plain diff Email patch

Too many changes to show.
Reload with full diff Plain diff Email patch