sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-05 09:18:06 +03:00
Code

traffic: new version of model with packet_rate, version number

Browse Source 
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Douglas Bagnall 2018-12-20 17:25:49 +13:00 committed by Douglas Bagnall
parent 273eb3dffb
commit 7edf58dc58
10 changed files with 203 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
python/samba/emulate/traffic.py
View File

@ -54,6 +54,8 @@ from samba.compat import get_string
from samba.logger import get_samba_logger from samba.logger import get_samba_logger
import bisect import bisect
CURRENT_MODEL_VERSION = 2 # save as this
REQUIRED_MODEL_VERSION = 2 # load accepts this or greater
SLEEP_OVERHEAD = 3e-4 SLEEP_OVERHEAD = 3e-4
# we don't use None, because it complicates [de]serialisation # we don't use None, because it complicates [de]serialisation
@ -1136,7 +1138,7 @@ class TrafficModel(object):
self.n = n self.n = n
self.dns_opcounts = defaultdict(int) self.dns_opcounts = defaultdict(int)
self.cumulative_duration = 0.0 self.cumulative_duration = 0.0
self.conversation_rate = [0, 1] self.packet_rate = [0, 1]
def learn(self, conversations, dns_opcounts={}): def learn(self, conversations, dns_opcounts={}):
prev = 0.0 prev = 0.0
@ -1149,10 +1151,15 @@ class TrafficModel(object):
self.dns_opcounts[k] += v self.dns_opcounts[k] += v
if len(conversations) > 1: if len(conversations) > 1:
elapsed =\ first = conversations[0].start_time
conversations[-1].start_time - conversations[0].start_time total = 0
self.conversation_rate[0] = len(conversations) last = first + 0.1
self.conversation_rate[1] = elapsed for c in conversations:
total += len(c)
last = max(last, c.packets[-1].timestamp)
self.packet_rate[0] = total
self.packet_rate[1] = last - first
for c in conversations: for c in conversations:
client, server = c.guess_client_server(server) client, server = c.guess_client_server(server)
@ -1196,7 +1203,8 @@ class TrafficModel(object):
'ngrams': ngrams, 'ngrams': ngrams,
'query_details': query_details, 'query_details': query_details,
'cumulative_duration': self.cumulative_duration, 'cumulative_duration': self.cumulative_duration,
'conversation_rate': self.conversation_rate, 'packet_rate': self.packet_rate,
'version': CURRENT_MODEL_VERSION
} }
d['dns'] = self.dns_opcounts d['dns'] = self.dns_opcounts
@ -1211,6 +1219,17 @@ class TrafficModel(object):
d = json.load(f) d = json.load(f)
try:
version = d["version"]
if version < REQUIRED_MODEL_VERSION:
raise ValueError("the model file is version %d; "
"version %d is required" %
(version, REQUIRED_MODEL_VERSION))
except KeyError:
raise ValueError("the model file lacks a version number; "
"version %d is required" %
(REQUIRED_MODEL_VERSION))
for k, v in d['ngrams'].items(): for k, v in d['ngrams'].items():
k = tuple(str(k).split('\t')) k = tuple(str(k).split('\t'))
values = self.ngrams.setdefault(k, []) values = self.ngrams.setdefault(k, [])
@ -1232,18 +1251,22 @@ class TrafficModel(object):
self.dns_opcounts[k] += v self.dns_opcounts[k] += v
self.cumulative_duration = d['cumulative_duration'] self.cumulative_duration = d['cumulative_duration']
self.conversation_rate = d['conversation_rate'] self.packet_rate = d['packet_rate']
def construct_conversation(self, timestamp=0.0, client=2, server=1,
hard_stop=None, replay_speed=1):
"""Construct a individual converation from the model."""
c = Conversation(timestamp, (server, client), conversation_id=client)
def construct_conversation_sequence(self, timestamp=0.0,
hard_stop=None,
replay_speed=1,
ignore_before=0):
"""Construct an individual conversation packet sequence from the
model.
"""
c = []
key = (NON_PACKET,) * (self.n - 1) key = (NON_PACKET,) * (self.n - 1)
if ignore_before is None:
ignore_before = timestamp - 1
while key in self.ngrams: while True:
p = random.choice(self.ngrams.get(key, NON_PACKET)) p = random.choice(self.ngrams.get(key, (NON_PACKET,)))
if p == NON_PACKET: if p == NON_PACKET:
break break
@ -1263,46 +1286,49 @@ class TrafficModel(object):
timestamp += wait timestamp += wait
if hard_stop is not None and timestamp > hard_stop: if hard_stop is not None and timestamp > hard_stop:
break break
c.add_short_packet(timestamp, protocol, opcode, extra) if timestamp >= ignore_before:
c.append((timestamp, protocol, opcode, extra))
key = key[1:] + (p,) key = key[1:] + (p,)
return c return c
def generate_conversations(self, rate, duration, replay_speed=1): def generate_conversations(self, scale, duration, replay_speed=1,
server=1, client=2):
"""Generate a list of conversations from the model.""" """Generate a list of conversations from the model."""
# We run the simulation for at least ten times as long as our # We run the simulation for ten times as long as our desired
# desired duration, and take a section near the start. # duration, and take the section at the end.
rate_n, rate_t = self.conversation_rate lead_in = 9 * duration
rate_n, rate_t = self.packet_rate
duration2 = max(rate_t, duration * 2) target_packets = int(duration * scale * rate_n / rate_t)
n = rate * duration2 * rate_n / rate_t
server = 1
client = 2
conversations = [] conversations = []
end = duration2 n_packets = 0
start = end - duration
while client < n + 2: while n_packets < target_packets:
start = random.uniform(0, duration2) start = random.uniform(-lead_in, duration)
c = self.construct_conversation(start, c = self.construct_conversation_sequence(start,
client, hard_stop=duration,
server, replay_speed=replay_speed,
hard_stop=(duration2 * 5), ignore_before=0)
replay_speed=replay_speed)
c.forget_packets_outside_window(start, end)
c.renormalise_times(start)
if len(c) != 0:
conversations.append(c) conversations.append(c)
client += 1 n_packets += len(c)
print(("we have %d conversations at rate %f" % print(("we have %d packets (target %d) in %d conversations at scale %f"
(len(conversations), rate)), file=sys.stderr) % (n_packets, target_packets, len(conversations), scale)),
conversations.sort() file=sys.stderr)
conversations.sort() # sorts by first element == start time
return seq_to_conversations(conversations)
def seq_to_conversations(seq, server=1, client=2):
conversations = []
for s in seq:
if s:
c = Conversation(s[0][0], (server, client), s)
client += 1
conversations.append(c)
return conversations return conversations

11
python/samba/tests/blackbox/testdata/traffic-sample-very-short.model vendored
View File

@ -30,14 +30,14 @@
"-": 1 "-": 1
} }
}, },
"conversation_rate": [
2,
0.12712717056274414
],
"dns": { "dns": {
"1": 9, "1": 9,
"0": 9 "0": 9
}, },
"packet_rate": [
50,
0.32482
],
"query_details": { "query_details": {
"rpc_netlogon:29": { "rpc_netlogon:29": {
"-": 1 "-": 1
@ -56,5 +56,6 @@
"": 1 "": 1
} }
}, },
"cumulative_duration": 0.39243292808532715 "cumulative_duration": 0.39243292808532715,
"version": 2
} }

45
python/samba/tests/blackbox/testdata/traffic_learner.expected vendored
View File

@ -1,4 +1,26 @@
{ {
"packet_rate": [
10,
0.22707200050354004
],
"query_details": {
"rpc_netlogon:29": {
"-": 1
},
"cldap:3": {
"\t\t\tNetlogon\t\t\t": 3
},
"ldap:3": {
"\t\t\tsubschemaSubentry,dsServiceName,namingContexts,defaultNamingContext,schemaNamingContext,configurationNamingContext,rootDomainNamingContext,supportedControl,supportedLDAPVersion,supportedLDAPPolicies,supportedSASLMechanisms,dnsHostName,ldapServiceName,serverName,supportedCapabilities\t\t\t": 1,
"2\tDC,DC\t\tcn\t\t\t": 1
},
"ldap:2": {
"\t\t\t\t\t\t": 1
},
"kerberos:": {
"": 1
}
},
"ngrams": { "ngrams": {
"-\t-": { "-\t-": {
"cldap:3": 1, "cldap:3": 1,
@ -30,31 +52,10 @@
"-": 1 "-": 1
} }
}, },
"conversation_rate": [ "version": 2,
2,
0.12712717056274414
],
"dns": { "dns": {
"1": 9, "1": 9,
"0": 9 "0": 9
}, },
"query_details": {
"rpc_netlogon:29": {
"-": 1
},
"cldap:3": {
"\t\t\tNetlogon\t\t\t": 3
},
"ldap:3": {
"\t\t\tsubschemaSubentry,dsServiceName,namingContexts,defaultNamingContext,schemaNamingContext,configurationNamingContext,rootDomainNamingContext,supportedControl,supportedLDAPVersion,supportedLDAPPolicies,supportedSASLMechanisms,dnsHostName,ldapServiceName,serverName,supportedCapabilities\t\t\t": 1,
"2\tDC,DC\t\tcn\t\t\t": 1
},
"ldap:2": {
"\t\t\t\t\t\t": 1
},
"kerberos:": {
"": 1
}
},
"cumulative_duration": 0.39243292808532715 "cumulative_duration": 0.39243292808532715
} }

18
python/samba/tests/blackbox/testdata/traffic_replay-0.expected vendored Normal file
View File

@ -0,0 +1,18 @@
0.011388 06 2 1 ldap 3 searchRequest 2 DC,DC cn
0.221447 06 2 1 ldap 2 unbindRequest
0.460878 06 3 1 ldap 3 searchRequest 2 DC,DC cn
0.581933 11 4 1 cldap 3 searchRequest Netlogon
0.596977 11 4 1 cldap 3 searchRequest Netlogon
0.611184 11 4 1 cldap 3 searchRequest Netlogon
0.666808 06 3 1 ldap 2 unbindRequest
0.744297 06 4 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.768994 06 4 1 kerberos
0.772476 06 4 1 ldap 3 searchRequest 2 DC,DC cn
0.805442 11 5 1 cldap 3 searchRequest Netlogon
0.805536 11 5 1 cldap 3 searchRequest Netlogon
0.807659 11 5 1 cldap 3 searchRequest Netlogon
0.808614 11 5 1 cldap 3 searchRequest Netlogon
0.808819 11 5 1 cldap 3 searchRequest Netlogon
0.865384 06 6 1 ldap 3 searchRequest subschemaSubentry,dsServiceName,namingContexts,defaultNamingContext,schemaNamingContext,configurationNamingContext,rootDomainNamingContext,supportedControl,supportedLDAPVersion,supportedLDAPPolicies,supportedSASLMechanisms,dnsHostName,ldapServiceName,serverName,supportedCapabilities
0.973595 06 5 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.974012 06 5 1 kerberos

19
python/samba/tests/blackbox/testdata/traffic_replay-1.expected vendored Normal file
View File

@ -0,0 +1,19 @@
0.011519 11 2 1 cldap 3 searchRequest Netlogon
0.012916 11 2 1 cldap 3 searchRequest Netlogon
0.158388 06 3 1 ldap 3 searchRequest 2 DC,DC cn
0.164506 06 2 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.166151 06 2 1 kerberos
0.166301 06 2 1 ldap 3 searchRequest subschemaSubentry,dsServiceName,namingContexts,defaultNamingContext,schemaNamingContext,configurationNamingContext,rootDomainNamingContext,supportedControl,supportedLDAPVersion,supportedLDAPPolicies,supportedSASLMechanisms,dnsHostName,ldapServiceName,serverName,supportedCapabilities
0.258932 06 4 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.259908 06 4 1 kerberos
0.260073 06 4 1 ldap 3 searchRequest 2 DC,DC cn
0.286044 06 5 1 ldap 3 searchRequest 2 DC,DC cn
0.295757 06 3 1 ldap 2 unbindRequest
0.459791 06 5 1 ldap 2 unbindRequest
0.553887 06 6 1 ldap 3 searchRequest subschemaSubentry,dsServiceName,namingContexts,defaultNamingContext,schemaNamingContext,configurationNamingContext,rootDomainNamingContext,supportedControl,supportedLDAPVersion,supportedLDAPPolicies,supportedSASLMechanisms,dnsHostName,ldapServiceName,serverName,supportedCapabilities
0.641127 11 7 1 cldap 3 searchRequest Netlogon
0.641297 11 7 1 cldap 3 searchRequest Netlogon
0.783989 06 6 1 ldap 2 unbindRequest
0.901096 06 7 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.915260 06 7 1 kerberos
0.915711 06 7 1 ldap 3 searchRequest 2 DC,DC cn

28
python/samba/tests/blackbox/testdata/traffic_replay.expected vendored
View File

@ -1,10 +1,18 @@
0.000000 06 3 5 1 ldap 3 searchRequest 2 DC,DC cn 0.040433 06 2 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.127127 11 6 1 cldap 3 searchRequest Netlogon 0.059203 06 2 1 kerberos
0.127391 11 6 1 cldap 3 searchRequest Netlogon 0.061641 06 2 1 ldap 3 searchRequest 2 DC,DC cn
0.127689 11 6 1 cldap 3 searchRequest Netlogon 0.535074 11 3 1 cldap 3 searchRequest Netlogon
0.227072 06 3 5 1 ldap 2 unbindRequest 0.535369 11 3 1 cldap 3 searchRequest Netlogon
0.282995 06 16 6 1 rpc_netlogon 29 NetrLogonGetDomainInfo 0.536671 11 3 1 cldap 3 searchRequest Netlogon
0.287553 06 18 6 1 kerberos 0.537238 11 3 1 cldap 3 searchRequest Netlogon
0.287759 06 16 1 6 rpc_netlogon 29 NetrLogonGetDomainInfo 0.537362 11 3 1 cldap 3 searchRequest Netlogon
0.291161 06 19 6 1 ldap 3 searchRequest subschemaSubentry,dsServiceName,namingContexts,defaultNamingContext,schemaNamingContext,configurationNamingContext,rootDomainNamingContext,supportedControl,supportedLDAPVersion,supportedLDAPPolicies,supportedSASLMechanisms,dnsHostName,ldapServiceName,serverName,supportedCapabilities 0.602824 11 4 1 cldap 3 searchRequest Netlogon
0.292488 06 18 1 6 kerberos 0.640115 11 4 1 cldap 3 searchRequest Netlogon
0.714546 06 3 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.715865 06 3 1 kerberos
0.716613 06 3 1 ldap 3 searchRequest 2 DC,DC cn
0.767674 06 4 1 rpc_netlogon 29 NetrLogonGetDomainInfo
0.778022 06 5 1 ldap 3 searchRequest 2 DC,DC cn
0.792356 06 4 1 kerberos
0.792763 06 4 1 ldap 3 searchRequest 2 DC,DC cn
0.960412 06 5 1 ldap 2 unbindRequest

2
python/samba/tests/blackbox/traffic_learner.py
View File

@ -75,4 +75,4 @@ class TrafficLearnerTests(BlackboxTestCase):
expected_details = {k: sorted(v) for k, v in expected.query_details.items()} expected_details = {k: sorted(v) for k, v in expected.query_details.items()}
self.assertEquals(expected_details, actual_details) self.assertEquals(expected_details, actual_details)
self.assertEquals(expected.cumulative_duration, actual.cumulative_duration) self.assertEquals(expected.cumulative_duration, actual.cumulative_duration)
self.assertEquals(expected.conversation_rate, actual.conversation_rate) self.assertEquals(expected.packet_rate, actual.packet_rate)

55
python/samba/tests/blackbox/traffic_replay.py
View File

@ -25,12 +25,13 @@ from samba.tests import BlackboxTestCase
DATA_DIR = "python/samba/tests/blackbox/testdata" DATA_DIR = "python/samba/tests/blackbox/testdata"
SCRIPT = "script/traffic_replay" SCRIPT = "script/traffic_replay"
FIXED = "--fixed-password trafficreplay01%" FIXED = "--fixed-password=trafficreplay01%"
SERVER = os.environ["SERVER"] SERVER = os.environ["SERVER"]
PASSWORD = os.environ["PASSWORD"] PASSWORD = os.environ["PASSWORD"]
USER = os.environ["USERNAME"] USER = os.environ["USERNAME"]
STD_OPTIONS = "-U%s%%%s %s" % (USER, PASSWORD, SERVER) CREDS = "-U%s%%%s" % (USER, PASSWORD)
EXPECTED_NAME = os.path.join(DATA_DIR, "traffic_replay.expected") MODEL = os.path.join(DATA_DIR, "traffic-sample-very-short.model")
EXPECTED_OUTPUT = os.path.join(DATA_DIR, "traffic_replay-%s.expected")
@contextmanager @contextmanager
@ -49,7 +50,7 @@ class TrafficLearnerTests(BlackboxTestCase):
def tearDown(self): def tearDown(self):
options = "--clean-up" options = "--clean-up"
command = "%s %s %s" % (SCRIPT, options, STD_OPTIONS) command = "%s %s %s %s" % (SCRIPT, options, CREDS, SERVER)
self.check_run(command) self.check_run(command)
def test_generate_users_only(self): def test_generate_users_only(self):
@ -57,16 +58,48 @@ class TrafficLearnerTests(BlackboxTestCase):
""" """
options = ("--generate-users-only --number-of-users 20 " options = ("--generate-users-only --number-of-users 20 "
"--number-of-groups 5 --average-groups-per-user 2") "--number-of-groups 5 --average-groups-per-user 2")
command = "%s %s %s %s" % ( command = "%s %s %s %s %s" % (
SCRIPT, options, FIXED, STD_OPTIONS) SCRIPT, options, FIXED, CREDS, SERVER)
self.check_run(command) self.check_run(command)
command = "%s %s %s %s %s %s" % (
SCRIPT, MODEL, options, FIXED, CREDS, SERVER)
self.check_run(command)
def test_summary_generation(self):
"""Ensure a summary file is generated and the contents are correct"""
for i, opts in enumerate((["--random-seed=3"],
["--random-seed=4"],
["--random-seed=3",
"--conversation-persistence=0.5"],
["--random-seed=3",
"--old-scale",
"--conversation-persistence=0.95"],
)):
with temp_file(self.tempdir) as output:
command = ([SCRIPT, MODEL,
"--traffic-summary", output,
"-D1", "-S0.1"] +
opts +
[FIXED, CREDS, SERVER])
self.check_run(command)
expected = open(EXPECTED_OUTPUT % i).read()
actual = open(output).read()
self.assertStringsEqual(expected, actual)
def test_summary_replay_no_fixed(self):
"""Ensure a summary file with no fixed password fails
"""
command = [SCRIPT, MODEL, CREDS, SERVER]
self.check_exit_code(command, 1)
def test_model_replay(self): def test_model_replay(self):
"""Ensure a model can be replayed against a DC """Ensure a model can be replayed against a DC
""" """
command = [SCRIPT, MODEL,
model = "testdata/traffic-sample-very-short.model" FIXED,
command = "%s %s-D 5 %s %s" % (SCRIPT, model, FIXED, STD_OPTIONS) '-D2', '-S0.1',
CREDS, SERVER]
self.check_run(command) self.check_run(command)
def test_generate_users_only_no_password(self): def test_generate_users_only_no_password(self):
@ -74,5 +107,7 @@ class TrafficLearnerTests(BlackboxTestCase):
""" """
options = ("--generate-users-only --number-of-users 20 " options = ("--generate-users-only --number-of-users 20 "
"--number-of-groups 5 --average-groups-per-user 2") "--number-of-groups 5 --average-groups-per-user 2")
command = "%s %s %s" % (SCRIPT, options, STD_OPTIONS) command = "%s %s %s %s" % (SCRIPT, options, CREDS, SERVER)
self.check_exit_code(command, 1)
command = "%s %s %s %s %s" % (SCRIPT, MODEL, options, CREDS, SERVER)
self.check_exit_code(command, 1) self.check_exit_code(command, 1)

2
script/traffic_replay
View File

@ -235,7 +235,7 @@ def main():
sys.exit() sys.exit()
# ingest the model # ingest the model
if model_file: if model_file and not opts.generate_users_only:
try: try:
model = traffic.TrafficModel() model = traffic.TrafficModel()

2
selftest/knownfail.d/traffic Normal file
View File

@ -0,0 +1,2 @@
# This is in flux, so lets fail it for a while
samba.tests.blackbox.traffic_replay.samba.tests.blackbox.traffic_replay.TrafficLearnerTests.test_summary_generation