From fd4af26056f400e995b46dee5ced665fe6d3d8e9 Mon Sep 17 00:00:00 2001
From: "Leigh B. Stoller" <stoller@flux.utah.edu>
Date: Thu, 16 Dec 2004 21:33:58 +0000
Subject: [PATCH] Split out the firewall rule inclusion from the elabinelab
inclusion.
---
tbsetup/ns2ir/GNUmakefile.in | 2 +-
tbsetup/ns2ir/elabinelab.ns | 24 ++++++++----------------
tbsetup/ns2ir/fw.ns | 21 +++++++++++++++++++++
tbsetup/ns2ir/sim.tcl.in | 3 +++
4 files changed, 33 insertions(+), 17 deletions(-)
create mode 100644 tbsetup/ns2ir/fw.ns
diff --git a/tbsetup/ns2ir/GNUmakefile.in b/tbsetup/ns2ir/GNUmakefile.in
index c5562ffa85..1b7ac354d4 100644
--- a/tbsetup/ns2ir/GNUmakefile.in
+++ b/tbsetup/ns2ir/GNUmakefile.in
@@ -17,7 +17,7 @@ include $(OBJDIR)/Makeconf
LIB_STUFF = lanlink.tcl node.tcl sim.tcl tb_compat.tcl null.tcl \
nsobject.tcl traffic.tcl vtype.tcl parse.tcl program.tcl \
nsenode.tcl nstb_compat.tcl event.tcl firewall.tcl \
- elabinelab.ns
+ elabinelab.ns fw.ns
BOSSLIBEXEC = parse-ns
USERLIBEXEC = parse.proxy
diff --git a/tbsetup/ns2ir/elabinelab.ns b/tbsetup/ns2ir/elabinelab.ns
index f2334f4b0b..e3a95aea21 100644
--- a/tbsetup/ns2ir/elabinelab.ns
+++ b/tbsetup/ns2ir/elabinelab.ns
@@ -6,11 +6,14 @@ set myboss [$ns node]
set myops [$ns node]
tb-set-hardware $myboss pc2000
-tb-set-hardware $myops pc2000
+tb-set-hardware $myops pc850
tb-set-node-inner-elab-role $myboss boss
tb-set-node-inner-elab-role $myops ops
+tb-fix-node $myboss pc171
+tb-make-soft-vtype pcslow {pc600 pc850}
+
#
# This is passed in by the parser, when wrapping an existing experiment.
# The parser wrapper gets info about the wrapped experiment and passes it
@@ -29,7 +32,7 @@ for {set i 1} {$i <= $maxpcs} {incr i} {
append lanstr "[set $name] "
tb-set-node-os [set $name] FBSD-STD
tb-set-node-inner-elab-role [set $name] node
- tb-set-hardware [set $name] pc2000
+ tb-set-hardware [set $name] pcslow
}
set publiclan [$ns make-lan $lanstr 100Mb 0ms]
@@ -40,18 +43,7 @@ for {set i 1} {$i <= $maxpcs} {incr i} {
tb-set-ip-lan [set $name] $publiclan 10.200.1.$i
}
-tb-set-node-os $myboss FBSD410-UPDATE
+tb-set-node-os $myboss FBSD-STD
tb-set-node-cmdline $myboss /kernel.linkdelay
-tb-set-node-os $myops FBSD410-UPDATE
-
-if {${::GLOBALS::security_level} >= 2} {
- # Set up a firewall
- set fw [new Firewall $ns]
- $fw set-type ipfw2-vlan
-
- if {${::GLOBALS::security_level} == 2} {
- $fw set-style open
- } else {
- $fw set-style closed
- }
-}
+tb-set-node-os $myops FBSD-STD
+
diff --git a/tbsetup/ns2ir/fw.ns b/tbsetup/ns2ir/fw.ns
new file mode 100644
index 0000000000..233f04d2e1
--- /dev/null
+++ b/tbsetup/ns2ir/fw.ns
@@ -0,0 +1,21 @@
+#
+# This file is intended to be included into another NS file. It is not
+# a stand alone file.
+#
+if {${::GLOBALS::security_level} >= 1} {
+ # Set up a firewall
+ set fw [new Firewall $ns]
+ $fw set-type ipfw2-vlan
+
+ if {${::GLOBALS::security_level} == 1} {
+ $fw set-style open
+ } elseif {${::GLOBALS::security_level} == 2} {
+ if {${::GLOBALS::elab_in_elab}} {
+ $fw set-style emulab
+ } else {
+ $fw set-style basic
+ }
+ } else {
+ $fw set-style closed
+ }
+}
diff --git a/tbsetup/ns2ir/sim.tcl.in b/tbsetup/ns2ir/sim.tcl.in
index 7a4f887a90..5133d0f687 100644
--- a/tbsetup/ns2ir/sim.tcl.in
+++ b/tbsetup/ns2ir/sim.tcl.in
@@ -281,6 +281,9 @@ Simulator instproc run {} {
if {$elab_in_elab && [llength [array names node_list]] == 0} {
uplevel 1 source "@prefix@/lib/ns2ir/elabinelab.ns"
}
+ if {$security_level} {
+ uplevel 1 source "@prefix@/lib/ns2ir/fw.ns"
+ }
# Fill out IPs
if {! $use_ipassign } {
--
GitLab