Skip to content

[BUG] Firewall creation fails if including more than fw's name in the JSON  #184

New issue
New issue
Closed
#256
#157
Closed
[BUG] Firewall creation fails if including more than fw's name in the JSON #184
#256
#157
Assignees
goldenrye
Labels
bugSomething isn't workingpriority/urgent
Milestone
v0.9.0-rc
@asimpleidea

Description

@asimpleidea
asimpleidea
opened on Jul 22, 2019

Describe the bug

Depending on what is included, firewall creation may fail or Polycube may crash.

These two JSON are fine:
{"name":"fw-test","interactive":false}
{"name":"fw-test"}

Creating a firewall and specifying the default action of the chains will fail (Ingress chain does not exist):
{"name":"fw-test","chain":[{"name":"ingress","default":"forward"},{"name":"egress","default":"forward"}]}

Polycube crashes entirely if accept-established is set to ON:
{"name":"fw-test","accept-established":"ON"}

To Reproduce

First two cases:
curl -d '{"name":"fw-test"}' -H "Content-Type: application/json" -X POST http://127.0.0.1:9000/polycube/v1/firewall/fw-test/
curl -d '{"name":"fw-test","interactive":false}' -H "Content-Type: application/json" -X POST http://127.0.0.1:9000/polycube/v1/firewall/fw-test/

Including the chains:
curl -d '{"name":"fw-test","chain":[{"name":"ingress","default":"forward"},{"name":"egress","default":"forward"}]}' -H "Content-Type: application/json" -X POST http://127.0.0.1:9000/polycube/v1/firewall/fw-test/

Accept-established set to ON:
curl -d '{"name":"fw-test","accept-established":"ON"}' -H "Content-Type: application/json" -X POST http://127.0.0.1:9000/polycube/v1/firewall/fw-test/

Expected behavior

201 was expected for all cases.

Please tell us about your environment:

  1. OS details:
    DISTRIB_ID=Ubuntu
    DISTRIB_RELEASE=18.04
    DISTRIB_CODENAME=bionic
    DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"
    NAME="Ubuntu"
    VERSION="18.04.2 LTS (Bionic Beaver)"
    ID=ubuntu
    ID_LIKE=debian
    PRETTY_NAME="Ubuntu 18.04.2 LTS"
    VERSION_ID="18.04"
    HOME_URL="https://www.ubuntu.com/"
    SUPPORT_URL="https://help.ubuntu.com/"
    BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
    PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
    VERSION_CODENAME=bionic
    UBUNTU_CODENAME=bionic

  2. Kernel details:
    4.15.0-52-generic Improve simplebridge data plane performance #56-Ubuntu SMP Tue Jun 4 22:49:08 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

  3. Polycube Version:
    The version used is based off 86bc968a3a36e52dfb394b34fb5d0e52114ef59b polycubed: provide systemd integration because subsequent commits have a known issue that make Polycube not work as intended.

  4. Polycube Log:
    [2019-07-22 12:57:01.333] [polycubed] [info] loading configuration from /etc/polycube/polycubed.conf
    [2019-07-22 12:57:01.337] [polycubed] [warning] default configfile (/etc/polycube/polycubed.conf) not found, creating a new with default parameters
    [2019-07-22 12:57:01.338] [polycubed] [info] configuration parameters:
    [2019-07-22 12:57:01.338] [polycubed] [info] loglevel: debug
    [2019-07-22 12:57:01.338] [polycubed] [info] daemon: false
    [2019-07-22 12:57:01.338] [polycubed] [info] pidfile: /var/run/polycube.pid
    [2019-07-22 12:57:01.338] [polycubed] [info] port: 9000
    [2019-07-22 12:57:01.338] [polycubed] [info] addr: 0.0.0.0
    [2019-07-22 12:57:01.338] [polycubed] [info] logfile: /host/var/log/pcn_k8s
    [2019-07-22 12:57:01.338] [polycubed] [info] polycubed starting...
    [2019-07-22 12:57:01.338] [polycubed] [info] version v0.1.0-beta+ [git: (branch/commit): commit-drop/b6e8c169-dirty]
    [2019-07-22 12:57:03.326] [polycubed] [debug] Started NetlinkNotification
    [2019-07-22 12:57:04.073] [polycubed] [debug] attaching XDP program to iface pcn_xdp_cp
    [2019-07-22 12:57:04.073] [polycubed] [debug] XDP program attached to port: pcn_xdp_cp
    [2019-07-22 12:57:04.074] [polycubed] [info] rest server listening on '0.0.0.0:9000'
    [2019-07-22 12:57:04.074] [polycubed] [debug] rest server will use 4 thread(s)
    [2019-07-22 12:57:04.074] [polycubed] [info] rest server starting ...
    [2019-07-22 12:57:04.086] [polycubed] [info] service firewall loaded using libpcn-firewall.so
    [2019-07-22 12:57:04.112] [polycubed] [info] service k8switch loaded using libpcn-k8switch.so
    [2019-07-22 12:57:04.119] [polycubed] [info] service k8sfilter loaded using libpcn-k8sfilter.so
    [2019-07-22 12:57:04.125] [polycubed] [info] service transparenthelloworld loaded using libpcn-transparenthelloworld.so
    [2019-07-22 12:57:04.131] [polycubed] [info] service synflood loaded using libpcn-synflood.so
    [2019-07-22 12:57:09.192] [K8switch] [k8switch0] [info] Creating K8switch instance
    [2019-07-22 12:57:10.382] [K8switch] [k8switch0] [info] Creating Ports instance
    [2019-07-22 12:57:10.383] [K8switch] [k8switch0] [info] New port created with name toStack
    [2019-07-22 12:57:10.383] [K8switch] [k8switch0] [info] Creating Ports instance
    [2019-07-22 12:57:10.383] [K8switch] [k8switch0] [info] Nodeport added, reloading code
    [2019-07-22 12:57:11.498] [K8switch] [k8switch0] [info] New port created with name toNodePort
    [2019-07-22 12:57:12.650] [K8sfilter] [k8sf] [info] Creating K8sfilter instance
    [2019-07-22 12:57:12.650] [K8sfilter] [k8sf] [info] Creating Ports instance
    [2019-07-22 12:57:12.650] [K8sfilter] [k8sf] [info] Reloading code because of the new port
    [2019-07-22 12:57:13.670] [K8sfilter] [k8sf] [info] Creating Ports instance
    [2019-07-22 12:57:13.671] [K8sfilter] [k8sf] [info] Reloading code because of the new port
    [2019-07-22 12:57:15.738] [polycubed] [debug] setting port peer k8switch0:toNodePort -> k8sf:internal
    [2019-07-22 12:57:15.739] [polycubed] [debug] setting port peer k8sf:internal -> k8switch0:toNodePort
    [2019-07-22 12:57:15.740] [polycubed] [debug] setting port peer k8sf:external -> ens3
    [2019-07-22 12:57:16.012] [polycubed] [debug] setting port peer k8switch0:toStack -> pcn_lb
    [2019-07-22 12:57:16.486] [K8switch] [k8switch0] [error] Service 10.96.0.1:443/tcp does not exist
    [2019-07-22 12:57:16.498] [K8switch] [k8switch0] [info] Creating service 10.96.0.1:443/tcp
    [2019-07-22 12:57:16.519] [K8switch] [k8switch0] [error] Service 10.96.0.10:53/udp does not exist
    [2019-07-22 12:57:16.520] [K8switch] [k8switch0] [info] Creating service 10.96.0.10:53/udp
    [2019-07-22 12:57:16.523] [K8switch] [k8switch0] [error] Service 10.96.0.10:53/tcp does not exist
    [2019-07-22 12:57:16.528] [K8switch] [k8switch0] [info] Creating service 10.96.0.10:53/tcp
    [2019-07-22 12:57:16.535] [K8switch] [k8switch0] [error] Service 10.96.0.100:9001/tcp does not exist
    [2019-07-22 12:57:16.536] [K8switch] [k8switch0] [info] Creating service 10.96.0.100:9001/tcp
    [2019-07-22 12:57:16.538] [K8switch] [k8switch0] [info] Creating service 192.168.122.234:30901/tcp
    [2019-07-22 13:05:58.996] [Firewall] [fw-test] [info] Creating Firewall instance
    [2019-07-22 13:06:07.075] [Firewall] [fw-test] [info] Creating Firewall instance

Additional context

The version used is based off 86bc968a3a36e52dfb394b34fb5d0e52114ef59b polycubed: provide systemd integration because subsequent commits have a known issue that make Polycube not work as intended.

Metadata

Metadata

Assignees

Labels

bugSomething isn't workingpriority/urgent

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions