StatefulInspection (Verified Network Configuration VeriNeC 0.0.1 API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

verinec.netsim.firewall.util.tables
Class StatefulInspection

java.lang.Object
  java.util.Dictionary
      java.util.Hashtable
          verinec.netsim.firewall.util.tables.StatefulInspection

All Implemented Interfaces:: Serializable, Cloneable, Map

public class StatefulInspection
extends Hashtable
extends Hashtable

Class used for Stateful Inspection.

Version:: $Revision: 825 $
Author:: jason.hug@unifr.ch
See Also:: Serialized Form

Field Summary
`private String`	`hostname` Hostname for which this Stateful Inspection Table belongs to.
`private int`	`lastObservedSimTime` Last simulation time observed.
`private Logger`	`logger`
`private int`	`maxEntries` Defines the maximal entries in the state table

Constructor Summary
`StatefulInspection(int maxEntries, String hostname)` Creates new Stateful Inspection Hashtable.

Method Summary
`boolean`	`addToTable(Packet packet, String direction)` Adds the packet to the corresponding State Table.
`ITableKey`	`createKey(Packet packet, boolean inverse)` Creates a key for a hash table entry.
`String`	`getHostname()`
`int`	`getLastObservedSimTime()`
`int`	`getMaxEntries()`
`ITableKey`	`inTable(Packet packet, String direction)` Checks if a packet already belongs to a connection.
`boolean`	`isFull()` Method which checks if the state table has reached the maximum entries.
`boolean`	`isReplyPacket(ITableKey key, Packet packet)` This method checks if a packet is a reply packet of an exisitng connection.
`private void`	`setLastObservedSimTime(int lastObservedSimTime)`
`void`	`updateEntries(String simTime)` Method which updates all entries in the hash table.
`boolean`	`updateEntry(ITableKey key, boolean reply, Node node, String direction)` Method which updates an entry in the state table.

Methods inherited from class java.util.Hashtable
`clear, clone, contains, containsKey, containsValue, elements, entrySet, equals, get, hashCode, isEmpty, keys, keySet, put, putAll, rehash, remove, size, toString, values`

Methods inherited from class java.lang.Object
`finalize, getClass, notify, notifyAll, wait, wait, wait`

Field Detail

maxEntries

private int maxEntries

Defines the maximal entries in the state table

logger

private Logger logger

lastObservedSimTime

private int lastObservedSimTime

Last simulation time observed. Used to find out when a connection times out.

hostname

private String hostname

Hostname for which this Stateful Inspection Table belongs to.

Constructor Detail

StatefulInspection

public StatefulInspection(int maxEntries,
                          String hostname)

Creates new Stateful Inspection Hashtable. This constructor creates a stateful inspection hash table. The maxEntries is used to throw out old connections from the hash table if the size is surpassed.

Parameters:: maxEntries - The maximal entries the stateful inspection table may have.; hostname - Hostname to which the Stateful Inspection Table belongs to.

Method Detail

inTable

public ITableKey inTable(Packet packet,
                         String direction)

Checks if a packet already belongs to a connection.

Parameters:: packet - Packet to check.; direction - In which direction the packet is traveling.
Returns:: The corresponding key in the hashtable which matches the packet. null if the entry does not exist.

isReplyPacket

public boolean isReplyPacket(ITableKey key,
                             Packet packet)

This method checks if a packet is a reply packet of an exisitng connection. To check this situation, an iverted key of the packet is created and checked against the key of the possible connection entry that packet may be a reply packet from.

Parameters:: key - State Table entry's key which should be checked.; packet - Packet to check if it is a reply packet of the connection entry.
Returns:: True if the packet is a reply packet to the given connections entry's key. False otherwise.

addToTable

public boolean addToTable(Packet packet,
                          String direction)

Adds the packet to the corresponding State Table. If the packet already belongs to a connection in the State Table false is returned indicating that the packet was not added as a new entry since the connection already exists.

Parameters:: packet - Packet to add.; direction - In which direction the packet is traveling.
Returns:: true if the packet was added. false if the packet already belongs to a connection.

updateEntry

public boolean updateEntry(ITableKey key,
                           boolean reply,
                           Node node,
                           String direction)

Method which updates an entry in the state table. The state table's timout value is reseted to the default value and specifies if the connection has seen reply traffic.

Parameters:: key - Key to find the Entry in the Hash Table which needs updating.; reply - States if the connection entry has seen reply traffic.; node - Node object needed to retrieve the socket state of a connection (Needed for TCP connections).; direction - In which direction the packet is heading. Use @link verinec.netsim.firewall.IFirewall#IN IN, @link verinec.netsim.firewall.IFirewall#OUT OUT or @link verinec.netsim.firewall.IFirewall#FORWARD FORWARD.
Returns:: true if the entry was updated, false if the entry does not exist in the table.

updateEntries

public void updateEntries(String simTime)

Method which updates all entries in the hash table. This method updates the timeout value by decrementing it for each entry. It also removes any entries which timeout value have reached 0, or if the maximum size (@see #maxEntries) of the hash table has been reached it removes the first entry with the lowest timeout value.

Parameters:: simTime - Simulation time. Needed to find out if a connection has timed out.

createKey

public ITableKey createKey(Packet packet,
                           boolean inverse)

Creates a key for a hash table entry.

Parameters:: packet - Packet from which the key is created from.; inverse - If true the source and destination addresses and ports will be inversed at key creation.
Returns:: A Stateful Inspection Hash table key.

getMaxEntries

public int getMaxEntries()

Returns:: Returns the maxEntries.

isFull

public boolean isFull()

Method which checks if the state table has reached the maximum entries.

Returns:: true if the hash table's size is equal or bigger then the specified maximum entries. false otherwise

getLastObservedSimTime

public int getLastObservedSimTime()

Returns:: Returns the lastObservedSimTime.

setLastObservedSimTime

private void setLastObservedSimTime(int lastObservedSimTime)

Parameters:: lastObservedSimTime - The lastObservedSimTime to set.

getHostname

public String getHostname()

Returns:: Returns the hostname.