From b879ce7b4c594e346df08d94472a73757641959a Mon Sep 17 00:00:00 2001 From: Massimo Candela Date: Thu, 5 Nov 2020 03:03:54 +0100 Subject: [PATCH] split monitorROAS from monitorRPKI --- src/monitors/monitorROAS.js | 62 ++++++++++++++++++++++++++++++++++++ src/monitors/monitorRPKI.js | 2 +- src/utils/rpkiDiffingTool.js | 1 + src/utils/rpkiUtils.js | 6 +++- 4 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 src/monitors/monitorROAS.js diff --git a/src/monitors/monitorROAS.js b/src/monitors/monitorROAS.js new file mode 100644 index 0000000..ef03df0 --- /dev/null +++ b/src/monitors/monitorROAS.js @@ -0,0 +1,62 @@ +import Monitor from "./monitor"; +import md5 from "md5"; +import diff from "../utils/rpkiDiffingTool"; +import {AS} from "../model"; + +export default class MonitorROAS extends Monitor { + + constructor(name, channel, params, env, input){ + super(name, channel, params, env, input); + + this.rpki = env.rpki; + setInterval(this._diffVrps, 20000); + }; + + _diffVrps = () => { + let roaDiff; + const newVrps = this.rpki.getVrps(); // Get all the vrps as retrieved from the rpki validator + + if (this._oldVrps) { // No diff if there were no vrps before + roaDiff = [].concat.apply([], this.monitored + .map(i => diff(this._oldVrps, newVrps, i.asn.getValue().toString()))); // Get the diff for each monitored AS + } + + if (newVrps.length) { + this._oldVrps = newVrps; + } + + if (roaDiff && roaDiff.length) { // Differences found + const impactedASes = [...new Set(roaDiff.map(i => i.asn))]; + const matchedRules = impactedASes.map(asn => this.getMonitoredAsMatch(new AS(asn))); + + for (let matchedRule of matchedRules) { // An alert for each AS involved (they may have different user group) + const message = "ROAs change detected: " + roaDiff.map(this._roaToString).join(";"); + + this.publishAlert(md5(message), // The hash will prevent alert duplications in case multiple ASes/prefixes are involved + matchedRule.asn.getId(), + matchedRule, + message, + {}); + } + } + + }; + + _roaToString = (roa) => { + return `${roa.status} <${roa.prefix}, ${roa.asn}, ${roa.maxLength}, ${roa.ta || ""}>`; + }; + + updateMonitoredResources = () => { + this.monitored = this.input.getMonitoredASns(); + }; + + filter = (message) => false; + + squashAlerts = (alerts) => { + return alerts[0].matchedMessage; + }; + + monitor = (message) => { + return Promise.resolve(true); + }; +} diff --git a/src/monitors/monitorRPKI.js b/src/monitors/monitorRPKI.js index 96017ca..0cee85c 100644 --- a/src/monitors/monitorRPKI.js +++ b/src/monitors/monitorRPKI.js @@ -1,5 +1,5 @@ import Monitor from "./monitor"; -// import diff from "../utils/rpkiDiffingTool"; +import diff from "../utils/rpkiDiffingTool"; export default class MonitorRPKI extends Monitor { diff --git a/src/utils/rpkiDiffingTool.js b/src/utils/rpkiDiffingTool.js index bf79dbc..2fe4b1a 100644 --- a/src/utils/rpkiDiffingTool.js +++ b/src/utils/rpkiDiffingTool.js @@ -7,6 +7,7 @@ export default function diff (vrpsOld, vrpsNew, asn) { const getDiff = (vrpsOld, vrpsNew, asn) => { const prefixes = [...new Set(vrpsOld.concat(vrpsNew).filter(i => i.asn === asn).map(i => i.prefix))]; + const filteredVrpsOld = vrpsOld.filter(i => i.asn === asn || prefixes.includes(i.prefix)) .map(i => { i.status = "removed"; diff --git a/src/utils/rpkiUtils.js b/src/utils/rpkiUtils.js index 83b3b4a..0a6627d 100644 --- a/src/utils/rpkiUtils.js +++ b/src/utils/rpkiUtils.js @@ -153,7 +153,7 @@ export default class RpkiUtils { } else { return Promise.resolve(); } - } + }; validate = (prefix, origin) => { return this._preCache() @@ -161,4 +161,8 @@ export default class RpkiUtils { return this.rpki.validate(prefix, origin, true); }); }; + + getVrps = () => { + return [].concat.apply([],[...this.rpki.getRadixTrie().v4.values(), ...this.rpki.getRadixTrie().v6.values()]); + } } \ No newline at end of file