2 # Generates samba network traffic
4 # Copyright (C) Catalyst IT Ltd. 2017
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 3 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
19 from __future__
import print_function
27 sys
.path
.insert(0, "bin/python")
29 from samba
import gensec
30 from samba
.emulate
import traffic
31 import samba
.getopt
as options
34 def print_err(*args
, **kwargs
):
35 print(*args
, file=sys
.stderr
, **kwargs
)
40 desc
= ("Generates network traffic 'conversations' based on <summary-file>"
41 " (which should be the output file produced by either traffic_learner"
42 " or traffic_summary.pl). This traffic is sent to <dns-hostname>,"
43 " which is the full DNS hostname of the DC being tested.")
45 parser
= optparse
.OptionParser(
46 "%prog [--help|options] <summary-file> <dns-hostname>",
49 parser
.add_option('--dns-rate', type='float', default
=0,
50 help='fire extra DNS packets at this rate')
51 parser
.add_option('-B', '--badpassword-frequency',
52 type='float', default
=0.0,
53 help='frequency of connections with bad passwords')
54 parser
.add_option('-K', '--prefer-kerberos',
56 help='prefer kerberos when authenticating test users')
57 parser
.add_option('-I', '--instance-id', type='int', default
=0,
58 help='Instance number, when running multiple instances')
59 parser
.add_option('-t', '--timing-data',
60 help=('write individual message timing data here '
62 parser
.add_option('--preserve-tempdir', default
=False, action
="store_true",
63 help='do not delete temporary files')
64 parser
.add_option('-F', '--fixed-password',
65 type='string', default
=None,
66 help=('Password used for the test users created. '
68 parser
.add_option('-c', '--clean-up',
70 help='Clean up the generated groups and user accounts')
71 parser
.add_option('--random-seed', type='int', default
=0,
72 help='Use to keep randomness consistent across multiple runs')
74 model_group
= optparse
.OptionGroup(parser
, 'Traffic Model Options',
75 'These options alter the traffic '
76 'generated when the summary-file is a '
77 'traffic-model (produced by '
79 model_group
.add_option('-S', '--scale-traffic', type='float', default
=1.0,
80 help='Increase the number of conversations by '
82 model_group
.add_option('-D', '--duration', type='float', default
=None,
83 help=('Run model for this long (approx). '
84 'Default 60s for models'))
85 model_group
.add_option('-r', '--replay-rate', type='float', default
=1.0,
86 help='Replay the traffic faster by this factor')
87 model_group
.add_option('--traffic-summary',
88 help=('Generate a traffic summary file and write '
89 'it here (- for stdout)'))
90 parser
.add_option_group(model_group
)
92 user_gen_group
= optparse
.OptionGroup(parser
, 'Generate User Options',
93 "Add extra user/groups on the DC to "
94 "increase the DB size. These extra "
95 "users aren't used for traffic "
97 user_gen_group
.add_option('-G', '--generate-users-only',
99 help='Generate the users, but do not replay '
101 user_gen_group
.add_option('-n', '--number-of-users', type='int', default
=0,
102 help='Total number of test users to create')
103 user_gen_group
.add_option('--number-of-groups', type='int', default
=0,
104 help='Create this many groups')
105 user_gen_group
.add_option('--average-groups-per-user',
106 type='int', default
=0,
107 help='Assign the test users to this '
108 'many groups on average')
109 user_gen_group
.add_option('--group-memberships', type='int', default
=0,
110 help='Total memberships to assign across all '
111 'test users and all groups')
112 parser
.add_option_group(user_gen_group
)
114 sambaopts
= options
.SambaOptions(parser
)
115 parser
.add_option_group(sambaopts
)
116 parser
.add_option_group(options
.VersionOptions(parser
))
117 credopts
= options
.CredentialsOptions(parser
)
118 parser
.add_option_group(credopts
)
120 # the --no-password credential doesn't make sense for this tool
121 if parser
.has_option('-N'):
122 parser
.remove_option('-N')
124 opts
, args
= parser
.parse_args()
126 # First ensure we have reasonable arguments
138 print_err("Removing user and machine accounts")
139 lp
= sambaopts
.get_loadparm()
140 creds
= credopts
.get_credentials(lp
)
141 creds
.set_gensec_features(creds
.get_gensec_features() | gensec
.FEATURE_SEAL
)
142 ldb
= traffic
.openLdb(host
, creds
, lp
)
143 traffic
.clean_up_accounts(ldb
, opts
.instance_id
)
147 if not os
.path
.exists(summary
):
148 print_err("Summary file %s doesn't exist" % summary
)
150 # the summary-file can be ommitted for --generate-users-only and
151 # --cleanup-up, but it should be specified in all other cases
152 elif not opts
.generate_users_only
:
153 print_err("No summary-file specified to replay traffic from")
156 if not opts
.fixed_password
:
157 print_err(("Please use --fixed-password to specify a password"
158 " for the users created as part of this test"))
162 random
.seed(opts
.random_seed
)
164 lp
= sambaopts
.get_loadparm()
165 creds
= credopts
.get_credentials(lp
)
166 creds
.set_gensec_features(creds
.get_gensec_features() | gensec
.FEATURE_SEAL
)
168 domain
= creds
.get_domain()
170 lp
.set("workgroup", domain
)
172 domain
= lp
.get("workgroup")
173 if domain
== "WORKGROUP":
174 print_err(("NETBIOS domain does not appear to be "
175 "specified, use the --workgroup option"))
178 if not opts
.realm
and not lp
.get('realm'):
179 print_err("Realm not specified, use the --realm option")
182 if opts
.generate_users_only
and not (opts
.number_of_users
or
183 opts
.number_of_groups
):
184 print_err(("Please specify the number of users and/or groups "
188 if opts
.group_memberships
and opts
.average_groups_per_user
:
189 print_err(("--group-memberships and --average-groups-per-user"
190 " are incompatible options - use one or the other"))
193 if not opts
.number_of_groups
and opts
.average_groups_per_user
:
194 print_err(("--average-groups-per-user requires "
195 "--number-of-groups"))
198 if opts
.number_of_groups
and opts
.average_groups_per_user
:
199 if opts
.number_of_groups
< opts
.average_groups_per_user
:
200 print_err(("--average-groups-per-user can not be more than "
201 "--number-of-groups"))
204 if not opts
.number_of_groups
and opts
.group_memberships
:
205 print_err("--group-memberships requires --number-of-groups")
208 if opts
.timing_data
not in ('-', None):
210 open(opts
.timing_data
, 'w').close()
212 print_err(("the supplied timing data destination "
213 "(%s) is not writable" % opts
.timing_data
))
217 if opts
.traffic_summary
not in ('-', None):
219 open(opts
.traffic_summary
, 'w').close()
221 print_err(("the supplied traffic summary destination "
222 "(%s) is not writable" % opts
.traffic_summary
))
226 traffic
.DEBUG_LEVEL
= opts
.debuglevel
228 duration
= opts
.duration
232 # ingest the model or traffic summary
235 conversations
, interval
, duration
, dns_counts
= \
236 traffic
.ingest_summaries([summary
])
238 print_err(("Using conversations from the traffic summary "
241 # honour the specified duration if it's different to the
243 if opts
.duration
is not None:
244 duration
= opts
.duration
246 except ValueError as e
:
247 if not e
.message
.startswith('need more than'):
250 model
= traffic
.TrafficModel()
255 print_err(("Could not parse %s. The summary file "
256 "should be the output from either the "
257 "traffic_summary.pl or "
258 "traffic_learner scripts."
262 print_err(("Using the specified model file to "
263 "generate conversations"))
265 conversations
= model
.generate_conversations(opts
.scale_traffic
,
272 if opts
.debuglevel
> 5:
273 for c
in conversations
:
279 if opts
.number_of_users
and opts
.number_of_users
< len(conversations
):
280 print_err(("--number-of-users (%d) is less than the "
281 "number of conversations to replay (%d)"
282 % (opts
.number_of_users
, len(conversations
))))
285 number_of_users
= max(opts
.number_of_users
, len(conversations
))
286 max_memberships
= number_of_users
* opts
.number_of_groups
288 if not opts
.group_memberships
and opts
.average_groups_per_user
:
289 opts
.group_memberships
= opts
.average_groups_per_user
* number_of_users
290 print_err(("Using %d group-memberships based on %u average "
291 "memberships for %d users"
292 % (opts
.group_memberships
,
293 opts
.average_groups_per_user
, number_of_users
)))
295 if opts
.group_memberships
> max_memberships
:
296 print_err(("The group memberships specified (%d) exceeds "
297 "the total users (%d) * total groups (%d)"
298 % (opts
.group_memberships
, number_of_users
,
299 opts
.number_of_groups
)))
303 ldb
= traffic
.openLdb(host
, creds
, lp
)
305 print_err(("\nInitial LDAP connection failed! Did you supply "
306 "a DNS host name and the correct credentials?"))
309 if opts
.generate_users_only
:
310 traffic
.generate_users_and_groups(ldb
,
313 opts
.number_of_users
,
314 opts
.number_of_groups
,
315 opts
.group_memberships
)
318 tempdir
= tempfile
.mkdtemp(prefix
="samba_tg_")
319 print_err("Using temp dir %s" % tempdir
)
321 traffic
.generate_users_and_groups(ldb
,
325 opts
.number_of_groups
,
326 opts
.group_memberships
)
328 accounts
= traffic
.generate_replay_accounts(ldb
,
333 statsdir
= traffic
.mk_masked_dir(tempdir
, 'stats')
335 if opts
.traffic_summary
:
336 if opts
.traffic_summary
== '-':
337 summary_dest
= sys
.stdout
339 summary_dest
= open(opts
.traffic_summary
, 'w')
341 print_err("Writing traffic summary")
343 for c
in conversations
:
344 summaries
+= c
.replay_as_summary_lines()
347 for (time
, line
) in summaries
:
348 print(line
, file=summary_dest
)
352 traffic
.replay(conversations
, host
,
356 dns_rate
=opts
.dns_rate
,
358 badpassword_frequency
=opts
.badpassword_frequency
,
359 prefer_kerberos
=opts
.prefer_kerberos
,
362 base_dn
=ldb
.domain_dn(),
363 ou
=traffic
.ou_name(ldb
, opts
.instance_id
),
365 domain_sid
=ldb
.get_domain_sid())
367 if opts
.timing_data
== '-':
368 timing_dest
= sys
.stdout
369 elif opts
.timing_data
is None:
372 timing_dest
= open(opts
.timing_data
, 'w')
374 print_err("Generating statistics")
375 traffic
.generate_stats(statsdir
, timing_dest
)
377 if not opts
.preserve_tempdir
:
378 print_err("Removing temporary directory")
379 shutil
.rmtree(tempdir
)