Skip to content

Instantly share code, notes, and snippets.

@dginhoux

dginhoux/linux_fc_spoofing.md

Created July 23, 2024 17:08
Show Gist options
  • Save dginhoux/724de8a7766cc9d951569d9070d6ce10 to your computer and use it in GitHub Desktop.
Save dginhoux/724de8a7766cc9d951569d9070d6ce10 to your computer and use it in GitHub Desktop.
Download ZIP
linux_fc_spoofing
Raw
linux_fc_spoofing.md

h1. essai wwn spoofing manuel : VALIDE

h2. sans npiv


fabric2-67:admin> portshow 91 
portWwn:   20:5b:50:eb:1a:2d:67:54
portWwn of device(s) connected:
	51:40:2e:c0:18:1a:8a:4c


[root@tina-03b host0]# cat /sys/class/fc_host/host0/port_name 
0x51402ec0181a8a4c
[root@tina-03b host0]# cat /sys/class/fc_host/host0/npiv_vports_inuse 
0

h2. create npiv

SYNTAX " WWPN:WWNN "


[root@tina-03b host0]# echo "51402ec018888888:51402ec018999999" > /sys/class/fc_host/host0/vport_create 
[root@tina-03b host0]# cat /sys/class/fc_host/host0/npiv_vports_inuse 
1


fabric2-67:admin> portshow 91 
portWwn:   20:5b:50:eb:1a:2d:67:54
portWwn of device(s) connected:
    51:40:2e:c0:18:88:88:88
	51:40:2e:c0:18:1a:8a:4c

h2. delete npiv

SYNTAX " WWPN:WWNN "


[root@tina-03b host0]# echo "51402ec018888888:51402ec018999999" > /sys/class/fc_host/host0/vport_delete
[root@tina-03b host0]# cat /sys/class/fc_host/host0/npiv_vports_inuse 
0


fabric2-67:admin> portshow 91 
portWwn:   20:5b:50:eb:1a:2d:67:54
portWwn of device(s) connected:
	51:40:2e:c0:18:1a:8a:4c

h1. wwn spoofind udev : VALIDE

https://cgit.freedesktop.org/systemd/systemd/diff/src/udev/rules/60-persistent-storage.rules?id=19c5f19d69bb5f520fa7213239490c55de06d99d https://man7.org/linux/man-pages/man7/udev.7.html

h2. udev debug/reload


udevadm control --log-priority=debug
udevadm control --reload-rules && udevadm trigger
journalctl -f --grep fc

h2. udev device information


udevadm info --attribute-walk --path=/sys/class/fc_host/host0

h2. udev rules

h3. get fc_host info


for i in $( ls /sys/class/fc_host ); do echo "host:$i node_name:$( cat /sys/class/fc_host/$i/node_name ) port_name:$( cat /sys/class/fc_host/$i/port_name );"; done

host:host0 node_name:0x51402ec0181a8a4d port_name:0x51402ec0181a8a4c;
host:host2 node_name:0x51402ec0181a8a4f port_name:0x51402ec0181a8a4e;
host:host3 node_name:0x51402ec0172b9e25 port_name:0x51402ec0172b9e24;
host:host4 node_name:0x51402ec0172b9e27 port_name:0x51402ec0172b9e26;

A FAIRE DEPLOYER AVEC ANSIBLE /etc/udev/rules.d/10-spoof.rules


# fc_host           : slot1 port1
# fabric            : fabric1-65
# real alias        : tina03_disk_1a8a4c
# real port_name    : 0x51402ec0181a8a4c
# real node_name    : 0x51402ec0181a8a4d
# spoofed alias     : tina03_disk_28562a
# spoofed port_name : 0x21000024ff28562a
# spoofed node_name : 0x20000024ff28562a
SUBSYSTEM=="fc_host", ACTION=="add|change", ATTR{port_name}=="0x51402ec0181a8a4c", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 21000024ff28562a:20000024ff28562a > /sys/class/fc_host/$name/vport_create'"
SUBSYSTEM=="fc_host", ACTION=="remove", ATTR{port_name}=="0x51402ec0181a8a4c", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 21000024ff28562a:20000024ff28562a > /sys/class/fc_host/$name/vport_delete'"

# fc_host           : slot1 port2
# fabric            : fabric1-65
# real alias        : tina03_tape_1a8a4e
# real port_name    : 0x51402ec0181a8a4e
# real node_name    : 0x51402ec0181a8a4f
# spoofed alias     : tina03_tape_28562b
# spoofed port_name : 0x21000024ff28562b
# spoofed node_name : 0x20000024ff28562b
SUBSYSTEM=="fc_host", ACTION=="add|change", ATTR{port_name}=="0x51402ec0181a8a4e", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 21000024ff28562b:20000024ff28562b > /sys/class/fc_host/$name/vport_create'"
SUBSYSTEM=="fc_host", ACTION=="remove", ATTR{port_name}=="0x51402ec0181a8a4e", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 21000024ff28562b:20000024ff28562b > /sys/class/fc_host/$name/vport_delete'"

# fc_host           : slot2 port1
# fabric            : fabric2-67
# real alias        : tina03_disk_2b9e24
# real port_name    : 0x51402ec0172b9e24
# real node_name    : 0x51402ec0172b9e25
# spoofed alias     : tina03_disk_914549
# spoofed port_name : 0x2100001b32914549
# spoofed node_name : 0x2000001b32914549
SUBSYSTEM=="fc_host", ACTION=="add|change", ATTR{port_name}=="0x51402ec0172b9e24", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 2100001b32914549:2000001b32914549 > /sys/class/fc_host/$name/vport_create'"
SUBSYSTEM=="fc_host", ACTION=="remove", ATTR{port_name}=="0x51402ec0172b9e24", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 2100001b32914549:2000001b32914549 > /sys/class/fc_host/$name/vport_delete'"

# fc_host           : slot1 port2
# fabric            : fabric2-67
# real alias        : tina03_tape_2b9e26
# real port_name    : 0x51402ec0172b9e26
# real node_name    : 0x51402ec0172b9e27
# spoofed alias     : tina03_tape_b14549
# spoofed port_name : 0x2101001b32b14549
# spoofed node_name : 0x2001001b32b14549
SUBSYSTEM=="fc_host", ACTION=="add|change", ATTR{port_name}=="0x51402ec0172b9e26", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 2101001b32b14549:2001001b32b14549 > /sys/class/fc_host/$name/vport_create'"
SUBSYSTEM=="fc_host", ACTION=="remove", ATTR{port_name}=="0x51402ec0172b9e26", KERNEL=="?*", RUN="/bin/sh -c 'sleep 10; echo 2101001b32b14549:2001001b32b14549 > /sys/class/fc_host/$name/vport_delete'"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment