-
The P4 program is located in
src/zoom_capture.p4
. -
For P2P Zoom connections, when a
STUN
packet is seen, a record (4-tuple) corresponding to the local Zoom client is stored in memory. The corresponding timestamp is also stored, and is updated every time a new packet from the connection is seen. If no new packet is seen in a while (defined by theTIME_DUR_CUTOFF
constant in the program), the record is purged from memory. -
The
match_zoom_srv
match-action table matches on publicly known Zoom IP prefixes. The corresponding table entries are defined in a separate file located insrc/entries_match_zoom_server.p4inc
, which is then included in the program. Since Zoom can change its prefixes over time, please check and update the entries in this file if needed. -
The
match_campus_src
andmatch_campus_dst
match-action tables match on campus IP prefixes. The corresponding table entries are defined in separate files in the locationssrc/entries_match_campus_sources.p4inc
andsrc/entries_match_campus_destinations.p4inc
respectively. These entries currently correspond to the Princeton campus network; please change these to match your network. -
The program sets the ethernet source address of the outgoing packet to the total packet count (32-bit integer) seen so far. Likewise, it sets the ethernet destination address to the Zoom packet count (32-bit integer) seen so far. To disable this feature and to preserve the original ethernet addresses, comment out the calls to
set_all_pkts_count_to_ethernet_src()
andset_zoom_pkts_count_to_ethernet_dst()
. -
We used the ONTAS system (paper, code) to anonymize personally identifiable information (e.g., IP addresses of campus clients) in the outgoing packets. We adapted the ONTAS code for P416 and placed it directly in the egress pipeline of our P4 program.
-
Run
sudo python3 test/send.py [-i INTERFACE] -t TYPE
to send packets to the Zoom capture program. Specify (optionally) the interface on which to send packets; the default isveth1
. The-t/--type
parameter is required, and can be set toserver
,stun
,p2p
, orother
depending on the desired type of packets. -
Run
sudo test/receive.py -i INTERFACE
to receive packets output by the Zoom capture program. Specify the interface on which to listen using the-i/--interface
parameter. -
Expected results: The
server
packets should be allowed (by the program), thestun
packet should be allowed, and theothers
packets should be dropped. If thestun
packet is already seen, the firstp2p
packet should be allowed and the second one should be dropped. If thestun
packet is not seen, bothp2p
packets should be dropped.