DHCP DoS Logger for DHCP DoS Mitigation Feature

[asraza07]

Why I did it

Added code for new daemon process responsible for detecting and logging DHCP DoS attack attempts (violation of DHCP rate limit)

How I did it

Added service and handler files for new systemd process dhcp_dos_logger

How to verify it

tc show command is used to identify dropped packets due to rate limiting

[yaqiangz]

Why no dropped packets (Line 47 and line 49 log_warning) is treated as abnormal but dropped packets is treated as expected(line 44 log_info)? With this logic, whether actual DHCP packet rate low than tc rate treated as abnormal?

[asraza07]

Hi @yaqiangz , thanks for pointing that out. I have fixed this in the code. The systemd process will only log when dropped packets are observed, and it will do so as a warning, not as info.

[asraza07]

@yaqiangz @lguohan , kindly help review this PR, thanks in advance!

[yaqiangz]

LGTM

[ridahanif96]

Hi @qiluo-msft can you pls help review and merged this PR. HLD is merged.

[ridahanif96]

@qiluo-msft pls help merge this one

[ridahanif96]

@qiluo-msft please help review this PR

[qiluo-msft]

Could you add test case and check test coverage?

[ridahanif96]

test coverage required for handler? currently, as per practice we don't add test cases and coverage here. The same is followed by all other features in image_config.

[ridahanif96]

Hi Qi,

Please review this PR.

[wajahatrazi]

Hi @qiluo-msft / @xincunli-sonic

Changes have been made as per your suggestions, please review to merge this PR.

Regards

[wajahatrazi]

Hi @qiluo-msft / @lguohan

Kindly review and help merge this PR.

We are reaching out weekly, requesting for the above. Please support.

Regards

[ridahanif96]

@qiluo-msft help merge this PR, pending for long, unable to understand merge delay!

[zhangyanzhao]

@lguohan this PR has been approved by reviewers, can you please check if you are ok to merge it? Thanks.