| 108 | | <table border="0"> |
| 109 | | <tr> |
| 110 | | <td > |
| 111 | | <ol type="a"> |
| 112 | | <li>Log into <tt>switch</tt> and run the following commands to download and run the firewall controller: |
| 113 | | <pre>wget https://www.dropbox.com/s/wc4szossxjeairn/gpo-ryu-firewall.tar.gz |
| 114 | | gunzip gpo-ryu-firewall.tar.gz |
| 115 | | tar xvf gpo-ryu-firewall.tar |
| 116 | | /tmp/ryu/bin/ryu-manager simple_firewall.py loading app simple_firewall.py |
| 117 | | </pre> |
| 118 | | </li> |
| 119 | | <li>Log into <tt>right</tt> and run a <tt>nc</tt> server: |
| 120 | | <pre> |
| 121 | | nc -l 5001 |
| 122 | | </pre> |
| 123 | | </li> |
| 124 | | <li>Log into <tt>left</tt> and run a <tt>nc</tt> client: |
| 125 | | <pre> |
| 126 | | nc 10.10.11.1 5001 |
| 127 | | </pre></li> |
| 128 | | <li>Type some text in <tt>left</tt> and it should appear in <tt>right</tt> and vis versa.</li> |
| 129 | | <li>In the terminal for <tt>switch</tt> you should see messages about the flow being passed or not: |
| 130 | | <pre> |
| 131 | | Extracted rule {'sport': '57430', 'dport': '5001', 'sip': '10.10.10.1', 'dip': '10.10.11.1'} |
| 132 | | Allow Connection rule {'dport': '5001', 'dip': '10.10.11.1', 'sip': '10.10.10.1', 'sport': 'any'} |
| 133 | | </pre> |
| 134 | | </li> |
| 135 | | <li><tt>CTRL-C</tt> to kill <tt>nc</tt> in each terminal. </li> |
| 136 | | <li>Run a <tt>nc</tt> server on port 5002, then 5003. Compare the observed behavior to the contents of <tt>~/gpo-ryu-firewall/fw.conf</tt>. <i>Does the behavior match the configuration file?</i> Feel free to modify the configuration file to block other traffic.</li> |
| 137 | | |
| 138 | | </ol> |
| 139 | | </td> |
| 140 | | |
| 141 | | </tr> |
| 142 | | </table> |
| | 108 | Follow the steps on <a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/OpenFlowNetworkDevices/Firewall">this page</a> to test the Firewall topology. |
| | 109 | |
