Version 14 (modified by, 6 years ago) (diff)


OpenFlow Firewall

This exercise is based on as assignment by Sonia Famy.

For this experiment we will run an OpenFlow Firewall.

  1. Log into switch and run the following commands to download and run the firewall controller:
    tar xvfz gpo-ryu-firewall.tar.gz
    cd gpo-ryu-firewall/
  2. Log into right and run a nc server:
    nc -l 5001
  3. Log into left and run a nc client:
    nc 5001
  4. Type some text in left and it should appear in right and vis versa.
  5. In the terminal for switch you should see messages about the flow being passed or not:
    Extracted rule {'sport': '57430', 'dport': '5001', 'sip': '', 'dip': ''}
    Allow Connection rule {'dport': '5001', 'dip': '', 'sip': '', 'sport': 'any'}
  6. CTRL-C to kill nc in each terminal.
  7. Run a nc server on port 5002, then 5003. Compare the observed behavior to the contents of ~/gpo-ryu-firewall/fw.conf. Does the behavior match the configuration file? Feel free to modify the configuration file to block other traffic.

Return to the main page

Attachments (2)

Download all attachments as: .zip