108 | | <table border="0"> |
109 | | <tr> |
110 | | <td > |
111 | | <ol type="a"> |
112 | | <li>Log into <tt>switch</tt> and run the following commands to download and run the firewall controller: |
113 | | <pre>wget https://www.dropbox.com/s/wc4szossxjeairn/gpo-ryu-firewall.tar.gz |
114 | | gunzip gpo-ryu-firewall.tar.gz |
115 | | tar xvf gpo-ryu-firewall.tar |
116 | | /tmp/ryu/bin/ryu-manager simple_firewall.py loading app simple_firewall.py |
117 | | </pre> |
118 | | </li> |
119 | | <li>Log into <tt>right</tt> and run a <tt>nc</tt> server: |
120 | | <pre> |
121 | | nc -l 5001 |
122 | | </pre> |
123 | | </li> |
124 | | <li>Log into <tt>left</tt> and run a <tt>nc</tt> client: |
125 | | <pre> |
126 | | nc 10.10.11.1 5001 |
127 | | </pre></li> |
128 | | <li>Type some text in <tt>left</tt> and it should appear in <tt>right</tt> and vis versa.</li> |
129 | | <li>In the terminal for <tt>switch</tt> you should see messages about the flow being passed or not: |
130 | | <pre> |
131 | | Extracted rule {'sport': '57430', 'dport': '5001', 'sip': '10.10.10.1', 'dip': '10.10.11.1'} |
132 | | Allow Connection rule {'dport': '5001', 'dip': '10.10.11.1', 'sip': '10.10.10.1', 'sport': 'any'} |
133 | | </pre> |
134 | | </li> |
135 | | <li><tt>CTRL-C</tt> to kill <tt>nc</tt> in each terminal. </li> |
136 | | <li>Run a <tt>nc</tt> server on port 5002, then 5003. Compare the observed behavior to the contents of <tt>~/gpo-ryu-firewall/fw.conf</tt>. <i>Does the behavior match the configuration file?</i> Feel free to modify the configuration file to block other traffic.</li> |
137 | | |
138 | | </ol> |
139 | | </td> |
140 | | |
141 | | </tr> |
142 | | </table> |
| 108 | Follow the steps on <a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/OpenFlowNetworkDevices/Firewall">this page</a> to test the Firewall topology. |
| 109 | |