Fire­wall ex­e­cu­tion in SDN

OpenSource For You - - ADMIN -

Check the MAC ad­dress against the fire­wall rules avail­able in the POX con­troller. Is trans­par­ent=False, and ei­ther Ether type is LLDP or the packet’s des­ti­na­tion ad­dress is a Bridge Fil­tered Ad­dress? If yes, DROP. Is the des­ti­na­tion multi-cast? If yes, FLOOD. In­stall the flow ta­ble en­try in the switch so that this en­try will be used when a sim­i­lar packet reap­pears. To start this, you will find a skele­ton class file at pox/pox/misc/l2_­fire­wall.py. This is cur­rently not block­ing any traf­fic and you will need to mod­ify this skele­ton code to add your own logic later. Here, I have added some rules to block the packet from a spe­cific ad­dress. To test the fire­wall, put the l2_ fire­wall.py in the pox/pox/misc di­rec­tory and run the POX con­troller as shown below:

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.