VS>> SDN-firewall>> 返回
项目作者: last2win

项目描述 :
ryu based firewall
高级语言: Python
项目地址: git://github.com/last2win/SDN-firewall.git
创建时间: 2018-04-12T12:52:04Z
项目社区:https://github.com/last2win/SDN-firewall
开源协议:MIT License
下载


SDN-firewall

ryu based sdn firewall, using mininet.

1.firat start ryu:
ryu-manager ryu.app.rest_firewall
2.then start mininet:
python switch.py
3.then add rules and add port mirroring: 

  1. xterm s1
  3. curl -X PUT http://localhost:8080/firewall/module/enable/0000000000000001
  4. curl -X POST -d '{"nw_src": "10.0.0.2", "nw_dst": "10.0.0.1", "nw_proto": "TCP"}' http://127.0.0.1:8080/firewall/rules/0000000000000001
  5. curl -X POST -d '{"nw_src": "10.0.0.1", "nw_dst": "10.0.0.2", "nw_proto": "TCP"}' http://127.0.0.1:8080/firewall/rules/0000000000000001
  6. curl -X POST -d '{"nw_src": "10.0.0.3", "nw_dst": "10.0.0.4", "nw_proto": "TCP"}' http://127.0.0.1:8080/firewall/rules/0000000000000001
  7. curl -X POST -d '{"nw_src": "10.0.0.4", "nw_dst": "10.0.0.3", "nw_proto": "TCP"}' http://127.0.0.1:8080/firewall/rules/0000000000000001
  9. ovs-vsctl del-port s1-eth4
  10. ovs-vsctl add-port s1 s1-eth4 -- --id=@p get port s1-eth4 -- --id=@m create mirror name=m0 select-all=true output-port=@p -- set bridge s1 mirrors=@m

4.then start http server: 

  1. xterm h1
  3. python3 server.py

5.then monitor traffic: 

  1. xterm h3
  2. python3 monitor.py

6.then test firewall: 

  1. xterm h2
  3. curl "http://10.0.0.1:80"
  4. curl "http://10.0.0.1:80/?search.pl?form=../../../../../../etc/passwd\x00"