Giter Club home page Giter Club logo

aclswitch's Introduction

ACLSwitch

ACLSwitch is an application for the Ryu controller that offers a distributed firewalling solution for a software defined network. Through the use of OpenFlow switches, an entire network can be protected via the filtering of network traffic. ACLSwitch also offers flexibility by providing a mechanism to group rules into policy domains. This mechanism allows multiple rules to be deployed to many switches without the need to configure each switch separately.

ACLSwitch can be configured by specifying configuration items in the appropriate YAML files under Ryu_Application/aclswitch/config. Alternatively, a command line interface can be used to configure the firewall dynamically. The command line interface assumes that ACLSwitch is running on the same machine.

Please note that the scripts used to start ACLSwitch and its respective command line interface may use paths that do not work on your machine. These can be changed by modifying the respective scripts. The start_network.sh script can be used to start a small virtual network in Mininet for testing or just to have fun.

Finally, remember that this software is open-source. Anyone is free to use or modify the code, however the original authors must be respected. The open-source nature of the software also means that there is no attached warranty. You have been warned!

Running ACLSwitch

Create a bash alias for running ACLSwitch. The example below assumes that the ACLSwitch directory cloned from GitHub is located in your home directory.

alias asw="cd; ryu-manager --verbose ~/ACLSwitch/Ryu_Application/controller.py ;"

Repository Background

ACLSwitch was originally developed as part of a final year Bachelor of Engineering Honours project (ENGR489) at Victoria University of Wellington in 2015. The original repository contains files that were necessary for the development and assessment of the honours project. This repository was established in order to foster future development by including the implementation code but none of the resources that were appropriate for ENGR489.

The original repository used in the process for the honours project can found at https://github.com/bakkerjarr/ENGR489_2015_JarrodBakker.

Dependencies

Software dependencies are noted down below along with the appropriate installation commands.

Python

  • netaddr
$ pip install netaddr
  • netifaces
$ pip install netifaces
  • prettytable
$ pip install prettytable
  • requests
$ pip3 install requests
  • Scapy
$ pip install Scapy
  • YAML
$ apt-get install python-yaml

aclswitch's People

Contributors

bakkerjarr avatar sweettimo avatar jimsrush avatar bairdo avatar

Stargazers

Florian Heigl avatar avatar avatar avatar

Watchers

James Cloos avatar avatar

Forkers

jimsrush sweettimo ummamedia bbill bairdo jibanli

aclswitch's Issues

Automated testing environment needed

The degree of test automation when ACLSwitch was subjected to functional tests for ENGR489 was limited. The network was initialised using the Mininet console command and tests were run by opening xterm windows for each host. Mininet supports the creation of a network through its API, it also supports the execution of commands (through the .cmd() method call). Therefore it is possible to use the Mininet API to create a network, run a test, collect the results and close the network down.

Improved Scapy test scripts

The majority of scripts used for testing use Scapy to used flows of traffic. However, flows are hardcoded into the individual test scripts. There should instead be a single test script that reads in what flows should be sent from a file. CSV, JSON or YAML could be used for formatting.

Refactor previous ACLSwitch implementation

The code for the old implementation of ACLSwitch from ENGR489 is messy and lacks structure. This should be changed! Identify areas that share a common purpose (e.g. handling policy domains) and group into separate classes. The functionality should not be changed if possible.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.