Python计算机网络代写 | CS 6250 SDN Firewall with POX

本次美国代写主要为POX防火墙相关的Project

PROJECT GOAL

In this project, you will use Software Defined Networking (SDN) principles to create a
configurable firewall using an OpenFlow enabled Switch. The Software Defined Networking
function allows you to programmatically control the flow of traffic on the network
This project will start with a review of Mininet (this was first used in the optional Simulating
Networks project). This review will explain the basic concepts of Mininet and the functionality
you may need to complete this project.

The next phase will involve examining network traffic using Wireshark. This will allow you to
see the header contents that will be important in building the code necessary to implement the
firewall as well as the necessary ruleset you will create to test the firewall.
After this, you will need to perform two tasks that need to be conducted in parallel:

1. You will create a configuration file ruleset that describes certain types of traffic that
should be blocked or allowed between individual hosts and networks. You will define this
“ruleset” using header packet parameters such as Source IP Address, Destination Port Number,
IP Protocol, and Destination MAC Address (there are more parameters, these are given as an
example). Your ruleset will contain instruction on whether certain traffic should be blocked or
should be allowed. By default, all traffic will be allowed. You will need to specify “routes” that
need to be blocked and any specific exceptions to the block that you want to allow.

2. You will create python code that will take the parameters of the configuration from the
first task above and create a flow policy object using the POX OpenFlow SDN frameworks.
Please start early on this project, especially if you are unfamiliar working with Python APIs.

Part 0: Project References

You will find the following resources useful in completing this project. It is recommended that
you review these resources before starting the project.
• IP Header – https://erg.abdn.ac.uk/users/gorry/course/inet-pages/ip-packet.html
• TCP Packet Header – https://en.wikipedia.org/wiki/Transmission_Control_Protocol
• UDP Packet Header – https://en.wikipedia.org/wiki/User_Datagram_Protocol
• The ICMP Protocol – https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
• POX Reference Manual – https://noxrepo.github.io/pox-doc/html/
• Flow Modification- https://noxrepo.github.io/pox-doc/html/#openflow-messages

• Packet Matching – https://noxrepo.github.io/pox-doc/html/#match-structure
• Output Actions – https://noxrepo.github.io/pox-doc/html/#openflow-actions
• IP Protocols – https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers
• TCP and UDP Service and Port References –
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
• Wireshark – https://www.wireshark.org/docs/wsug_html/
• CIDR Calculator – https://account.arin.net/public/cidrCalculator
• CIDR – https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing