[Ryu-devel] Firewall app

Wed, 16 Nov 2016 09:15:27 -0800 

Dear all,

I am using the firewall app in Ryu, and I am creating some rules like below:

*curl -X POST -d '{"nw_src": "**10.0.0.1/32 <http://10.0.0.1/32>**",
"nw_dst": "**10.0.0.2/32 <http://10.0.0.2/32>**", "nw_proto": "ICMP"
}' **http://localhost:8080/firewall/rules/all
<http://localhost:8080/firewall/rules/all>*

*curl -X POST -d '{"nw_src": "**10.0.0.1/32 <http://10.0.0.1/32>**",
"nw_dst": "**10.0.0.3/32 <http://10.0.0.3/32>**", "nw_proto": "ICMP",
"actions": "DENY"}' **http://localhost:8080/firewall/rules/all
<http://localhost:8080/firewall/rules/all>*

*curl -X POST -d '{"nw_src": "**10.0.0.1/32 <http://10.0.0.1/32>**",
"nw_dst": "**10.0.0.4/32 <http://10.0.0.4/32>**", "nw_proto": "ICMP",
"actions": "ALLOW"}' **http://localhost:8080/firewall/rules/all
<http://localhost:8080/firewall/rules/all>*

When I list the rules the result aways show actions: DENY

*[*

*   {*

*      "access_control_list" : [*

*         {*

*            "rules" : [*

*               {*

*                  "nw_proto" : "ICMP",*

*                  "actions" : "DENY",*

*                  "nw_dst" : "10.0.0.2",*

*                  "priority" : 1,*

*                  "nw_src" : "10.0.0.1",*

*                  "dl_type" : "IPv4",*

*                  "rule_id" : 1*

*               },*

*               {*

*                  "nw_proto" : "ICMP",*

*                  "rule_id" : 2,*

*                  "dl_type" : "IPv4",*

*                  "nw_src" : "10.0.0.1",*

*                  "actions" : "DENY",*

*                  "nw_dst" : "10.0.0.3",*

*                  "priority" : 1*

*               },*

*               {*

*                  "nw_proto" : "ICMP",*

*                  "actions" : "DENY",*

*                  "nw_dst" : "10.0.0.4",*

*                  "priority" : 1,*

*                  "nw_src" : "10.0.0.1",*

*                  "dl_type" : "IPv4",*

*                  "rule_id" : 3*

*               }*

*            ]*

*         }*

*      ],*

*      "switch_id" : "0000000000000001"*

*   }*

*]*

In mininet, the result is:

*mininet> dpctl dump-flows -O OpenFlow13*

**** s1
------------------------------------------------------------------------*

*OFPST_FLOW reply (OF1.3) (xid=0x2):*

* cookie=0x0, duration=132.176s, table=0, n_packets=21, n_bytes=1674,
priority=65535 actions=drop*

* cookie=0x0, duration=132.176s, table=0, n_packets=0, n_bytes=0,
priority=0 actions=CONTROLLER:128*

* cookie=0x0, duration=132.176s, table=0, n_packets=0, n_bytes=0,
priority=65534,arp actions=NORMAL*

* cookie=0x1, duration=117.815s, table=0, n_packets=0, n_bytes=0,
priority=1,icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2 actions=NORMAL*

* cookie=0x2, duration=117.777s, table=0, n_packets=0, n_bytes=0,
priority=1,icmp,nw_src=10.0.0.1,nw_dst=10.0.0.3 actions=CONTROLLER:128*

* cookie=0x3, duration=117.106s, table=0, n_packets=0, n_bytes=0,
priority=1,icmp,nw_src=10.0.0.1,nw_dst=10.0.0.4 actions=NORMAL*

Is this a bug?

------------------------------------------------------------------------------

_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel

Reply via email to