LOFTVerified Migration of Linux Firewalls to SDN

Julius Michaelis and Cornelius Diekmann

21 October 2016

Abstract

We present LOFT — Linux firewall OpenFlow Translator, a system that transforms the main routing table and FORWARD chain of iptables of a Linux-based firewall into a set of static OpenFlow rules. Our implementation is verified against a model of a simplified Linux-based router and we can directly show how much of the original functionality is preserved.
BSD License

Depends On

Topics

Theories

Cite

×
@article{LOFT-AFP,
  author  = {Julius Michaelis and Cornelius Diekmann},
  title   = {LOFT — Verified Migration of Linux Firewalls to SDN},
  journal = {Archive of Formal Proofs},
  month   = October,
  year    = 2016,
  note    = {\url{http://isa-afp.org/entries/LOFT.html},
            Formal proof development},
  ISSN    = {2150-914x},
}
Download