LOFT Verified Migration of Linux Firewalls to SDN

 

Title: LOFT — Verified Migration of Linux Firewalls to SDN
Authors: Julius Michaelis and Cornelius Diekmann
Submission date: 2016-10-21
Abstract: We present LOFT — Linux firewall OpenFlow Translator, a system that transforms the main routing table and FORWARD chain of iptables of a Linux-based firewall into a set of static OpenFlow rules. Our implementation is verified against a model of a simplified Linux-based router and we can directly show how much of the original functionality is preserved.
BibTeX:
@article{LOFT-AFP,
  author  = {Julius Michaelis and Cornelius Diekmann},
  title   = {LOFT — Verified Migration of Linux Firewalls to SDN},
  journal = {Archive of Formal Proofs},
  month   = oct,
  year    = 2016,
  note    = {\url{http://isa-afp.org/entries/LOFT.shtml},
            Formal proof development},
  ISSN    = {2150-914x},
}
License: BSD License
Depends on: Automatic_Refinement, IP_Addresses, Iptables_Semantics, Routing, Simple_Firewall