LOFT Verified Migration of Linux Firewalls to SDN


Title: LOFT — Verified Migration of Linux Firewalls to SDN
Authors: Julius Michaelis and Cornelius Diekmann
Submission date: 2016-10-21
Abstract: We present LOFT — Linux firewall OpenFlow Translator, a system that transforms the main routing table and FORWARD chain of iptables of a Linux-based firewall into a set of static OpenFlow rules. Our implementation is verified against a model of a simplified Linux-based router and we can directly show how much of the original functionality is preserved.
  author  = {Julius Michaelis and Cornelius Diekmann},
  title   = {LOFT — Verified Migration of Linux Firewalls to SDN},
  journal = {Archive of Formal Proofs},
  month   = oct,
  year    = 2016,
  note    = {\url{},
            Formal proof development},
  ISSN    = {2150-914x},
License: BSD License
Depends on: Automatic_Refinement, IP_Addresses, Iptables_Semantics, Routing, Simple_Firewall
Status: [ok] This is a development version of this entry. It might change over time and is not stable. Please refer to release versions for citations.