Port_blocker

Tutorial no 9

                            Portblocker is way to block TCP ports. For that we use a forwarding component which does fine-grained flows (e.g., l2_learning), and then intercept the PacketIn events. When you see a packet you want to block, kill the event.  This will keep l2_learning from seeing the event and installing a flow for it.

The source code for port_blocker is not in POX. You can copy following code or download from here. Save this code in pox/ext folder.

Here we will block port 80 i.e. HTTP port.

1) To save code of port_blocker script, ssh into mininet and open nano Copy and paste the code. Use key ‘CTRL+O’ to save code and ‘CTRL+X’ to exit nano editor. I have saved code with name port_blocker.py

1

2

2) Now we will create topology with one controller, one switch and 6 hosts.

3

3) We are going to block port 80. Lets first check port 80 is working. For that we will run simply l2_learning.py. We can use two hosts. On one host we run server and from second we request HTTP service by using curl utility(about curl installation refer IP_loadbancer tutorial)

4

Xterm h1 h2

Then on host1 run server by command

sudo python –m SimpleHTTPServer 80

On host2, request http service

curl 10.0.0.1

Here ip of host1 and host2 are 10.0.0.1,10.0.0.2 respectively.

6

Here you can see host2 getting HTTP reply from server (host1).

Now we will run our port_blocker.py script which is saved in pox/ext folder.

sudo python pox.py log.level –DEBUG forwarding.l2_learning port_blocker -–ports=80

 (Here you can change tcp port number)

7

So if host2 request service from host1(i.e. HTTP server), the packets are blocked. Observe the blocked packets on controller.

8