Ryu controller drop packets after fixed number of packets or time

Question

I am trying to block tcp packets of a specific user/session after some threshold is reached. Currently I am able to write a script that drops tcp packets.

@set_ev_cls(ofp_event.EventOFPSwitchFeatures, CONFIG_DISPATCHER)
    def switch_features_handler(self, ev):
        tcp_match = self.drop_tcp_packets_to_specfic_ip(parser)
        self.add_flow_for_clear(datapath, 2, tcp_match)

    def drop_tcp_packets_to_specfic_ip(self, parser):
        tcp_match = parser.OFPMatch(eth_type=0x0800, ip_proto=6, ipv4_src=conpot_ip)
        return tcp_match

Thanks.

Marcos Felipe Marcos Felipe · Accepted Answer · 2020-03-20T01:23:59

You need to set some rule to match the packets flow. After, you need to create an loop to get statistics about this rule. Finally, you read each statistic and verify the number of packets. So, if the number of packets reach your threshold, you send the rule to block packets.

Ryu controller drop packets after fixed number of packets or time

1 Answers