Florence is a security testing framework with set of tools and test cases to validate SDN switch and controller implementations. While the initial set of security test cases are specific to OpenFlow, the framework can be extended to build complex test case scenarios.
Currently, florence can:
- Connect to a OpenFlow switch and generate security tests to validate the secureness and implementation robustness of the switch.
- Uses OpenFlow 1.3.5 version as the reference specification
- Connects to OpenvSwitch
Please check ROADMAP for our upcoming features.
Get the source:
$ git clone https://github.com/opennetworkingfoundation/florenceInstall dependencies:
$ cd <florence>
$ pip install -r requirements.txtflorence expects the switch to attempt connecting to a controller. The default OpenFlow port (6653) is used in our setup.
Testing with OpenvSwitch:
Setup:
$ ./script/ovs-setup.shConfigure OVS:
$ python ./script/ovs-ctl.py --config-file ./script/ovs-ctl.confRunning Tests:
$ cd <florence>
$ sudo ./florence --helpTo run the entire set of test cases:
$ ./florenceTo run the test cases specific to the switch:
$ ./florence switchTo run a specific test case:
$ ./florence switch.TableLoopYou can contribute to florence in mulitple ways:
- Code fixes via pull requests are welcome.
- Join the discussion by registering at https://groups.opensourcesdn.org/wg/FLORENCE/dashboard
- For comments, questions, suggestions, please contact us at florence@groups.opensourcesdn.org
florence is a fork of OFTest and uses it as a library to build new security test cases. While the initial codebase leverages some of the core functionalities of OFTest, our plan is to extend florence to test the controller solutions and additional southbound interfaces as well.