OpenFlow Analyzer

Hui_Lin · October 17, 2016, 7:24pm

Hi

My understanding is that Bro has some northbound API to openflow switches or controllers. I am wondering whether any development branch has analyzer of openflow controllers. Just try to see whether I can use Bro to analyze some controller-to-switch traffics.

Best,

Hui

Slagell_Adam_J · October 17, 2016, 7:37pm

Have you looked at the netcontrol framework in Bro, developed by Johanna?

Hui_Lin · October 17, 2016, 7:45pm

Actually, netcontrol is what I thought of as northbound APIs. I actually just wonder whether Bro has analyzer for openflow protocol or not (some refer them as southbound traffics). It not, I probably need to use wireshark to output the pcap and analyze them manually.

Slagell_Adam_J · October 17, 2016, 7:47pm

I get you now. I am not aware of an open flow protocol analyzer in Bro.

johanna · October 18, 2016, 7:59pm

Just to add to this - there is no analyzer and so far this is also not planned. In addition to that - OpenFlow encourages use of TLS, so you (hopefully) should not actually see a lot of unencrypted OF traffic on the wire.

Johanna

Topic		Replies	Views
Bro vs NetFlow Zeek	8	121	May 6, 2022
Netflow and Bro Zeek	2	109	May 6, 2022
HTTPS Analyzer Development development	2	116	May 6, 2022
flow-level analysis code Zeek	2	107	May 6, 2022
RPC and NFS Analyzers Development development	7	102	May 6, 2022

OpenFlow Analyzer

Related topics