PBit : a pattern based testing framework for Linux iptables

Date

2008-04-10T05:57:35Z

Authors

Du, Yong.

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Firewall testing is important because fifewall faults can lead to security failures. Firewall testing is hard because firewall rules havdp&a+eters, producing a huge number of possible parameter combinations. This thesis presents a firewall testing methodology based on test templates, which are parameterized test cases. A firewall testing framework for iptables, the Linux firewall subsystem, has been implemented. Twelve test templates have been created for testing iptables parameters and extensions. A GUI tool is also provided to integrate these test templates with various test generation strategies. The most important of these strategies, painvise generation, has been investigated in detail. Based on the investigation, we developed an improved painvise generation algorithm.

Description

Keywords

Citation