Germann, BastianSchmidt, MarkStockmayer, AndreasMenth, MichaelMüller, PaulNeumair, BernhardReiser, HelmutDreo Rodosek, Gabi2018-06-082018-06-082018978-3-88579-677-0https://dl.gi.de/handle/20.500.12116/16577Stateful firewalls are becoming bottlenecks for high-speed communication networks. To counteract, trusted network flows may statically bypass the firewall. As access control lists (ACLs) of moderately priced switches do not allow port selection, they cannot be used for implementation of a static firewall bypass. In this work, we present a software-defined networking (SDN) based solution for a static firewall bypass based on moderately priced commodity hardware. We propose OFFWall, an OpenFlow (OF) controller that translates a whitelist of trusted flows into flow rules and installs them on an SDN switch to implement the firewall bypass.enOFFWall: A Static OpenFlow-Based Firewall BypassText/Conference Paper1617-5468