BPTables DTN Bundle Filtering Framework

The Internet Engineering Task Force (IETF) standardized Bundle Protocol (BP) enables data transfer using “bundles” over a Delay/Disruption Tolerant Network (DTN). BPTables is a bundle filtering framework that enables the establishment of barriers between more and less trusted BP network domains, and complements a security framework that includes the Simplified Bundle Security Protocol (SBSP). BPTables is implemented for the Linux port of the Interplanetary Overlay Network (ION) Bundle Protocol (BP) implementation of the DTN protocol stack. BPTables blocks forwarding of bundles whose source and destination node numbers are not explicitly allowed by the filtering policy, and by default all IPN bundles will be blocked. The current implementation presents a minimal resource footprint on embedded systems. The bundle filtering policy is determined by the contents of a rule file. Rules consist of ordered pairs (A, B) where traffic is permitted to flow from node A to node B. The rule parser understands wildcards (to simplify rule construction), and is able to optimize and combine rules to speed up evaluation.