Add tutorial with how-to integrate with other firewalls implementations

[ligurio]

Now FirewallChecker is compatible with Windows Firewall only. It would be nice to have the ability to integrate it with nftables, iptables, NetBSD npf, OpenBSD pf and so on. Please share a guide how to add integrations with other firewalls.

[ahelwer]

Good idea!

[NikolajBjorner]

Sergey, I am taken aback by how the request is phrased. There are by now several papers published in conferences on how to create models of firewalls. They address various forms of firewalls. There are also products that aim to broadly cover formats used in hybrid deployment scenarios. I am not sure how it is reasonable to ask that software provided as an example be extended to cover an extended set of scenarios that the author isn't a user of. The example software shows what are the basic principles. Contrary to what I expected, the author responded very positively to your request.

It is also useful to point to https://github.com/Microsoft/Zen, which provides a higher level interface for writing network analysis tools (and other tools). One of the beauties of Zen is that you can write interpreters for firewall rules and have the translation to symbolic solving taken care of thanks to reflection.

[ligurio]

@NikolajBjorner Sure, it's up to the project owners decide is it worth implementing or not. Your arguments look very reasonable. I'm not a Windows user and an equivalence checker for popular opensource firewalls would be interesting for me. Thanks for pointing to Zen, didn't know about it.

Feel free to close a ticket.

P.S. @NikolajBjorner, I'll take my possibility to thank you for your work under Z3 :)