Goals
Use SDN to create a configurable firewall using an OpenFlow enabled switch. This is beyond what is possible with traditional L2 switches and shows how the simplest of SDN switches are more capable than even the fanciest of L2 switches.
Create an externally configurable firewall using Pyretic. That means that the firewall rules are provided in a configuration file, so they can be changed without altering the switch code.
This firewall is the type that allows all traffic that isn't expressly disallowed (a blacklist firewall). This is the type of firewall that you would find in an office environment where you wish to restrict access to certain resources from other devices.
The alternative is to disallow all traffic that isn't allowed by the policy (whitelist firewall). A whitelist firewall is typically used in edge situations protecting internal resources from the outside/Internet (an example is a home internet router)