Currently, a middlebox is not a loadable library like an OC-D module (It will be in the future). Hence you will need to modify 3-4 lines of code in the main OCALA code in order to add a new middlebox.

The first thing you need to do is to write your own Middlebox class. This class needs to implement only one function receive. The receive function should takes the contents of the current packet at the middlebox and returns true or false. A return value of true implies that the packet is to be forwarded along; false implies that the packet is to be dropped. In most cases, your middlebox class will just be a communication channel to the actual module implementing the middlebox functionality. For example, BroMiddleBox simply passes the packets to the bro process through a fifo.

After implementing your own middlebox class, you need to make sure that OCALA loads it. This is where the modifications to the core OCALA code is needed. You need to register our middlebox class and type name in the constructor of the OCI class in OCI.cpp. In the future, middlebox classes will be dynamically loaded, just like OC-D modules.