diff --git a/scripts/base/frameworks/openflow/__load__.bro b/scripts/base/frameworks/openflow/__load__.bro
index c468d055ee..377ed8fa48 100644
--- a/scripts/base/frameworks/openflow/__load__.bro
+++ b/scripts/base/frameworks/openflow/__load__.bro
@@ -1,2 +1,3 @@
+@load ./consts
 @load ./main
-@load ./plugins
\ No newline at end of file
+@load ./plugins
diff --git a/scripts/base/frameworks/openflow/consts.bro b/scripts/base/frameworks/openflow/consts.bro
new file mode 100644
index 0000000000..0e08e11a47
--- /dev/null
+++ b/scripts/base/frameworks/openflow/consts.bro
@@ -0,0 +1,337 @@
+# All types/constants not specific to Openflow will be defined here
+# unitl they somehow get into bro.
+
+module Openflow;
+
+# Some cookie specific constants.
+# first 24 bits
+const COOKIE_BID_SIZE = 16777216;
+# start at bit 40 (1 << 40)
+const COOKIE_BID_START = 1099511627776;
+# bro specific cookie ID shall have the 42 bit set (1 << 42)
+const BRO_COOKIE_ID = 4;
+# 8 bits group identifier
+const COOKIE_GID_SIZE = 256;
+# start at bit 32 (1 << 32)
+const COOKIE_GID_START = 4294967296;
+# 32 bits unique identifier
+const COOKIE_UID_SIZE = 4294967296;
+# start at bit 0 (1 << 0)
+const COOKIE_UID_START = 0;
+
+export {
+	# All ethertypes can be found at
+	# http://standards.ieee.org/develop/regauth/ethertype/eth.txt
+	# but are not interesting for us at this point
+#type ethertype: enum {
+	# Internet protocol version 4
+	const ETH_IPv4 = 0x0800;
+	# Address resolution protocol
+	const ETH_ARP = 0x0806;
+	# Wake on LAN
+	const ETH_WOL = 0x0842;
+	# Reverse address resolution protocol
+	const ETH_RARP = 0x8035;
+	# Appletalk
+	const ETH_APPLETALK = 0x809B;
+	# Appletalk address resolution protocol
+	const ETH_APPLETALK_ARP = 0x80F3;
+	# IEEE 802.1q & IEEE 802.1aq
+	const ETH_VLAN = 0x8100;
+	# Novell IPX old
+	const ETH_IPX_OLD = 0x8137;
+	# Novell IPX
+	const ETH_IPX = 0x8138;
+	# Internet protocol version 6
+	const ETH_IPv6 = 0x86DD;
+	# IEEE 802.3x
+	const ETH_ETHER_FLOW_CONTROL = 0x8808;
+	# Multiprotocol Label Switching unicast
+	const ETH_MPLS_UNICAST = 0x8847;
+	# Multiprotocol Label Switching multicast
+	const ETH_MPLS_MULTICAST = 0x8848;
+	# Point-to-point protocol over Ethernet discovery phase (rfc2516)
+	const ETH_PPPOE_DISCOVERY = 0x8863;
+	# Point-to-point protocol over Ethernet session phase (rfc2516)
+	const ETH_PPPOE_SESSION = 0x8864;
+	# Jumbo frames
+	const ETH_JUMBO_FRAMES = 0x8870;
+	# IEEE 802.1X
+	const ETH_EAP_OVER_LAN = 0x888E;
+	# IEEE 802.1ad & IEEE 802.1aq
+	const ETH_PROVIDER_BRIDING = 0x88A8;
+	# IEEE 802.1ae
+	const ETH_MAC_SECURITY = 0x88E5;
+	# IEEE 802.1ad (QinQ)
+	const ETH_QINQ = 0x9100;
+#};
+
+	# A list of ip protocol numbers can be found at
+	# http://en.wikipedia.org/wiki/List_of_IP_protocol_numbers
+#type iptype: enum {
+	# IPv6 Hop-by-Hop Option (RFC2460)
+	const IP_HOPOPT = 0x00;
+	# Internet Control Message Protocol (RFC792)
+	const IP_ICMP = 0x01;
+	# Internet Group Management Protocol (RFC1112)
+	const IP_IGMP = 0x02;
+	# Gateway-to-Gateway Protocol (RFC823)
+	const IP_GGP = 0x03;
+	# IP-Within-IP (encapsulation) (RFC2003)
+	const IP_IPIP = 0x04;
+	# Internet Stream Protocol (RFC1190;RFC1819)
+	const IP_ST = 0x05;
+	# Tansmission Control Protocol (RFC793)
+	const IP_TCP = 0x06;
+	# Core-based trees (RFC2189)
+	const IP_CBT = 0x07;
+	# Exterior Gateway Protocol (RFC888)
+	const IP_EGP = 0x08;
+	# Interior Gateway Protocol (any private interior
+	# gateway (used by Cisco for their IGRP))
+	const IP_IGP = 0x09;
+	# User Datagram Protocol (RFC768)
+	const IP_UDP = 0x11;
+	# Reliable Datagram Protocol (RFC908)
+	const IP_RDP = 0x1B;
+	# IPv6 Encapsulation (RFC2473)
+	const IP_IPv6 = 0x29;
+	# Resource Reservation Protocol (RFC2205)
+	const IP_RSVP = 0x2E;
+	# Generic Routing Encapsulation (RFC2784;RFC2890)
+	const IP_GRE = 0x2F;
+	# Open Shortest Path First (RFC1583)
+	const IP_OSPF = 0x59;
+	# Multicast Transport Protocol
+	const IP_MTP = 0x5C;
+	# IP-within-IP Encapsulation Protocol (RFC2003)
+	### error 0x5E;
+	# Ethernet-within-IP Encapsulation Protocol (RFC3378)
+	const IP_ETHERIP = 0x61;
+	# Layer Two Tunneling Protocol Version 3 (RFC3931)
+	const IP_L2TP = 0x73;
+	# Intermediate System to Intermediate System (IS-IS) Protocol over IPv4 (RFC1142;RFC1195)
+	const IP_ISIS = 0x7C;
+	# Fibre Channel
+	const IP_FC = 0x85;
+	# Multiprotocol Label Switching Encapsulated in IP (RFC4023)
+	const IP_MPLS = 0x89;
+#};
+
+	## Return value for a cookie from a flow
+	## which is not added, modified or deleted
+	## from the bro openflow framework
+	const INVALID_COOKIE = 0xffffffffffffffff;
+
+	# Openflow pysical port definitions
+	## Maximum number of physical switch ports.
+	const OFPP_MAX = 0xff00;
+	## Send the packet out the input port. This
+	## virual port must be explicitly used in
+	## order to send back out of the input port.
+	const OFPP_IN_PORT = 0xfff8;
+	## Perform actions in flow table.
+	## NB: This can only be the destination port
+	## for packet-out messages.
+	const OFPP_TABLE = 0xfff9;
+	## Process with normal L2/L3 switching.
+	const OFPP_NORMAL = 0xfffa;
+	## All pysical ports except input port and
+	## those disabled by STP.
+	const OFPP_FLOOD = 0xfffb;
+	## All pysical ports except input port.
+	const OFPP_ALL = 0xfffc;
+	## Send to controller.
+	const OFPP_CONTROLLER = 0xfffd;
+	## Local openflow "port".
+	const OFPP_LOCAL = 0xfffe;
+	## Not associated with a pysical port.
+	const OFPP_NONE = 0xffff;
+
+	## Openflow action_type definitions
+	##
+	## The openflow action type defines
+	## what actions openflow can take
+	## to modify a packet
+	type ofp_action_type: enum {
+		## Output to switch port.
+		OFPAT_OUTPUT = 0x0000,
+		## Set the 802.1q VLAN id.
+		OFPAT_SET_VLAN_VID = 0x0001,
+		## Set the 802.1q priority.
+		OFPAT_SET_VLAN_PCP = 0x0002,
+		## Strip the 802.1q header.
+		OFPAT_STRIP_VLAN = 0x0003,
+		## Ethernet source address.
+		OFPAT_SET_DL_SRC = 0x0004,
+		## Ethernet destination address.
+		OFPAT_SET_DL_DST = 0x0005,
+		## IP source address
+		OFPAT_SET_NW_SRC = 0x0006,
+		## IP destination address.
+		OFPAT_SET_NW_DST = 0x0007,
+		## IP ToS (DSCP field, 6 bits).
+		OFPAT_SET_NW_TOS = 0x0008,
+		## TCP/UDP source port.
+		OFPAT_SET_TP_SRC = 0x0009,
+		## TCP/UDP destination port.
+		OFPAT_SET_TP_DST = 0x000a,
+		## Output to queue.
+		OFPAT_ENQUEUE = 0x000b,
+		## Vendor specific
+		OFPAT_VENDOR = 0xffff,
+	};
+
+	## Openflow flow_mod_command definitions
+	##
+	## The openflow flow_mod_command describes
+	## of what kind an action is.
+	type ofp_flow_mod_command: enum {
+		## New flow.
+		OFPFC_ADD = 0x0,
+		## Modify all matching flows.
+		OFPFC_MODIFY = 0x1,
+		## Modify entry strictly matching wildcards.
+		OFPFC_MODIFY_STRICT = 0x2,
+		## Delete all matching flows.
+		OFPFC_DELETE = 0x3,
+		## Strictly matching wildcards and priority.
+		OFPFC_DELETE_STRICT = 0x4,
+	};
+
+	## Openflow config flag definitions
+	##
+	## TODO: describe
+	type ofp_config_flags: enum {
+		## No special handling for fragments.
+		OFPC_FRAG_NORMAL = 0,
+		## Drop fragments.
+		OFPC_FRAG_DROP = 1,
+		## Reassemble (only if OFPC_IP_REASM set).
+		OFPC_FRAG_REASM = 2,
+		OFPC_FRAG_MASK = 3,
+	};
+
+	## Openflow match definition.
+	##
+	## The openflow match record describes
+	## which packets match to a specific
+	## rule in a flow table.
+	type ofp_match: record {
+		# Wildcard fields.
+		#wildcards: count &optional;
+		# Input switch port.
+		in_port: count &optional;
+		# Ethernet source address.
+		dl_src: string &optional;
+		# Ethernet destination address.
+		dl_dst: string &optional;
+		# Input VLAN id.
+		dl_vlan: count &optional;
+		# Input VLAN priority.
+		dl_vlan_pcp: count &optional;
+		# Ethernet frame type.
+		dl_type: count &default=ETH_IPv4;
+		# IP ToS (actually DSCP field, 6bits).
+		nw_tos: count &optional;
+		# IP protocol or lower 8 bits of ARP opcode.
+		nw_proto: count &default=IP_TCP;
+		# IP source address.
+		nw_src: addr &optional;
+		# IP destination address.
+		nw_dst: addr &optional;
+		# TCP/UDP source port.
+		tp_src: port &optional;
+		# TCP/UDP destination port.
+		tp_dst: port &optional;
+	};
+
+	## Openflow actions definition.
+	##
+	## A action describes what should
+	## happen with packets of the matching
+	## flow.
+	type ofp_action_output: record {
+		## this should never change, but there are not
+		## constants available in records
+		## defaults to OFPAT_OUTPUT
+		type_: ofp_action_type &default=OFPAT_OUTPUT;
+		#_len: count &default=8;
+		## Output port.
+		port_: count &default=OFPP_FLOOD;
+		#_max_len: count &optional;
+	};
+
+	# Openflow flow_mod_flags definition
+	## Send flow removed message when flow
+	## expires or is deleted.
+	const OFPFF_SEND_FLOW_REM = 0x1;
+	## Check for overlapping entries first.
+	const OFPFF_CHECK_OVERLAP = 0x2;
+	## Remark this is for emergency.
+	## Flows added with this are only used
+	## when the controller is disconnected.
+	const OFPFF_EMERG = 0x4;
+
+	## Openflow flow_mod definition.
+	## It describes the flow to match and
+	## how it should be modified.
+	type ofp_flow_mod: record {
+		# header: ofp_header;
+		## Fields to match
+		match: ofp_match;
+		## Opaque controller-issued identifier.
+		cookie: count &default=BRO_COOKIE_ID * COOKIE_BID_START;
+		# Flow actions
+		## One of OFPFC_*.
+		command: ofp_flow_mod_command &default=OFPFC_ADD;
+		## Idle time before discarding (seconds).
+		idle_timeout: count &optional;
+		## Max time before discarding (seconds).
+		hard_timeout: count &optional;
+		## Priority level of flow entry.
+		priority: count &optional;
+		## Buffered packet to apply to (or -1).
+		## Not meaningful for OFPFC_DELETE*.
+		buffer_id: count &optional;
+		## For OFPFC_DELETE* commands, require
+		## matching entries to include this as an
+		## output port. A value of OFPP_NONE
+		## indicates no restrictions.
+		out_port: count &optional;
+		## One of OFPFF_*.
+		flags: count &optional;
+		## A list of actions to perform.
+		actions: vector of ofp_action_output;
+	};
+
+	## Body of reply to OFPST_FLOW request.
+	type ofp_flow_stats: record {
+		## Length of this entry
+		_length: count;
+		## ID of table flow came from.
+		table_id: count;
+		## Description of fields.
+		match: ofp_match;
+		## Time flow has been alive in seconds.
+		duration_sec: count;
+		## Time flow has been alive in nanoseconds beyond
+		## duration_sec.
+		duration_nsec: count;
+		## Priority of the entry. Only meaningful
+		## when this is not an exact-match entry.
+		priority: count;
+		## Number of seconds idle before expiration.
+		idle_timeout: count;
+		## Number of seconds before expiration.
+		hard_timeout: count;
+		## Opaque controller-issued identifier.
+		cookie: count;
+		## Number of packets in flow.
+		packet_count: count;
+		## Number of bytes in flow.
+		byte_count: count;
+		## Actions
+		actions: vector of ofp_action_output;
+	};
+}
diff --git a/scripts/base/frameworks/openflow/main.bro b/scripts/base/frameworks/openflow/main.bro
index 198374a3bb..6681229419 100644
--- a/scripts/base/frameworks/openflow/main.bro
+++ b/scripts/base/frameworks/openflow/main.bro
@@ -1,244 +1,8 @@
-@load ./utils/const.bro
-
+@load ./consts
 
 module Openflow;
 
-
-# Some cookie specific constants.
-# first 24 bits
-const COOKIE_BID_SIZE = 16777216;
-# start at bit 40 (1 << 40)
-const COOKIE_BID_START = 1099511627776;
-# bro specific cookie ID shall have the 42 bit set (1 << 42)
-const BRO_COOKIE_ID = 4;
-# 8 bits group identifier
-const COOKIE_GID_SIZE = 256;
-# start at bit 32 (1 << 32)
-const COOKIE_GID_START = 4294967296;
-# 32 bits unique identifier
-const COOKIE_UID_SIZE = 4294967296;
-# start at bit 0 (1 << 0)
-const COOKIE_UID_START = 0;
-
-
 export {
-	## Return value for a cookie from a flow
-	## which is not added, modified or deleted
-	## from the bro openflow framework
-	const INVALID_COOKIE = 0xffffffffffffffff;
-
-	# Openflow pysical port definitions
-	## Maximum number of physical switch ports.
-	const OFPP_MAX = 0xff00;
-	## Send the packet out the input port. This
-	## virual port must be explicitly used in
-	## order to send back out of the input port.
-	const OFPP_IN_PORT = 0xfff8;
-	## Perform actions in flow table.
-	## NB: This can only be the destination port
-	## for packet-out messages.
-	const OFPP_TABLE = 0xfff9;
-	## Process with normal L2/L3 switching.
-	const OFPP_NORMAL = 0xfffa;
-	## All pysical ports except input port and
-	## those disabled by STP.
-	const OFPP_FLOOD = 0xfffb;
-	## All pysical ports except input port.
-	const OFPP_ALL = 0xfffc;
-	## Send to controller.
-	const OFPP_CONTROLLER = 0xfffd;
-	## Local openflow "port".
-	const OFPP_LOCAL = 0xfffe;
-	## Not associated with a pysical port.
-	const OFPP_NONE = 0xffff;
-
-	## Openflow action_type definitions
-	##
-	## The openflow action type defines
-	## what actions openflow can take
-	## to modify a packet
-	type ofp_action_type: enum {
-		## Output to switch port.
-		OFPAT_OUTPUT = 0x0000,
-		## Set the 802.1q VLAN id.
-		OFPAT_SET_VLAN_VID = 0x0001,
-		## Set the 802.1q priority.
-		OFPAT_SET_VLAN_PCP = 0x0002,
-		## Strip the 802.1q header.
-		OFPAT_STRIP_VLAN = 0x0003,
-		## Ethernet source address.
-		OFPAT_SET_DL_SRC = 0x0004,
-		## Ethernet destination address.
-		OFPAT_SET_DL_DST = 0x0005,
-		## IP source address
-		OFPAT_SET_NW_SRC = 0x0006,
-		## IP destination address.
-		OFPAT_SET_NW_DST = 0x0007,
-		## IP ToS (DSCP field, 6 bits).
-		OFPAT_SET_NW_TOS = 0x0008,
-		## TCP/UDP source port.
-		OFPAT_SET_TP_SRC = 0x0009,
-		## TCP/UDP destination port.
-		OFPAT_SET_TP_DST = 0x000a,
-		## Output to queue.
-		OFPAT_ENQUEUE = 0x000b,
-		## Vendor specific
-		OFPAT_VENDOR = 0xffff,
-	};
-
-	## Openflow flow_mod_command definitions
-	##
-	## The openflow flow_mod_command describes
-	## of what kind an action is.
-	type ofp_flow_mod_command: enum {
-		## New flow.
-		OFPFC_ADD = 0x0,
-		## Modify all matching flows.
-		OFPFC_MODIFY = 0x1,
-		## Modify entry strictly matching wildcards.
-		OFPFC_MODIFY_STRICT = 0x2,
-		## Delete all matching flows.
-		OFPFC_DELETE = 0x3,
-		## Strictly matching wildcards and priority.
-		OFPFC_DELETE_STRICT = 0x4,
-	};
-
-	## Openflow config flag definitions
-	##
-	## TODO: describe
-	type ofp_config_flags: enum {
-		## No special handling for fragments.
-		OFPC_FRAG_NORMAL = 0,
-		## Drop fragments.
-		OFPC_FRAG_DROP = 1,
-		## Reassemble (only if OFPC_IP_REASM set).
-		OFPC_FRAG_REASM = 2,
-		OFPC_FRAG_MASK = 3,
-	};
-
-	## Openflow match definition.
-	##
-	## The openflow match record describes
-	## which packets match to a specific
-	## rule in a flow table.
-	type ofp_match: record {
-		# Wildcard fields.
-		#wildcards: count &optional;
-		# Input switch port.
-		in_port: count &optional;
-		# Ethernet source address.
-		dl_src: string &optional;
-		# Ethernet destination address.
-		dl_dst: string &optional;
-		# Input VLAN id.
-		dl_vlan: count &optional;
-		# Input VLAN priority.
-		dl_vlan_pcp: count &optional;
-		# Ethernet frame type.
-		dl_type: count &default=ETH_IPv4;
-		# IP ToS (actually DSCP field, 6bits).
-		nw_tos: count &optional;
-		# IP protocol or lower 8 bits of ARP opcode.
-		nw_proto: count &default=IP_TCP;
-		# IP source address.
-		nw_src: addr &optional;
-		# IP destination address.
-		nw_dst: addr &optional;
-		# TCP/UDP source port.
-		tp_src: port &optional;
-		# TCP/UDP destination port.
-		tp_dst: port &optional;
-	};
-
-	## Openflow actions definition.
-	##
-	## A action describes what should
-	## happen with packets of the matching
-	## flow.
-	type ofp_action_output: record {
-		## this should never change, but there are not
-		## constants available in records
-		## defaults to OFPAT_OUTPUT
-		type_: ofp_action_type &default=OFPAT_OUTPUT;
-		#_len: count &default=8;
-		## Output port.
-		port_: count &default=OFPP_FLOOD;
-		#_max_len: count &optional;
-	};
-
-	# Openflow flow_mod_flags definition
-	## Send flow removed message when flow
-	## expires or is deleted.
-	const OFPFF_SEND_FLOW_REM = 0x1;
-	## Check for overlapping entries first.
-	const OFPFF_CHECK_OVERLAP = 0x2;
-	## Remark this is for emergency.
-	## Flows added with this are only used
-	## when the controller is disconnected.
-	const OFPFF_EMERG = 0x4;
-
-	## Openflow flow_mod definition.
-	## It describes the flow to match and
-	## how it should be modified.
-	type ofp_flow_mod: record {
-		# header: ofp_header;
-		## Fields to match
-		match: ofp_match;
-		## Opaque controller-issued identifier.
-		cookie: count &default=BRO_COOKIE_ID * COOKIE_BID_START;
-		# Flow actions
-		## One of OFPFC_*.
-		command: ofp_flow_mod_command &default=OFPFC_ADD;
-		## Idle time befor discarding (seconds).
-		idle_timeout: count &optional;
-		## Max time before discarding (seconds).
-		hard_timeout: count &optional;
-		## Priority level of flow entry.
-		priority: count &optional;
-		## Buffered packet to apply to (or -1).
-		## Not meaningful for OFPFC_DELETE*.
-		buffer_id: count &optional;
-		## For OFPFC_DELETE* commands, require
-		## matching entries to include this as an
-		## output port. A value of OFPP_NONE
-		## indicates no restrictions.
-		out_port: count &optional;
-		## One of OFPFF_*.
-		flags: count &optional;
-		## A list of actions to perform.
-		actions: vector of ofp_action_output;
-	};
-
-	## Body of reply to OFPST_FLOW request.
-	type ofp_flow_stats: record {
-		## Length of this entry
-		_length: count;
-		## ID of table flow came from.
-		table_id: count;
-		## Description of fields.
-		match: ofp_match;
-		## Time flow has been alive in seconds.
-		duration_sec: count;
-		## Time flow has been alive in nanoseconds beyond
-		## duration_sec.
-		duration_nsec: count;
-		## Priority of the entry. Only meaningful
-		## when this is not an exact-match entry.
-		priority: count;
-		## Number of seconds idle before expiration.
-		idle_timeout: count;
-		## Number of seconds before expiration.
-		hard_timeout: count;
-		## Opaque controller-issued identifier.
-		cookie: count;
-		## Number of packets in flow.
-		packet_count: count;
-		## Number of bytes in flow.
-		byte_count: count;
-		## Actions
-		actions: vector of ofp_action_output;
-	};
-
 	## Function to get the unique id out of a given cookie.
 	##
 	## cookie: The openflow match cookie.
@@ -253,7 +17,7 @@ export {
 	## Returns: The cookie group id.
 	global get_cookie_gid: function(cookie: count): count;
 
-	## Function to get the group id out of a given cookie.
+	## Function to generate a new cookie using our group id.
 	##
 	## cookie: The openflow match cookie.
 	##
@@ -286,9 +50,9 @@ export {
 	## add state.
 	type ControllerState: record {
 		## Controller ip.
-		ip: addr &optional;
+		host: addr &optional;
 		## Controller listen port.
-		port_: count &optional;
+		host_port: count &optional;
 		## Openflow switch datapath id.
 		dpid: count &optional;
 		## Type of the openflow plugin.
@@ -302,7 +66,7 @@ export {
 		## flow_mod function the plugin implements
 		flow_mod: function(state: ControllerState, flow_mod: ofp_flow_mod): bool;
 		## flow_stats function the plugin implements if existing 
-		flow_stats: function(state: ControllerState): vector of ofp_flow_stats &optional;
+		## flow_stats: function(state: ControllerState): vector of ofp_flow_stats &optional;
 	};
 
 	## Global flow_mod function wrapper
diff --git a/scripts/base/frameworks/openflow/plugins/ryu.bro b/scripts/base/frameworks/openflow/plugins/ryu.bro
index 156168782e..acf44d37da 100644
--- a/scripts/base/frameworks/openflow/plugins/ryu.bro
+++ b/scripts/base/frameworks/openflow/plugins/ryu.bro
@@ -1,12 +1,10 @@
-@load ../main
-@load ../utils/json
+@load base/frameworks/openflow
+@load base/frameworks/openflow/utils/json
 @load base/utils/exec
 @load base/utils/active-http
 
-
 module OpenflowRyu;
 
-
 export {
 	redef enum Openflow::Plugin += {
 		Openflow::RYU,
@@ -34,14 +32,14 @@ export {
 
 	## Ryu controller constructor.
 	##
-	## ip: Controller ip.
+	## host: Controller ip.
 	##
-	## port_: Controller listen port.
+	## host_port: Controller listen port.
 	##
 	## dpid: Openflow switch datapath id.
 	##
 	## Returns: Openflow::Controller record
-	global new: function(ip: addr, port_: count, dpid: count): Openflow::Controller;
+	global new: function(host: addr, host_port: count, dpid: count): Openflow::Controller;
 }
 
 
@@ -129,7 +127,7 @@ function flow_mod(state: Openflow::ControllerState, flow_mod: Openflow::ofp_flow
 		}
 	# Create the ActiveHTTP request and convert the record to a Ryu ReST API JSON string
 	local request: ActiveHTTP::Request = ActiveHTTP::Request(
-		$url=cat("http://", cat(state$ip), ":", cat(state$port_), RYU_FLOWENTRY_PATH, command_type),
+		$url=cat("http://", cat(state$host), ":", cat(state$host_port), RYU_FLOWENTRY_PATH, command_type),
 		$method="POST",
 		$client_data=OpenflowJSON::convert(_flow_mod)
 	);
@@ -149,9 +147,8 @@ function flow_mod(state: Openflow::ControllerState, flow_mod: Openflow::ofp_flow
 	return T;
 	}
 
-
 # Ryu controller constructor
-function new(ip: addr, port_: count, dpid: count): Openflow::Controller
+function new(host: addr, host_port: count, dpid: count): Openflow::Controller
 	{
-	return [$state=[$ip=ip, $port_=port_, $type_=Openflow::RYU, $dpid=dpid], $flow_mod=flow_mod];
-	}
\ No newline at end of file
+	return [$state=[$host=host, $host_port=host_port, $type_=Openflow::RYU, $dpid=dpid], $flow_mod=flow_mod];
+	}
diff --git a/scripts/base/frameworks/openflow/utils/const.bro b/scripts/base/frameworks/openflow/utils/const.bro
deleted file mode 100644
index 18c79eb28e..0000000000
--- a/scripts/base/frameworks/openflow/utils/const.bro
+++ /dev/null
@@ -1,104 +0,0 @@
-# All types/constants not specific to Openflow will be defined here 
-# unitl they somehow get into bro.
-
-module Openflow;
-
-export {
-	# All ethertypes can be found at
-	# http://standards.ieee.org/develop/regauth/ethertype/eth.txt
-	# but are not interesting for us at this point
-#type ethertype: enum {
-	# Internet protocol version 4
-	const ETH_IPv4 = 0x0800;
-	# Address resolution protocol
-	const ETH_ARP = 0x0806;
-	# Wake on LAN
-	const ETH_WOL = 0x0842;
-	# Reverse address resolution protocol
-	const ETH_RARP = 0x8035;
-	# Appletalk
-	const ETH_APPLETALK = 0x809B;
-	# Appletalk address resolution protocol
-	const ETH_APPLETALK_ARP = 0x80F3;
-	# IEEE 802.1q & IEEE 802.1aq
-	const ETH_VLAN = 0x8100;
-	# Novell IPX old
-	const ETH_IPX_OLD = 0x8137;
-	# Novell IPX
-	const ETH_IPX = 0x8138;
-	# Internet protocol version 6
-	const ETH_IPv6 = 0x86DD;
-	# IEEE 802.3x
-	const ETH_ETHER_FLOW_CONTROL = 0x8808;
-	# Multiprotocol Label Switching unicast
-	const ETH_MPLS_UNICAST = 0x8847;
-	# Multiprotocol Label Switching multicast
-	const ETH_MPLS_MULTICAST = 0x8848;
-	# Point-to-point protocol over Ethernet discovery phase (rfc2516)
-	const ETH_PPPOE_DISCOVERY = 0x8863;
-	# Point-to-point protocol over Ethernet session phase (rfc2516)
-	const ETH_PPPOE_SESSION = 0x8864;
-	# Jumbo frames
-	const ETH_JUMBO_FRAMES = 0x8870;
-	# IEEE 802.1X
-	const ETH_EAP_OVER_LAN = 0x888E;
-	# IEEE 802.1ad & IEEE 802.1aq
-	const ETH_PROVIDER_BRIDING = 0x88A8;
-	# IEEE 802.1ae
-	const ETH_MAC_SECURITY = 0x88E5;
-	# IEEE 802.1ad (QinQ)
-	const ETH_QINQ = 0x9100;
-#};
-
-	# A list of ip protocol numbers can be found at
-	# http://en.wikipedia.org/wiki/List_of_IP_protocol_numbers
-#type iptype: enum {
-	# IPv6 Hop-by-Hop Option (RFC2460)
-	const IP_HOPOPT = 0x00;
-	# Internet Control Message Protocol (RFC792)
-	const IP_ICMP = 0x01;
-	# Internet Group Management Protocol (RFC1112)
-	const IP_IGMP = 0x02;
-	# Gateway-to-Gateway Protocol (RFC823)
-	const IP_GGP = 0x03;
-	# IP-Within-IP (encapsulation) (RFC2003)
-	const IP_IPIP = 0x04;
-	# Internet Stream Protocol (RFC1190;RFC1819)
-	const IP_ST = 0x05;
-	# Tansmission Control Protocol (RFC793)
-	const IP_TCP = 0x06;
-	# Core-based trees (RFC2189)
-	const IP_CBT = 0x07;
-	# Exterior Gateway Protocol (RFC888)
-	const IP_EGP = 0x08;
-	# Interior Gateway Protocol (any private interior
-	# gateway (used by Cisco for their IGRP))
-	const IP_IGP = 0x09;
-	# User Datagram Protocol (RFC768)
-	const IP_UDP = 0x11;
-	# Reliable Datagram Protocol (RFC908)
-	const IP_RDP = 0x1B;
-	# IPv6 Encapsulation (RFC2473)
-	const IP_IPv6 = 0x29;
-	# Resource Reservation Protocol (RFC2205)
-	const IP_RSVP = 0x2E;
-	# Generic Routing Encapsulation (RFC2784;RFC2890)
-	const IP_GRE = 0x2F;
-	# Open Shortest Path First (RFC1583)
-	const IP_OSPF = 0x59;
-	# Multicast Transport Protocol
-	const IP_MTP = 0x5C;
-	# IP-within-IP Encapsulation Protocol (RFC2003)
-	### error 0x5E;
-	# Ethernet-within-IP Encapsulation Protocol (RFC3378)
-	const IP_ETHERIP = 0x61;
-	# Layer Two Tunneling Protocol Version 3 (RFC3931)
-	const IP_L2TP = 0x73;
-	# Intermediate System to Intermediate System (IS-IS) Protocol over IPv4 (RFC1142;RFC1195)
-	const IP_ISIS = 0x7C;
-	# Fibre Channel
-	const IP_FC = 0x85;
-	# Multiprotocol Label Switching Encapsulated in IP (RFC4023)
-	const IP_MPLS = 0x89;
-#};
-}
\ No newline at end of file
diff --git a/scripts/site/openflow-shunt.bro b/scripts/site/openflow-shunt.bro
deleted file mode 100644
index 193f80e4f2..0000000000
--- a/scripts/site/openflow-shunt.bro
+++ /dev/null
@@ -1,139 +0,0 @@
-@load base/protocols/conn
-@load base/frameworks/notice
-@load base/frameworks/openflow
-
-
-module OpenflowShunt;
-
-
-# pox
-# global param_dpid = "00-24-a8-5c-0c-00|15" &redef;
-# global param_port = "\"OFPP_ALL\"" &redef;
-# global of_ctrl_uri = "http://10.255.0.20:8080/OF/" &redef;
-# const cmd = "curl -i -X POST -d '{\"method\":\"set_table\",\"params\":{\"dpid\":\"%s\",\"flows\":[{\"actions\":[{\"type\":\"OFPAT_OUTPUT\",\"port\":%s}],\"match\":{%s}}]}}' %s";
-
-
-# default constants which are not automatically gathered.
-const dpid = 4222282094087168;
-const cookie = 0;
-const idle_timeout = 30;
-const hard_timeout = 0;
-const in_port = 3;
-const out_port = 1;
-global delete_flow: bool = F;
-
-
-export {
-	## Number of bytes transferred before shunting a flow.
-	const size_threshold = 1024000 &redef;
-
-	## Base amount of time between checking
-	const poll_interval = 1sec &redef;
-
-	## Raised when a shunt happened.
-	##
-	## c: The connection pertaining to the data channel.
-	global shunt_triggered: event(c: connection);
-}
-
-
-function size_callback(c: connection, cnt: count): interval
-	{
-	local controller = OpenflowRyu::new(10.255.0.20, 8080, dpid);
-	# print Openflow::flow_stats(dpid);
-	# if traffic exceeds the given threshold, remove flow.
-	if ( c$orig$num_bytes_ip + c$resp$num_bytes_ip >= size_threshold )
-		{
-		# create openflow flow_mod add records from connection data and give default constants
-		local actions: vector of Openflow::ofp_action_output;
-		local reverse_actions: vector of Openflow::ofp_action_output;
-		actions[|actions|] = Openflow::ofp_action_output($port_=out_port);
-		reverse_actions[|reverse_actions|] = Openflow::ofp_action_output($port_=in_port);
-		# flow layer 4 protocol
-		local nw_proto = Openflow::IP_TCP;
-		if(is_udp_port(c$id$orig_p))
-			nw_proto = Openflow::IP_UDP;
-		else if(is_icmp_port(c$id$orig_p))
-			nw_proto = Openflow::IP_ICMP;
-
-		local match: Openflow::ofp_match = [
-			$in_port=in_port,
-			$nw_src=c$id$orig_h,
-			$nw_dst=c$id$resp_h,
-			$nw_proto=nw_proto,
-			$tp_src=c$id$orig_p,
-			$tp_dst=c$id$resp_p
-		];
-
-		local reverse_match: Openflow::ofp_match = [
-			$in_port=out_port,
-			$nw_src=c$id$resp_h,
-			$nw_dst=c$id$orig_h,
-			$nw_proto=nw_proto,
-			$tp_src=c$id$resp_p,
-			$tp_dst=c$id$orig_p
-		];
-
-		local command = Openflow::OFPFC_ADD;
-		if(delete_flow)
-			command = Openflow::OFPFC_DELETE;
-		local flow_mod: Openflow::ofp_flow_mod = [
-			$match=match,
-			$cookie=cookie,
-			$command=command,
-			$idle_timeout=idle_timeout,
-			$hard_timeout=hard_timeout,
-			$actions=actions
-		];
-		local reverse_flow_mod: Openflow::ofp_flow_mod = [
-			$match=reverse_match,
-			$cookie=cookie,
-			$command=command,
-			$idle_timeout=idle_timeout,
-			$hard_timeout=hard_timeout,
-			$actions=reverse_actions
-		];
-
-		# call openflow framework
-		if(Openflow::flow_mod(controller, flow_mod) && Openflow::flow_mod(controller, reverse_flow_mod))
-			event shunt_triggered(c);
-
-		if(delete_flow)
-			{
-			delete_flow = F;
-			return -1sec;
-			}
-		else
-			{
-			delete_flow = T;
-			return 15sec;
-			}
-		}
-
-	return poll_interval;
-	}
-
-
-event connection_established(c: connection)
-	{
-	print fmt("new connection");
-	ConnPolling::watch(c, size_callback, 0, 0secs);
-	}
-
-
-event Openflow::flow_mod_success(flow_mod: Openflow::ofp_flow_mod, msg: string)
-	{
-	print fmt("succsess, %s", cat(flow_mod));
-	}
-
-
-event Openflow::flow_mod_failure(flow_mod: Openflow::ofp_flow_mod, msg: string)
-	{
-	print fmt("failed, %s", cat(flow_mod));
-	}
-
-
-event OpenflowRyu::error(flow_mod: Openflow::ofp_flow_mod, error: OpenflowRyu::Error, msg: string)
-	{
-	print fmt("ERROR: %s, msg: %s\n%s", error, msg, flow_mod);
-	}
diff --git a/scripts/site/pacf-openflow-shunt.bro b/scripts/site/pacf-openflow-shunt.bro
deleted file mode 100644
index 52f8eed8c1..0000000000
--- a/scripts/site/pacf-openflow-shunt.bro
+++ /dev/null
@@ -1,109 +0,0 @@
-@load base/protocols/conn
-@load base/frameworks/notice
-@load base/frameworks/pacf/main
-@load base/frameworks/openflow
-
-
-module PACFOpenflowShunt;
-
-
-# pox
-# global param_dpid = "00-24-a8-5c-0c-00|15" &redef;
-# global param_port = "\"OFPP_ALL\"" &redef;
-# global of_ctrl_uri = "http://10.255.0.20:8080/OF/" &redef;
-# const cmd = "curl -i -X POST -d '{\"method\":\"set_table\",\"params\":{\"dpid\":\"%s\",\"flows\":[{\"actions\":[{\"type\":\"OFPAT_OUTPUT\",\"port\":%s}],\"match\":{%s}}]}}' %s";
-
-
-# default constants which are not automatically gathered.
-const dpid = 4222282094087168;
-const cookie = 0;
-const idle_timeout = 30;
-const hard_timeout = 0;
-const in_port = 3;
-const out_port = 1;
-global delete_flow: bool = F;
-
-
-export {
-	## Number of bytes transferred before shunting a flow.
-	const size_threshold = 1024000 &redef;
-
-	## Base amount of time between checking
-	const poll_interval = 1sec &redef;
-
-	## Raised when a shunt happened.
-	##
-	## c: The connection pertaining to the data channel.
-	global shunt_triggered: event(c: connection);
-}
-
-
-function size_callback(c: connection, cnt: count): interval
-	{
-	local controller = OpenflowRyu::new(10.255.0.20, 8080, dpid);
-	controller$state$port_state[10.15.0.30/32] = 3;
-	controller$state$port_state[10.15.0.31/32] = 1;
-	local pacf_backend = PACFOpenflow::new(controller);
-	# print Openflow::flow_stats(dpid);
-	# if traffic exceeds the given threshold, remove flow.
-	if ( c$orig$num_bytes_ip + c$resp$num_bytes_ip >= size_threshold )
-		{
-		# create openflow flow_mod add records from connection data and give default constants
-		local action: vector of PACF::RuleAction;
-		action[|action|] = [
-			$type_=DROP,
-			$target=MONITOR
-		];
-
-		local ip_proto = tcp;
-		if(is_udp_port(c$id$orig_p))
-			ip_proto = udp;
-		else if(is_icmp_port(c$id$orig_p))
-			ip_proto = icmp;
-
-		local match: PACF::RuleMatch = [
-			$src_ip=c$id$resp_h,
-			$dst_ip=c$id$orig_h,
-			$ip_proto=ip_proto,
-			$src_port=c$id$resp_p,
-			$dst_port=c$id$orig_p
-		];
-
-		local rule: PACF::Rule = [
-			$match=match,
-			$action=action,
-			$direction=PACF::BIDIRECITONAL
-		];
-
-		if(pacf_backend$insert(pacf_backend, rule)
-			event shunt_triggered(c);
-	
-		return -1sec;
-		}
-	return poll_interval;
-	}
-
-
-event connection_established(c: connection)
-	{
-	print fmt("new connection");
-	ConnPolling::watch(c, size_callback, 0, 0secs);
-	}
-
-
-event Openflow::flow_mod_success(flow_mod: Openflow::ofp_flow_mod, msg: string)
-	{
-	print fmt("succsess, %s", cat(flow_mod));
-	}
-
-
-event Openflow::flow_mod_failure(flow_mod: Openflow::ofp_flow_mod, msg: string)
-	{
-	print fmt("failed, %s", cat(flow_mod));
-	}
-
-
-event OpenflowRyu::error(flow_mod: Openflow::ofp_flow_mod, error: OpenflowRyu::Error, msg: string)
-	{
-	print fmt("ERROR: %s, msg: %s\n%s", error, msg, flow_mod);
-	}