The Study Of Distributed Firewalls Based On The Technology Of Packet Filtering

This paper analyzes the architecture of distributed firewalls based on comparing with the traditional firewalls: network firewalls and personal firewalls. It brings forward a new design about the distributed firewalls in which some host firewalls and a control center constitute the whole distributed firewalls with reserving the old network firewalls. A host firewall is a packet-filtering firewall that filters the network packets come from inside the network based on the information of network application program, IP address, TCP or UDP port and so on. It also can send logs to the control center. The packet filtering rules used in host firewalls are only manager by the control center. The BNF is used to formalize the packet filtering rules. The M/M/1 modal in the queue theory is used to analyze the stability of the distributed firewalls system. At last a host firewall instance and a control center instance which work on the Windows operation systems is developed. And the main technology used to develop the host firewall is to use the Services Provider Interface (SPI) in the Windows Open System Architect (WOSA) to filter TCP/IP network data packets.