| Firewall is a barrier between computer and Internet .It protects computers from attacking coming from Internet. Firewall software for personal computer using is called personal firewall. Personal firewall can control the link between user computer and Internet according to user settings. Personal firewall usually is loaded in the computer operate system, takes the place of the operate system to control the access of network, and then controls the link between user computer and Internet successfully in the end.There are two kinds of technology in firewall: packet filtering and proxy. Packet filtering firewall analysis the packet information which pass in or out the intranet, limits the packet passing according to the security strategies that are set by user Controlling and allocating of resource will affect the speed of firewall's filtering directly; so I model and design the software by the way of resource optimize using. The main strategies are the use of dynamic link lab (DLL) and memory mapping. By these ways I improve the speed of the firewall successfully.The issue is consisted of two parts: modeling theory, Windows 2000 firewall's modeling and development. In the first part, I held the opinion that there are five main elements in software modeling: homostasis and isomorphic mapping, leveling, extension, priority of the big probability thing and efficiency. I brought forward my own modeling and development model, homostasis and isomorphic mapping-based, leveling, use case-dived, and parallel modeling and development model. Beside these, there are introduction about rapid prototyping technology and UML. I discuss the key technology of the issue: the packet captures theory of Windows2000 personal firewall in detail.In the second part of the issue, after defining the goal of firewall prototype, I select the firewall function by way of diagonal division in prototyping method. I've developed six functions in the firewall. Providing interface for users, so they can monitor packet, inquire about log, manage control rules, set system settings, set user access of network, set network neighborhood, set web site, set access time. Application and driver capture and filter packet in the Internet. Thefirewall can record and display the log of accesses, store and display the control rules, and monitor accesses in real time. In the meantime, in order to improve the modeling efficiency, I give a new way of responsibility allocation in the process of modeling. That is contradiction handler. Finally, I've developed the prototype system of Windows2000 personal firewall.
|
PDF Full Text Request