Design And Implementation Of Firewall System Based On Embedded Computing Architecture

With the rapid development of the Internet, network security becomes more important and the firewall is powerful to resist the network attack. Conventional firewall has failed to resist the attack from the inside network and distributed firewall excessively relies on the host operating system. Therefore embedded firewall becomes the focus of the current network security research in that it maintains network edge security. Since embedded system design usually follows top-to-bottom methodology and it is heterogeneous from perspectives of both system simulation and implementation, it is significant to study the embedded system-level design methodology, which will lay solid basis of embedded system theory research.The paper discusses the design and implementation of firewall system based on embedded computing. The paper is organized as follows: Firstly, it presents architecture of embedded firewall system. Secondly, it studies the embedded system-level methodology in Ptolemy project and makes use of the three design steps Ptolemy project advocated in the embedded system to guide the embedded firewall system implementation. Thirdly, the paper finishes the embedded firewall system modeling and simulation based on the embedded system modeling and simulation environment Ptolemy II. Finally, after it analyses the implementation mechanism of dynamic packet filter module and network address translation module in such embedded firewall system, the paper implements the embedded Linux firewall system on the ES860 hardware platform designed by local lab. In addition, the performance test is included in the last part and the results show that the firewall is sensitive to the transmission rate and the numbers of rules. The real performance results are approximately close to the simulation results in Ptolemy, which validates that Ptolemy can direct embedded Linux firewall system correctly and feasibly.