| It's well known with the rapid development of the Internet. Abundance of resources in the Internet intensively attracat users, and Internet is turning to be one of the most important instruments of getting information. So this make connecting and accessing Internet most urgent need for now, and supervenient problem of network security is attatched importance.Based on the hot research field of embedded Linux system, associated with security theory of firewall and virtual private network, the author presents a kind of solution of embedded security gateway. The solution possesses the technology of NAT which contents user's urgent need of connecting Internet, and includes the function of packet filter firewall and virtual private network which can resolve some security problems.The paper includes two parts. On one side, this thesis analyzes deeply the netfilter mechanism and the iptables principle of Linux 2.4 kernel, then based on netfilter adopt the iptables to realize packet filter and NAT. This thesis adopts a method which is inserting the IPSec processing module into Linux network protocol stack, implements a Intranet VPN by adopting ESP tunnel mode. Then these fuctions are applied to designed enterprise security gateway, which not only can protect internal network of enterprise, but also can assure data information transmiss securely from one gateway to the other is given.On the other side, this thesis constructs the application platform of designed security gateway, based on Linux2.4.22 kernel, cuts Linux kernel and designs file system to constructs one embedded Linux system, and based on the embedded Linux system designs one embedded gateway which possesses some fuctions of packet filtering, NAT and VPN. In all, the embedded gateway can contents users in internal network access Internet at time by sharing a public ip address, and assures some network security.
|
PDF Full Text Request