| The firewall techonolgy, which has come to be used since 1990s as a kind of network security techonolgy, has been improved continuously within more than ten years. It expericed Packet Filtering Fircwall,Circuit Level Fircwall,Application Layer Firewall,and Stateful Inspection Firewall.According to the state information of a valid connection which the stateful inspection firewall has inspected, it decided whether these network data packages should be passed. The data package is captured by the lower part of protocol stack, and then is analyzed. In order to keep the security of the network, this firewall gets the control information of the data package by comparing the current state with the previous state. Stateful inspection firewall reads, analyzes and uses total information in network connection, including communication information, communication states, application states and operation information.The artical basing on the traditional firewall techonolgy, mainly researched the application of stateful inspection in firewall. At the same time the differences in efficiency and security between stateful inspection firewall and traditional firewall was given a good analysis. Also in reading the source code, it analyzed comprehensively the realization of stateful inspection in Netfilter/iptablcs of Linux firewall.According to the weakness of low efficiency in stateful inspection of firewall, it gets finding ways of regular table as well as the research of IP packet classification .Analyzing IP packet classification and according to characteristics in firewall rule and network data flow, we put forward to improving way of finding in the Linux firewall rule.
|
PDF Full Text Request