Network Firewall Design And Implement Based On Filter-Hook

In recent years, the rapid growth of the Internet to promote the rapid development of information technology, it has become a world growth is made. But the integrity of data and safety problems. People should put their intranets access the Internet so that companies can most likely to use the Internet resources, while everyone need to put their data to protect consciously, number of internal and external disclosure system of malicious damage. With the increasingly serious problem of network security, network security products are taken seriously by people. As the earliest firewall network security products and use the biggest security products, but also influenced by the user, and research institutes. Firewall as the key equipment maintenance of network security, in the current network security protection system, holds an important position. More and more companies and individuals to different levels of security problems, therefore the market demand of firewall technology and equipment required in the rising, is becoming more and more serious problem of network security is also required firewall technology have improved faster, otherwise will face new intrusion technique when stranded.Nowadays firewall NDIS driver is based on the basic of the network, it can be understood as the filter. This paper expounds and discusses the relevant knowledge structure and firewall TCP/IP protocol Filter drivers sieve-is the basic knowledge of hooks, in these theories, under the support of the Visual c++ framework used to realize the related MFC Filter function. Through the examples can clearly see the working process of the packets filtrating firewall.Filter-Hook firewall system use stateful inspection.The method compares certian key parts of the packet to a database of trusted information.Data traveling from outside the firewall to the insideis monitored for specific defining characteristics,then incoming data is compared to these characteristics.If the conparision yields a reasonable match,the information is allowed through.If not it is discarded. So the firewall system not only scan the port,filtering the tcp,udp,icmp as so on but also check the data wether the right data and not sent by the hacker.