| At present, firewalls control P2P applications by opening or blocking the default ports of corresponding P2P protocols. Due to the rapid development of P2P technique, nowadays P2P software can penetrate firewall with dynamic ports, HTTP message with encapsulated P2P data, or "UDP hole punching", which makes firewalls of no avail.This paper, based on above backgrounds, designs and implements a Hybrid Enhanced Firewall under P2P environment, which introduces characteristic value analysis to guard or block the P2P applications, while still keeping the advantages of traditional firewalls. The paper's specific work includes: Generally design the Hybrid Enhanced Firewall under P2P environment, including the design of system hardware, kernel tailoring, secure management modules, P2P filter module and security of strategies. Analysize the implementation mechanism of netfilter/iptables of firewallframework in Linux kernel 2.4.20 running on IPv4 protocol stack. Obtain one or more characteristic values through the research on five typical P2P protocols ( BitTorrent protocol, eDonkey protocol, Gnutella protocol, DirectConnect protocol, FastTrackprotocol) . Expand matching entries with characteristic values identifying P2P protocols based on netfilter/iptables framework in Linux 2.4.20 kernel, and finally, configure the firewall filtering rules by iptables commands. Carry out several verification tests to characteristic values on five typical P2P protocols including accuracy and efficiency tests which prove that our approach can identify five P2P protocols with 100% accuracy with no efficiency losses. Design and implement the special shell (fshell) of firewall that can run the specific commands. |
PDF Full Text Request