A Research On The Application Of The Firewall Of Computer Network

In this paper, the development, the status of firewall technology, the role of the firewall and the firewall classification issues were introduced with the fact of computer network and in-depth discussions on the firewall architecture were done . To contrapose the firewall realization of Linux, firstly,we expounded the theoretiacal foudation of the firewall relization of Linux, and made detailed and in-depth research on firewall tools relization of Linux, then design reasonable and effective firewall architecture against military integrated information network security issues, and reallized a based "packet filter + application proxy" hybrid firewall on it, then integrated system-level security management and the internal network firewall security protection.This paper is divided into four chapters. In the chapter 1, we gave an account of the background, and against the basic content of information security and development of the military's computer security systems to the special requirements and other issues, and introduced the main contents of this paper.In the chapter 2 , we introduced the development and the classification of firewall technology, and made in-depth discussions on two basic types of firewall, and given the analysis and summary of typical firewall architecture. In chapter 3, we analysed the theoretical foundation of realization of firewall based on Linux, and compared and researched the realization of Linux-based packet filtering firewall tools, and made in-depth discussion on the function of the structure of the framework Netfilter principle, the use of iptables syntax, functions etc. Finally,we studied how to achieve application proxy-based firewalls based on Linux, and analyzed the agent for the different types ,made corresponding research and foreshadowing for the realization of a hybrid firewall. In chapter 4, we introduced how to achieve the design of the firewall baded on Linux . Firstly, we discussed several firewall architecture and deformation, through performance analysis, combined with the specific situation of experimental network, designed a simple reasonable and effective firewall architecture:"external firewall (Merger various public server, agent server) + internal firewall "of shielding composed of the network-based firewall deformation. Then we made a corresponding design to activate the firewall machine network services according to the needs of network security,and configure the network of these services reasonablely, but also on external firewall with squid achieve a basic " packet filtering + application proxy "hybrid firewall, in the last two firewall machines, in accordance with the security policy developed by the preparation of the corresponding firewall rules to enable the realization of a firewall system on the internal network protection.