The Design And Implementation Of Hardware Firewall Based On Network Processor

Along with the rapid development and popular application in military field of the network and communications technology,network confrontation has been a important operational means of information warfare.Effective network defendece is a important precondition for maintaining battlefield information initiative. Firewall technology has been one of the key technologies in the research of network defence from its appearance till now.This paper focuses on the design and implementation of a firewall based on network processor.Firstly,the paper illustrates the great significance of network defence and analyses the current situation and development trends of firewall briefly.Then the project background and what is done in the paper are introduced in detail.At the same time,this paper makes a deep researches on the key technology and realization mode of firewall.On the basis, the major work is as followed:(1) The design plan for the firewall based on network processor is proposed on the background of the network defendece system,and an in-depth researches of the advantage of the network processor which is used in network application platform is maded.(2) The constuction of software development platform is implemented by using RedBoot as bootloader and SnapGear Linux as Operation System,which involves the installation of cross-compiling environment,the compilation and downloading of RedBoot,and the configuration and transplant of SnapGear kernel code.(3) On the basis of studying the mechanism of netfilter,which is the firewall framework on the Linux 2.4 kemel.A firewall is designed in netfilter architecture. First, a packet filter firewall which is based on state is implemented by using iptables,then a flow monitoring kernel module is designed and implemented as the strengthening of the firewall function.Finally,a simulation test of technique plan is done.The test results showed that the hardware firewall system which designed and implemented in this paper can fully satisfy the requirements of the use of background,and the effect is fine.