| With the development of computer network and communication technology, the Internet is playing an increasingly important role in people's daily life and work. It has become an integral part of modem life, and all enterprises and institutions use the Internet to promote his influence. But the Internet brings people a great convenience and the profits also brings great losses. Therefore, the Internet security and information security has become the focus of Internet users in general the problem.In order to establish secure information network, network security technology research and design is extremely necessary and urgent。Firewall is the most popular and the most widely used as a network information security technology. This paper gives the system a variety of architecture, the core processing module, packet classification algorithm and the machine hardware and software implementations of the functionality and performance testing program, as follows:First in-depth analysis of various firewall technology and common firewall architecture based on the overall structure, functional structure and operation of each side to discuss the structure of the firewall architecture, each module to determine what part of running form, and how interaction and other external modules. Also from the structure in the functional point of view, divided into major functional modules of the system, and not for the time being set aside to achieve the module interfaces.Followed by analysis of the L2 and L3 packet switching and forwarding process to determine the forwarding module's internal implemention, and compared the packet filtering and stateful inspection and efficiency of the model to determine the system uses the state detection technology and gives the implementation process.Furthermore, the characteristics of the TCAM and the working principle of a hardware implementation of packet classification algorithm programs, improved methods and actual test results, then, for the TCAM is expensive, power consumption and the shortcomings of small capacity, discussed the software program and the modified method, tested program performance is better than the hardware.Finally, the machine features automated testing framework and Bug positioning process, performance test topology, test tools and test results, test results can be seen from the system than the world's leading Internet and security solutions provider Juniper's SRX5600 / 5800 even better performance, filled the blank of domestic high-performance firewall market. |