The development and population of network has diverted user' s requirement for network access control. Because of this diversion, more and more network users have advanced their special requirements for network access control to the network designer. For the purpose of solving the problem above, this paper discusses the principle and implementation of packet filtering technology, the combination of role-based concept and packet filtering technology, packet transferring technology, and raw socket technology; in what possibility and how a new method can be implement with these technology. At the same time, this paper also propose a solution that use packet filtering technology, packet transferring technology, and raw socket technology as its kernel technology. At the rest of this paper, the following information are given: introduction to the variation of user status on the server; process of dynamic modifying to rule of packet filtering; the application of design patterner in implementation of rule table of packet filtering. |