Research On Active Firewalls Based On ARM-Linux

With the development and the widely used of the Internet, the issues of network security are becoming increasingly serious. In many of the network security technology, firewall is one of the main .But the traditional firewall is passive, that is to say, the firewall only can control the data flow of network , uanable to prevent the sofrware or files that infected to go through and can not intercept the attacks that through the firewall. This paper discusses the insufficient of traditional firewall and introduces the conception of active defense to the firewall, researches and designs a kind of active firewall and have achieved some results.Firstly this paper summarizes the insufficient of the traditional firewall. The traditonal firewall have the characteristics of shortage, which only can control the data flow of the network and unable to intercept the attacks through the firewall. The conception of active defense is introduced to the firewall and the intrusion detection module and response module are added to the firewall, then the firewall have the functions of intrusion detection and response to the intrusion, it can intercept the data flow of intrusion through the firewall timely and make up the insufficient of the firewall. Based on the firewall Netfilter of Linux operating system, a kind of active defense system that include functions of detection,protect and respond centering with rule sets is constructed by adding the intrusion detection module and respond module into the firewall Netfilter. In this paper, the overall structure of firewall and each module of the firewall are researched and designed.Secondly, in order to reduce the cost and improve the operation efficiency of firewall, we design a kind of hardware platform for active firewall with the ARM11 kernel S3C6410 and two DM9000 nic controllers, then transplante the active firewall software system to this platform and realized the firewall system configuration of embedded system with double nics.At last, the function of active firewall is tested and the result proof that the active firewall can intercept certain intrusions. The firewall can detect the intrusions of the dataflow through the firewall, making up the insufficient that unable to intercept the intrusions, realized the active defense.