| With the development of internet, the internet technology has already combined withour life. However, when people enjoy the convenience of IT, the problems of internetsecurity are increasing, and have been the problem of first consideration on configuringnerwork and server by individual or community. Because of this, the firewall has been anindispensable part of computer networks. As the various kinds on typies and functions offirewall, the original designed firewall systems can perform well on performance andpertinence. Considering the Linux system has strong commonality and expansibility, it canbe designed to firewall systems by developers according the different internet requirements.After researching the Linux kernel, being fully analyse the architecture and function ofLinux firewall, finishing the overall firewall design, according to the main current networksecurity technology, this article designs an Linux firewall system based on X86.This article introduces the research background, domestic and international currentsituation of the project, also introduces the basic knowledge of firewall. And then states thestructure and principle of architechturing Linux kernel Netfilter/Iptables, analyzes theworkflow and its concrete implementation of network address translation technology andfiltering technique on details, recordes the activities of firewall on security log file.Furthermore, according to research on secure transport protocol and transport technology,it makes users can manage firewall function by browser conveniencely.In addition, in front of kinds of internet attacks, the firewall and IDS are helpless. Inorder to solve this problem, this article addes honeypot technique to cover the weakness oftraditional network security, also analyzes the achieved data by honeypot. This firewall notonly reduces the workload of network staff, but also is benefit to arrange the more targetednetwork security policy. |
PDF Full Text Request