The Design And Implementation Of Adaptive Path Hybrid Firewall Based On Packet Filtering Technology

With the development of science and technology, network has penetrated into every corner of the world, to the state organs, small to every family cannot do without the network, network brings great traversal to everyone working life, more quickly to help people communicate, and help enterprises to create greater economic value data transmission technology workers, help more quickly, and so on a variety of convenience.It is because of the ubiquitous network, network security is more important to highlight. Especially for the enterprise, network transmission enterprises are commercial secrets, or provide service, network security is related to the economic interests of enterprises, so enterprises for their own network security special attention. This part of the demand of firewall happens to meet the enterprises, hardware firewall large can provide security functions of various, including black list, VPN, DDOS, Proxy and agency functions, adopting high performance hardware, so in terms of performance can completely satisfy the large flow of the enterprise in the environment.The general function of single protective wall common market, such as DDOS, firewall, Proxy proxy firewall etc. at the same time, because of the design of the architecture of the complex, cumbersome process, cause performance bottlenecks, this problem can’t be resolved by simply improve the hardware configuration, the need to optimize the overall architecture, simplifying processing flow to solve.This paper is aimed at this kind of present situation, proposed a composite type firewall packet filter based on the principle, outstanding characteristic is adaptive path and functional composite. First of all, introduce the adaptive path, the traditional firewall for each message are in need of treatment, in fact for the message, the firewall really care about is the head, the content of the message does not need to care about, so the traditional firewall many processing are repetitive, self adaptation path from the traditional firewall performs the same processing for the first packet, difference in subsequent message, use the message five tuple to uniquely identifies a session, for subsequent packets with the same deal flow and the first message to carry on processing; composite function refers to the comprehensive common firewall features, including the Proxy proxy, DDOS attack defense, black list function, and the well-known single packet attack. Integrated a variety of functions, can provide a full range of enterprise safety.This paper first introduces the classification of firewall and various characteristics, and then divided into the command line processing, user mode, kernel mode three parts to illustrate the system, the module is divided into the black list module, the Proxy agent module, DDOS attack prevention module and a well-known single package module. The technical difficulties in the Proxy agent module, module and adaptive path on the whole architecture design to prevent attacks on DDOS, at the same time for the well-known single package module, the statistical analysis of known famous single packet needs to do a lot of statistical work to ensure not missing.