| While the Internet gives people a more efficient and comfortable lifestyle,it also brings many hidden dangers to cyber security.When young people use the internet,the content of some websites and the harassment of bad network information will affect the physical and mental health of young people.Routers are widely used in home life.As the core device for network connection,the security of routers is worthy of attention.This paper takes the data flow in the LAN as the research object,based on the data filtering mechanism of Netfilter,proposes an analysis and interception idea of selecting and filtering the network data flow and adding the authentication function.The main work is as follows:First,analysis application layer protocols,including DNS protocol and mail transmission protocol.When implemented,the domain name information is filtered out.The pattern matching method is used for rule filtering.Identify the type of the application pointed to by the data stream after identifying the domain name information,and then make a corresponding realization by matching the IP address obtained from the IP address and the feature database to identify the specific application program.Second,in the Openwrt router,the Sqlite database is embedded in the kernel,enabling fast access to feature values.Third,the use of zero-copy technology combined with PF_REING mechanisms in the packet copy section improves data capture performance.Fourth,In embedded technology security applications,this article builds a system for realizing webpage authentication function in LAN.Laravel,which is the most frequently used PHP framework,add Nginx and php to design and implement the authentication server function.For a family with primary and middle school students in the network resource requirements,a set of pre-Internet operating database was designed.It was compiled into the router kernel,from the kernel to deal with a better timeliness,but also can improve the management and security of the LAN devices. |
PDF Full Text Request