| 基于2.4以上版本内核的Linux防火墙技术研究 |
| |
| 引用本文: | 吴进.基于2.4以上版本内核的Linux防火墙技术研究[J].西安邮电学院学报,2008,13(3):94-98. |
| |
| 作者姓名: | 吴进 |
| |
| 作者单位: | 西安邮电学院,电子与信息工程系,陕西,西安,710121 |
| |
| 摘 要: | 介绍了由netfilter数据包处理框架和iptables用户空间工具组成的基于2.4以上版本内核的Linux防火墙的全新架构,分析了防火墙对数据包进行处理的位置的选择,以及防火墙对数据包进行处理的多种方式以及防火墙的连接跟踪功能,最后给出了防火墙的具体应用,为基于2.4以上版本内核的Linux防火墙的应用提供了参考。
|
| 关 键 词: | Linux 防火墙 netfilter iptables |
| 文章编号: | 1007-3264(2008)03-0094-05 |
| 修稿时间: | 2007年9月21日 |
Research of the Linux firewall based on the kernel of 2.4 and above version |
| |
| WU Jin.Research of the Linux firewall based on the kernel of 2.4 and above version[J].Journal of Xi'an Institute of Posts and Telecommunications,2008,13(3):94-98. |
| |
| Authors: | WU Jin |
| |
| Affiliation: | WU Jin (Department of Electronic and Information Engineering , Xi'an University of Post and Telecommunications, Xi'an 710121 ,China) |
| |
| Abstract: | This paper introduces a brand-new architecture of the Linux firewall based on the kernel of 2.4 and above version,composed by the packet mangling framework NETFILTER and the user-space tool IPTABLES.It also analyzes where to mangle the packets when they traverse the protocol stack,the ways packets are mangled and the connection-tracking function of the Linux firewall.A detailed application of the firewall is demonstrated at the end of this paper to give some references for using the Linux firewall based on the kernel of 2.4 and above version. |
| |
| Keywords: | Linux firewall netfilter iptables |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
