| 嵌入式Linux防火墙系统研究与实现 |
| |
| 引用本文: | 文俊浩,姬楷,高存志,郝建伟.嵌入式Linux防火墙系统研究与实现[J].计算机工程与应用,2007,43(28):144-146. |
| |
| 作者姓名: | 文俊浩 姬楷 高存志 郝建伟 |
| |
| 作者单位: | 重庆大学 软件学院,重庆 400030 |
| |
| 基金项目: | 重庆市信息产业发展项目 |
| |
| 摘 要: | 为了构建安全可靠的网络,同时降低使用防火墙的成本,对Linux2.4内核防火墙结构Netfilter的实现机制进行了深入的研究和分析,并利用该机制设计实现了一个嵌入式Linux防火墙系统,该防火墙实现完善了包过滤、URL过滤、NAT和日志等防火墙基本功能,同时集成了非军事区(DMZ),为Internet和Intranet之间建立了缓冲地带,以保证Intranet的安全。此外,该防火墙系统还集成了状态检测技术,可在内存中维护一个跟踪连接状态的表,比简单包过滤防火墙具有更大的安全性,并提供友好的管理配置界面。
|
| 关 键 词: | MINILinux 防火墙 iptables NAT DMZ |
| 文章编号: | 1002-8331(2007)28-0144-03 |
| 修稿时间: | 2007-01 |
Firewall system based on embedded linux OS |
| |
| WEN Jun-hao,JI Kai,GAO Cun-zhi,HAO Jian-wei.Firewall system based on embedded linux OS[J].Computer Engineering and Applications,2007,43(28):144-146. |
| |
| Authors: | WEN Jun-hao JI Kai GAO Cun-zhi HAO Jian-wei |
| |
| Affiliation: | College of Software Engineering,Chonqing University,Chongqing 400030,China |
| |
| Abstract: | For the safety of LAN and using firewall thriftily,the authors analyze the architecture of Netfilter in Linux2.4 kernel.Then the authors implement the firewall system based on embedded Linux OS,which has basic functions as Package Filtration,URL filtration,NAT and log.And,the firewall system integrates with DMZ which establishes a buffer zone between Internet and Intranet to make the Intranet safer,and connection tracking which maintains a table for connection track in order to get the more safer than package filtration.What’s more,this system provides friendly GUI for configuring system. |
| |
| Keywords: | MINI Linux firewall iptables NAT DMZ |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
