| Iptables规则集的优化设计 |
| |
| 引用本文: | 张玉辉,王冬霞. Iptables规则集的优化设计[J]. 适用技术之窗, 2011, 0(1): 12-14 |
| |
| 作者姓名: | 张玉辉 王冬霞 |
| |
| 作者单位: | 景德镇高等专科学校,江西景德镇333000 |
| |
| 摘 要: | 随着网络功能的日益强大,防火墙的性能已经成为影响网络流量的瓶颈,因此在要求防火墙功能强大的同时希望其性能也更高。Linux作为一种开源的操作系统,以其稳定性和安全性著称。Netfilter/iptables系统是Linux下的一个功能非常强大的防火墙系统。针对使用iptables防火墙管理程序建立的防火墙,本文提出了从三个方面去优化它的方法:规则组织、state模块的使用以及用户自定义规则链,使数据包做尽可能少的测试,尽可能快的通过防火墙,最终达到提高防火墙性能的目的。
|
| 关 键 词: | 防火墙 Linux Iptables |
Optimization Design of Iptables Rules Set |
| |
| Zhang Yuhui Wang Dongxia. Optimization Design of Iptables Rules Set[J]. Science & Technology Plaza, 2011, 0(1): 12-14 |
| |
| Authors: | Zhang Yuhui Wang Dongxia |
| |
| Affiliation: | Zhang Yuhui Wang Dongxia (Jingdezhen Comprehensive College, Jiangxi Jingdezhen 333000 ) |
| |
| Abstract: | As the increasingly powerful function of network, the performance of firewall is becoming the network traffic bottlenecks. We request for firewall’s powerful function as same as it’s performance. Linux as a open source operating system, is famous for it’s stability and security. Netfilter/iptables is a firewall system based on Linux which has a great function. Management procedures for the establishment of a firewall using iptables firewall, this paper presents three ways to optimize it: organizational rules, the use of state-modules and user-defined rules of chain, so that the packet of test to do as little as possible, as quickly as possible through the firewall, and ultimately achieve the purpose to improve firewall performance. |
| |
| Keywords: | Firewall Linux Iptables |
| 本文献已被 维普 等数据库收录! |
|
