基于Linux包过滤的防火墙技术及应用 |
| |
引用本文: | 何海宾. 基于Linux包过滤的防火墙技术及应用[J]. 电子科技大学学报(自然科学版), 2004, 33(1): 75-78 |
| |
作者姓名: | 何海宾 |
| |
作者单位: | 西华大学能源与环境工程系,成都,610039 |
| |
摘 要: | 讨论了Linux操作系统内核的Ipchains软件包工作原理。利用Ipchains中的输入链、输出链、转发链和自定义链等防火链,通过设置一系列规则,过滤被主机接收、发送或转发的数据包或主机从一个网卡转发到另一个网卡的数据包,实现根据源地址、目的地址、协议号等信息控制访问,企业无须专门的防火墙产品,即可建立包过滤防火墙。该技术适用于中小企业或部门级用户。最后给出一个在局域网环境下用Ipchains实现Linux防火墙的具体实例。
|
关 键 词: | Linux操作系统 Ipchains软件包 防火链 包过滤 防火墙 中小企业 |
收稿时间: | 2003-10-22 |
Technology and Application of Firewall Based on Packet Filtering of Linux |
| |
Affiliation: | 1.Department of Energy and Environmental Engineering,Xihua University Chengdu 610039 |
| |
Abstract: | Mainly on the principle of Ipchains embedded in Linux kernel has been discussed. A series of rules can be set up with the input chains or output chains or forward chains or user defined chains, these rules can filter the packet of input or output or forward by host computer and can also filter packet from one network card to another network card by computer. Therefore, the access control can be implemented base on data of source address and destination address and protocol number. This technology is suitable for the users such as small enterprise or department to set up a firewall without professional firewall production. An example is presented for demonstrating how to use the proposed technology as firewall in LAN. |
| |
Keywords: | |
本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《电子科技大学学报(自然科学版)》下载全文 |