摘要
为了提升Linux防火墙的性能,依据Linux2.4内核Netfilter框架原理,利用Iptables包过滤防火墙规则和POM库模块的功能,提出了防火墙配置的简化方法及其扩展功能,给出模拟实例.结果表明,该配置方法可以提高防火墙的效率,扩展其功能,并使规则文件更利于维护.
For improving firewall'function base on Linux, this paper, based on the linux 2.4 kernel netfilter, adopts packet filters fir ewall rules of iptables and function of modules kept in patch - o - matic (POM) repository, introduces simplified configuration rules and extended function of firewalls, and gives out simulative applications. The conclusion shows that efficiency of firewall is improved, functions of firewall are extended, and maintenance of the rules files becomes easier.
出处
《哈尔滨理工大学学报》
CAS
2004年第5期80-83,87,共5页
Journal of Harbin University of Science and Technology