摘要
定义个人防火墙系统应具备的主要功能,其核心技术是网络数据包的过滤。给出Windows系统网络协议分层体系结构,在对OSI参考模型和Windows网络体系结构对比分析的基础上给出实现包过滤的不同技术路线。对各技术路线进行评估,选择SPI作为实现方案,给出使用SPI进行包过滤的技术要点,个人防火墙系统的运行表明其具有较快的包过滤处理性能。
The main functional attributes of personal firewall system are defined. The core technology for realizing is packets filtering. The Architecture of Window's Network(AWN) is presented, and on the basis of comparison between OSI and AWN, several solutions of packet filtering are listed. The solution using SPI is selected after reviewing and its key realization points to filter packets are offered. The personal firewall system realized using SPI shows good performance for filter network packets.
出处
《计算机工程》
CAS
CSCD
北大核心
2009年第12期114-116,119,共4页
Computer Engineering
基金
湖北省教育厅基金资助重点项目(B200619001)
关键词
个人防火墙
包过滤
传输层设备接口过滤驱动程序
personal firewall
packet filter
transport layer device interface filter driver
