摘要
论述Linux构建的状态检测防火墙中基于CONNTRACK模块实现网络连接数的限制。其实现机制不同于现有的connlimit模块,在统计连接数方面的算法效率更加高效,连接限制的有效性也通过实际测试得以验证。
The paper studies a method for limiting the number of connections based on CONNTRACK for Linux-based stateful firewalls. It is different from the connlimit module and has more efficient algorithm for counting the number of connections than the connlimit module. The test result shows that the method is effective.
出处
《重庆科技学院学报(自然科学版)》
CAS
2011年第3期169-172,共4页
Journal of Chongqing University of Science and Technology:Natural Sciences Edition