摘要
通过对主流防火墙技术的分析,依据流过滤的思想,采用还原会话的方法,提出了基于Linux平台的内容过滤框架,并给出了代码实现的基本流程。模拟运行并添加相应过滤规则后,达到了在IP层过滤应用层攻击信息的目的。
The purpose of the paper is to resolve the problem of content filtering. It analyses the mainly technologies of firewall domestically and uses a method of renewing the session to bring forward the frame of content filtering built on Linux platform, at last some kernel modules and data structures are given. When the system runs and some rules are inserted attacking information included in application layer are eliminated on ip layer, which proves the correctness and feasibility of the frame.
出处
《哈尔滨理工大学学报》
CAS
2004年第2期56-59,共4页
Journal of Harbin University of Science and Technology
基金
黑龙江省自然科学基金(F9814)
哈尔滨市学科后备带头人基金