期刊文献+

防火墙规则优化 被引量:1

RESEARCH ON FIREWALL RULES OPTIMIZATION
下载PDF
导出
摘要 研究确保在防火墙规则应用之前能够进行规则的冲突检测,避免规则之间出现矛盾、冗余。同时,描述了在保持规则间相互关系的基础上,利用日志管理系统的统计数据对规则重新排序,将最常用的规则放在具有高优先级的位置,从而降低规则比较的次数,进而提高防火墙过滤数据包的速度。 In this paper it studies the correctness of packet filtering rules, and conflict detection before rules being applied to avoid contradiction and redundancy between rules. This paper also elucidates reordering of the firewall rules according to the statistic of log system while maintaining the relations among rules. This reordering is achieved based on a priority assignment which takes into consideration the frequency at which the rule is invoked, so it will reduce the frequency of packet comparison to achieve the optimization of iptables rules, and to increase the speed of packet filtering.
出处 《计算机应用与软件》 CSCD 北大核心 2008年第12期263-265,共3页 Computer Applications and Software
关键词 防火墙规则 冲突检测 排序 规则优化 Firewall rule Conflict detect Reorder Rule optimization
  • 相关文献

参考文献4

  • 1Gouda M G, Liu X Y A. Firewall Design : Consistency, Completeness, and Compactness [ C ]. Proceedings. 24th International Conference on, distributed Computing Systems ,2004:320 - 327.
  • 2Al-Shaer E S, Hamed H H. Firewall Policy Advisor for Anomaly Discovery and Rule Editing [ C ]. Integrated Network Management, 2003. IFIP/IEEE Eighth International Symposium on, 24 ( 28 ) March 2003 : 17 - 30.
  • 3Acharya S, Jia Wang, Zihui Ge, et al. Traffic-Aware Firewall Optimization Strategies[ C ]. Communications,2006 IEEE International Conference on, June 2006,5 : 2225 - 2230.
  • 4周华平,林浩伟.基于Linux防火墙的日志审计系统的研究与实现[J].自动化技术与应用,2005,24(11):25-27. 被引量:4

二级参考文献3

  • 1MICHAELE.WHITMAN HERBERT J.MATTORD.信息安全原理[M].北京:清华大学出版社,2003..
  • 2Yawl.IP分片重组的分析和常见碎片攻击[EB/OL].http://www.nsfocus.com,.
  • 3W.RICHARD STEVENS著.TCP/IP协议详解[M].北京:机械工业出版社,2000..

共引文献3

同被引文献11

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部