分布式防火墙系统设计与实现

发布时间：2018-05-12 03:28

本文选题：分布式防火墙 + 应用层过滤　；参考：《山东大学》2014年硕士论文

【摘要】：本论文的开发目标是使用主流防火墙技术开发一款实用的简易分布式防火墙软件。防火墙作为网络安全的重要组成部分,在军队信息化建设中起着至关重要作用。本文使用Filter Hook Driver的内核态过滤技术以及分布式的数据库管理技术。防火墙的核心功能是协议级过滤和应用层过滤,本论文包含以下两部分的内容： (1)在客户端方面,主要研究的是两个过滤模块的过滤规则的管理和由过滤事件而产生的日志的管理。第一,过滤模块的实现,本文采用Filter Hook Driver的内核态过滤技术。首先设计驱动模块的处理流程。然后实现各个处理流程的接口设计。最后实现处理流程中完成对接口的实现。第二,对数据库系统部分的实现。首先要分析的是以上两种规则的各个过滤功能字段和管理功能字段的设计,其次要分析两种过滤所产生的日志信息所需的字段。接着要根据以上分析进行数据库概念设计,然后结合Sqlite数据库的相关知识进行数据库逻辑设计以及其实现。最后通过调用Sqlite数据库的API为两个过滤模块提供操作规则和日志的接口。 (2)在服务器端方面,主要研究的是分析和设计两种规则的各个过滤功能字段和管理功能字段(值得注意的是服务器端的管理功能字段和客户端的管理功能字段不同,详细情况将在第三章中进行分析),接着根据以上的分析进行数据库概念设计,然后结合Sql Server2005数据库的相关知识进行数据库逻辑设计以及其实现。最后通过操作数据库的ADO来操作数据库,为上层提供接口。
[Abstract]:The development goal of this paper is to develop a practical and simple distributed firewall software using the mainstream firewall technology. As an important part of the network security, the firewall plays an important role in the military information construction. This paper uses the kernel state filtering technology of Filter Hook Driver and the distributed database management technology. The core functions of firewall are protocol level filtering and application level filtering. This paper includes two parts:
(1) in the client side, the main research is the management of the filtering rules of the two filter modules and the management of the logs produced by the filtering events. First, the implementation of the filter module, this paper uses the kernel state filtering technology of Filter Hook Driver. First, the processing flow of the driver module is designed. Then the interface design of each processing flow is realized. Finally, realizing the realization of the interface in the process of processing. Second, the realization of the database system part. First, we should analyze the design of each filter function field and the management function field of the above two rules. Secondly, we should analyze the fields required for the log information produced by the two kinds of filtering. Then we should carry out the database according to the above analysis. Conceptual design, and then combine the knowledge of the Sqlite database to design and implement the database logic. Finally, the API of the Sqlite database is called to provide the interface of the operation rules and the logs for the two filter modules.
(2) on the server side, the main research is to analyze and design the various filter function fields and the management function fields of the two rules (it is worth noting that the server side management function field is different from the client's management function fields, the details will be analyzed in the third chapter), and then the database is based on the above analysis. Read the design, then combine the relevant knowledge of the Sql Server2005 database to carry out the database logic design and implementation. Finally, the database is operated by operating the ADO of the database to provide the interface for the upper level.

【学位授予单位】：山东大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP311.52;TP393.08

【参考文献】