Title :
The research and implementation of transplanting the Iptables/Netfilter to an IXP2400 based firewall system
Author :
Dou, Xiao Long ; Li, Jia Chun ; Zhang, Ling ; Dong, Shou Bin
Author_Institution :
Guangdong Key Lab. of Comput. Network, South China Univ. of Tech, China
Abstract :
NP based firewall research has attracted intensive attention. This paper presents a methodology to establish a rule parser and a command-line interface for a firewall system based on IXP2400 utilizing the existing code of the popular Iptables/Netfilter software. We describe how to modify the user-space code of Iptables and how to transplant the kernel code of Netfilter. We also explain the implementation of address transforming between the virtual address used by the Linux kernel and the physical address used by the ME.
Keywords :
authorisation; microprocessor chips; operating system kernels; IXP2400 based firewall system; Iptables; Linux kernel; Netfilter; command-line interface; rule parser; user-space code; virtual address; Application specific integrated circuits; Computer architecture; Computer networks; Delay; Filters; Hardware; Kernel; Linux; Power system security; Random access memory;
Conference_Titel :
Embedded Software and Systems, 2005. Second International Conference on
Print_ISBN :
0-7695-2512-1
DOI :
10.1109/ICESS.2005.95
