摘要
介绍了应用netfilter/iptables技术构建甘肃地震信息网络安全防火墙的技术方案和设计思想。较完整地给出了甘肃地震信息网的防火墙配置脚本,并对每个功能的实现策略作了详尽的解释。客观地分析了netfilter/iptables技术的优点和不足。
The technological scheme and design method of building Security Firewall of Gansu Seismic Information Network through Netfilter/iptablestechniques are introduced.The firewall disposition script of this system is completely showed,and the implementation strategy of every function is detailedly explained.Finally,the advantages and disvantages of netfilter/iptables techniques are objectively analyzed.
引文
[1]梁如军,丛日权,等.Red Hat Linux 9网络服务[M].北京:机械工业出版社,2003.
[2]Christopher Negus著.梁杰,巩樱,等译.Red Hat Linux 8宝典[M].北京:电子工业出版社,2003.
[3]RFC1631.The IP Network Address Translator(NAT).1994.
[4]RFC792.Internet Control Message Protocol.1981.
[5]RFC793.Transmission Control Protocol.1981.
[6]游文南.浅论网络防火墙技术[Eb/OL].http://www.edu.cn/20020816/3064482.shtml.
[7]Rusty Russell.Linux 2.4 Packet Filtering HOWTO[Eb/OL].http://linux.dalouis.com/doc/iptables/pfhtcn.html.
[8]Oskar Andreasson.Iptables Tutorial 1.1.19[Eb/OL].ht-tp://www.jollycom.ca/iptables-tutorial/iptables-tutorial.html.