摘要
针对网络接入点的安全性这一特定领域,本文旨在通过混合利用ebtables和iptables的网络过滤机制,构建一个基于Linux平台的透明网桥式的安全接入点。该接入点主机系统不仅能够作为一个透明网桥实现异构LAN之间的桥接功能,同时还作为一个防火墙可根据用户的自定义安全策略,实施对于数据帧和数据包的双重过滤,因此可有效增强接入点的安全性。
Aimed at the security of a network access point (AP), this paper presented a kind of AP based on a Linux transparent bridge server by integrating the br--nf mechanism of ebtables with the net-filter of IPtables source projects. The system could not only offer users the functions of a bridge such as bridging isomeric LAN segments, but also could filter data-link layer' s frames and network layer' s packets simultaneously according to the user' s custom security policies by working as a firewall. Thus it could effectively enhance the security of AP.
出处
《科技资讯》
2009年第15期23-24,共2页
Science & Technology Information
基金
石河子大学国家863后补助项目"基于Linux系统的室内红外无线接入点的研发"(项目编号:hbzxm2006-016)
