Iptables包过滤技术及其在机载网络上的实现Iptables packet filtering technology and its implementation on airborne network
周斌,黄丝,赵彦斌,袁瑞阳,苏德虎
摘要(Abstract):
针对机载无线信息系统可能由地面网络技术引入网络安全威胁,因此机载网络需要对数据包进行过滤,根据规则限制数据传输。阐述了Iptables的工作原理,分析数据包过滤的规则操作及数据包的传输过程,及其在机载网络上的应用环境。对用Iptables在Linux上实现丢弃某IP数据包和阻止相关网页访问请求进行实验,在此基础上对基于Iptables的包过滤技术进行研究。
关键词(KeyWords): Iptables;包过滤;机载网络;Linux;防火墙;数据包
基金项目(Foundation): 国家重点科研项目(MJ-2014-S-37)~~
作者(Author): 周斌,黄丝,赵彦斌,袁瑞阳,苏德虎
DOI: 10.16652/j.issn.1004-373x.2018.09.007
参考文献(References):
- [1]史岩,朱佳,范祥辉,等.基于ARINC822的机载无线网络安全架构设计[J].硅谷,2014,7(12):44-45.SHI Yan,ZHU Jia,FAN Xianghui,et al.Design of airborne wireless network security architecture based on ARINC822[J].Silicon valley,2014,7(12):44-45.
- [2]谢鹏,安利.基于Linux系统的防火墙技术设计与实现[J].工业,2016(2):296.XIE Peng,AN Li.Design and implementation of firewall based on Linux system[J].Industry,2016(2):296.
- [3]王维剑.基于netfilter/iptables防火墙的设计与实现[D].淮南:安徽理工大学,2012.WANG Weijian.Netfilter/iptables firewall design and implementation[D].Huainan:Anhui University of Technology,2012.
- [4]XUAN L,WU P.The optimization and implementation of Iptables rules set on Linux[C]//2015 the 2nd International Conference on Information Science and Control Engineering.[S.l.]:IEEE,2015:988-991.
- [5]陈剑,李晓东.机载信息系统无线网络的安全设计[J].航空计算技术,2012,42(3):130-134.CHEN Jian,LI Xiaodong.Security design of airborne information system wireless networks[J].Aeronautical computing technology,2012,42(3):130-134.
- [6]朱艳.Linux网络防火墙Netfilter的数据包传输过滤原理[J].电子科技,2010,23(5):94-95.ZHU Yan.Principle of Netfilter packet transmission and transmission in Linux network firewall[J].Electronic technology,2010,23(5):94-95.
- [7]高祥斌.基于Linux的Netfilter处理数据包的过程分析[J].硅谷,2009(13):41.GAO Xiangbin.Netfilter process analysis of packet based on Linux[J].Silicon valley,2009(13):41.
- [8]林燕.Iptables规则集的优化设计[J].计算机时代,2015(2):47-49.LIN Yan.Optimization design of Iptables rules set[J].Computer era,2015(2):47-49.
- [9]LEMUS-Zú?IGA L G,BENLLOCH-DUALDE J V,MONTA?ANA J M,et al.Teaching computer networks using virtual machines[C]//2015 International Conference on Information Technology Based Higher Education and Training.Lisbon:IEEE,2015:1-3.
- [10]曹全新.机载信息系统的应用研究及发展趋势初探[J].民用飞机设计与研究,2014(1):72-76.CAO Quanxin.Application research and development trend of airborne information system[J].Civil aircraft design and research,2014(1):72-76.