作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (01): 176-177. doi: 10.3969/j.issn.1000-3428.2007.01.061

• 安全技术 • 上一篇    下一篇

基于Linux内核扩展模块的P2P流量控制

陈海军1,李仁发2,杨 磊2   

  1. (1. 湖南大学软件学院,长沙 410082;2. 湖南大学计算机与通信学院,长沙 410082)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-01-05 发布日期:2007-01-05

P2P Flow Control Based on Linux Kernel Expanded Model

CHEN Haijun1, LI Renfa2, YANG Lei2   

  1. (1. Software School, Hunan University, Changsha 410082; 2. School of Computer and Communication, Hunan University, Changsha 410082)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-01-05 Published:2007-01-05

摘要: 分析了Linux Netfilter/Iptables 架构的实现机制和扩展技术,分析了P2P协议的特征,通过扩展Linux内核库,利用共享库实现用户数据空间与内核空间的数据交互,扩展防火墙的规则集,从而实现P2P流量控制的方法,而且可以根据不断出现的P2P业务更新规则集,具有很好的扩充性能。

关键词: 防火墙, 内核空间, 用户空间, 扩展

Abstract: After analyzing the mechanism and the expansion of technology for Linux Netfilter/Iptables, the characteristics of the P2P protocol, through expanding kernel lib based on the Linux system, this paper implements user data space and kernel space data interchange through sharing lib, expands firewall rule, implements P2P flow control, and according to emerging P2P business to update the rule set, with the good performance of expansion.

Key words: Firewall, Kernel space, User space, Expansion