摘要： 从集合角度描述防火墙过滤规则及规则之间存在的异常类型，给出规则间异常类型判定方法。指出直接使用判定方法分析防火墙规则集时所存在的问题，提出一种基于规则顺序敏感性的防火墙规则配置异常分析方法，得到等效的不相关规则集，实现过滤规则的改写。

关键词: 防火墙, 过滤规则, 异常, 顺序敏感性

Abstract: According to set theory, the method specifies the firewall filtering rules and various types of anomaly among them, brings forward a judgment method of anomaly types, points out the problems in the process of judgment which works directly on firewall rules. On the basis of order-sensitive characteristic of firewall rule configuration, the method finds out the equivalent irrelevance-rule set and modifies the filtering rule.

Key words: firewall, filtering rule, anomaly, order-sensitive characteristic

中图分类号: 

• TP393.08