摘要： 提出一种基于默认规则的防火墙优化方法，根据规则的匹配概率及防火墙日志，从默认规则中分离出简单规则，分析这些规则与原规则的关系，并合并成新的规则。评价规则对防火墙性能的影响，并选择性地加入防火墙规则库，实现防火墙线性匹配优化。实验结果表明，该方法在一般情况下能有效降低规则的平均匹配次数，提高防火墙性能。

关键词: 默认规则, 平均规则匹配次数, 规则的无冲突区域, 规则合并, 统计分析

Abstract: This paper proposes a firewall-optimization method based on default-rules. This method begins by the matching probability of firewall rules, extracting some simple rules from the default-rules based on the firewall logs. After analyzing the relationship between the simple rules and the existing rules, these simple rules are emerged into the new rules. The impacts of these new rules are evaluated on the firewall and some new rules are added to the rules library selectively, to implement the optimization for the linear match of the firewall. Experimental results show that, this method can reduce the average number of rules matches, elevating the performance of firewall.

Key words: default rule, average number of rule matching, conflict-free region of rule, rule merging, statistic analysis

中图分类号: 

• TP393.08