MULTI-LAYER BASED METHOD FOR REALIZING A NETWORK FIRE WALL, PARTICULARLY CONCERNED WITH PERMITTING NON-REQUEST COMMUNICATION WITH A TRUSTED NETWORK DEVICE WHILE CUTTING OFF NON-REQUEST COMMUNICATION FROM OTHER NETWORK DEVICE
PURPOSE: A multi-layer based method for realizing a network fire wall is provided to include plural layers in a fire wall framework, so that each layer can process packets according to a layer protocol while requesting a fire wall policy to be applied to the packets, then to include a fire wall engi...
Saved in:
Main Authors | , , |
---|---|
Format | Patent |
Language | English Korean |
Published |
16.12.2004
|
Edition | 7 |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | PURPOSE: A multi-layer based method for realizing a network fire wall is provided to include plural layers in a fire wall framework, so that each layer can process packets according to a layer protocol while requesting a fire wall policy to be applied to the packets, then to include a fire wall engine in the firewall framework. CONSTITUTION: A requesting layer for identifying packet parameters issues a classification request for predetermined packets(452). Filters matched with the packet parameters of the classification request are identified(454). Based on the matched filters, whether to drop the packets is determined(456). If so, the packets are dropped. If the packets are not dropped, the requesting layer processes the packets, and changes a packet context data structure(458). If an additional layer does not exist(460), the process is completed. |
---|---|
Bibliography: | Application Number: KR20040041339 |