服务语义事件的监测、分析以及控制

Linux firewall permits users to define a set of rules to control legitimate packets access system, especially the netfilter kernel module of the firewall is to provide a packet capture feature that allows users to customize the data packet analysis operation. This article provides monitoring and analysis capabilities in the process of networking services, through the physical network card packet capture and analysis, to get the abstract event represented by data packet and compare with the given events to judge legality, and at the same time, to determine its legitimacy in the whole process. If two kinds of legality are met, then put the data packet through; otherwise, firewall processing will be called and packet discarded.