| Popis: |
The current traffic trend on computer networks is growing exponentially, affecting network firewalls because they constantly have to filter out massive amounts of data. In this paper, we implement a firewall framework to improve traffic processing speed, named the Fast Firewall Framework (FFF). FFF can verify rules at Big-O(1) worst-case access time, and it also consumes a small amount of memory, which is only Big-O(nbit). To evaluate the firewalls' effectiveness, we benchmark the proposed firewall framework against the two fastest firewalls (The state of the art of opensource firewall), IPSets and IPack. The experimental results show that the Fast Firewall Framework can execute rules faster than both firewalls and consumes less memory. In particular, the proposed firewall framework has a simple structure that makes it easier to implement. |
