Fast Firewall Implementations for Software-Based Routers

Routers must perform packet classification at high speeds to efficiently implement functions such as firewalls. The classification can be based on an arbitrary number of prefix arid range fields in the packet header. The classification required for firewalls is beyond the capabilities offered by standard Operating System classifiers such as BPF, DPF, PathFinder and others. In fact there are theoretical results that show the general firewall classification problem.

Provided by: Cornell University Topic: Security Date Added: Jan 2010 Format: PDF

Download Now

Find By Topic