International Journal of Computer Science and Network Security
Firewalls are crucial elements in the computer networks. Due to lack of tools for analyzing firewall policies, most firewalls on the internet have been plagued with policy anomalies. In this paper, the authors propose a method; which analyzes the firewall by using Relational Algebra and Raining 2D-Box Model. It can find out all the anomalies in the firewall rule-set in the format that is usually used by many firewall products such as Cisco Access Control List, IPTABLES, IPCHAINS and Check Point Firewall-1. While the existing analyzing methods consider the anomalies between any two rules in the firewall rule-set, they consider more than two rules together at the same time to find out the anomaly.