| Along with Internet's swift and violent development, the information security, the network security already became the focus which the people paid attention day by day. As for the government and the enterprise, for promoting the security of its internal local area network, must implement powerful management to the user. The management strategy will be the basis of the management implementation. Without the scientific management strategy, the management will become "the pictures of cakes" but not to be able to solve the problem.The strengthened service, the promoted management, the service and the management develop simultaneously. The goal of the powerful management implementation lies in a better application. Therefore, while strictly requests to the user, must provide a better service and the safeguard for the users. Under the safe premise, must facilitate the users' network application. Must promote a more effective management with the good service, and guarantee the better network application with the effective management, in order to achieve the effect of the benign development.For the implementation of users' management, the data packet filter is one kind of very good measure. The data packet filters take the package classification technology as a foundation. The speed of the package classification and its function's strong and the weak and so on affect the performance of data packet filter directly. And to guarantee the quality of the grade of service, the traffic management is one kind of effective solution. The dynamic assignment and the sharing of users' bandwidth can safeguard the users' service application, specially can enhance the performance of the essential service.This article has conducted the thorough research to the package filter the mechanism and the traffic control mechanism involved with the gateway of network service surveillance, proposed one kind of users' non-conflict grouping package classification algorithm and the traffic limit algorithm which face the gateway of network service surveillance. The package classification algorithm has introduced the concept of the non-conflict hash and the grouping search. The proposed support sharing bandwidth pair of token buckets traffic limit algorithm premises the guarantee safeguard bandwidth, shares farthest current useable bandwidth, thus may highly effective realize user's access control and management of network bandwidth.Each function of the gateway of network service surveillance has been designed and realized based on the essential algorithm research foundation, specially rule transmission protocol and the behavior transmission protocol between the entities, the behavior monitoring and the packet filter and so on. The classification, filter, limit and so on, involved with the traffic control in the gateway of network service surveillance... |
PDF Full Text Request