Return to search

Componentization of IP and Netfilter Architecture in Linux Kernel

In this thesis, we exercised the componentization technique to componentize the Netfilter architecture in Linux network system. Netfilter is a software architecture for filtering packets. System administrator can register packet-matching rules and target handling function into the system. Netfilter matches packets according to the rules and processes them by the corresponding target functions. By componentizing the architecture, we can improve the elasticity and the reusability of Netfilter. Hot-swapping is an important procedure in componentized software system. In this study, we implemented hot-swapping based on the work developed by Fan[1]. It stores the relocation information of exporting symbols into the module symbol table. With this information, we are able to dynamically change the caller-callee relationship of modular components at run time. In addition, we extend their work to allow the same modular component to be loaded into Linux kernel for more than once so that the same component can be replicated in the system.
We started with decomposing all the ¡§hook¡¨ functions into smaller and simpler components and then for each component, we added in-ports and out-ports and registered its own iptables, and we fixed the limitation of only one instance of a module allowed in kernel and broke the hard rule in iptables. As a result, after Netfilter componentization, we are able to illustrate new configurations that cannot be done in the original architecture, and the system becomes further compact with only necessary components loaded in the system. This reflects in slight performance improvement in our experiments, which is not usually seen in other frameworks due to componentization overhead.

Identiferoai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0725107-191401
Date25 July 2007
CreatorsLin, Jiun-nan
ContributorsMing-Chao Chiang, Hung-ying Tyan, Tsang-Ling Sheu
PublisherNSYSU
Source SetsNSYSU Electronic Thesis and Dissertation Archive
LanguageCholon
Detected LanguageEnglish
Typetext
Formatapplication/pdf
Sourcehttp://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0725107-191401
Rightscampus_withheld, Copyright information available at source archive

Page generated in 0.0018 seconds