Abstract Along with the advent of 21 century, the internet’s flying development brings us unimaginable advancement on life style and industry. It not only improves on our work efficiency, but also enriches peoples life. It’s becoming more and more important for us. Whereas internet’s development also brings us a progressively problem called the safety of network. In numerous of modes to keep away from network attacks, firewall depends on its logical price, strong applicability and wieldy handle win a lots of people’s favor. This thesis started with network safety, and discussed how to design a packet filtering firewall on Linux system. In content, this thesis includes six parts. At the chapter 1 of the thesis, it depicted and analyzed the actuality of network safety in China. At the next chapter it compared and analyzed four models of network attacks nowadays. On chapter 3, it introduced six models of firewall, afterward, it detailed introduced the elements of packet filtering firewall and analyzed its excellences and disadvantages. Chapter 4 is to introduce Linux kernel and Netfilter which is the basic on theoretic to design a packet filtering firewall on Linux system. And the chapter 5 is to introduce the processes of designing a firewall. Finally, it carried the summary of the whole thesis.
KEY WORDS: The network safety; The network attacks; Firewall; Netfilter; Hook TYPE OF THESIS: Software Development