NETWORK TRAFFIC ANALYSIS AND IP PACKET PROCESSING MONITORING IN LINUX OS

Abstract

The article deals with one of the topical problems of information security - the control and filtering of network traffic by retaining network packets. To stop network traffic, the Linux kernel structure is used, which describes the network device, and the structure struct net_device_ops, which lists possible operations on a network device; two functions are also used: ndo_start_xmit to handle outgoing packets and rx_handler to handle incoming packets. Using the structures and functionality of the Linux operating system kernel provides the necessary stability for developing software for analyzing the contents of data transmitted in packets, encrypting and decrypting them, and adapting to user requirements. The proposed method can be used to create a new generation of firewalls that implement deep packet analysis technology, and can also be used as a supplement to existing firewalls.