ҿǽɴ 
InternetʷǰĳҪԺ;޴Ŀã֮ϵԴ໥Ҳ֮ڡΪַƣΪʹܳϵԴ类Ϊ׽롣˾׽벢ƻ
ͨInternetֲַļϵͳڴչϢԴĿռ߶ȵͬʱҲϢʱ߶ȣϢԴʣԱϵͳȫǰδеսװ(ȫInternetԼʮ3000ϵͳ)ȫԵĵǡǧ״̬͵ϵͳ簲ȫϾҪ 
簲ȫһʹúܹ㷺ļ"ǽ"Internetڲ֮һ"ǽ"ĿǰȫInternetļԼ֮һǴ"ǽ"֮¡ 
ôʲô"ǽ"(Fire Wall)أ˼壬"ǽ"赲ⲿ(Internet)Ӱڲ(Internal network)ϡⲿô۸ӣݬ룬"ǽ"Ĺˣڲɸۻ𣬲ܻΣרҵһĻ"ǽ"ҪĿľǷֹⲿδȨʡ 
"ǽ"߽ͨϽӦͨѶϵͳﵽ簲ȫĿġ 
"ǽ"豻ȷı߽ͷ簲ȫвⲿ磬"ǽ"ͼͨ⡢ơĿԽ"ǽ"ͨܵضⲿйرϢṹʵֶİȫɴ˿ɼ"ǽ"ϵͳȽʺԶⲿ绥;޲Լк͵һϵͳҵרһڴࡣ 
"ǽ"ͨ˽ṹͷϵĸǿ簲ȫĶȷպϱ߽һ飬ķԱⲿĶ簲ȫв"ǽ"ڶķܺ˽ṹϸϣڱܱͨרӲʩۺϣԿԽ߽Ϣṩ⡢޸ĵֶΡɼ"ǽ"ʺҵרҵʹãرҵרҵ빫绥ʱʹá Ŀǰҵϴʹ"ǽ"ֹĳЩⲿ룬ӶԱйصҵַܵ磬ҵڲӦõWebEmail"ǽ"ڣڹʹõWeb"ǽ"⣬ⲿֻоȨûͨ"ǽ"뵽ڲȡϢ֮ڲϵûInternet,Ҳͨ"ǽ"ļ飬ȷǷϷ 
Ҫ˵ǣǰİȫͨĿԡԡΪ۵ġ"ǽ"Ҳ⣬ҪԽΪյ˽ṹ֧֡"ǽ"ĸãһǿڲİȫһȴʹڲⲿ(Internet)Ϣϵͳܵ谭ڡǽϸӸϢĴڲⲿϢҼϢʡˣһԣֻжԸ簲ȫرҪ󣬶ҪInternetҵ˾Žʹáǽ 
⣬ǽڼԭ϶ڲϵͳİȫв߱ãֻⲿţڲİȫҪͨڲЧƺ͹ʵ֡ 
ĳ趨ǽϵͳôҪԱרҹͬİȫԣȷʲô͵Ϣͨǽʲô͵Ϣͨ"ǽ""ǽ"ְǸݱλİȫԣⲿڲ罻ݽм飬ϵԷУϵľ֮⡣⣬Ҫȷǽͣǽˡ
ǽԣеĴ⵽ڵϢڵϢͨǽֻܱİȫͨŲͨǽǽԸֹߡ 
ǽ"ͨɹصɡУĳЩͨĴ䣬ṩм̷ҲɰѡǽΪѡͨźؼɵǽѡֹ֮ͨͨԸѡͨΪĿĵصݷ飬ֹԸѡͨŵݷ飬ԴַĿĵصַûиѡͨŵַκݷ鶼ֹ͵ѡͨһһ̨Źؼһ·ǽֿɷΪ·ɵġǽġǽȵȡ 
ʵ֡ǽõҪݰˡӦüغʹȣڴ˻Ϻ˽ṹйؼ(λú)ʶʹҲǱ֤ǽЧʹõҪء 
1.ݰ˼(Data Packet Filter) 
˼壬ݰ˼ʵλöݰʵʩѡͨѡݼΪϵͳõĹ߼ 
ͨеÿݰ󣬸ݰԴַĿĵַõTCP˿ںšTCP·״̬ػǵȷǷݰֻͨ߼ݰűתӦĿĵص˿ڣݰ򱻴ɾΪ 
ڲ磭(Filter)·(Router)Internet 
һṹ·FilterͬɶڲIPַϵƣҲָڲInternet·FilterضĶ˿ͨѶ·ɣFilterִɸѡˡ֤䰲ȫأԺ̶ܴȸĲķʵ¼ 
ݰ˼ʵַʽ൱࣬Ŀǰ·豸ͨһݰʹ·豸·ѡת֮ͬʱݰĿǰʵַʽ֮һڶInternetInternetӶҪʹ··Ϊͨŵıؾ˿ڡЩ·͵·ݰ˹ܣ·ΪScrcening RouterͨҪӲ/ãҲҪ˽ṹĶ 
Ӧע⵽ݰ˼ıо޵ģΪ·ʹ·ļλЭϢʹͨӦ·Эʵֵİȫв޷ 
⣬ݰļ͹˻·豸Ĺܲɹ۵Ӱ졣·ڲԴƣͨ·ֵķǷݰɾѣ棬ӶаȫϵͳҪĿԡ·ҿʼͨʵַǷݰĵ¼ͱ棬Ǽʹ·Ĺٶȱ 
2.Ӧ(Application Gateway) 
Ӧй˹ܵ·һǶԼ豸ܵ䣬ҶǸض߼Ƿضݰͨ 
ͬǣӦǽӦ·ϵЭ˹豸رӦ÷Эָݹ߼ɸڰӦЭָݹ߼й˵ͬʱݰĽȡĴʩ¼ͳƣγɱ档 
Ӧͨһ̨רüʵ̨֣ӵΨһ;̨Ϊ(Bastion Host) 3.(Proxy Server) 
صǽпԽǽͨ·ΪΡǽӦ·ֹڴϵʵ֣ⲿֻܵɴʵˡǽ룬ڴ˵Чһ紫·ϵתĹܣرʾǣ 
ڲ磭(Proxy Server)Internet 
ַʽڲInternetֱͨѶڲûһͨѶʽṩڲЭ(NetbiosTCP/IP)Internet֮ȡǱ׼TCP/IPͨѶЭ顣ʹݰֱ֮СڲͨInternetڴ϶ڲơ⣬ڴ˲òͬЭ׼ҲֱֹǷ֡Уؿɶݷ֤ͶȷϵȰȫơܽϺõؿƹ˵û"ǽ"á 
ǡǽƳһ֣ŵڿԽڲṹǿİȫܣͬʱʵʩǿءˡ¼ȹܡʹôȱҪΪÿרơӦļع˹ܣڴ൱ĹͨҪרõӲ(վ)е 
֪֡ǽʩͨУûʱЧʱȻܵӰ죬أInternetĿͻڲ޷Internet 
ϣõġǽĹؼ˽ṹĺѡüǽĺáǽʵֶֶϸڸͬ 
еġǽļģʽһȱݣѰģʽġǽǽҪ¼չ 
͡ǽڶԸ߰ȫԵҪеĳ̰ѻݰ˵ķͻڴķγµġǽƷ
NATַתĿǰһЩǽʹNAT(Network Address Transtlaterַת)NATԭͺһ绰ܻͬڲʱʹͬIPַ(൱ܻ)ڲ绥ͨѶʱʹڲIPַ(൱ڷֻ)ʹڲ粻õԼIPַIPַͻʹNAT磬ʹڲⲿ˵ǲɼġڲ˺ܴİȫôΪⲿֻڲ緢NATһԶ׼Ŀ;ǽIPַѷ⣬NATܴһЩֵӡ
··ͨ·ݽмܺѹȻͨɿ紫䣬ĿĶ˽нѹͽܡ·ʹýʹInternetȥһ˽硱 
ȫںˡ˲ô⣬ǿʼڲϵͳĲϿǰȫԡǳ԰ѼϵͳںпȫĲִں޳ȥӶʹϵͳȫĿǰһЩҵ"ǽƳUnix汾İȫںˡ 
ȨInternetЩڴ洢תӦóʱϵͳȨһشİȫ©ˣڻڴġǽڣҪʹôٵȨòҪȨС  
 