Design and Hardware Implementation of TCP Packet Filtering Based on State Detection

State detection is the main stream of the current firewall technologies. This paper introduces the principle of state detection firewall.The flowchart of state detection and the model of state transition for the TCP packets are presented.A method of sequence number scope check and dynamic timeout management ensures the system security.A hash algorithm is adopted to manage the state table,and the design is implemented on FPGA.The experiment shows that the design can work well in a Gigabit network environment.