Fire Wall Rule Table Analysis
Notations:
1. F1 ~ F5: 5-tuple fields in packet header
F1. Source IP
F2. Destination IP
F3. Source port
F4. Destination port
F5. Protocol value
2. P: Prefix
3. R: Range
4. S: Protocol value
5. *: Don’t care term
The purpose of the table: Calculating the number of distinct filed values
FW |
# of distinct filed value |
Table Size |
Summary |
||||||
F1(P) |
789 |
1731 |
2625 |
4312 |
6939 |
8733 |
79-87% |
||
F2(P) |
314 |
649 |
925 |
1590 |
2556 |
3081 |
30-32% |
||
F3(R) |
9 |
9 |
9 |
9 |
9 |
9 |
9 |
||
F4(R) |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
||
F5(S) |
5 |
5 |
5 |
5 |
5 |
5 |
5 |
||
# of * |
F1(P) |
108 |
202 |
266 |
504 |
776 |
978 |
8.8-11% |
|
F2(P) |
477 |
964 |
1482 |
2444 |
3925 |
4959 |
47-50% |
||
F3(R) |
369 |
755 |
1072 |
1792 |
2793 |
3497 |
35-37% |
||
F4(R) |
1000 |
2000 |
3000 |
5000 |
8000 |
10000 |
100% |
||
F5(S) |
253 |
512 |
744 |
1270 |
1969 |
2506 |
25% |