Akademik Veri Yönetim Sistemi
8th International Conference on Computer Science and Engineering, UBMK 2023, Burdur, Türkiye, 13 - 15 Eylül 2023, ss.261-266
FreeBSD is widely used in the industry as an operating system firewall. Pfsense and Opnsense distributions are open source firewalls that utilize the FreeBSD operating system and are preferred by many companies in the industry. The firewall in the FreeBSD operating system can perform filtering operations based on IP and Port addresses. However, it does not have filtering in the application layer of the OSI model. Pfsense and Opnsense use open source software such as Snort and Suricata to overcome this limitation. This software applications work in the user-space. Nevertheless, it is also known that applications running in user space consume more resources than those running at the kernel level. In this study, the filtering process at the application layer is carried out at the kernel level by using the Pfill hook method of PF, which is the firewall of the FreeBSD operating system. The Aho-Corasick algorithm employed for pattern searching within the packet. The proposed technique was compared with the suricata software on the Pfsense operating system in terms of bandwidth usage and processor consumption with the same number of rules. As a result of the comparison, it has been determined that the developed application can filter with more bandwidth in the same number of rules and consumes less processing power in the same bandwidth with the same number of rules. In addition, the proposed technique was applied to the software defined network (SDN) architecture, which has gained widespread acceptance in the computer networking world, and was compared with studies implementing the SDN architecture.