RESUMO
Malformed packets and overlapping fragments are harmful to Intranet end hosts. A formalization engine was introduced to formalize transit packets and reassemble fragments to eliminate the fragment semantic ambiguity. In the formalization engine, malformed packets are formalized by a packet verification engine layer according to protocol standards. In order to eliminate the fragment semantic ambiguity, OS classes of end hosts were collected by an OS detector, each fragment was reassembled according to its OS class. According to the reassembly algorithm of different OS, the pre-forward fields of the cached data were counted with the application of the pre-forward poiicies and were transmitted to save system resource. Applying the BSD-Linux pre-forward policy, the BSD- right pre-forward policy and the First pre-forward policy, the packet loss rate is dropped and system performance improved. The experiments show that the identification precision can be maintained about 90% in heavy processing load.