A selection algorithm for firewall in distributed environment In a distributed network, there are multiple routing paths between source node and destination node. In order to meet certain demands of network security, selecting required firewalls in multiple routing paths and deploying appropriate rules on them are indispensable steps. Thus, in this paper, we carry on a further research on it and propose permit and deny algorithms which serve to improve the performance of network security. Then, we give theoretical proof of our algorithms. Finally, we test the effectiveness of algorithms based on a network simulation platform named mininet. The analysis of time efficiency of our algorithms and previous algorithms, as well as the comparison between them prove the high efficiency of our algorithms.