CN102035904A - Method for converting TCP network communication server into client - Google Patents
Method for converting TCP network communication server into client Download PDFInfo
- Publication number
- CN102035904A CN102035904A CN2010105829520A CN201010582952A CN102035904A CN 102035904 A CN102035904 A CN 102035904A CN 2010105829520 A CN2010105829520 A CN 2010105829520A CN 201010582952 A CN201010582952 A CN 201010582952A CN 102035904 A CN102035904 A CN 102035904A
- Authority
- CN
- China
- Prior art keywords
- service
- client
- forwarding server
- services
- command
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention relates to a method for converting a transmission control protocol (TCP) network communication server into a client. The method comprises the following steps of: establishing a forwarding server providing data forwarding in a TCP network, and establishing connection between at least one internal network server machine and the forwarding server through a command port and a data port; establishing connection between at least one external network client machine and the forwarding server through the command port and the data port; and setting the internet protocol (IP) address of the TCP network, the command port and the data port in the forwarding server, wherein the forwarding server monitors the command port and the data port all the time. The forwarding server is used for service registry, service query, communication relay and the like; the internal network server machine does not directly expose services for an external network, so the security of the internal network is improved, fixed IP configuration is not needed, and precious resource of fixed IP is reduced; and because the method is a TCP communication forwarding-based general realization method, the conventional server software and client software do not need modifying, and the conventional software assets can be fully utilized.
Description
Technical field
The present invention is applied to computer network communication field, be particularly related to a kind of method that TCP network communication services end is converted to client, this method adopts a public forwarding server module, realize the forwarding of communicating by letter between outer net client and the interior network server, the service end machine does not need to dispose fixedly IP, do not need to revise existing service end and client software, just can make the outer net machine can visit service on the Intranet machine.
Background technology
In Intranet, in order to guarantee network security, all fire compartment wall can be set, only allow the Intranet machine to connect the service end machine of outer net, and do not allow the Intranet machine as service end as client, allow the outer net machine connect.Can be as the machine in general company's Intranet as the ftp server on client-access internet web page or the Internet, but the machines such as ftp server of Intranet are not allow the outer net machine access.
Do not allow the Intranet machine as service end by extranet access, except safety factor, also have a reason to be, if as service end by extranet access, service end must possess fixing outer net IP and port numbers.Because fixing outer net IP resource quantity is limited, very valuable, therefore, general enterprise is the seldom several fixedly IP of application just.By the network address translation (nat) technology, can allow a lot of platform Intranet machines to connect outer net as client, share this several fixedly IP, for example Ethernet.Though it is identical that each client connects the outer net IP that uses, port numbers difference, therefore not conflict between a plurality of connections.If as service end, not only require IP to fix, also require the port numbers of service end identical, therefore, can't realize many service end machines that port numbers is identical, share outer net IP.
In some application scenarios, allowing the Intranet machine is necessary as service end by extranet access, need connect the Intranet machine in modes such as Telnet, SSH long-range such as the network manager, carry out remote diagnosis, just necessarily require the Intranet machine to allow the outer net machine to connect as service end.
Network as client for this permission Intranet machine, the situation that requires the Intranet machine externally to provide service to allow the outer net machine access does not again also have at present general solution.More existing solutions all are at the special software of different service developments, can't directly utilize existing service end software and client software.Such as, external TeamViewer software, it is the remote desktop Control Software of a special exploitation, after installing on the controlled machine, as long as controlled machine can be networked as client, just can use the TeamViewer client software, the controlled machine of Long-distance Control is transmitted by the intermediate server information of carrying out between two machines.Domestic 51MyPC software also adopts similar mechanism, has realized remote control function.
The defective of existing solution is, must carry out difference exploitation at dissimilar services, can not utilize existing service end and client software.Such as, existing Telnet, SSH, Windows remote desktop etc. all are very ripe, widely used network management services, but all necessarily require service end that fixing outer net IP and port are arranged that client-side program could connect.Do not have at present a kind of TCP network communication services end to be converted to the universal method of client, allow directly existing service end of use and client software.
Summary of the invention
The objective of the invention is a kind of method and technology scheme that TCP network communication services end is converted to client at the problems referred to above proposition, this method adopts a public forwarding server module, realize the forwarding of communicating by letter between outer net client and the interior network server, the service end machine directly is not engaged in to the outer net exposure suit, the service end machine no longer needs to dispose fixedly IP, has improved intranet security.
To achieve these goals, technical scheme of the present invention is, a kind of TCP network communication services end is converted to the method for client, comprises forwarding server module, service end agency and client machine, and the step of described method comprises:
Have at least one to provide the forwarding server module of data forwarding to be based upon in the TCP network, be provided with a TCP network ip address in the forwarding server module, be provided with command port and FPDP, be provided with a data transponder and an authentification of user submodule, the forwarding server module is snoop command port and FPDP all the time, prepare to receive service end agency and being connected that client machine is initiated, described client machine comprises Client Agent and client;
Have at least Intranet service end agency to connect with the forwarding server module by described command port and FPDP, described Intranet service end is acted on behalf of the active service that connects an Intranet service end at least;
Have at least the Client Agent of an outer net client machine to connect by described command port and forwarding server module, the FPDP of the client of same client machine and forwarding server module connects.
The step that described forwarding server module is carried out comprises: the command port watcher thread is handled and the FPDP watcher thread is handled;
Described command port watcher thread treatment step comprises: receive orders after the connection, carry out user name, password authentification by the authentification of user submodule; Password authentification makes mistakes, and closes this connection, continues to wait for that new order connects; The password authentification success, the starting command processing threads;
Described FPDP watcher thread treatment step comprises: the data bind command word and the service access id information that receive fixed length earlier, receive then and the relevant data of concrete service, described forwarding server module is only resolved the fixed-length data of beginning, directly transmit processing then, described data bind command word has " service is provided " and " access services ", order connects transmission by the service end proxy data " to provide service ", " access services " order connects transmission by client data, connection has identical service access ID with " access services " if " provide service ", what show these two connection correspondences is same service access request, import the Socket information of two connections into and be designated as SocketS1 and SocketS2, start communication and transmit thread.
The step of described forwarding server module command processing threads is:
A. judge command type; For service end agency service log-in command: preserve the Socket information that service registry information is connected with this, return registering result information; For Client Agent service-seeking order: return all information on services tabulations of present registration, wait for follow-up services selection order then;
B. after receiving the services selection order,, act on behalf of Socket to the service end of correspondence and send the services selection order according to the service listings of selecting in the order;
C. service end is acted on behalf of Socket and is returned the services selection command execution results, if run succeeded, returns service access ID value, and the forwarding server module returns to Client Agent with this ID; If carry out failure, the forwarding server module returns to Client Agent with error description information;
D. continue after to wait for follow-up services selection order, up to withdrawing from this thread.
Described command port adopts SSL/TLS transport layer encryption mechanism with being connected of service end agency and Client Agent.
The step that described service end agency carries out comprises:
A1. connect the transfer server command port, send the service registry order;
A2. after the service registry success, wait for receiving the services selection order, up to program by manual-lock;
A3. after receiving the services selection order, Socket S1 is created in the service of correspondence in the Connection Service select command, makes mistakes if connect, and returns error message, and execution in step a2 continues to wait for the order of reception services selection;
If a4. Connection Service success, the GUID mode of employing standard generates service ID at random;
A5. create Socket S2, send " service is provided " command word+service ID.
Make mistakes if a6. connect or send, return error message, execution in step a2 continues to wait for the order of reception services selection;
A7. after connecting and sending successfully, return service ID information to the services selection order, the communication for service that starts thread process Socket S1 and Socket S2 is transmitted.
The step that described communication for service is transmitted is:
A10. call the select function, whether the data that detect SocketS1 or SocketS2 are readable;
If a11. SocketS1 is readable, send to SocketS2 from the SocketS1 reading of data; If SocketS2 is readable, send to SocketS1 from the SocketS2 reading of data;
If a12. there is not mistake, continue execution in step a10, the transfer that circulates is handled;
If a13. any mistake appears in SocketS1 or SocketS2, perhaps either party connects disconnection, closes SocketS1 and SocketS2, withdraws from the transfer thread.
The step that described Client Agent is carried out comprises:
B1. connect forwarding server module command port, send the service-seeking order;
B2. return the service list that demonstration can be visited according to the service-seeking order;
B3. wait for that the user selects certain service;
B4. after the user selects visit, send the services selection order, if return failure, the prompting error message, execution in step b3 allows the user to continue to select other services, perhaps quits a program;
B5. after the services selection order returns success, preserve the service access ID that returns;
B6. register Socket Hook module, this module can be intercepted and captured in the subsequent client program socket connect function calls;
B7. start service clients corresponding program subprocess, the IP that imports the forwarding server module into and FPDP be as being connected parameter, after subprocess starts, and main program execution in step b3, the permission user continues to select other services.
The step that described Socket Hook module is carried out comprises, to after the socket connect function calls, at first calls the connect function of client operating system self in the intercepting and capturing client-side program; Whether obtain the process ID of current execution connect function then, inquiring about this process ID to Client Agent is the client subprocess that is started by Client Agent, if not, this module directly turns back to main program; If the client subprocess that starts by Client Agent, Client Agent can return the service access ID of this subprocess correspondence simultaneously, Socket Hook module turns back to main program then to the service access ID of service end transmission " service access " command word+correspondence.
The present invention to the contribution of prior art is:
1. the service end machine directly is not engaged in to the outer net exposure suit, has improved intranet security, no longer needs to dispose fixedly IP, has reduced fixedly this precious resources of IP, can save cost for company.
2. transfer clear data transfer mechanism in the network to, do not have other additional treatments logics, so the communication efficiency of this method is very high.
3. the forwarding based on tcp protocol layer is transmitted in communication, and the service of support is extensive, can use based on the service of TCP as Windows remote desktop, VNC, TELNET, SSH etc.
4. the present invention is based on the general implementation method that TCP communication is transmitted, and existing service end, client software do not need to revise, and can utilize existing software asset.
5. by many service end agencies, how public forwarding server module machine, client software can both have access to the service that is positioned at correspondence by different public forwarding server modules, has improved the fault-tolerance of system greatly.
6. public forwarding server module only is responsible for processing such as service registry, service-seeking, communication transfer, and it doesn't matter with concrete service for its processing logic; Therefore, can make up public forwarding server module, externally provide commercial or free communication to transmit service by the third party.
Below in conjunction with embodiment and accompanying drawing the present invention is done a detailed description.
Description of drawings
Fig. 1 is the inventive method system logic block diagram;
Fig. 2 is a command port watcher thread processing logic flow chart;
Fig. 3 is the processing logic flow chart of command process thread;
Fig. 4 is a FPDP watcher thread processing logic flow chart;
Fig. 5 is a service end Agent processing module processing logic flow chart;
Fig. 6 is the processing logic of Client Agent routine processes module.
Embodiment
A kind of TCP network communication services end is converted to the method embodiment of client, referring to Fig. 1, comprises forwarding server module 1, service end agency 2 and client machine 3, the step of described method comprises:
Have at least one to provide the forwarding server module of data forwarding to be based upon in the TCP network, be provided with a TCP network ip address in the forwarding server module, be provided with command port 1-1 and FPDP 1-2, be provided with a data transponder and an authentification of user submodule, the forwarding server module is snoop command port and FPDP all the time, prepare to receive service end agency and being connected that client machine is initiated, described client machine comprises Client Agent and client;
Have at least Intranet service end agency to connect with the forwarding server module by described command port and FPDP, described Intranet service end is acted on behalf of the active service that connects an Intranet service end 4 at least; Wherein Intranet service end agency can also can be in same service end in same service end;
Have at least the Client Agent of an outer net client machine to connect by described command port and forwarding server module, the FPDP of the client of same client machine and forwarding server module connects.
Certainly, as shown in Figure 1, service end and client machine are just one but a plurality of in the actual application, as only needing to dispose a service end agency on the Intranet service end, described service end agency is a service routine, the multiple different active service of this program support and other service ends of Intranet that are positioned at this service end or are attached thereto, as services such as Telnet, SSH, Windows remote desktops, and services such as Telnet, SSH, Windows remote desktop will no longer directly provide in the face of outer net.
Service routine in the service end, also can be positioned on other service ends that this service end can visit, an inner forwarding server can be used as in the Intranet of this service end uses like this, as long as this machine can connect the forwarding server module of outer net (TCP network).This deployment way, service end agency's forward efficiency can have reduction slightly, but only needs this service end to connect outer net, has therefore increased internet security.Service end Agent itself and platform independence, the operating system of this deployment way server are not subject to the operation platform that the active service program is supported.For example, can dispose a Linux machine, above build-in services end Agent, serve by the Windows remote desktop on other service ends of this machine access.
The service end agency supports to connect a plurality of forwarding server modules simultaneously, therefore, can set up and dispose many public forwarding server modules, to improve System Fault Tolerance.
Described forwarding server module mainly provides service registry, service-seeking, services selection and service access forwarding capability.
This forwarding server module has fixing outer net IP, and client machine and service end agency need to visit this forwarding server module.Therefore can be as just not needing to dispose in each user network by the server of extranet access, as long as the service end of user network can be positioned at the forwarding server module of outer net as the service client visit, therefore the service end here can be considered a service client.
Include forwarding server modular program processing module in the described forwarding server module of present embodiment, described service end agency is a service end Agent processing module, described Client Agent is a Client Agent routine processes module, described client is a client process module, and wherein Client Agent routine processes module and client process module are in same client machine.
Forwarding server modular program processing module is a backstage service routine processing module, service registry, service-seeking, services selection and service access forwarding capability are provided, support multiple systems platforms such as Windows, Linux, its forwarding server modular program processing logic specifies as follows:
After the forwarding server modular program starts,, open two threads, respectively snoop command port and FPDP as the service end of TCP communication; The occurrence of these two ports can be provided with arbitrarily in the legal range of tcp port, and in order to avoid revising the fire compartment wall setting of service end machine and client machine as far as possible, preferably these two ports are set to the well known port value, as 80 ports and 21 ports;
Therefore, the step of described forwarding server module execution comprises: the command port watcher thread is handled and the FPDP watcher thread is handled.
Described command port watcher thread processing logic is:
A. snoop command port, wait command connects; Owing to can transmit sensitive informations such as user name, password during order connects, therefore, this connects the SSL/TLS transport layer encryption mechanism of employing standard, and this connection communication is encrypted;
B. receive orders after the connection, carry out user name, password authentification; By the configuration of authentification of user submodule, purpose is in order to prevent unwarranted command access to username and password in the forwarding server module;
C. password authentification makes mistakes, and directly closes this connection, turns back to a, continues to wait for that new order connects;
D. password authentification success, the starting command processing threads is to this order individual processing; Adopting the thread mode is can in time handle for follow-up new order is connected.
The processing logic of described command process thread is:
E. judge command type;
E1. for service end service registry order, preserve the Socket information that service registry information is connected with this, return registering result information;
Described service registry order comprises information such as service registry command word, service end Agent ID, forwarding server module user name, forwarding server module password, message-length, service end machine description and information on services tabulation; Each service entry in the described information on services tabulation comprises fields such as service IP, serve port, COS, service describing; The service end Agent ID is the unique identification to the service end agency.
After the service registry command process was finished, this command process thread withdrawed from; Before withdrawing from, the Socket information that service end agency connects will preserve together, follow-uply carries out also can being used for carrying out when services selection is handled command interaction;
E2. for Client Agent service-seeking order, return all information on services tabulations that present registration and user have the right to visit, wait for follow-up services selection order then, disconnect, just withdraw from this thread up to connecting;
F. after receiving the services selection order,, act on behalf of Socket to the service end of correspondence and send the services selection order according to the service listings of selecting in the order.
The content of services selection order comprises contents such as services selection command word, service end Agent ID (not using IP to be because a plurality of service end agency's IP may be identical), service IP, serve port.
G. service end is acted on behalf of Socket and is returned the services selection command execution results, if run succeeded, can return service access ID value, and the forwarding server module returns to Client Agent with this ID; If carry out failure, the forwarding server module returns to Client Agent with error description information.
Service access ID is the unique ID that the service end agency generates at random, can use GUID.The forwarding server module is according to this ID, two data being set up by client and service end agency respectively of ID coupling is connected communicate forwarding.
H. continue to wait for follow-up services selection order after, disconnect, just withdraw from this thread up to connecting.
Described FPDP watcher thread processing logic is:
I. the monitored data port waits pending data to connect.
J. after receiving that data connect, preserve this connection Socket and corresponding service access ID;
Described forwarding server module is received the data bind command word and the service access id information of fixed length earlier, be the data relevant afterwards with concrete service, described forwarding server module is only resolved the fixed-length data of beginning, particular content to the concrete service related data of back is indifferent to, and directly carries out follow-up forwarding and handles;
Described data bind command word has " service is provided " and " access services " two kinds, and " service is provided " order connects transmission by the service end proxy data, and " access services " order is sent by the connection of Client Agent data;
K. compare service ID;
If do not find the service access ID corresponding with this connection, show that the connection of coupling is not also set up, preservation forwards i to after connecting Socket and service access id information, continues to wait for that new data connect;
Connection has identical service access ID with certain " access services " if certain " provides service ", what show these two connection correspondences is same service access request, import the Socket information of two connections into and be designated as SocketS1 and SocketS2, start communication and transmit thread, forward i then to, continue to wait for that new data connect.
The forwarding logic of communicating by letter to two Socket S1 and SocketS2 in the described communication forwarding thread is:
L. call the select function, whether the data that detect SocketS1 or SocketS2 readable?
If m. SocketS1 is readable, send to SocketS2 from the SocketS1 reading of data; If SocketS2 is readable, send to SocketS1 from the SocketS2 reading of data;
If n. there is not mistake, continue execution in step l, the transfer that circulates is handled;
If o. any mistake appears in SocketS1 or SocketS2, perhaps either party connects disconnection, closes SocketS1 and SocketS2, withdraws from the transfer thread.
The forwarding server module provides subscriber management function.The user is divided into two classes: " service administrators user " and " service access user ".Service administrators user can be in the forwarding server module manual configuration, perhaps adopt subscriber self-registration mode (needing audit post-registration user just can come into force).The service end agency need provide user name, the password of service administrators when registration service.Use service administrators user name, password can visit all services of its registration.Service administrators user can login the user management module of forwarding server module, newly-built service access user, and the user is set can visits which service.User cipher and access authority verification work are all carried out in the forwarding server module, but which service the user can visit, and are to be determined by the service administrators of serving the provider, rather than are determined by forwarding server module management person.
Described service end Agent processing module is a backstage service module, this processing module connects the forwarding server module with the service end machine as client, the service that provides on other these machines in this machine or the network is provided simultaneously, realizes rotating function in service registry and the service communication.
Described service end Agent processing module is supported kinds of platform such as Linux, Windows, if with concrete service arrangement together, can only be deployed in the system platform of service support.
In described service end Agent processing module, the information on services tabulation that needs configuration service end Agent processing module to visit comprises service IP (acquiescence is this machine IP:127.0.0.1), serve port, service describing etc.
In a subnet, can on many machines, dispose independently service end Agent processing module, improved the fault-tolerance of system so greatly.
Described service end Agent processing module processing logic is:
The service end Agent is handled and is started;
A1. connect forwarding server module command port, send the service registry order;
The content of service registry order with reference in the forwarding server resume module logic to the explanation of service registry order, wherein the service end Agent ID can be the unique ID that service end Agent processing module generates automatically, can use GUID;
A2. after the service registry success, wait for receiving the services selection order, up to program by manual-lock;
A3. after receiving the services selection order, Socket S1 is created in the service of correspondence in the Connection Service select command, makes mistakes if connect, and returns error message, and execution in step a2 continues to wait for the order of reception services selection;
If a4. Connection Service success, the GUID mode of employing standard generates service ID at random;
A5. connect forwarding server module data port, create Socket S2, send " service is provided " command word+service ID.
Make mistakes if a6. connect or send, return error message, execution in step a2 continues to wait for the order of reception services selection;
A7. after connecting and sending successfully, return service ID information to the services selection order, the communication for service that starts thread process Socket S1 and these two Socket of Socket S2 is transmitted.After thread started, execution in step a2 continued to wait for the order of reception services selection;
Described communication for service is transmitted processing logic, is the same with the communication forwarding logic of forwarding server module.
A10. call the select function, whether the data that detect SocketS1 or SocketS2 are readable.
If a11. SocketS1 is readable, send to SocketS2 from the SocketS1 reading of data; If SocketS2 is readable, send to SocketS1 from the SocketS2 reading of data;
If a12. there is not mistake, continue execution in step a11, the transfer that circulates is handled;
If a13. any mistake appears in SocketS1 or SocketS2, perhaps either party connects disconnection, closes SocketS1 and SocketS2, withdraws from the transfer thread.
On above-mentioned process base, revise through simple, described service end Agent processing module just can be supported to a plurality of different forwarding server modules while registering functionals: behind the program start, each forwarding server module to configuration starts a thread respectively, in each thread, carry out above-mentioned process step, can support how public forwarding server modular manner.Client Agent routine processes module is by different forwarding server modules like this, and service that can both the transfer of access services end Agent processing module provides the fault-tolerance of system.
Described Client Agent routine processes module is a program module that the interface is arranged, and is connected with public forwarding server module as client, realizes that service list represents, selects functions such as service, access services.
The user selects service in the service list of Client Agent routine processes module after, service end Agent processing module can start service clients corresponding program, be connected with the FPDP of forwarding server module, transfer by the forwarding server module, and service end agency's transfer, realize access function to service.
The system requirements client is connected foundation with the data of forwarding server module after, send the service access ID of " service access " command word+correspondence earlier to the forwarding server module, be convenient to allow the forwarding server module that these data are connected with corresponding service end proxy data and connect coupling, communicate forwarding.
But client-side program generally all is existing program, does not all have source code mostly, therefore can not directly make amendment to client-side program.The Socket interface that can adopt Winsock SPI to provide, perhaps adopt general Windows API Hook method, write a Socket Hook module, intercept and capture by this module comprise client-side program the all-network signal procedure to socket connect function calls.Communicate by letter between Socket Hook module and the Client Agent program, if what connect was called in this module judgement is the client subprocess of Client Agent program start, after the connect success, at first send the service access ID of " service access " command word+correspondence to service end.Also can realize above-mentioned functions by connecting the transfer mode, Client Agent starts client-side program and connects the local port that Client Agent is monitored, communication data is transmitted to the forwarding server module via Client Agent, but on the forward efficiency of how once communicating by letter reduction can be arranged slightly, so this scheme recommends to use the mode of Socket Hook module.
The processing logic of described Client Agent routine processes module is:
Client Agent is handled and is started;
B1. connect forwarding server module command port, send the service-seeking order;
B2. return the service list that demonstration can be visited according to the service-seeking order;
B3. wait for that the user selects certain service;
B4. after the user selects visit, send the services selection order; If return failure, the prompting error message, execution in step b3 allows the user to continue to select other services, perhaps quits a program;
The particular content of described services selection order with reference in the forwarding server resume module logic to the description of services selection order.
B5. after the services selection order returns success, preserve the service access ID that returns;
B6. register Socket Hook module, this module can be intercepted and captured in the subsequent client program socket connect function calls;
B7. start service clients corresponding program subprocess, the IP that imports public forwarding server module into and FPDP are as being connected parameter.After subprocess started, main program execution in step b3 allowed the user to continue to select other services;
B8. client-side program can call socket connect function and forwarding server module data port connects, owing to registered Socket Hook module, client can enter into the self-defined connect function of Socket Hook module to socket connect function calls;
Be Socket Hook resume module logic below.
C1. the Socket Hook module connect function of call operation system self at first;
Socket Hook module is obtained the process ID of current execution connect function, and whether inquire about this process ID to the Client Agent module is the client subprocess that is started by the Client Agent module.If not, this module is directly returned;
C2. if the client subprocess that is started by the Client Agent module, the Client Agent module can be returned the service access ID of this subprocess correspondence simultaneously, and Socket Hook module sends the service access ID of " service access " command word+correspondence to service end;
C3. this module is returned, and the inter-process logic of client-side program is carried out in follow-up continuation, closes client-side program up to the user, and this subprocess withdraws from.
It should be noted that at last, below only unrestricted in order to technical scheme of the present invention to be described, although the present invention is had been described in detail with reference to the preferred arrangement scheme, those of ordinary skill in the art is to be understood that, can make amendment or (for example: dispose the public forwarding server module more than 2 or 2, be equal to replacement technical scheme of the present invention to improve the reliability of entire system work; The forwarding server module of exclusive use perhaps is provided for the demanding user of some confidentiality; In the demanding application scenario of part real-time, can dispose independently service end Agent processing module etc. under the necessary situation for each server device of some client's Intranet), and do not break away from the spirit and scope of technical solution of the present invention.
Claims (8)
1. one kind is converted to the method for client with TCP network communication services end, it is characterized in that comprise forwarding server module, service end agency and client machine, the step of described method comprises:
Have at least one to provide the forwarding server module of data forwarding to be based upon in the TCP network, be provided with a TCP network ip address in the forwarding server module, be provided with command port and FPDP, be provided with a data transponder and an authentification of user submodule, the forwarding server module is snoop command port and FPDP all the time, prepare to receive service end agency and being connected that client machine is initiated, described client machine comprises Client Agent and client;
Have at least Intranet service end agency to connect with the forwarding server module by described command port and FPDP, described Intranet service end is acted on behalf of the active service that connects an Intranet service end at least;
Have at least the Client Agent of an outer net client machine to connect by described command port and forwarding server module, the FPDP of the client of same client machine and forwarding server module connects.
2. according to claim 1ly a kind of TCP network communication services end is converted to the method for client, it is characterized in that the step that described forwarding server module is carried out comprises: the command port watcher thread is handled and the processing of FPDP watcher thread;
Described command port watcher thread treatment step comprises: receive orders after the connection, carry out user name, password authentification by the authentification of user submodule; Password authentification makes mistakes, and closes this connection, continues to wait for that new order connects; The password authentification success, the starting command processing threads;
Described FPDP watcher thread treatment step comprises: the data bind command word and the service access id information that receive fixed length earlier, receive then and the relevant data of concrete service, described forwarding server module is only resolved the fixed-length data of beginning, directly transmit processing then, described data bind command word has " service is provided " and " access services ", order connects transmission by the service end proxy data " to provide service ", " access services " order connects transmission by client data, connection has identical service access ID with " access services " if " provide service ", what show these two connection correspondences is same service access request, import the Socket information of two connections into and be designated as SocketS1 and SocketS2, start communication and transmit thread.
3. according to claim 2ly a kind of TCP network communication services end is converted to the method for client, it is characterized in that the step of described forwarding server module command processing threads is:
A. judge command type; For service end agency service log-in command: preserve the Socket information that service registry information is connected with this, return registering result information; For Client Agent service-seeking order: return all information on services tabulations of present registration, wait for follow-up services selection order then;
B. after receiving the services selection order,, act on behalf of Socket to the service end of correspondence and send the services selection order according to the service listings of selecting in the order;
C. service end is acted on behalf of Socket and is returned the services selection command execution results, if run succeeded, returns service access ID value, and the forwarding server module returns to Client Agent with this ID; If carry out failure, the forwarding server module returns to Client Agent with error description information;
D. continue after to wait for follow-up services selection order, up to withdrawing from this thread.
4. according to claim 1ly a kind of TCP network communication services end is converted to the method for client, it is characterized in that, described command port and service end agency and Client Agent be connected employing SSL/TLS transport layer encryption mechanism.
5. according to claim 1ly a kind of TCP network communication services end is converted to the method for client, it is characterized in that the step that described service end agency carries out comprises:
A1. connect the transfer server command port, send the service registry order;
A2. after the service registry success, wait for receiving the services selection order, up to program by manual-lock;
A3. after receiving the services selection order, Socket S1 is created in the service of correspondence in the Connection Service select command, makes mistakes if connect, and returns error message, and execution in step a2 continues to wait for the order of reception services selection;
If a4. Connection Service success, the GUID mode of employing standard generates service ID at random;
A5. create Socket S2, send " service is provided " command word+service ID;
Make mistakes if a6. connect or send, return error message, execution in step a2 continues to wait for the order of reception services selection;
A7. after connecting and sending successfully, return service ID information to the services selection order, the communication for service that starts thread process Socket S1 and Socket S2 is transmitted.
6. according to claim 5ly a kind of TCP network communication services end is converted to the method for client, it is characterized in that the step that described communication for service is transmitted is:
A10. call the select function, whether the data that detect SocketS1 or SocketS2 are readable;
If a11. SocketS1 is readable, send to SocketS2 from the SocketS1 reading of data; If SocketS2 is readable, send to SocketS1 from the SocketS2 reading of data;
If a12. there is not mistake, continue execution in step a10, the transfer that circulates is handled;
If a13. any mistake appears in SocketS1 or SocketS2, perhaps either party connects disconnection, closes SocketS1 and SocketS2, withdraws from the transfer thread.
7. according to claim 1ly a kind of TCP network communication services end is converted to the method for client, it is characterized in that the step that described Client Agent is carried out comprises:
B1. connect forwarding server module command port, send the service-seeking order;
B2. return the service list that demonstration can be visited according to the service-seeking order;
B3. wait for that the user selects certain service;
B4. after the user selects visit, send the services selection order, if return failure, the prompting error message, execution in step b3 allows the user to continue to select other services, perhaps quits a program;
B5. after the services selection order returns success, preserve the service access ID that returns;
B6. register Socket Hook module, this module can be intercepted and captured in the subsequent client program socket connect function calls;
B7. start service clients corresponding program subprocess, the IP that imports the forwarding server module into and FPDP be as being connected parameter, after subprocess starts, and main program execution in step b3, the permission user continues to select other services.
8. a kind of method that TCP network communication services end is converted to client according to claim 7, it is characterized in that, the step that described Socket Hook module is carried out comprises, to after the socket connect function calls, at first call the connect function of client operating system self in the intercepting and capturing client-side program; Whether obtain the process ID of current execution connect function then, inquiring about this process ID to Client Agent is the client subprocess that is started by Client Agent, if not, this module directly turns back to main program; If the client subprocess that starts by Client Agent, Client Agent can return the service access ID of this subprocess correspondence simultaneously, Socket Hook module turns back to main program then to the service access ID of service end transmission " service access " command word+correspondence.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010582952 CN102035904B (en) | 2010-12-10 | 2010-12-10 | Method for converting TCP network communication server into client |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010582952 CN102035904B (en) | 2010-12-10 | 2010-12-10 | Method for converting TCP network communication server into client |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102035904A true CN102035904A (en) | 2011-04-27 |
| CN102035904B CN102035904B (en) | 2013-04-03 |
Family
ID=43888213
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010582952 Active CN102035904B (en) | 2010-12-10 | 2010-12-10 | Method for converting TCP network communication server into client |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102035904B (en) |
Cited By (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102890644A (en) * | 2011-07-20 | 2013-01-23 | 郑州威科姆科技股份有限公司 | Byte stream-based interprocess communication method |
| CN102916865A (en) * | 2012-11-08 | 2013-02-06 | 浙江宇视科技有限公司 | Monitoring service management method and device |
| CN102970291A (en) * | 2012-11-19 | 2013-03-13 | 北京思特奇信息技术股份有限公司 | Method and device for establishing TCP (Transmission Control Protocol) connection by passing through unilateral firewall |
| CN104836863A (en) * | 2015-04-08 | 2015-08-12 | 杭州威威网络科技有限公司 | System and method for realizing TCP reverse port mapping |
| CN105119926A (en) * | 2015-09-07 | 2015-12-02 | 中科宇图天下科技有限公司 | Multichannel duplex communication method based on Socket connection |
| CN105635338A (en) * | 2015-12-31 | 2016-06-01 | 迈普通信技术股份有限公司 | Data transmission method and device |
| CN105812079A (en) * | 2016-03-08 | 2016-07-27 | 北京数码视讯科技股份有限公司 | Emergency broadcast state reporting method, device, emergency broadcast state receiving method and device |
| CN106302416A (en) * | 2016-08-04 | 2017-01-04 | 中车青岛四方机车车辆股份有限公司 | Corporate intranet access method, Android terminal, transfer processing method, transfer server |
| CN106302413A (en) * | 2016-08-04 | 2017-01-04 | 中车青岛四方机车车辆股份有限公司 | Corporate intranet access method, ios terminal, transfer processing method, transfer server |
| CN106506565A (en) * | 2017-01-04 | 2017-03-15 | 上海上讯信息技术股份有限公司 | A kind of remote command executes method and apparatus |
| CN107154942A (en) * | 2017-05-16 | 2017-09-12 | 苏州云屏网络科技有限公司 | A kind of method that automation services are provided by third-party server |
| CN108989420A (en) * | 2018-07-12 | 2018-12-11 | 上海携程商务有限公司 | The method and system of registration service, the method and system for calling service |
| CN108989302A (en) * | 2018-07-04 | 2018-12-11 | 光大环保技术研究院(南京)有限公司 | A kind of OPC based on key acts on behalf of connection system and connection method |
| CN109257392A (en) * | 2018-11-30 | 2019-01-22 | 广州市百果园信息技术有限公司 | A kind of command handling method, device, server and storage medium |
| CN109510801A (en) * | 2017-09-15 | 2019-03-22 | 华耀(中国)科技有限公司 | Explicit positive supply and SSL listen to integrated system and its operation method |
| CN109756474A (en) * | 2018-11-23 | 2019-05-14 | 国电南瑞科技股份有限公司 | A kind of trans-regional call method of the service of electric power scheduling automatization system and device |
| CN110266477A (en) * | 2019-05-23 | 2019-09-20 | 广州河东科技有限公司 | A kind of UDP communication realization dynamic encrypting method |
| CN110365741A (en) * | 2019-06-13 | 2019-10-22 | 网宿科技股份有限公司 | A kind of connection method for building up and transfer server |
| CN110633163A (en) * | 2019-09-26 | 2019-12-31 | 深圳市七星石科技有限公司 | Development method for preventing application program from crashing based on multi-process server |
| CN110891008A (en) * | 2019-11-21 | 2020-03-17 | 成都云智天下科技股份有限公司 | IP proxy method based on L2TP/IPSEC |
| CN111026662A (en) * | 2019-12-06 | 2020-04-17 | 联陆智能交通科技(上海)有限公司 | Remote debugging method, system and medium for terminal equipment of Internet of things |
| CN112367383A (en) * | 2020-10-30 | 2021-02-12 | 深圳云之家网络有限公司 | Service calling method and related equipment |
| CN112532568A (en) * | 2019-09-19 | 2021-03-19 | 马上消费金融股份有限公司 | Interaction method, device, equipment and computer readable storage medium |
| CN112671903A (en) * | 2020-12-23 | 2021-04-16 | 杭州安司源科技有限公司 | General intranet online service system |
| CN112929359A (en) * | 2021-02-01 | 2021-06-08 | 深信服科技股份有限公司 | Proxy decryption method and device, terminal and storage medium |
| CN113472781A (en) * | 2021-06-30 | 2021-10-01 | 平安证券股份有限公司 | Service acquisition method, server and computer readable storage medium |
| CN114040189A (en) * | 2021-09-30 | 2022-02-11 | 北京欧珀通信有限公司 | Multimedia test method, device, storage medium and electronic equipment |
| CN114125076A (en) * | 2021-11-18 | 2022-03-01 | 苏州极光无限信息技术有限公司 | Data forwarding system |
| CN114338398A (en) * | 2021-12-30 | 2022-04-12 | 北京市商汤科技开发有限公司 | Data transmission method and device, electronic equipment and storage medium |
| CN114401326A (en) * | 2021-12-20 | 2022-04-26 | 浙江保信科技有限公司 | Bidirectional communication method for distributed Internet of things equipment |
| CN114584523A (en) * | 2022-03-16 | 2022-06-03 | 张斌 | Safety link sinking method |
| CN114785761A (en) * | 2022-03-22 | 2022-07-22 | 杭州指令集智能科技有限公司 | Advanced k8s cluster intercommunication method in Internet of things operating system |
| CN116647538A (en) * | 2023-06-06 | 2023-08-25 | 深圳市捷讯云联科技有限公司 | Connecting device capable of accessing different intranet services |
| CN116647547A (en) * | 2023-05-26 | 2023-08-25 | 南京粒聚智能科技有限公司 | Method and device for remote communication connection of industrial field device |
| CN114338398B (en) * | 2021-12-30 | 2024-06-07 | 北京市商汤科技开发有限公司 | Data transmission method, device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101043447A (en) * | 2007-04-23 | 2007-09-26 | 重庆大学 | Method for mapping dynamically inside and outside network of server based on DDNS and NAT |
| CN101242336A (en) * | 2008-03-13 | 2008-08-13 | 杭州华三通信技术有限公司 | Method for remote access to intranet Web server and Web proxy server |
| CN101465889A (en) * | 2008-12-03 | 2009-06-24 | 北京星网锐捷网络技术有限公司 | Network address translation equipment and request method of response address analysis protocol |
-
2010
- 2010-12-10 CN CN 201010582952 patent/CN102035904B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101043447A (en) * | 2007-04-23 | 2007-09-26 | 重庆大学 | Method for mapping dynamically inside and outside network of server based on DDNS and NAT |
| CN101242336A (en) * | 2008-03-13 | 2008-08-13 | 杭州华三通信技术有限公司 | Method for remote access to intranet Web server and Web proxy server |
| CN101465889A (en) * | 2008-12-03 | 2009-06-24 | 北京星网锐捷网络技术有限公司 | Network address translation equipment and request method of response address analysis protocol |
Cited By (53)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102890644A (en) * | 2011-07-20 | 2013-01-23 | 郑州威科姆科技股份有限公司 | Byte stream-based interprocess communication method |
| CN102890644B (en) * | 2011-07-20 | 2015-01-14 | 郑州威科姆科技股份有限公司 | Byte stream-based interprocess communication method |
| CN102916865A (en) * | 2012-11-08 | 2013-02-06 | 浙江宇视科技有限公司 | Monitoring service management method and device |
| CN102916865B (en) * | 2012-11-08 | 2015-09-09 | 浙江宇视科技有限公司 | A kind of monitoring business management method and device |
| CN102970291A (en) * | 2012-11-19 | 2013-03-13 | 北京思特奇信息技术股份有限公司 | Method and device for establishing TCP (Transmission Control Protocol) connection by passing through unilateral firewall |
| CN102970291B (en) * | 2012-11-19 | 2016-01-06 | 北京思特奇信息技术股份有限公司 | A kind of pass through monolateral fire compartment wall set up TCP connect method and device |
| CN104836863A (en) * | 2015-04-08 | 2015-08-12 | 杭州威威网络科技有限公司 | System and method for realizing TCP reverse port mapping |
| CN104836863B (en) * | 2015-04-08 | 2018-06-05 | 杭州威威网络科技有限公司 | The system and method for realizing the mapping of TCP reverse ports |
| CN105119926A (en) * | 2015-09-07 | 2015-12-02 | 中科宇图天下科技有限公司 | Multichannel duplex communication method based on Socket connection |
| CN105119926B (en) * | 2015-09-07 | 2018-01-23 | 中科宇图天下科技有限公司 | A kind of multichannel duplex signaling method based on Socket connections |
| CN105635338A (en) * | 2015-12-31 | 2016-06-01 | 迈普通信技术股份有限公司 | Data transmission method and device |
| CN105635338B (en) * | 2015-12-31 | 2019-03-05 | 迈普通信技术股份有限公司 | A kind of data transmission method and device |
| CN105812079A (en) * | 2016-03-08 | 2016-07-27 | 北京数码视讯科技股份有限公司 | Emergency broadcast state reporting method, device, emergency broadcast state receiving method and device |
| CN106302416B (en) * | 2016-08-04 | 2019-11-08 | 中车青岛四方机车车辆股份有限公司 | Corporate intranet access method, Android terminal, transfer processing method, transfer server |
| CN106302416A (en) * | 2016-08-04 | 2017-01-04 | 中车青岛四方机车车辆股份有限公司 | Corporate intranet access method, Android terminal, transfer processing method, transfer server |
| CN106302413A (en) * | 2016-08-04 | 2017-01-04 | 中车青岛四方机车车辆股份有限公司 | Corporate intranet access method, ios terminal, transfer processing method, transfer server |
| CN106302413B (en) * | 2016-08-04 | 2019-11-08 | 中车青岛四方机车车辆股份有限公司 | Corporate intranet access method, ios terminal, transfer processing method, transfer server |
| CN106506565A (en) * | 2017-01-04 | 2017-03-15 | 上海上讯信息技术股份有限公司 | A kind of remote command executes method and apparatus |
| CN107154942A (en) * | 2017-05-16 | 2017-09-12 | 苏州云屏网络科技有限公司 | A kind of method that automation services are provided by third-party server |
| CN109510801A (en) * | 2017-09-15 | 2019-03-22 | 华耀(中国)科技有限公司 | Explicit positive supply and SSL listen to integrated system and its operation method |
| CN109510801B (en) * | 2017-09-15 | 2021-08-31 | 北京华耀科技有限公司 | Explicit forward proxy and SSL interception integrated system and operation method thereof |
| CN108989302A (en) * | 2018-07-04 | 2018-12-11 | 光大环保技术研究院(南京)有限公司 | A kind of OPC based on key acts on behalf of connection system and connection method |
| CN108989420A (en) * | 2018-07-12 | 2018-12-11 | 上海携程商务有限公司 | The method and system of registration service, the method and system for calling service |
| CN108989420B (en) * | 2018-07-12 | 2021-08-13 | 上海携程商务有限公司 | Method and system for registering service and method and system for calling service |
| CN109756474A (en) * | 2018-11-23 | 2019-05-14 | 国电南瑞科技股份有限公司 | A kind of trans-regional call method of the service of electric power scheduling automatization system and device |
| CN109756474B (en) * | 2018-11-23 | 2021-02-05 | 国电南瑞科技股份有限公司 | Service cross-region calling method and device for power dispatching automation system |
| CN109257392A (en) * | 2018-11-30 | 2019-01-22 | 广州市百果园信息技术有限公司 | A kind of command handling method, device, server and storage medium |
| CN109257392B (en) * | 2018-11-30 | 2021-09-17 | 广州市百果园信息技术有限公司 | Command processing method, device, server and storage medium |
| CN110266477A (en) * | 2019-05-23 | 2019-09-20 | 广州河东科技有限公司 | A kind of UDP communication realization dynamic encrypting method |
| CN110365741B (en) * | 2019-06-13 | 2022-04-05 | 网宿科技股份有限公司 | Connection establishing method and transfer server |
| CN110365741A (en) * | 2019-06-13 | 2019-10-22 | 网宿科技股份有限公司 | A kind of connection method for building up and transfer server |
| CN112532568A (en) * | 2019-09-19 | 2021-03-19 | 马上消费金融股份有限公司 | Interaction method, device, equipment and computer readable storage medium |
| CN110633163A (en) * | 2019-09-26 | 2019-12-31 | 深圳市七星石科技有限公司 | Development method for preventing application program from crashing based on multi-process server |
| CN110633163B (en) * | 2019-09-26 | 2022-12-09 | 深圳市七星石科技有限公司 | Development method for preventing application program from crashing based on multi-process server |
| CN110891008A (en) * | 2019-11-21 | 2020-03-17 | 成都云智天下科技股份有限公司 | IP proxy method based on L2TP/IPSEC |
| CN111026662A (en) * | 2019-12-06 | 2020-04-17 | 联陆智能交通科技(上海)有限公司 | Remote debugging method, system and medium for terminal equipment of Internet of things |
| CN112367383A (en) * | 2020-10-30 | 2021-02-12 | 深圳云之家网络有限公司 | Service calling method and related equipment |
| CN112671903A (en) * | 2020-12-23 | 2021-04-16 | 杭州安司源科技有限公司 | General intranet online service system |
| CN112929359A (en) * | 2021-02-01 | 2021-06-08 | 深信服科技股份有限公司 | Proxy decryption method and device, terminal and storage medium |
| CN112929359B (en) * | 2021-02-01 | 2023-05-16 | 深信服科技股份有限公司 | Proxy decryption method and device, terminal and storage medium |
| CN113472781A (en) * | 2021-06-30 | 2021-10-01 | 平安证券股份有限公司 | Service acquisition method, server and computer readable storage medium |
| CN113472781B (en) * | 2021-06-30 | 2023-11-03 | 平安证券股份有限公司 | Service acquisition method, server and computer readable storage medium |
| CN114040189A (en) * | 2021-09-30 | 2022-02-11 | 北京欧珀通信有限公司 | Multimedia test method, device, storage medium and electronic equipment |
| CN114125076A (en) * | 2021-11-18 | 2022-03-01 | 苏州极光无限信息技术有限公司 | Data forwarding system |
| CN114401326A (en) * | 2021-12-20 | 2022-04-26 | 浙江保信科技有限公司 | Bidirectional communication method for distributed Internet of things equipment |
| CN114338398B (en) * | 2021-12-30 | 2024-06-07 | 北京市商汤科技开发有限公司 | Data transmission method, device, electronic equipment and storage medium |
| CN114338398A (en) * | 2021-12-30 | 2022-04-12 | 北京市商汤科技开发有限公司 | Data transmission method and device, electronic equipment and storage medium |
| CN114584523A (en) * | 2022-03-16 | 2022-06-03 | 张斌 | Safety link sinking method |
| CN114785761A (en) * | 2022-03-22 | 2022-07-22 | 杭州指令集智能科技有限公司 | Advanced k8s cluster intercommunication method in Internet of things operating system |
| CN116647547A (en) * | 2023-05-26 | 2023-08-25 | 南京粒聚智能科技有限公司 | Method and device for remote communication connection of industrial field device |
| CN116647547B (en) * | 2023-05-26 | 2023-10-13 | 南京粒聚智能科技有限公司 | Method and device for remote communication connection of industrial field device |
| CN116647538A (en) * | 2023-06-06 | 2023-08-25 | 深圳市捷讯云联科技有限公司 | Connecting device capable of accessing different intranet services |
| CN116647538B (en) * | 2023-06-06 | 2024-05-28 | 深圳市捷讯云联科技有限公司 | Connecting device capable of accessing different intranet services |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102035904B (en) | 2013-04-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102035904B (en) | Method for converting TCP network communication server into client | |
| US11075821B2 (en) | Method and apparatus for managing field device based on cloud server | |
| US8997202B2 (en) | System for secure transfer of information from an industrial control system network | |
| US8239520B2 (en) | Network service operational status monitoring | |
| US10069939B2 (en) | Establishing a virtual tunnel between two computers | |
| US5960177A (en) | System for performing remote operation between firewall-equipped networks or devices | |
| US7359933B1 (en) | Providing remote access to network applications using a dual proxy | |
| CN101138219B (en) | Communication method and system with client computer by network | |
| CN112997463A (en) | System and method for server cluster network communication across public internet | |
| CN101437022A (en) | Server initiated secure network connection | |
| CN101175036B (en) | Fire wall/subnet penetration method based on intranet node forwarding technology | |
| CN110677383B (en) | Firewall wall opening method and device, storage medium and computer equipment | |
| CN113341798A (en) | Method, system, device, equipment and storage medium for remotely accessing application | |
| CN110661858A (en) | Websocket-based intranet penetration method and system | |
| CN112463281A (en) | Remote assistance method, device, system, electronic equipment and storage medium | |
| CN112437100A (en) | Vulnerability scanning method and related equipment | |
| CN116155649A (en) | Construction method of industrial Internet based on two-layer tunnel protocol | |
| CN116170409B (en) | SD-WAN network address planning system based on virtual domain name | |
| CN116112559A (en) | Remote server management control method, system and storage medium | |
| US20160316021A1 (en) | Remote out of band management | |
| CN113114643B (en) | Operation and maintenance access method and system of operation and maintenance auditing system | |
| US11888898B2 (en) | Network configuration security using encrypted transport | |
| CN105791005A (en) | Transmission control protocol (TCP) connection based method and apparatus for implementing remote operation and maintenance management | |
| JP2002084326A (en) | Device to be serviced, central unit and servicing device | |
| CN112272202A (en) | Method and system for communication between management software server and system internal components |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |