CN105635088A - Network data packet processing method and device - Google Patents
Network data packet processing method and device Download PDFInfo
- Publication number
- CN105635088A CN105635088A CN201410690241.3A CN201410690241A CN105635088A CN 105635088 A CN105635088 A CN 105635088A CN 201410690241 A CN201410690241 A CN 201410690241A CN 105635088 A CN105635088 A CN 105635088A
- Authority
- CN
- China
- Prior art keywords
- packet
- protocol
- open system
- system interconnection
- port
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
The invention provides a network data packet processing method and device. The method comprises the following steps: determining a port and packet protocol information of a received data packet; judging whether the received data packet needs to be captured or not according to a protocol rule of data packets needing to be captured by the port in a preset retrieve data sheet; and when determining that the data packet needs to be captured, capturing the data packet and executing preset security processing on the data packet. The device comprises a data packet analysis module, a capturing and judging module and a data packet processing module. The method and the device provided by the invention can be used for simplifying the process of determining the data packet needing to be captured, and are suitable for most condition in which data packets need to be filtered or captured.
Description
Technical field
The present invention relates to network communication field, particularly relate to a kind of processing method of network data packets and device.
Background technology
Along with the development of internet is increasingly faster, the increase of quantity of information, substantial amounts of invalid data reduces the efficiency of network monitoring, and the disposal ability of ethernet device is required also constantly to increase by it. present Ethernet equipment is except simple data forward, in addition it is also necessary to provide association's disposal ability of protocol data bag. being not as those for high-end Ethernet switch, a lot of protocol processes and network management data are all undertaken by the central processing unit (CPU) that Ethernet switch is subsidiary. this structure enhances the function of layer 2 ethernet switch greatly, but also brings serious load and potential safety hazard to CPU simultaneously, causes CPU easily to crash thus the reliability of system is greatly reduced. such as CPU must run a protocol stack to support ARP (AddressResolutionProtocol, address resolution protocol), ICMP (InternetControlMessageProtocol, network control message protocol), IGMP (InternetGroupManagementProtocol, the Internet Group Management Protocol) etc. various protocol package functions, when the speed of packet transmission is excessive, owing to transmitting-receiving bag interrupt priority level is high, now CPU can be caused very big burden, thus causing the function that cannot normally complete management equipment, and bring opportunity also easily in this case malicious external attack person, they can cause the flooding on network by transmission Ethernet broadcast or multicast packet.
Consider above-mentioned risk, network packet caught and filter just become particularly necessary. Protocol fields information in the packet header of packet and filtration or capture rule are mainly compared to realize the filtration of packet by packet filtering or Packet capturing. Packet Filtering is a kind of general, cheap and effective security means. It is not adopt special processing mode for each concrete network service, it is adaptable to all of network service. Packet filtering used in the prior art or Packet capturing method, often just for a kind of special circumstances, subject range is narrower, and filters or acquisition algorithm complexity, inefficient.
Summary of the invention
In view of this, the present invention provides a kind of processing method of network data packets and device, it is possible to simplify the determination process of the packet that needs are caught, and adapts to great majority needs Packet Filtering or situation about catching.
Based on above-mentioned purpose a kind of processing method of network data packets provided by the invention, comprise the steps:
Determine the port receiving packet and packet protocol information;
According in default retrieval tables of data, the protocol rule of the packet caught required for described port, it is judged that received packet is the need of catching;
When determining that described packets need is caught, catch described packet and described packet is performed the safe handling preset.
Optionally, according in default retrieval tables of data, the protocol rule of the packet caught required for described port, judge that received packet specifically includes the need of the step caught:
According to the port receiving packet, default retrieval tables of data is searched the protocol rule of the packet caught required for this port;
According to retrieval tables of data, when there is each open system interconnection osi layer agreement specified in a protocol rule record and being consistent with the agreement that the packet received each open system interconnection OSI (OpenSystemInterconnection) layer adopts, it is determined that the packets need received is caught;
Described protocol rule record needs at least one agreement that at least one the open system interconnection osi layer of the packet caught adopts.
Optionally, it is determined that before receiving port and the packet protocol information of packet, also include:
In described retrieval tables of data, add at least one protocol rule record of the packet caught required for described port;
In newly added protocol rule record, the protocol type needing at least one the open system interconnection osi layer of the packet caught to adopt is set.
Optionally, at least one open system interconnection osi layer described includes open system interconnection OSI bis-layers, open system interconnection OSI three layers, open system interconnection OSI tetra-layers.
Optionally, described protocol rule record includes each open system interconnection osi layer label and each open system interconnection osi layer label protocol class model; Described label is used for indicating whether corresponding open system interconnection osi layer protocol type is empty; Described protocol class model is for indicating the protocol type of corresponding open system osi layer.
Meanwhile, the present invention provides a kind of network packet to process device, including:
Packet parsing module: for determining the port receiving packet and packet protocol information;
Catch judge module: be used in the retrieval tables of data that basis is preset, the protocol rule of the packet caught required for described port, it is judged that received packet is the need of catching;
Processing data packets module: for when determining that described packets need is caught, catching described packet and described packet is performed the safe handling preset.
Optionally, catch judge module described in specifically include:
Protocol rule searches unit: for according to the port receiving packet, searching the protocol rule of the packet caught required for this port in default retrieval tables of data;
Catch and determine unit: for according to retrieval tables of data, when there is each open system interconnection osi layer agreement specified in a protocol rule record and being consistent with the agreement that the packet received each open system interconnection osi layer adopts, it is determined that the packets need received is caught;
Described protocol rule record needs at least one agreement that at least one the open system interconnection osi layer of the packet caught adopts.
Optionally, described device also includes:
Port creation module: for, in described retrieval tables of data, adding at least one protocol rule record of the packet caught required for described port;
Protocol rule record adds module: for, in newly added protocol rule record, arranging the protocol type needing at least one the open system interconnection osi layer of the packet caught to adopt.
Optionally, at least one open system interconnection osi layer described includes open system interconnection OSI bis-layers, open system interconnection OSI three layers, open system interconnection OSI tetra-layers.
Optionally, described protocol rule record includes each open system interconnection osi layer label and each open system interconnection osi layer label protocol class model; Described label is used for indicating whether corresponding open system interconnection osi layer protocol type is empty; Described protocol class model is for indicating the protocol type of corresponding open system osi layer.
As can be seen from above, packet filtering method provided by the invention and device, the method record adopting tables of data needs the protocol rule that the packet filtered adopts, when receiving packet, have only to search retrieval tables of data, method is simple, it is possible to be effectively taking place the coupling of filtering circuit; Facilitate simultaneously and add port and protocol in retrieval tables of data, expense is little, time delay is little in packet capture filtration, applied widely, it is simple to optimize, not affecting stability and the reliability of network, applying also for fire wall, network access server etc. needs fast filtering or catches the application of packet.
Accompanying drawing explanation
The network data packet filter method schematic flow sheet that Fig. 1 provides for the embodiment of the present invention;
The port retrieval that Fig. 2 is the embodiment of the present invention represents intention;
The protocol rule retrieval that Fig. 3 is the embodiment of the present invention represents intention;
Fig. 4 is the protocol rule record schematic diagram of the embodiment of the present invention;
Fig. 5 is the network data packet filtering device schematic diagram of the embodiment of the present invention.
Detailed description of the invention
In order to provide effective implementation, the invention provides following embodiment, below in conjunction with Figure of description, the embodiment of the present invention is illustrated.
Present invention firstly provides a kind of network data packet filter method, the step including as shown in Figure 1:
Step 101: determine the port receiving packet and packet protocol information;
Step 102: according in default retrieval tables of data, the protocol rule of the packet caught required for described port, it is judged that received packet is the need of catching;
Step 103: when determining that described packets need is caught, performs the safe handling preset to described packet.
As can be seen from above, network data packet filter method provided by the invention, by searching the project meeting the protocol information entrained by the packet received in default retrieval tables of data, determine that the packet received is the need of catching, it is applicable to great majority and needs to catch the scene of packet, and search operation is simple, has higher efficiency, when the quantity of the packet received is more, the function of the network equipment will not be had influence on because cpu load is overweight. The present invention can pass through a simple and effective data block retrieval catching method, meets current needs preferably, it is possible to prevents the managing functions of equipment that CPU association processes overload and has influence on Ethernet switch.
In a particular embodiment of the present invention, retrieval tables of data is corresponding each needs filtration packet to set up corresponding filtering rule, and in this rule, regulation needs the agreement that the packet filtered adopts at corresponding open system interconnection osi layer.
In a particular embodiment of the present invention, catch after described packet, it is possible to packet is carried out safety inspection or performs the process such as filtration abandons.
In some embodiments of the invention, according in default retrieval tables of data, the protocol rule of the packet caught required for described port, judge that received packet specifically includes the need of the step caught:
According to the port receiving packet, default retrieval tables of data is searched the protocol rule of the packet caught required for this port;
According to retrieval tables of data, when there is each open system interconnection osi layer agreement specified in a protocol rule record and being consistent with the agreement that the packet received each open system interconnection osi layer adopts, it is determined that the packets need received is caught;
Described protocol rule record needs at least one agreement that at least one the open system interconnection osi layer of the packet caught adopts.
In a particular embodiment of the present invention, the retrieval tables of data preset can include port retrieval table and protocol rule retrieval table, and port retrieval table comprises port numbers and the port name of one or more port, the port that corresponding one or more packet to send respectively; The port numbers of each port recorded in port retrieval table all can find corresponding protocol rule record in protocol rule retrieval table, when the agreement that the packet received adopts meets the protocol rule of its port to send corresponding record in protocol rule retrieval table, it is determined that the packet received needs to catch because would be likely to occur potential safety hazard.
In some embodiments of the invention, it is determined that before receiving port and the packet protocol information of packet, also include:
In described retrieval tables of data, add at least one protocol rule record of the packet caught required for described port;
In newly added protocol rule record, the protocol type needing at least one the open system interconnection osi layer of the packet caught to adopt is set.
In a kind of specific embodiment of the present invention, the structure of port retrieval table is as shown in Figure 2, including one or more port titles and port numbers, one port numbers, corresponding to a port title and a protocol rule retrieval table as shown in Figure 3, is provided with one or more protocol rule record in this protocol rule retrieval table. it is called ETH0 when needs add a name, port numbers is the port of 0, and the packet being sent to this ETH0 port is filtered, in the port retrieval table shown in Fig. 2, then add name be called ETH0, port numbers is the port record of 0, and create a corresponding protocol rule retrieval table as shown in Figure 3, and add one or more protocol rule record in this protocol rule retrieval table, the port name making the packet port received is called ETH0, when the port numbers of port is 0, judge that this packet is the need of catching according to the protocol rule record in corresponding protocol rule retrieval table. the filtering rule arranged required for ETH0 port is ARP protocol, then corresponding to setting up the protocol rule record of ARP protocol in protocol rule retrieval table.
In the another kind of specific embodiment of the present invention, port retrieval list structure is as shown in Figure 2, including one or more port titles and port numbers, a port numbers is corresponding to one or more protocol rule record in a port title and the retrieval table of protocol rule as shown in Figure 3. It is called the port that ETH0, port numbers are 0 when needing one name of interpolation, and the packet being sent to this ETH0 port is filtered, in the port retrieval table shown in Fig. 2, then add name be called the port record that ETH0, port numbers are 0, and in the protocol rule retrieval table shown in Fig. 3, add the protocol rule record of the port that port name is called that ETH0, port numbers are 0. When the port name making the packet port received is called ETH0, the port numbers of port is 0, judge that this packet is the need of catching according to the protocol rule record that ETH0 port in corresponding protocol rule retrieval table is corresponding. The filtering rule arranged required for ETH0 port is ARP protocol, then corresponding to setting up the protocol rule record of ARP protocol in protocol rule retrieval table.
In some embodiments of the invention, at least one open system interconnection osi layer described includes open system interconnection OSI bis-layers, open system interconnection OSI three layers, open system interconnection OSI tetra-layers.
In some embodiments of the invention, described protocol rule record includes each open system interconnection osi layer label and each open system interconnection osi layer label protocol class model; Described label is used for indicating whether corresponding open system interconnection osi layer protocol type is empty; Described protocol class model is for indicating the protocol type of corresponding open system osi layer.
Referring still to Fig. 3, in a kind of specific embodiment of the present invention, each protocol rule record includes following project: protocol name, open system interconnection OSI two-layer protocol style number, bis-layers of label of open system interconnection OSI, open system interconnection OSI three layers protocol class model, open system interconnection OSI three layers label, open system interconnection OSI tetra-layer protocol style number, tetra-layers of label of open system interconnection OSI. Label is used for indicating whether corresponding open system interconnection osi layer protocol type is empty, such as, if the agreement one recorded in protocol rule record is two-layer protocol, then the open system interconnection OSI three layers protocol type of this protocol rule record, open system interconnection OSI tetra-layer protocol type should be empty or invalid; In this case, adopt corresponding open system interconnection OSI three layers label, tetra-layers of label of open system interconnection OSI to indicate the open system interconnection OSI three layers protocol type in this protocol rule record to be empty or invalid, and open system interconnection OSI tetra-layer protocol type is empty or invalid.
In one specific embodiment of the present invention, it is assumed that port name is called that the port that ETH0, port numbers are 0 needs to filter ARP protocol packet, and corresponding open system interconnection layer protocol type is effective to adopt label 0 to represent; Corresponding open system interconnection layer protocol type is invalid to adopt label 1 to represent; Corresponding open system interconnection layer protocol type is sky to adopt protocol class model 0 to represent. So corresponding protocol rule records and every is respectively as follows: protocol name to be ARP, open system interconnection OSI two-layer protocol style number be 0 �� 0806, open system interconnection OSI bis-layers is numbered 0, open system interconnection OSI three layers protocol class model is 0 �� 0, open system interconnection OSI three layers is numbered 1, open system interconnection OSI tetra-layer protocol style number is 0 �� 0, open system interconnection OSI tetra-layers is numbered 1.
In a kind of specific embodiment of the present invention, protocol rule record is as shown in Figure 4.
In a kind of specific embodiment of the present invention, in conjunction with Fig. 4, described method comprises the steps:
Step 201: receive and will send the packet to port.
Step 202: resolve described packet, obtains port numbers and protocol header information. Such as, described in the packet that receives be ARP packet, learn by resolving, the port name that this packet to send is called that ETH0, port numbers are 0, and the two-layer protocol style number of this packet is 0x0806.
Step 203: obtain port corresponding to described port numbers in default retrieval packet, protocol rule record that this port is corresponding, and obtain the OSI two-layer protocol type of described packet, OSI three layers protocol type, OSI tetra-layer protocol type. Such as, in default retrieval tables of data, find the protocol rule record corresponding to ETH0 port; In, protocol rule record as shown in Figure 4 corresponding at ETH0, find the record that two-layer protocol style number is 0x0806.
Step 204: in described protocol rule record, searches OSI two-layer protocol type.
Step 205: if the OSI two-layer protocol type that the OSI two-layer protocol type recorded in protocol rule record and packet adopt exists occurrence, then in described protocol rule record, search OSI three layers protocol type.
If the port name that the packet received to send is called that ETH0, port numbers are 0, the two-layer protocol style number of this packet is 0x0806, three layers protocol type is sky for empty, four layer protocol types. If there is two-layer protocol style number in protocol rule record to be 0x0806, three layers protocol type be empty, four layer protocol types is empty protocol rule record, then the packet received is consistent with protocol rule record.
Step 206: if the OSI three layers protocol type of described packet is not empty, then search the project mated with the OSI three layers protocol type of packet in the OSI three layers protocol type recorded in described protocol rule record.
Step 207: if the OSI three layers protocol type of OSI three layers protocol type described in described protocol rule record and packet exists matching entries, then in described protocol rule record, search OSI tetra-layer protocol type.
Step 208: if the OSI tetra-layer protocol type of described packet is not empty, then the project of the OSI tetra-layer protocol type matching of lookup and packet in the OSI tetra-layer protocol type recorded in described protocol rule record.
In above-mentioned steps 201-208, if at least one of which agreement is sky in the OSI of the packet received bis-layers or three layers or four layers, and the label of simultaneously corresponding OSI bis-layers described in protocol rule record or three layers or four layers is designated as sky, then then think that the protocol type of the protocol type osi layer corresponding to packet of corresponding osi layer is consistent in protocol rule record.
Further, the present invention provides a kind of network packet to process device, and structure is as it is shown in figure 5, include:
Packet parsing module: for determining the port receiving packet and packet protocol information;
Catch judge module: be used in the retrieval tables of data that basis is preset, the protocol rule of the packet caught required for described port, it is judged that received packet is the need of catching;
Processing data packets module: for when determining that described packets need is caught, catching described packet and described packet is performed the safe handling preset.
In some embodiments of the invention, described in catch judge module and specifically include:
Protocol rule searches unit: for according to the port receiving packet, searching the protocol rule of the packet caught required for this port in default retrieval tables of data;
Catch and determine unit: for according to retrieval tables of data, when there is each open system interconnection osi layer agreement specified in a protocol rule record and being consistent with the agreement that the packet received each open system interconnection osi layer adopts, it is determined that the packets need received is caught;
Described protocol rule record needs at least one agreement that at least one the open system interconnection osi layer of the packet caught adopts.
In some embodiments of the invention, described device also includes:
Port creation module: for, in described retrieval tables of data, adding at least one protocol rule record of the packet caught required for described port;
Protocol rule record adds module: for, in newly added protocol rule record, arranging the protocol type needing at least one the open system interconnection osi layer of the packet caught to adopt.
In some embodiments of the invention, at least one open system interconnection osi layer described includes open system interconnection OSI bis-layers, open system interconnection OSI three layers, open system interconnection OSI tetra-layers.
In some embodiments of the invention, described protocol rule record includes each open system interconnection osi layer label and each open system interconnection osi layer label protocol class model; Described label is used for indicating whether corresponding open system interconnection osi layer protocol type is empty; Described protocol class model is for indicating the protocol type of corresponding open system osi layer.
Should be appreciated that the multiple embodiments described by this specification are merely to illustrate and explain the present invention, be not intended to limit the present invention. And when not conflicting, the embodiment in the application and the feature in embodiment can be mutually combined.
Obviously, the present invention can be carried out various change and modification without deviating from the spirit and scope of the present invention by those skilled in the art. So, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.
Claims (10)
1. a processing method of network data packets, it is characterised in that comprise the steps:
Determine the port receiving packet and packet protocol information;
According in default retrieval tables of data, the protocol rule of the packet caught required for described port, it is judged that received packet is the need of catching;
When determining that described packets need is caught, catch described packet and described packet is performed the safe handling preset.
2. method according to claim 1, it is characterised in that according in default retrieval tables of data, the protocol rule of the packet caught required for described port, judge that received packet specifically includes the need of the step caught:
According to the port receiving packet, default retrieval tables of data is searched the protocol rule of the packet caught required for this port;
According to retrieval tables of data, when there is each open system interconnection osi layer agreement specified in a protocol rule record and being consistent with the agreement that the packet received each open system interconnection osi layer adopts, it is determined that the packets need received is caught;
Described protocol rule record needs at least one agreement that at least one the open system interconnection osi layer of the packet caught adopts.
3. method according to claim 2, it is characterised in that before determining the port receiving packet and packet protocol information, also include:
In described retrieval tables of data, add at least one protocol rule record of the packet caught required for described port;
In newly added protocol rule record, the protocol type needing at least one the open system interconnection osi layer of the packet caught to adopt is set.
4. according to the method in claim 2 or 3, it is characterised in that at least one open system interconnection osi layer described includes open system interconnection OSI bis-layers, open system interconnection OSI three layers, open system interconnection OSI tetra-layers.
5. method according to claim 4, it is characterised in that described protocol rule record includes each open system interconnection osi layer label and each open system interconnection osi layer label protocol class model; Described label is used for indicating whether corresponding open system interconnection osi layer protocol type is empty; Described protocol class model is for indicating the protocol type of corresponding open system osi layer.
6. a network packet processes device, it is characterised in that including:
Packet parsing module: for determining the port receiving packet and packet protocol information;
Catch judge module: be used in the retrieval tables of data that basis is preset, the protocol rule of the packet caught required for described port, it is judged that received packet is the need of catching;
Processing data packets module: for when determining that described packets need is caught, catching described packet and described packet is performed the safe handling preset.
7. device according to claim 6, it is characterised in that described in catch judge module and specifically include:
Protocol rule searches unit: for according to the port receiving packet, searching the protocol rule of the packet caught required for this port in default retrieval tables of data;
Catch and determine unit: for according to retrieval tables of data, when there is each open system interconnection osi layer agreement specified in a protocol rule record and being consistent with the agreement that the packet received each open system interconnection osi layer adopts, it is determined that the packets need received is caught;
Described protocol rule record needs at least one agreement that at least one the open system interconnection osi layer of the packet caught adopts.
8. device according to claim 7, it is characterised in that described device also includes:
Port creation module: for, in described retrieval tables of data, adding at least one protocol rule record of the packet caught required for described port;
Protocol rule record adds module: for, in newly added protocol rule record, arranging the protocol type needing at least one the open system interconnection osi layer of the packet caught to adopt.
9. the device according to claim 7 or 8, it is characterised in that at least one open system interconnection osi layer described includes open system interconnection OSI bis-layers, open system interconnection OSI three layers, open system interconnection OSI tetra-layers.
10. device according to claim 9, it is characterised in that described protocol rule record includes each open system interconnection osi layer label and each open system interconnection osi layer label protocol class model; Described label is used for indicating whether corresponding open system interconnection osi layer protocol type is empty; Described protocol class model is for indicating the protocol type of corresponding open system osi layer.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410690241.3A CN105635088A (en) | 2014-11-25 | 2014-11-25 | Network data packet processing method and device |
| PCT/CN2015/074632 WO2016082380A1 (en) | 2014-11-25 | 2015-03-19 | Network data packet processing method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410690241.3A CN105635088A (en) | 2014-11-25 | 2014-11-25 | Network data packet processing method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105635088A true CN105635088A (en) | 2016-06-01 |
Family
ID=56049584
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410690241.3A Pending CN105635088A (en) | 2014-11-25 | 2014-11-25 | Network data packet processing method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105635088A (en) |
| WO (1) | WO2016082380A1 (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2824449Y (en) * | 2004-11-18 | 2006-10-04 | 北京锐安科技有限公司 | Dynamic controller of data filtering condition |
| CN102497372A (en) * | 2011-12-13 | 2012-06-13 | 曙光信息产业(北京)有限公司 | System and method based on Internet protocol (IP) message destination port filtering strategy |
| US8332927B1 (en) * | 2007-08-10 | 2012-12-11 | Juniper Networks, Inc. | Merging filter rules to reduce forwarding path lookup cycles |
| CN102959924A (en) * | 2010-06-30 | 2013-03-06 | 西门子公司 | Method for filtering and processing data in a packet-switched communication network |
-
2014
- 2014-11-25 CN CN201410690241.3A patent/CN105635088A/en active Pending
-
2015
- 2015-03-19 WO PCT/CN2015/074632 patent/WO2016082380A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2824449Y (en) * | 2004-11-18 | 2006-10-04 | 北京锐安科技有限公司 | Dynamic controller of data filtering condition |
| US8332927B1 (en) * | 2007-08-10 | 2012-12-11 | Juniper Networks, Inc. | Merging filter rules to reduce forwarding path lookup cycles |
| CN102959924A (en) * | 2010-06-30 | 2013-03-06 | 西门子公司 | Method for filtering and processing data in a packet-switched communication network |
| CN102497372A (en) * | 2011-12-13 | 2012-06-13 | 曙光信息产业(北京)有限公司 | System and method based on Internet protocol (IP) message destination port filtering strategy |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2016082380A1 (en) | 2016-06-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100369416C (en) | Method for detecting flow attacking message characteristic of network equipment | |
| CN101421991B (en) | Hardware filtering support for denial-of-service attacks | |
| CN105099821B (en) | Method and device for monitoring flow in virtual environment based on cloud | |
| CN102624706B (en) | Method for detecting DNS (domain name system) covert channels | |
| CN100471172C (en) | Method for implementing black sheet | |
| CN100562020C (en) | Detection method, statistic analysis server and detection system | |
| CN101399711B (en) | Network monitoring system and network monitoring method | |
| WO2015188579A1 (en) | Distributed virtual firewall apparatus and method, and firewall controller | |
| CN101702656B (en) | Discovery method of network topology based on MPLS-VPN | |
| CN103201982A (en) | Managing MAC moves with secure port groups | |
| CN106161335A (en) | A kind for the treatment of method and apparatus of network packet | |
| CN101800746B (en) | Method, device and system for detecting domain name of control host machine in botnets | |
| JP2006314077A (en) | Network controller, and network control system and method | |
| US20120173712A1 (en) | Method and device for identifying p2p application connections | |
| US20190319923A1 (en) | Network data control method, system and security protection device | |
| CN105471835A (en) | Method and system for improving processing performance of firewall | |
| WO2017219957A1 (en) | Fault type determination method and apparatus, and storage medium | |
| CN106789865A (en) | A kind of network safety protection method based on GRE network integration SDN technologies and Honeypot Techniques | |
| CN102594834B (en) | Method and device for defending network attack and network equipment | |
| US20050190752A1 (en) | Method and system for locating the incoming port of a MAC address in an Ethernet switch network | |
| CN107104854B (en) | Method, equipment and system for detecting terminal dual-network interconnection | |
| US10911466B2 (en) | Network protection device and network protection system | |
| JP2011151514A (en) | Traffic volume monitoring system | |
| CN103095665A (en) | Method and device of improving firewall processing performance | |
| CN115664833B (en) | Network hijacking detection method based on local area network safety equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160601 |
|
| WD01 | Invention patent application deemed withdrawn after publication |