CN114301872A - Domain name based access method and device, electronic equipment and storage medium - Google Patents
Domain name based access method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114301872A CN114301872A CN202111616610.0A CN202111616610A CN114301872A CN 114301872 A CN114301872 A CN 114301872A CN 202111616610 A CN202111616610 A CN 202111616610A CN 114301872 A CN114301872 A CN 114301872A
- Authority
- CN
- China
- Prior art keywords
- domain name
- list
- name list
- target
- access request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 230000015654 memory Effects 0.000 claims description 15
- 238000012545 processing Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 14
- 230000006870 function Effects 0.000 description 7
- 230000004044 response Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000013507 mapping Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides an access method and device based on a domain name, electronic equipment and a storage medium, wherein the method comprises the steps of intercepting a user access request initiated by a client under a user login state; determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request; and according to the domain name resolution path corresponding to the target domain name list, obtaining an internet protocol address corresponding to the domain name, and returning the internet protocol address to the client. Therefore, the forwarding of the domain name is not required to be carried out by an intranet domain name server, the domain name resolution efficiency is improved, and the access efficiency is improved.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a domain name based access method and apparatus, an electronic device, and a storage medium.
Background
The DNS (Domain Name System) is a distributed database that records mapping relationships between Domain names and IP addresses, and DNS resolution refers to finding and returning IP addresses corresponding to the mapping relationships of Domain names.
The domain name can help a user to more conveniently memorize and manage resource services, after the user logs in an access control system, the user accesses authorized resources through an intranet IP address or a domain name, and the intranet domain name is analyzed by an intranet DNS. In the traditional mode, all domain name requests are intercepted at a client and sent to an internal domain name server through a tunnel. If the internal domain name server is deployed in an environment where the external network cannot be accessed, the external network domain name cannot be analyzed usually, so that the external network domain name entering the internal network DNS is unavailable; if the intranet domain name servers are cascaded to be capable of analyzing the servers of the outer network DNS, the access efficiency is greatly reduced along with the increase of the cascade depth.
Disclosure of Invention
The embodiment of the application provides an access method based on a domain name, which is used for improving the access efficiency.
The embodiment of the application provides an access method based on a domain name, which comprises the following steps:
intercepting a user access request initiated by a client under a user login state;
determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request;
and according to the domain name resolution path corresponding to the target domain name list, obtaining an internet protocol address corresponding to the domain name, and returning the internet protocol address to the client.
In an embodiment, the determining, according to the domain name carried in the user access request, a target domain name list to which the domain name belongs includes:
judging whether the domain name appears in a virtual domain name list, an outer network domain name list or an inner network domain name list according to the domain name carried by the user access request;
and taking the domain name list with the domain name as the target domain name list.
In an embodiment, the method further comprises:
and if any domain name appears in the outer network domain name list and the inner network domain name list at the same time, taking the outer network domain name list as the target domain name list.
In an embodiment, the obtaining an internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list includes:
and if the target domain name list is a virtual domain name list, locally inquiring an internet protocol address corresponding to the domain name.
In an embodiment, the obtaining an internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list includes:
and if the target domain name list is an outer network domain name list, sending the domain name to an outer network domain name server to obtain an internet protocol address corresponding to the domain name returned by the outer network domain name server.
In an embodiment, the obtaining an internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list includes:
and if the target domain name list is an intranet domain name list, sending the domain name to an intranet domain name server to obtain an internet protocol address corresponding to the domain name returned by the intranet domain name server.
In an embodiment, before intercepting the user access request initiated by the client in the user login state, the method further includes:
and creating a domain name service locally at the client, setting the highest priority of the domain name service, and intercepting a user access request initiated by the client.
In an embodiment, the method further comprises:
and sending the user access request to an outer network domain name server when the user is not logged in, and acquiring an internet protocol address corresponding to the domain name returned by the outer network domain name server.
In an embodiment, the determining, according to the domain name carried in the user access request, a target domain name list to which the domain name belongs includes:
according to the domain name and the domain name type carried by the user access request, if the domain name type is a virtual domain name, searching the domain name in a virtual domain name list;
and if the domain name is found in the virtual domain name list, determining the virtual domain name list as the target domain name list.
An embodiment of the present application further provides an access apparatus based on a domain name, including:
the request intercepting module is used for intercepting a user access request initiated by a client under the user login state;
the list determining module is used for determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request;
and the domain name processing module is used for acquiring the internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list and returning the internet protocol address to the client.
An embodiment of the present application further provides an electronic device, where the electronic device includes:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the domain name based access method described above.
The embodiment of the application also provides a computer readable storage medium, wherein the storage medium stores a computer program, and the computer program can be executed by a processor to complete the domain name based access method.
According to the technical scheme provided by the embodiment of the application, the user access request initiated by the client is intercepted; determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request; according to the domain name resolution path corresponding to the target domain name list, the internet protocol address corresponding to the domain name is obtained, so that forwarding of the domain name is not required by an intranet domain name server, the domain name resolution efficiency is improved, and the access efficiency is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required to be used in the embodiments of the present application will be briefly described below.
Fig. 1 is a schematic view of an application scenario of a domain name based access method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present application;
fig. 3 is a schematic flowchart of a domain name based access method according to an embodiment of the present application;
fig. 4 is a schematic overall architecture diagram of a domain name based access method provided in an embodiment of the present application;
FIG. 5 is a diagram illustrating a time domain name resolution status of an access control system in which a user is not logged in;
FIG. 6 is a diagram illustrating a domain name resolution state after a user logs into the access control system;
fig. 7 is a block diagram of a domain name based access device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
Like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Fig. 1 is a schematic view of an application scenario of a domain name based access method according to an embodiment of the present application. As shown in fig. 1, the application scenario includes a first terminal 110, an intranet DNS server 120, an extranet DNS server 130, an intranet resource server 140, and an extranet resource server 150. The first terminal 110 is connected to the internal network DNS server 120, the external network DNS server 130, the internal network resource server 140, and the external network resource server 150, respectively.
The first terminal 110 may be an intelligent terminal such as a desktop computer, a notebook computer, and a smart phone. The first terminal 110 may run a browser and other clients and may also run an access control system, and the access control system of the first terminal 110 may execute the method provided in the embodiment of the present application, and intercept a user access request initiated by the client in a user login state; determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request; and according to the domain name resolution path corresponding to the target domain name list, obtaining an internet protocol address (IP address) corresponding to the domain name, and returning the Internet protocol address to the client.
In an embodiment, if the domain name is in the intranet domain name list, the access control system may send the domain name to the intranet DNS server 120 for resolution, obtain an IP address, and return the IP address to the client. The client can then access the intranet resource server 140 according to the IP address returned by the intranet DNS server 120.
In another embodiment, if the domain name is in the foreign domain name list, the access control system may send the domain name to the foreign DNS server 130 for resolution, and return the IP address to the client. The client can then access the external network resource server 150 based on the IP address returned by the external network DNS server 130, thereby improving the access efficiency based on the domain name.
Fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present application. The electronic device 200 may serve as the first terminal 110, and the electronic device 200 may be configured to execute the domain name based access method provided in the embodiment of the present application. As shown in fig. 2, the electronic device 200 includes: one or more processors 202, and one or more memories 204 storing processor-executable instructions. Wherein the processor 202 is configured to execute a domain name based access method provided by the following embodiments of the present application.
The processor 202 may be a device containing a Central Processing Unit (CPU), a Graphics Processing Unit (GPU) or other form of processing unit having data processing and/or instruction execution capabilities, may process data for other components in the electronic device 200, and may control other components in the electronic device 200 to perform desired functions.
The memory 204 may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, Random Access Memory (RAM), cache memory (cache), and/or the like. The non-volatile memory may include, for example, Read Only Memory (ROM), hard disk, flash memory, etc. One or more computer program instructions may be stored on the computer-readable storage medium and executed by processor 202 to implement the domain name based access method described below. Various applications and various data, such as various data used and/or generated by the applications, may also be stored in the computer-readable storage medium.
In one embodiment, the electronic device 200 shown in FIG. 2 may also include an input device 206, an output device 208, and a data acquisition device 210, which may be interconnected via a bus system 212 and/or other form of connection mechanism (not shown). It should be noted that the components and configuration of the electronic device 200 shown in FIG. 2 are exemplary only, and not limiting, and the electronic device 200 may have other components and configurations as desired.
The input device 206 may be a device used by a user to input instructions and may include one or more of a keyboard, a mouse, a microphone, a touch screen, and the like. The output device 208 may output various information (e.g., images or sounds) to the outside (e.g., a user), and may include one or more of a display, a speaker, and the like. The data acquisition device 210 may acquire an image of a subject and store the acquired image in the memory 204 for use by other components. Illustratively, the data acquisition device 210 may be a camera.
In one embodiment, the components of the example electronic device 200 for implementing the domain name based access method of the embodiment of the present application may be integrally disposed or may be separately disposed, such as the processor 202, the memory 204, the input device 206, and the output device 208 being integrally disposed, and the data acquisition device 210 being separately disposed.
In an embodiment, the example electronic device 200 for implementing the domain name based access method of the embodiments of the present application may be implemented as a smart device such as a laptop, a desktop, a smartphone, or the like.
Fig. 3 is a schematic flowchart of a domain name based access method according to an embodiment of the present application. The method may be performed by the first terminal 110 in the application scenario shown in fig. 1, and as shown in fig. 3, the method includes the following steps S310 to S330.
Step S310: and intercepting a user access request initiated by a client under the user login state.
The first terminal is provided with an access control system, and a user can log in the access control system through an account password so as to enter a user login state. An access control system may intercept a user access request initiated by a client. The client may be a browser, for example. The user access request may include information such as a domain name and a domain name type. The access control system can intercept a domain name request message (namely a user access request) initiated by a client, analyze the message content, and obtain a domain name and a query type queried by a user.
It should be noted that, when a plurality of DNS addresses are configured, the DNS priority is used to indicate the order in which the operating system sends DNS requests, for example, the Windows operating system may configure a preferred DNS server and an alternative DNS server, where the preferred DNS server is prior to the alternative, and two DNS addresses have low interface hop numbers and are prior to high hop numbers; the Linux operating system and the Mac operating system can configure a global DNS order, and the higher the position is, the higher the priority is.
Therefore, after the user logs in the access control system, the access control system can create the domain name service locally at the client and set the priority of the domain name service to be the highest. Therefore, the access request can firstly pass through the domain name service created locally, and the function of intercepting the user access request initiated by the client is achieved. In one embodiment, a DNS service may be created on the client local 127.0.0.1 address 53 port, listening for local user access requests. The policy of the local domain name service may execute a corresponding processing action based on the domain name of the user access request, including directly constructing a DNS response to return an IP address corresponding to the domain name, sending the domain name to an internal network DNS server for resolution, or sending the domain name to an external network DNS server for resolution, which is specifically described below.
Step S320: and determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request.
The embodiment of the application can have three domain name lists, namely a virtual domain name list, an outer network domain name list and an inner network domain name list. The target name list may be any of the three name lists described above. And if the domain name is in the domain name list, the domain name list is the target domain name list.
For example, the domain name may bedemo.c.com,In an embodiment, whether the domain name appears in a virtual domain name list, an external network domain name list or an internal network domain name list can be judged according to the domain name carried by the user access request; and taking the domain name list with the domain name as the target domain name list.
The virtual domain name list, the outer network domain name list and the inner network domain name list can be configured in advance, the virtual domain name list is relative to the real domain name, and the ip address corresponding to the virtual domain name can be directly and locally inquired without being analyzed by a domain name server. The domain name in the internal network domain name list is analyzed by an internal network domain name server to obtain an ip address corresponding to the domain name, and the domain name in the external network domain name list is analyzed by an external network domain name server to obtain the ip address corresponding to the domain name.
For example, if the domain name appears in the virtual domain name list, the virtual domain name list is the target domain name list. If the domain name appears in the intranet domain name list, the intranet domain name list is the target domain name list. If the domain name appears in the foreign domain name list, the foreign domain name list is the target domain name list.
Step S330: and according to the domain name resolution path corresponding to the target domain name list, obtaining an internet protocol address corresponding to the domain name, and returning the internet protocol address to the client. The domain name resolution path is used for representing which domain name service system is responsible for resolving the domain name to obtain the IP address. The IP address can be returned to the client initiating the user access request, and then the client can perform handshake operation with the resource server corresponding to the IP address based on the IP address to establish connection. The client starts to construct a request message and requests the resource server to acquire resources.
In an embodiment, if the target domain name list is a virtual domain name list, the internet protocol address corresponding to the domain name is locally queried.
The one-to-one correspondence between the virtual domain name and the IP is configured through the strategy, the domain name does not need to be analyzed in a DNS server, and compared with the configuration in the DNS server, the user access speed is higher, and the DNS response packet is directly constructed after local query and returned to the IP address, so that the domain name is not transmitted outwards. The efficient response of the user access request is realized, and the effect of using the domain name in a mode of binding the IP by the virtual domain name can be achieved under the condition that a DNS (domain name server) is not provided.
In an embodiment, if the target domain name list is an external network domain name list, the domain name is sent to an external network domain name server, and an internet protocol address corresponding to the domain name returned by the external network domain name server is obtained. And if the target domain name list is an intranet domain name list, sending the domain name to an intranet domain name server to obtain an internet protocol address corresponding to the domain name returned by the intranet domain name server.
According to the technical scheme provided by the embodiment of the application, the user access request initiated by the client is intercepted; determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request; according to the domain name resolution path corresponding to the target domain name list, the internet protocol address corresponding to the domain name is obtained, so that forwarding of the domain name is not required by an intranet domain name server, the domain name resolution efficiency is improved, and the access efficiency is improved.
In an embodiment, if any domain name appears in the extranet domain name list and the intranet domain name list at the same time, the extranet domain name list may be used as the target domain name list.
For example, the domain name format is a.
Of course, depending on different application scenarios, it may also be configured that when the domain name appears in the extranet domain name list and the intranet domain name list at the same time, the intranet domain name list is used as the target domain name list by default.
In an embodiment, the user access request may include a domain name and a domain name type in addition to the domain name, and the access control system may search the domain name in a virtual domain name list according to the domain name and the domain name type carried in the user access request if the domain name type is a virtual domain name; and if the domain name is found in the virtual domain name list, determining the virtual domain name list as the target domain name list.
It should be noted that the domain name type is used to indicate whether the domain name is a virtual domain name or a real domain name. If the domain name type is a virtual domain name, whether the domain name exists in a virtual domain name list can be directly searched, and the distinguishing efficiency of the name list to which the domain name belongs is improved.
Fig. 4 is a schematic overall architecture diagram of a domain name based access method provided in an embodiment of the present application. As shown in fig. 4, the following process is included:
(1) create local DNS service: creating a DNS service on a local 127.0.0.1 address 53 port of the client, and monitoring a local DNS request;
(2) setting the local DNS service with the highest priority so that the DND request passes through the local DNS service preferentially;
(3) DNS interception: intercepting a user access request initiated by a client, and analyzing to obtain a domain name and a domain name type;
(4) separation strategy: and based on the domain name requested by the user, executing corresponding processing actions, including directly constructing a DNS response and returning a bound IP address, sending the domain name to an internal network DNS server for resolution, and sending the domain name to an external network DNS server for resolution.
The local original DNS configuration refers to a default sending address of a user access request before the local high-priority DNS service is started. In an embodiment, in a state that a user is not logged in, the user access request is directly sent to an extranet domain name server, and an internet protocol address corresponding to the domain name returned by the extranet domain name server is obtained.
In one embodiment, there may be several types of resources under which a user logs into the access control system:
resource A, intranet resource, wherein the intranet IP is fixed to be 10.92.2.250, and for the convenience of user memory, a domain name binding IP, demo.a.com @10.92.2.250 is configured in a DNS strategy;
resource B, intranet resource, fixed domain name demo.b.com, unfixed IP, and the updated IP address can be synchronized in an intranet DNS server;
resource C1, intranet resource, domain name demo.c.com;
resource C2, extranet resource, domain name demo.c.com, C1 and C2 share domain name demo.c.com, different resources are pointed to at different occasions, the extranet resource C2 is pointed to before logging in the access control system, and the intranet resource C1 is pointed to after logging in the access control system;
resource D, intranet resources, a plurality of intranet resource collections with the same domain name suffixes, and the domain name format is.
Resource E, extranet resource, domain name bbs.
FIG. 5 is a schematic diagram showing a time domain name resolution status of an access control system in which a user does not log in, and an intranet domain name cannot be resolved to a correct intranet IP address, which relates to a resource A, a resource B, and a resource D; com points to extranet resource C2 through extranet DNS resolution; and bbs, demo, d, com points to the external network resource E through external network DNS resolution.
Fig. 6 is a schematic diagram of a domain name resolution state after a user logs in an access control system, and demo.a.com is directly located to a resource a in a virtual domain name list according to an IP address correspondingly bound to a domain name; the method comprises the steps that in an intranet domain name list, demo.b.com, demo.c.com and oa.demo.d.com, IP addresses are obtained through analysis of an intranet DNS server and point to corresponding intranet resources respectively; and (c) setting an intranet resolution exception (namely in an intranet domain name list), and directly obtaining an IP address through the resolution of an outer network DNS (domain name server) and pointing to an outer network resource E.
In the prior art, if an internal domain name server is deployed in an environment where an external network cannot be accessed, the external network domain name cannot be generally analyzed, so that the external network domain name entering an internal network DNS is unavailable; if the intranet domain name servers are cascaded to be capable of analyzing the servers of the outer network DNS, the access efficiency is greatly reduced along with the increase of the cascade depth. The scheme provided by the embodiment of the application can avoid the dependence on the logic of DNS overtime switching, active-standby switching, no-response switching and the like of the system, and accurately support the user domain name access request.
According to the scheme, under the condition that the configuration and the cascade state of the existing DNS server are not required to be modified, the internal network DNS server and the external network DNS server are flexibly configured, the use scene of the internal and external network crossed domain names is realized, and domain name resolution and forwarding are efficiently completed.
The following is an embodiment of the apparatus of the present application, which may be used to execute the above embodiment of the domain name based access method of the present application. For details not disclosed in the embodiments of the apparatus of the present application, please refer to the embodiments of the domain name based access method of the present application.
Fig. 7 is a block diagram illustrating a domain name based access device according to an embodiment of the present application. As shown in fig. 7, the apparatus includes: a request interception module 710, a list determination module 720, and a domain name processing module 730.
A request intercepting module 710, configured to intercept a user access request initiated by a client in a user login state;
a list determining module 720, configured to determine, according to the domain name carried in the user access request, a target domain name list to which the domain name belongs;
and the domain name processing module 730 is configured to obtain an internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list, and return the internet protocol address to the client.
The implementation process of the functions and actions of each module in the above device is specifically described in the implementation process of the corresponding step in the above domain name based access method, and is not described herein again.
In the embodiments provided in the present application, the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Claims (12)
1. A domain name based access method, comprising:
intercepting a user access request initiated by a client under a user login state;
determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request;
and according to the domain name resolution path corresponding to the target domain name list, obtaining an internet protocol address corresponding to the domain name, and returning the internet protocol address to the client.
2. The method of claim 1, wherein the determining, according to the domain name carried in the user access request, a target domain name list to which the domain name belongs comprises:
judging whether the domain name appears in a virtual domain name list, an outer network domain name list or an inner network domain name list according to the domain name carried by the user access request;
and taking the domain name list with the domain name as the target domain name list.
3. The method of claim 2, further comprising:
and if any domain name appears in the outer network domain name list and the inner network domain name list at the same time, taking the outer network domain name list as the target domain name list.
4. The method of claim 1, wherein obtaining the internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list comprises:
and if the target domain name list is a virtual domain name list, locally inquiring an internet protocol address corresponding to the domain name.
5. The method of claim 1, wherein obtaining the internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list comprises:
and if the target domain name list is an outer network domain name list, sending the domain name to an outer network domain name server to obtain an internet protocol address corresponding to the domain name returned by the outer network domain name server.
6. The method of claim 1, wherein obtaining the internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list comprises:
and if the target domain name list is an intranet domain name list, sending the domain name to an intranet domain name server to obtain an internet protocol address corresponding to the domain name returned by the intranet domain name server.
7. The method of claim 1, wherein before intercepting a client-initiated user access request in the user login state, the method further comprises:
and creating a domain name service locally at the client, setting the highest priority of the domain name service, and intercepting a user access request initiated by the client.
8. The method of claim 1, further comprising:
and sending the user access request to an outer network domain name server when the user is not logged in, and acquiring an internet protocol address corresponding to the domain name returned by the outer network domain name server.
9. The method of claim 1, wherein the determining, according to the domain name carried in the user access request, a target domain name list to which the domain name belongs comprises:
according to the domain name and the domain name type carried by the user access request, if the domain name type is a virtual domain name, searching the domain name in a virtual domain name list;
and if the domain name is found in the virtual domain name list, determining the virtual domain name list as the target domain name list.
10. A domain name based access device, comprising:
the request intercepting module is used for intercepting a user access request initiated by a client under the user login state;
the list determining module is used for determining a target domain name list to which the domain name belongs according to the domain name carried by the user access request;
and the domain name processing module is used for acquiring the internet protocol address corresponding to the domain name according to the domain name resolution path corresponding to the target domain name list and returning the internet protocol address to the client.
11. An electronic device, characterized in that the electronic device comprises:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the domain name based access method of any one of claims 1-7.
12. A computer-readable storage medium, characterized in that the storage medium stores a computer program executable by a processor to perform the domain name based access method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111616610.0A CN114301872B (en) | 2021-12-27 | 2021-12-27 | Domain name based access method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111616610.0A CN114301872B (en) | 2021-12-27 | 2021-12-27 | Domain name based access method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114301872A true CN114301872A (en) | 2022-04-08 |
| CN114301872B CN114301872B (en) | 2023-12-26 |
Family
ID=80970459
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111616610.0A Active CN114301872B (en) | 2021-12-27 | 2021-12-27 | Domain name based access method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114301872B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115001780A (en) * | 2022-05-26 | 2022-09-02 | 深圳华策辉弘科技有限公司 | Access control method, device, equipment and readable storage medium |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102130820A (en) * | 2010-01-14 | 2011-07-20 | 深圳市深信服电子科技有限公司 | Network service access method and access gateway equipment |
| US20140006577A1 (en) * | 2012-06-29 | 2014-01-02 | Verizon Patent And Licensing Inc. | Virtual domain name system |
| CN103685583A (en) * | 2012-09-05 | 2014-03-26 | 阿里巴巴集团控股有限公司 | Method and system for resolving domain names |
| CN104052832A (en) * | 2014-06-30 | 2014-09-17 | 北京金山安全软件有限公司 | Method and device for setting IP address of domain name resolution server and server |
| WO2017177437A1 (en) * | 2016-04-15 | 2017-10-19 | 深圳前海达闼云端智能科技有限公司 | Domain name resolution method, device, and system |
| CN107438111A (en) * | 2016-05-27 | 2017-12-05 | 中兴通讯股份有限公司 | Method, server and the system of method and the domain name agency of inquiry of the domain name |
| CN108124020A (en) * | 2016-11-28 | 2018-06-05 | 中国电信股份有限公司 | Domain name analytic method, system and equipment |
| CN108702397A (en) * | 2017-08-08 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | A kind of method and system obtained and collect client local dns server |
| CN108886540A (en) * | 2018-06-13 | 2018-11-23 | 深圳前海达闼云端智能科技有限公司 | Domain name resolution method, device and computer readable storage medium |
| CN110830458A (en) * | 2019-10-25 | 2020-02-21 | 云深互联(北京)科技有限公司 | Domain name access method, system and equipment |
| CN111262938A (en) * | 2020-01-17 | 2020-06-09 | 厦门网宿有限公司 | DNS server selection method and proxy server |
| CN112887444A (en) * | 2021-01-19 | 2021-06-01 | 网宿科技股份有限公司 | VPN (virtual private network) request processing method, client device and system |
-
2021
- 2021-12-27 CN CN202111616610.0A patent/CN114301872B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102130820A (en) * | 2010-01-14 | 2011-07-20 | 深圳市深信服电子科技有限公司 | Network service access method and access gateway equipment |
| US20140006577A1 (en) * | 2012-06-29 | 2014-01-02 | Verizon Patent And Licensing Inc. | Virtual domain name system |
| CN103685583A (en) * | 2012-09-05 | 2014-03-26 | 阿里巴巴集团控股有限公司 | Method and system for resolving domain names |
| CN104052832A (en) * | 2014-06-30 | 2014-09-17 | 北京金山安全软件有限公司 | Method and device for setting IP address of domain name resolution server and server |
| WO2017177437A1 (en) * | 2016-04-15 | 2017-10-19 | 深圳前海达闼云端智能科技有限公司 | Domain name resolution method, device, and system |
| CN107438111A (en) * | 2016-05-27 | 2017-12-05 | 中兴通讯股份有限公司 | Method, server and the system of method and the domain name agency of inquiry of the domain name |
| CN108124020A (en) * | 2016-11-28 | 2018-06-05 | 中国电信股份有限公司 | Domain name analytic method, system and equipment |
| CN108702397A (en) * | 2017-08-08 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | A kind of method and system obtained and collect client local dns server |
| CN108886540A (en) * | 2018-06-13 | 2018-11-23 | 深圳前海达闼云端智能科技有限公司 | Domain name resolution method, device and computer readable storage medium |
| CN110830458A (en) * | 2019-10-25 | 2020-02-21 | 云深互联(北京)科技有限公司 | Domain name access method, system and equipment |
| CN111262938A (en) * | 2020-01-17 | 2020-06-09 | 厦门网宿有限公司 | DNS server selection method and proxy server |
| CN112887444A (en) * | 2021-01-19 | 2021-06-01 | 网宿科技股份有限公司 | VPN (virtual private network) request processing method, client device and system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115001780A (en) * | 2022-05-26 | 2022-09-02 | 深圳华策辉弘科技有限公司 | Access control method, device, equipment and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114301872B (en) | 2023-12-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8321503B2 (en) | Context-specific network resource addressing model for distributed services | |
| CN107948314B (en) | Business processing method and device based on rule file and server | |
| US8707429B2 (en) | DNS resolution, policies, and views for large volume systems | |
| CN106302842B (en) | Domain name resolution method, device and system | |
| WO2013143403A1 (en) | Method and system for accessing website | |
| EP3170091B1 (en) | Method and server of remote information query | |
| US11349803B2 (en) | Intelligent redirector based on resolver transparency | |
| WO2021088254A1 (en) | Dual-stack access method, apparatus and device for user-mode network file system | |
| CN109327559B (en) | Domain name resolution method and device based on hybrid cloud platform | |
| CN106534268B (en) | Data sharing method and device | |
| US9485140B2 (en) | Automatic proxy setting modification | |
| US11695623B2 (en) | Method and apparatus for binding network card in multi-network card server, and electronic device and storage medium | |
| US20110126292A1 (en) | Method and System for Providing Security Seals on Web Pages | |
| CN113923008B (en) | Malicious website interception method, device, equipment and storage medium | |
| CN114301872B (en) | Domain name based access method and device, electronic equipment and storage medium | |
| CN113992382B (en) | Service data processing method and device, electronic equipment and storage medium | |
| CN109413224B (en) | Message forwarding method and device | |
| CN113315848A (en) | Access control method, device and equipment | |
| CN115913597A (en) | Method and device for determining lost host | |
| CN115189897A (en) | Access processing method and device for zero trust network, electronic equipment and storage medium | |
| CN109788050B (en) | Method, system, electronic device and medium for acquiring IP address of source station | |
| US11134117B1 (en) | Network request intercepting framework for compliance monitoring | |
| US11487570B1 (en) | Efficient creation of endpoints for accessing services directly within a cloud-based system | |
| US7716682B2 (en) | Multimodal or multi-device configuration | |
| CN113676561A (en) | Domain name access control method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100032 NO.332, 3rd floor, Building 102, 28 xinjiekouwai street, Xicheng District, Beijing Applicant after: Qianxin Technology Group Co.,Ltd. Applicant after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Address before: 100032 NO.332, 3rd floor, Building 102, 28 xinjiekouwai street, Xicheng District, Beijing Applicant before: Qianxin Technology Group Co.,Ltd. Applicant before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |