WO2018090988A1 - Method and apparatus for controlling terminal network data, and routing device - Google Patents

Method and apparatus for controlling terminal network data, and routing device Download PDF

Info

Publication number
WO2018090988A1
WO2018090988A1 PCT/CN2017/111762 CN2017111762W WO2018090988A1 WO 2018090988 A1 WO2018090988 A1 WO 2018090988A1 CN 2017111762 W CN2017111762 W CN 2017111762W WO 2018090988 A1 WO2018090988 A1 WO 2018090988A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
port
routing device
filtering
network address
Prior art date
Application number
PCT/CN2017/111762
Other languages
French (fr)
Chinese (zh)
Inventor
高夕玲
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018090988A1 publication Critical patent/WO2018090988A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2425Traffic characterised by specific attributes, e.g. priority or QoS for supporting services specification, e.g. SLA
    • H04L47/2433Allocation of priorities to traffic types
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/32Flow control; Congestion control by discarding or delaying data units, e.g. packets or frames

Definitions

  • the present disclosure relates to the field of network technologies, and in particular, to a method, an apparatus, a routing device, and a computer storage medium for controlling network data of a terminal.
  • WLAN Wireless Local Area Networks
  • the type of connection seen by the end user is not necessarily the true connection type.
  • the end user thinks that the network is a low-cost network, but it is actually a high-cost network, such as an LTE (Long Term Evolution) network.
  • LTE Long Term Evolution
  • the technical problem to be solved by the embodiments of the present invention is to provide a method, a device, a routing device, and a computer storage medium for controlling network data of a terminal, and flexibly controlling network data traffic or receiving network data based on a communication port.
  • the packet filtering policy includes: a feature of the packet to be filtered out;
  • Packets flowing through the communication port are filtered according to the packet filtering policy.
  • the feature of the message to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
  • the feature of the packet to be filtered includes at least one of the following: the destination network address is a network address of the server that provides the software upgrade package, and the destination network address and The destination port is the network address and port of the server that provides the software upgrade package.
  • the characteristics of the packets to be filtered include at least one of the following:
  • the network address is the network address of the server that provides the push information
  • the source network address and source port are the network addresses and ports of the server that provides the push information.
  • the message filtering policy further includes: a condition for starting filtering
  • the packet flowing through the communication port is forwarded.
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the conditions for starting the filtering include:
  • the manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
  • the routing device enters the set time period
  • the data traffic used by the routing device exceeds the set traffic threshold.
  • An embodiment of the present invention further provides an apparatus for controlling network data of a terminal, including:
  • the setting module is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered;
  • the filtering module is configured to filter the packets flowing through the communication port according to the packet filtering policy.
  • the feature of the message to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
  • the feature of the packet to be filtered includes at least one of the following: the destination network address is a network address of the server that provides the software upgrade package, and the destination network address and The destination port is the network address and port of the server that provides the software upgrade package.
  • the feature of the packet to be filtered includes at least one of the following: the source network address is a network address of a server that provides push information, and the source network address and the source port are push information.
  • the network address and port of the server is a network address of a server that provides push information, and the source network address and the source port are push information.
  • the message filtering policy further includes: a condition for starting filtering
  • the filtering module is configured to filter, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition of the startup filtering is reached;
  • the packet flowing through the communication port is forwarded.
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the conditions for starting the filtering include:
  • the manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
  • the routing device enters the set time period
  • the data traffic used by the routing device exceeds the set traffic threshold.
  • An embodiment of the present invention further provides a routing device, including a processor and a memory storing the processor executable instructions, when the instructions are executed by the processor, performing the following operations:
  • the packet filtering policy includes: a feature of the packet to be filtered out;
  • Packets flowing through the communication port are filtered according to the packet filtering policy.
  • the message filtering policy further includes: a condition for starting filtering
  • the operation performed by the processor further includes: filtering, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition for starting the filtering is reached;
  • the packet flowing through the communication port is forwarded.
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the conditions for starting the filtering include:
  • the manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
  • the routing device enters the set time period
  • the data traffic used by the routing device exceeds the set traffic threshold.
  • An embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores one or more programs executable by a computer, and when the one or more programs are executed by the computer, causing the computer to execute the foregoing A method of controlling network data of a terminal.
  • the technical solution proposed by the embodiment of the present invention has at least the following advantages:
  • the WAN port of the routing device accesses the Internet is not in a tariff-sensitive manner, it flows through the corresponding WAN port or LAN port according to the prior art. The packets are forwarded normally, so they will not affect the normal business of the user.
  • FIG. 1 is a flowchart of a method for controlling network data of a terminal according to first and second embodiments of the present invention
  • FIG. 2 is a flowchart of a method for controlling network data of a terminal according to a third embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of a device for controlling network data of a terminal according to fourth to sixth embodiments of the present invention.
  • FIG. 4 is a schematic structural diagram of a routing apparatus according to an eighth embodiment of the present invention.
  • FIG. 5 is a flowchart of a method for controlling software to upgrade data traffic by a routing device according to an eighth embodiment of the present invention.
  • FIG. 6 is a specific flowchart of step 3 of the eighth embodiment of the present invention.
  • a first embodiment of the present invention a method for controlling network data of a terminal, as shown in FIG. 1, includes the following steps:
  • Step S101 Set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered.
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the feature of the packet to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
  • Step S102 Filter the packets flowing through the communication port according to the packet filtering policy.
  • the packet filtering policy is set based on the communication port of the routing device, and the packet filtering is performed based on the port, which can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy for the routing device in the prior art.
  • a second embodiment of the present invention a method for controlling network data of a terminal, as shown in FIG. 1, includes the following steps:
  • Step S101 Set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered.
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the characteristics of the packet to be filtered include at least one of the following: the destination network address is the network address of the server providing the software upgrade package, and the destination network address and the destination port are software upgrade packages.
  • the request packet can be discarded.
  • the feature of the packet to be filtered includes at least one of the following: the source network address is a network address of a server that provides push information, and the source network address and the source port are push information.
  • the server on the Internet side may actively push some information to the terminal, and may also cause certain interference to the terminal user.
  • the source address and the port may be obtained by parsing the packet sent by the Internet side. The packets of the push information class are discarded.
  • Step S102 Filter the packets flowing through the communication port according to the packet filtering policy.
  • the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. It can avoid a large amount of data traffic such as downloading of software upgrade packages.
  • the filtering of the packets based on the port can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy on the routing device.
  • a third embodiment of the present invention a method for controlling network data of a terminal, as shown in FIG. 2, includes the following steps:
  • Step S201 setting a corresponding packet filtering policy for the communication port of the routing device, and the packet filtering policy package Include: the characteristics of the message that needs to be filtered out and the conditions for starting the filtering.
  • the feature of the packet to be filtered includes at least one of the following: the destination network address is a network address of the server that provides the software upgrade package, and the destination network address and The destination port is the network address and port of the server that provides the software upgrade package.
  • the feature of the packet to be filtered includes at least one of the following settings: the source network address is the network address of the server providing the push information, and the source network address and the source port are The network address and port of the server that provides the push information.
  • the communication port includes: a wide area network port, and/or a local area network port.
  • the conditions for starting the filtering include:
  • the manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
  • the routing device enters the set time period
  • the data traffic used by the routing device exceeds the set traffic threshold.
  • step S202 when the condition for starting the filtering is reached, the packet flowing through the communication port is filtered according to the feature of the packet that needs to be filtered;
  • the packet flowing through the communication port is forwarded.
  • the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. And according to the way that the WAN port of the routing device accesses the Internet or the time and traffic of the routing device, the packet filtering policy of the communication port is started at an appropriate timing, and the situation that the low-priority data traffic consumes a large amount of high-cost network is controlled.
  • the packets flowing through the corresponding WAN port or LAN port are forwarded normally according to the prior art, and thus Will not affect the normal business of the user.
  • the fourth embodiment of the present invention corresponds to the first embodiment.
  • This embodiment introduces a device for controlling network data of a terminal. As shown in FIG. 3, the following components are included:
  • the setting module 100 is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered;
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the feature of the packet to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
  • the filtering module 200 is configured to filter the packets flowing through the communication port according to the packet filtering policy.
  • the packet filtering policy is set based on the communication port of the routing device, and the packet filtering is performed based on the port, which can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy for the routing device in the prior art.
  • the fifth embodiment of the present invention corresponds to the second embodiment.
  • This embodiment introduces a device for controlling network data of a terminal. As shown in FIG. 3, the following components are included:
  • the setting module 100 is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered;
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the characteristics of the packet to be filtered include at least one of the following: the destination network address is the network address of the server providing the software upgrade package, and the destination network address and the destination port are software upgrade packages. Network address and port of the server;
  • the feature of the packet to be filtered includes at least one of the following settings: the source network address is the network address of the server providing the push information, and the source network address and the source port are The network address and port of the server that provides the push information.
  • the filtering module 200 is configured to filter the packets flowing through the communication port according to the packet filtering policy.
  • the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. It can avoid a large amount of data traffic such as downloading of software upgrade packages.
  • the filtering of the packets based on the port can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy on the routing device.
  • the sixth embodiment of the present invention corresponds to the third embodiment.
  • This embodiment introduces a device for controlling network data of a terminal. As shown in FIG. 3, the following components are included:
  • the setting module 100 is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered and a condition for starting filtering;
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the characteristics of the packet to be filtered include at least one of the following: the destination network address is the network address of the server providing the software upgrade package, and the destination network address and the destination port are software upgrade packages. Network address and port of the server;
  • the feature of the packet to be filtered includes at least one of the following settings: the source network address is the network address of the server providing the push information, and the source network address and the source port are The network address and port of the server that provides the push information.
  • the conditions for starting the filtering include:
  • the manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
  • the routing device enters the set time period
  • the data traffic used by the routing device exceeds the set traffic threshold.
  • the filtering module 200 is configured to filter the packets according to the requirements when the conditions for starting the filtering are reached.
  • the feature filters the packets flowing through the communication port;
  • the packet flowing through the communication port is forwarded.
  • the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. And according to the way that the WAN port of the routing device accesses the Internet or the time and traffic of the routing device, the packet filtering policy of the communication port is started at an appropriate timing, and the situation that the low-priority data traffic consumes a large amount of high-cost network is controlled.
  • the packets flowing through the corresponding WAN port or LAN port are forwarded normally according to the prior art, and thus Will not affect the normal business of the user.
  • a seventh embodiment of the present invention is a routing device that can be understood as a physical device.
  • the routing device includes a processor and a memory storing executable instructions of the processor. When the instruction is executed by the processor, the execution is as follows. operating:
  • the packet filtering policy includes: a feature of the packet to be filtered out;
  • Packets flowing through the communication port are filtered according to the packet filtering policy.
  • the message filtering policy further includes: a condition for starting filtering
  • the operation performed by the processor further includes: filtering, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition for starting the filtering is reached;
  • the packet flowing through the communication port is forwarded.
  • the communication port comprises: a wide area network port, and/or a local area network port;
  • the conditions for starting the filtering include:
  • the manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
  • the routing device enters the set time period
  • the data traffic used by the routing device exceeds the set traffic threshold.
  • the eighth embodiment of the present invention is based on the above embodiments, and an application example of the present invention is described with reference to Figs.
  • a system for controlling network data of a terminal includes: a mobile terminal device and a routing device, the mobile terminal device is similar to the terminal of the foregoing embodiment, and the routing device is similar to the routing device of the foregoing embodiment.
  • the routing device includes: a communication module 201, a message definition configuration module 202, a packet filtering switch module 203, and a message filtering module 204.
  • the communication module 201 includes a LAN port supporting LAN (Local Area Network) side communication and a WAN port supporting WAN side communication, including wired communication and wireless communication; and the message definition configuration module 202 is configured to generate a software upgrade package feature, which may Is the domain name of the server that provides the software upgrade package, or the IP address of the server that provides the software upgrade package and the combination of ports;
  • a software upgrade package feature which may Is the domain name of the server that provides the software upgrade package, or the IP address of the server that provides the software upgrade package and the combination of ports;
  • the packet filtering module 203 is configured to control whether the packet filtering module 204 is enabled, whether the enabling may change with different states of the WAN port, or may change with time and traffic usage; the packet filtering module 204 is configured. Identify and discard eligible messages.
  • Various WAN ports are mainly used for Internet interaction, and the ways of accessing the Internet include: wired, cellular mobile communication, WLAN, and the like.
  • the LAN port is used for the mobile terminal device to access the routing device, and various connection modes of the LAN port and the mobile terminal device include: wired, WLAN, Bluetooth, Zigbee, and the like.
  • the message definition configuration module 202 is configured to generate a feature of the software upgrade package, and the features include: a domain name, an IP address, a port, and the like.
  • the message filtering module 204 is configured to identify the packets that meet the characteristics and discard them.
  • the message filtering switch module 203 is configured to start/stop the message filtering module 204 based on the current WAN port accessing the Internet.
  • Embodiments of the present invention also describe a method for routing device control software to upgrade data traffic.
  • the terminal Before the user can use the terminal, the terminal must be powered on, and the routing device is powered on, and the routing device is connected to the Internet.
  • the subsequent control processes include:
  • Step 1 Configure a packet filtering policy for the WAN port of the routing device.
  • the policy includes: the feature of the packet requesting the software upgrade packet, which may be based on whether the destination network address of the packet is the domain name and IP of the server that provides the software upgrade package. Address, port, etc.
  • Step 2 Configure the start packet filtering condition for the WAN port of the routing device.
  • the main reason is whether the WAN port accesses the Internet according to the set access mode as the condition for starting packet filtering, and may also include some other conditions. , such as a specific time period, etc.;
  • Step 3 The routing device processes the packet of the WAN port based on the feature of the packet requesting the software upgrade package and the packet filtering condition. Therefore, the routing device can dynamically control the low priority undesired data stream.
  • Step 3 is a process of processing a message of the mobile terminal device, and the mobile terminal device may be any mobile terminal device supporting the IP protocol stack.
  • the message definition configuration module 202 in this embodiment may adopt a local manual configuration mode of the user, or may adopt an Internet-based database remote download mode based on a specific application, thereby simplifying the entire configuration process.
  • the message filtering switch module 203 is mainly implemented based on the characteristics of the WAN port. The function of the packet filtering switch module 203 or the specific process of step 3 is as shown in FIG. 6:
  • Step 11 Determine whether the manner in which the WAN port accesses the Internet changes. If yes, perform step 12; otherwise, forward the packet of the WAN port according to the prior art, and repeat step 11.
  • Step 12 Determine whether the changed WAN port accesses the Internet according to the set access mode, and if so, Then go to step 13, otherwise go to step 11.
  • Step 13 Determine whether the WAN port has a corresponding packet filtering policy. If yes, go to step 14, otherwise go to step 11.
  • Step 14 Filter the packet flowing through the WAN port according to the packet filtering policy, and go to step 11.
  • the way the router's WAN port accesses the Internet changes as the state of the network changes. Once the way the WAN port is connected to the Internet changes, the WAN port is first checked for a packet filtering policy. If yes, activate the packet filtering policy corresponding to the WAN port, activate the related process in the protocol stack of the WAN port, and perform the desired packet filtering operation by the protocol stack.
  • the flow of the packet filtering method of the routing device in this embodiment is the same as that in the first, second or third embodiment.
  • the difference is that in engineering implementation, the embodiment can be added by software.
  • the method of the embodiments of the present invention may be embodied in the form of a computer software product stored in a storage medium (such as a ROM/RAM, a magnetic disk, an optical disk), including a plurality of instructions.
  • a device (which may be a routing device, etc.) is caused to perform the method described in the embodiments of the present invention.
  • the technical solutions provided by the embodiments of the present invention can be applied to the field of network technologies.
  • the technical solution provided by the embodiment of the present invention according to the manner in which the WAN port of the routing device accesses the Internet or the time and traffic of the routing device, the low-priority data traffic is controlled by a large number of high-cost networks, thereby avoiding
  • the packets flowing through the corresponding WAN port or LAN port are forwarded normally according to the prior art, and therefore will not be Affect the normal business of the user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present disclosure relates to a method and apparatus for controlling terminal network data, a routing device and a computer storage medium. The method comprises: setting a corresponding message filtering policy for a communication port of a routing device, wherein the message filtering policy comprises a feature of a message that needs to be filtered out; and filtering a message flowing through the communication port according to the message filtering policy. In the technical solution provided in the embodiments of the present invention, the situation where low-priority data traffic consumes a large number of costly networks is controlled according to the manner of a wide area network port of a routing device accessing the Internet and information, such as time and traffic, about the routing device, thereby avoiding unnecessary high charges. When the manner of the wide area network port of the routing device accessing the Internet does not belong to a charge sensitive manner, a message flowing through a corresponding wide area network port or local area network port is forwarded normally according to the prior art, and therefore, a normal service of a user cannot be affected.

Description

一种控制终端网络数据的方法、装置和路由设备Method, device and routing device for controlling terminal network data 技术领域Technical field
本公开涉及网络技术领域,尤其涉及一种控制终端网络数据的方法、装置、路由设备及计算机存储介质。The present disclosure relates to the field of network technologies, and in particular, to a method, an apparatus, a routing device, and a computer storage medium for controlling network data of a terminal.
背景技术Background technique
现在的路由设备,尤其是可移动的路由设备,往往都具有多种WAN(Wide Area Network,广域网)接入方式,但每种接入方式都有自己的特点,比如速率不同或者资费不同。对于用户正常的数据业务,应该是尽力保证。但对于用户非期望的数据应用则应该禁止,比如某些场景下会产生比较多的资费。作为一款路由设备产品,应该对这些数据进行区分、识别并根据需求隔离。Today's routing devices, especially mobile routing devices, often have multiple WAN (Wide Area Network) access methods, but each access method has its own characteristics, such as different rates or different tariffs. For the normal data service of the user, it should be the best effort. However, the application of data that is not expected by the user should be prohibited. For example, in some scenarios, more tariffs will be generated. As a routing device product, this data should be differentiated, identified, and isolated as needed.
对于终端而言,往往都假定某些网络比如WLAN(Wireless Local Area Networks,无线局域网络)的资费为0。在这些场景下,允许进行一些低优先级的数据业务。For the terminal, it is often assumed that the tariff of some networks such as WLAN (Wireless Local Area Networks) is zero. In these scenarios, some low-priority data services are allowed.
由于路由设备本身WAN连接的多样性,终端用户看到的连接类型未必就是真正的连接类型。这样就有可能会出现终端用户认为是低资费网络,但实际上是高成本网络,比如LTE(Long Term Evolution,长期演进)网络的场景。Due to the variety of WAN connections of the routing device itself, the type of connection seen by the end user is not necessarily the true connection type. As a result, there is a possibility that the end user thinks that the network is a low-cost network, but it is actually a high-cost network, such as an LTE (Long Term Evolution) network.
通过上面的描述可以看到,由于路由设备的存在和终端设备的假设,可能会出现低优先级的数据流量耗费大量的高成本网络的场景,一方面会产生不必要的高资费,另一方面可能会影响到用户正常的业务。As can be seen from the above description, due to the existence of the routing device and the assumption of the terminal device, there may be a scenario where low-priority data traffic consumes a large amount of high-cost network, and on the other hand, unnecessary high tariffs are generated. May affect the normal business of the user.
发明内容Summary of the invention
本发明实施例要解决的技术问题是,提供一种控制终端网络数据的方法、装置、路由设备及计算机存储介质,基于通信端口对网络数据流量或者接收网络数据进行灵活控制。The technical problem to be solved by the embodiments of the present invention is to provide a method, a device, a routing device, and a computer storage medium for controlling network data of a terminal, and flexibly controlling network data traffic or receiving network data based on a communication port.
本发明实施例采用的技术方案是,所述控制终端网络数据的方法,包括:The technical solution adopted by the embodiment of the present invention is that the method for controlling network data of a terminal includes:
对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;Setting a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered out;
根据所述报文过滤策略对流经所述通信端口的报文进行过滤。Packets flowing through the communication port are filtered according to the packet filtering policy.
根据一个示例性实施例,所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:目的网络地址,目的网络地址和目的端口,源网络地址,源网络地址和源端口。According to an exemplary embodiment, the feature of the message to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
根据一个示例性实施例,针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;According to an exemplary embodiment, for the message sent by the terminal, the feature of the packet to be filtered includes at least one of the following: the destination network address is a network address of the server that provides the software upgrade package, and the destination network address and The destination port is the network address and port of the server that provides the software upgrade package.
针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:源网 络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。For the packets sent by the Internet side, the characteristics of the packets to be filtered include at least one of the following: The network address is the network address of the server that provides the push information, and the source network address and source port are the network addresses and ports of the server that provides the push information.
根据一个示例性实施例,所述报文过滤策略还包括:启动过滤的条件;According to an exemplary embodiment, the message filtering policy further includes: a condition for starting filtering;
所述根据所述报文过滤策略对流经所述通信端口的报文进行过滤,包括:And filtering the packet that flows through the communication port according to the packet filtering policy, including:
在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;And the packet flowing through the communication port is filtered according to the feature of the packet that needs to be filtered;
在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
所述启动过滤的条件,包括:The conditions for starting the filtering include:
所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
本发明实施例还提供一种控制终端网络数据的装置,包括:An embodiment of the present invention further provides an apparatus for controlling network data of a terminal, including:
设置模块,设置为对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;The setting module is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered;
过滤模块,设置为根据所述报文过滤策略对流经所述通信端口的报文进行过滤。The filtering module is configured to filter the packets flowing through the communication port according to the packet filtering policy.
根据一个示例性实施例,所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:目的网络地址,目的网络地址和目的端口,源网络地址,源网络地址和源端口。According to an exemplary embodiment, the feature of the message to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
根据一个示例性实施例,针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;According to an exemplary embodiment, for the message sent by the terminal, the feature of the packet to be filtered includes at least one of the following: the destination network address is a network address of the server that provides the software upgrade package, and the destination network address and The destination port is the network address and port of the server that provides the software upgrade package.
针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:源网络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。For the packet sent by the Internet side, the feature of the packet to be filtered includes at least one of the following: the source network address is a network address of a server that provides push information, and the source network address and the source port are push information. The network address and port of the server.
根据一个示例性实施例,所述报文过滤策略还包括:启动过滤的条件;According to an exemplary embodiment, the message filtering policy further includes: a condition for starting filtering;
所述过滤模块,设置为在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;The filtering module is configured to filter, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition of the startup filtering is reached;
在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
所述启动过滤的条件包括:The conditions for starting the filtering include:
所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网; The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
本发明实施例还提供一种路由设备,包括处理器以及存储有所述处理器可执行指令的存储器,当所述指令被处理器执行时,执行如下操作:An embodiment of the present invention further provides a routing device, including a processor and a memory storing the processor executable instructions, when the instructions are executed by the processor, performing the following operations:
对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;Setting a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered out;
根据所述报文过滤策略对流经所述通信端口的报文进行过滤。Packets flowing through the communication port are filtered according to the packet filtering policy.
根据一个示例性实施例,所述报文过滤策略还包括:启动过滤的条件;According to an exemplary embodiment, the message filtering policy further includes: a condition for starting filtering;
所述处理器执行的操作还包括:在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;The operation performed by the processor further includes: filtering, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition for starting the filtering is reached;
在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
所述启动过滤的条件,包括:The conditions for starting the filtering include:
所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
本发明实施例还提供一种计算机存储介质,所述计算机存储介质中存储有计算机可执行的一个或多个程序,所述一个或多个程序被所述计算机执行时使所述计算机执行上述任意一种控制终端网络数据的方法。An embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores one or more programs executable by a computer, and when the one or more programs are executed by the computer, causing the computer to execute the foregoing A method of controlling network data of a terminal.
采用上述技术方案,本发明实施例提出的技术方案至少具有下列优点:With the above technical solution, the technical solution proposed by the embodiment of the present invention has at least the following advantages:
本发明实施例所述控制终端网络数据的方法、装置、路由设备及计算机存储介质,根据路由设备的广域网端口接入互联网的方式或者路由设备的时间和流量等信息,对低优先级的数据流量耗费大量高成本网络的情况进行控制,避免产生不必要的高资费,当路由设备的广域网端口接入互联网的方式不属于资费敏感的方式时,按照现有技术对流经相应的广域网端口或者局域网端口的报文进行正常转发,因此也不会影响到用户正常的业务。The method, the device, the routing device, and the computer storage medium for controlling network data of the terminal according to the embodiment of the present invention, and the low priority data traffic according to the manner in which the WAN port of the routing device accesses the Internet or the time and traffic of the routing device. Controlling a large number of high-cost networks to avoid unnecessary high tariffs. When the WAN port of the routing device accesses the Internet is not in a tariff-sensitive manner, it flows through the corresponding WAN port or LAN port according to the prior art. The packets are forwarded normally, so they will not affect the normal business of the user.
附图说明DRAWINGS
图1为本发明第一、二实施例的控制终端网络数据的方法流程图;1 is a flowchart of a method for controlling network data of a terminal according to first and second embodiments of the present invention;
图2为本发明第三实施例的控制终端网络数据的方法流程图;2 is a flowchart of a method for controlling network data of a terminal according to a third embodiment of the present invention;
图3为本发明第四~六实施例的控制终端网络数据的装置组成结构示意图;3 is a schematic structural diagram of a device for controlling network data of a terminal according to fourth to sixth embodiments of the present invention;
图4为本发明第八实施例的路由装置组成结构示意图;4 is a schematic structural diagram of a routing apparatus according to an eighth embodiment of the present invention;
图5为本发明第八实施例的路由装置控制软件升级数据流量的方法流程图;5 is a flowchart of a method for controlling software to upgrade data traffic by a routing device according to an eighth embodiment of the present invention;
图6为本发明第八实施例步骤3的具体流程图。 FIG. 6 is a specific flowchart of step 3 of the eighth embodiment of the present invention.
具体实施方式detailed description
为更进一步阐述本发明为达成预定目的所采取的技术手段及功效,以下结合附图及较佳实施例,对本发明进行详细说明如后。The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments.
本发明第一实施例,一种控制终端网络数据的方法,如图1所示,包括以下步骤:A first embodiment of the present invention, a method for controlling network data of a terminal, as shown in FIG. 1, includes the following steps:
步骤S101,对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征。Step S101: Set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered.
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:目的网络地址,目的网络地址和目的端口,源网络地址,源网络地址和源端口。The feature of the packet to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
步骤S102,根据所述报文过滤策略对流经所述通信端口的报文进行过滤。Step S102: Filter the packets flowing through the communication port according to the packet filtering policy.
本发明实施例基于路由设备的通信端口设置报文过滤策略,并基于端口进行的报文的过滤,可以避免现有技术对于路由设备设置一个统一的过滤策略而导致的报文过滤不灵活的缺陷。In the embodiment of the present invention, the packet filtering policy is set based on the communication port of the routing device, and the packet filtering is performed based on the port, which can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy for the routing device in the prior art. .
本发明第二实施例,一种控制终端网络数据的方法,如图1所示,包括以下步骤:A second embodiment of the present invention, a method for controlling network data of a terminal, as shown in FIG. 1, includes the following steps:
步骤S101,对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征。Step S101: Set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered.
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;终端发来的请求下载某个软件升级包的报文,经过解析可以得到其目的地址为提供软件升级包的服务器的网络地址和端口,此处,为了减少数据流量消耗,可以将该请求报文丢弃。For the packet sent by the terminal, the characteristics of the packet to be filtered include at least one of the following: the destination network address is the network address of the server providing the software upgrade package, and the destination network address and the destination port are software upgrade packages. The network address and port of the server; the request sent by the terminal to download a software upgrade package message, after parsing, the network address and port of the server whose destination address is the software upgrade package is obtained, here, in order to reduce data traffic The request packet can be discarded.
针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:源网络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。互联网侧的服务器可能主动向终端推送一个些信息,也会对终端用户造成一定的干扰,本发明实施例通过解析互联网侧发来的报文,可以得到其源地址和端口,据此可以将该推送信息类的报文丢弃。For the packet sent by the Internet side, the feature of the packet to be filtered includes at least one of the following: the source network address is a network address of a server that provides push information, and the source network address and the source port are push information. The network address and port of the server. The server on the Internet side may actively push some information to the terminal, and may also cause certain interference to the terminal user. In the embodiment of the present invention, the source address and the port may be obtained by parsing the packet sent by the Internet side. The packets of the push information class are discarded.
步骤S102,根据所述报文过滤策略对流经所述通信端口的报文进行过滤。Step S102: Filter the packets flowing through the communication port according to the packet filtering policy.
本发明实施例基于路由设备的通信端口设置报文过滤策略,在报文过滤策略中按照终端发来的报文以及互联网侧发来的报文两个方向对流经路由设备的报文进行过滤,可以避免比如软件升级包的下载等的数据流量大量耗费。且基于端口进行的报文的过滤,可以避免现有技术对于路由设备设置一个统一的过滤策略而导致的报文过滤不灵活的缺陷。In the embodiment of the present invention, the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. It can avoid a large amount of data traffic such as downloading of software upgrade packages. The filtering of the packets based on the port can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy on the routing device.
本发明第三实施例,一种控制终端网络数据的方法,如图2所示,包括以下步骤:A third embodiment of the present invention, a method for controlling network data of a terminal, as shown in FIG. 2, includes the following steps:
步骤S201,对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包 括:需要过滤掉的报文的特征和启动过滤的条件。Step S201, setting a corresponding packet filtering policy for the communication port of the routing device, and the packet filtering policy package Include: the characteristics of the message that needs to be filtered out and the conditions for starting the filtering.
根据一个示例性实施例,针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;According to an exemplary embodiment, for the message sent by the terminal, the feature of the packet to be filtered includes at least one of the following: the destination network address is a network address of the server that provides the software upgrade package, and the destination network address and The destination port is the network address and port of the server that provides the software upgrade package.
针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:源网络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。For the message sent by the Internet side, the feature of the packet to be filtered includes at least one of the following settings: the source network address is the network address of the server providing the push information, and the source network address and the source port are The network address and port of the server that provides the push information.
所述通信端口包括:广域网端口,和/或,局域网端口。The communication port includes: a wide area network port, and/or a local area network port.
所述启动过滤的条件,包括:The conditions for starting the filtering include:
所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
步骤S202,在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;In step S202, when the condition for starting the filtering is reached, the packet flowing through the communication port is filtered according to the feature of the packet that needs to be filtered;
在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
本发明实施例基于路由设备的通信端口设置报文过滤策略,在报文过滤策略中按照终端发来的报文以及互联网侧发来的报文两个方向对流经路由设备的报文进行过滤,且根据路由设备的广域网端口接入互联网的方式或者路由设备的时间和流量等信息在合适的时机启动通信端口的报文过滤策略,对低优先级的数据流量耗费大量高成本网络的情况进行控制,避免产生不必要的高资费,当路由设备的广域网端口接入互联网的方式不属于资费敏感的方式时,按照现有技术对流经相应的广域网端口或者局域网端口的报文进行正常转发,因此也不会影响到用户正常的业务。In the embodiment of the present invention, the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. And according to the way that the WAN port of the routing device accesses the Internet or the time and traffic of the routing device, the packet filtering policy of the communication port is started at an appropriate timing, and the situation that the low-priority data traffic consumes a large amount of high-cost network is controlled. To avoid unnecessary high tariffs, when the WAN port of the routing device accesses the Internet is not in a tariff-sensitive manner, the packets flowing through the corresponding WAN port or LAN port are forwarded normally according to the prior art, and thus Will not affect the normal business of the user.
本发明第四实施例,与第一实施例对应,本实施例介绍一种控制终端网络数据的装置,如图3所示,包括以下组成部分:The fourth embodiment of the present invention corresponds to the first embodiment. This embodiment introduces a device for controlling network data of a terminal. As shown in FIG. 3, the following components are included:
1)设置模块100,设置为对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;1) The setting module 100 is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered;
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:目的网络地址,目的网络地址和目的端口,源网络地址,源网络地址和源端口。The feature of the packet to be filtered includes at least one of the following settings: a destination network address, a destination network address and a destination port, a source network address, a source network address, and a source port.
2)过滤模块200,设置为根据所述报文过滤策略对流经所述通信端口的报文进行过滤。2) The filtering module 200 is configured to filter the packets flowing through the communication port according to the packet filtering policy.
本发明实施例基于路由设备的通信端口设置报文过滤策略,并基于端口进行的报文的过滤,可以避免现有技术对于路由设备设置一个统一的过滤策略而导致的报文过滤不灵活的缺陷。 In the embodiment of the present invention, the packet filtering policy is set based on the communication port of the routing device, and the packet filtering is performed based on the port, which can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy for the routing device in the prior art. .
本发明第五实施例,与第二实施例对应,本实施例介绍一种控制终端网络数据的装置,如图3所示,包括以下组成部分:The fifth embodiment of the present invention corresponds to the second embodiment. This embodiment introduces a device for controlling network data of a terminal. As shown in FIG. 3, the following components are included:
1)设置模块100,设置为对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;1) The setting module 100 is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered;
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;For the packet sent by the terminal, the characteristics of the packet to be filtered include at least one of the following: the destination network address is the network address of the server providing the software upgrade package, and the destination network address and the destination port are software upgrade packages. Network address and port of the server;
针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:源网络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。For the message sent by the Internet side, the feature of the packet to be filtered includes at least one of the following settings: the source network address is the network address of the server providing the push information, and the source network address and the source port are The network address and port of the server that provides the push information.
2)过滤模块200,设置为根据所述报文过滤策略对流经所述通信端口的报文进行过滤。2) The filtering module 200 is configured to filter the packets flowing through the communication port according to the packet filtering policy.
本发明实施例基于路由设备的通信端口设置报文过滤策略,在报文过滤策略中按照终端发来的报文以及互联网侧发来的报文两个方向对流经路由设备的报文进行过滤,可以避免比如软件升级包的下载等的数据流量大量耗费。且基于端口进行的报文的过滤,可以避免现有技术对于路由设备设置一个统一的过滤策略而导致的报文过滤不灵活的缺陷。In the embodiment of the present invention, the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. It can avoid a large amount of data traffic such as downloading of software upgrade packages. The filtering of the packets based on the port can avoid the defect that the packet filtering is inflexible due to the setting of a unified filtering policy on the routing device.
本发明第六实施例,与第三实施例对应,本实施例介绍一种控制终端网络数据的装置,如图3所示,包括以下组成部分:The sixth embodiment of the present invention corresponds to the third embodiment. This embodiment introduces a device for controlling network data of a terminal. As shown in FIG. 3, the following components are included:
1)设置模块100,设置为对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征和启动过滤的条件;1) The setting module 100 is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered and a condition for starting filtering;
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;For the packet sent by the terminal, the characteristics of the packet to be filtered include at least one of the following: the destination network address is the network address of the server providing the software upgrade package, and the destination network address and the destination port are software upgrade packages. Network address and port of the server;
针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:源网络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。For the message sent by the Internet side, the feature of the packet to be filtered includes at least one of the following settings: the source network address is the network address of the server providing the push information, and the source network address and the source port are The network address and port of the server that provides the push information.
所述启动过滤的条件,包括:The conditions for starting the filtering include:
所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
2)过滤模块200,设置为在达到所述启动过滤的条件时,根据所述需要过滤掉的报文 的特征对流经所述通信端口的报文进行过滤;2) The filtering module 200 is configured to filter the packets according to the requirements when the conditions for starting the filtering are reached. The feature filters the packets flowing through the communication port;
在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
本发明实施例基于路由设备的通信端口设置报文过滤策略,在报文过滤策略中按照终端发来的报文以及互联网侧发来的报文两个方向对流经路由设备的报文进行过滤,且根据路由设备的广域网端口接入互联网的方式或者路由设备的时间和流量等信息在合适的时机启动通信端口的报文过滤策略,对低优先级的数据流量耗费大量高成本网络的情况进行控制,避免产生不必要的高资费,当路由设备的广域网端口接入互联网的方式不属于资费敏感的方式时,按照现有技术对流经相应的广域网端口或者局域网端口的报文进行正常转发,因此也不会影响到用户正常的业务。In the embodiment of the present invention, the packet filtering policy is set based on the communication port of the routing device, and the packet flowing through the routing device is filtered in the packet filtering policy according to the packet sent by the terminal and the packet sent by the Internet. And according to the way that the WAN port of the routing device accesses the Internet or the time and traffic of the routing device, the packet filtering policy of the communication port is started at an appropriate timing, and the situation that the low-priority data traffic consumes a large amount of high-cost network is controlled. To avoid unnecessary high tariffs, when the WAN port of the routing device accesses the Internet is not in a tariff-sensitive manner, the packets flowing through the corresponding WAN port or LAN port are forwarded normally according to the prior art, and thus Will not affect the normal business of the user.
本发明第七实施例,一种路由设备,可以作为实体装置来理解,该路由设备包括处理器以及存储有所述处理器可执行指令的存储器,当所述指令被处理器执行时,执行如下操作:A seventh embodiment of the present invention is a routing device that can be understood as a physical device. The routing device includes a processor and a memory storing executable instructions of the processor. When the instruction is executed by the processor, the execution is as follows. operating:
对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;Setting a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered out;
根据所述报文过滤策略对流经所述通信端口的报文进行过滤。Packets flowing through the communication port are filtered according to the packet filtering policy.
根据一个示例性实施例,所述报文过滤策略还包括:启动过滤的条件;According to an exemplary embodiment, the message filtering policy further includes: a condition for starting filtering;
所述处理器执行的操作还包括:在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;The operation performed by the processor further includes: filtering, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition for starting the filtering is reached;
在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
根据一个示例性实施例,所述通信端口包括:广域网端口,和/或,局域网端口;According to an exemplary embodiment, the communication port comprises: a wide area network port, and/or a local area network port;
所述启动过滤的条件,包括:The conditions for starting the filtering include:
所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
本发明第八实施例,本实施例是在上述实施例的基础上,结合附图4~6介绍一个本发明的应用实例。The eighth embodiment of the present invention is based on the above embodiments, and an application example of the present invention is described with reference to Figs.
本发明实施例的控制终端网络数据的系统,包括:移动终端装置和路由装置,移动终端装置类似于前述实施例的终端,路由装置类似于前述实施例的路由设备。其中,如图4所示,路由装置包括:通信模块201、报文定义配置模块202、报文过滤开关模块203、报文过滤模块204。通信模块201包括支持LAN(Local Area Network,局域网)侧通信的LAN端口和支持WAN侧通信的WAN端口,包括有线通信和无线通信;报文定义配置模块202设置为生成软件升级包的特征,可以是提供软件升级包的服务器的域名,也可以是提供软件升级包的服务器的IP地址以及端口的组合; A system for controlling network data of a terminal according to an embodiment of the present invention includes: a mobile terminal device and a routing device, the mobile terminal device is similar to the terminal of the foregoing embodiment, and the routing device is similar to the routing device of the foregoing embodiment. As shown in FIG. 4, the routing device includes: a communication module 201, a message definition configuration module 202, a packet filtering switch module 203, and a message filtering module 204. The communication module 201 includes a LAN port supporting LAN (Local Area Network) side communication and a WAN port supporting WAN side communication, including wired communication and wireless communication; and the message definition configuration module 202 is configured to generate a software upgrade package feature, which may Is the domain name of the server that provides the software upgrade package, or the IP address of the server that provides the software upgrade package and the combination of ports;
报文过滤开关模块203设置为控制报文过滤模块204是否启用,是否启用可能随着WAN口的不同状态而变化,也可以随着时间的变化、流量使用情况而变化;报文过滤模块204设置为对符合条件的报文识别出来并丢弃。The packet filtering module 203 is configured to control whether the packet filtering module 204 is enabled, whether the enabling may change with different states of the WAN port, or may change with time and traffic usage; the packet filtering module 204 is configured. Identify and discard eligible messages.
各种WAN端口主要用于Internet的交互,其接入互联网的方式包括:有线、蜂窝移动通信、WLAN等。Various WAN ports are mainly used for Internet interaction, and the ways of accessing the Internet include: wired, cellular mobile communication, WLAN, and the like.
LAN端口用于移动终端装置接入到路由装置中,LAN端口与移动终端装置的各种连接方式包括:有线、WLAN、蓝牙、Zigbee等。The LAN port is used for the mobile terminal device to access the routing device, and various connection modes of the LAN port and the mobile terminal device include: wired, WLAN, Bluetooth, Zigbee, and the like.
报文定义配置模块202设置为软件升级包的特征生成,该特征包括:域名、IP地址、端口等。The message definition configuration module 202 is configured to generate a feature of the software upgrade package, and the features include: a domain name, an IP address, a port, and the like.
报文过滤模块204设置为识别出符合特征的报文并丢弃。The message filtering module 204 is configured to identify the packets that meet the characteristics and discard them.
报文过滤开关模块203设置为基于当前WAN端口接入互联网的方式启动/停止报文过滤模块204。The message filtering switch module 203 is configured to start/stop the message filtering module 204 based on the current WAN port accessing the Internet.
本发明实施例还描述了一种路由装置控制软件升级数据流量的方法。用户在使用前必须使终端开机,同时路由装置开机,并且将路由装置连接到Internet网络上,如图5所示,后续的控制流程,包括:Embodiments of the present invention also describe a method for routing device control software to upgrade data traffic. Before the user can use the terminal, the terminal must be powered on, and the routing device is powered on, and the routing device is connected to the Internet. As shown in FIG. 5, the subsequent control processes include:
步骤1:对路由装置的WAN端口配置报文过滤策略,该策略包括:请求软件升级包的报文的特征,可以是依据报文的目的网络地址是否为提供软件升级包的服务器的域名、IP地址、端口等。Step 1: Configure a packet filtering policy for the WAN port of the routing device. The policy includes: the feature of the packet requesting the software upgrade packet, which may be based on whether the destination network address of the packet is the domain name and IP of the server that provides the software upgrade package. Address, port, etc.
步骤2:对路由装置的WAN端口配置启动报文过滤条件,主要是将WAN端口接入互联网的方式是否符合设定的接入方式作为是否启动报文过滤的条件,也可以包括一些其他的条件,比如特定时间段等;Step 2: Configure the start packet filtering condition for the WAN port of the routing device. The main reason is whether the WAN port accesses the Internet according to the set access mode as the condition for starting packet filtering, and may also include some other conditions. , such as a specific time period, etc.;
步骤3:路由装置基于请求软件升级包的报文的特征和所述报文过滤条件对该WAN端口的报文进行处理。因此,路由装置可以动态的控制低优先级的非期望数据流了。Step 3: The routing device processes the packet of the WAN port based on the feature of the packet requesting the software upgrade package and the packet filtering condition. Therefore, the routing device can dynamically control the low priority undesired data stream.
本实施例提供的是升级包数据控制的过程,因此步骤1、2都是在路由装置正常运行后进行的。由于路由装置需要通过特定UI进行(包括但不限于WEB UI、device UI等),所以需要路由装置的UI系统也正常运行。如果需要通过远程更新,则需要Internet工作正常。步骤3是对移动终端装置的报文进行处理的过程,移动终端装置可以是任意支持IP协议栈的移动终端装置。This embodiment provides a process for upgrading package data control, so steps 1 and 2 are performed after the routing device operates normally. Since the routing device needs to be performed through a specific UI (including but not limited to WEB UI, device UI, etc.), the UI system of the routing device is also required to operate normally. If you need to remotely update, you need the Internet to work properly. Step 3 is a process of processing a message of the mobile terminal device, and the mobile terminal device may be any mobile terminal device supporting the IP protocol stack.
本实施例中的报文定义配置模块202可以采用用户本地手动配置的方式,也可以基于特定应用采用基于互联网的数据库远程下载方式,简化整个配置过程。报文过滤开关模块203主要是基于WAN端口的特性而实现,报文过滤开关模块203的功能或者步骤3的具体流程如图6所示:The message definition configuration module 202 in this embodiment may adopt a local manual configuration mode of the user, or may adopt an Internet-based database remote download mode based on a specific application, thereby simplifying the entire configuration process. The message filtering switch module 203 is mainly implemented based on the characteristics of the WAN port. The function of the packet filtering switch module 203 or the specific process of step 3 is as shown in FIG. 6:
步骤11,判断WAN端口接入互联网的方式是否发生改变,若是,则执行步骤12,否则按照现有技术对WAN端口的报文进行转发,重复执行步骤11。Step 11: Determine whether the manner in which the WAN port accesses the Internet changes. If yes, perform step 12; otherwise, forward the packet of the WAN port according to the prior art, and repeat step 11.
步骤12,判断改变后的WAN端口接入互联网的方式是否符合设定的接入方式,若是, 则执行步骤13,否则跳转步骤11。Step 12: Determine whether the changed WAN port accesses the Internet according to the set access mode, and if so, Then go to step 13, otherwise go to step 11.
步骤13,判断该WAN端口是否有对应的报文过滤策略,若是,则执行步骤14,否则跳转步骤11。Step 13: Determine whether the WAN port has a corresponding packet filtering policy. If yes, go to step 14, otherwise go to step 11.
步骤14,根据报文过滤策略对流经该WAN端口的报文进行过滤,跳转步骤11。Step 14: Filter the packet flowing through the WAN port according to the packet filtering policy, and go to step 11.
路由装置的WAN端口接入互联网的方式会随着网络状态的变化而改变。一旦WAN端口接入互联网的方式发生变化,会首先检查该WAN端口是否配置有报文过滤策略。如果有,则激活该WAN端口对应的报文过滤策略,激活该WAN端口的协议栈中的相关流程,由协议栈执行期望的报文过滤操作。The way the router's WAN port accesses the Internet changes as the state of the network changes. Once the way the WAN port is connected to the Internet changes, the WAN port is first checked for a packet filtering policy. If yes, activate the packet filtering policy corresponding to the WAN port, activate the related process in the protocol stack of the WAN port, and perform the desired packet filtering operation by the protocol stack.
本发明第九实施例,本实施例的路由设备对报文过滤的方法的流程与第一、二或三实施例相同,区别在于,在工程实现上,本实施例可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明实施例的所述方法可以以计算机软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台设备(可以是路由设备等)执行本发明实施例所述的方法。In the ninth embodiment of the present invention, the flow of the packet filtering method of the routing device in this embodiment is the same as that in the first, second or third embodiment. The difference is that in engineering implementation, the embodiment can be added by software. The way the hardware platform is implemented, of course, can also be through hardware, but in many cases the former is a better implementation. Based on such understanding, the method of the embodiments of the present invention may be embodied in the form of a computer software product stored in a storage medium (such as a ROM/RAM, a magnetic disk, an optical disk), including a plurality of instructions. A device (which may be a routing device, etc.) is caused to perform the method described in the embodiments of the present invention.
通过具体实施方式的说明,应当可对本发明为达成预定目的所采取的技术手段及功效得以更加深入且具体的了解,然而所附图示仅是提供参考与说明之用,并非用来对本发明加以限制。The technical means and functions of the present invention for achieving the intended purpose can be more deeply and specifically understood by the description of the specific embodiments. However, the accompanying drawings are only for the purpose of illustration and description, and are not intended to limit.
工业实用性Industrial applicability
本发明实施例提供的技术方案可以应用于网络技术领域。在本发明实施例提供的技术方案中,根据路由设备的广域网端口接入互联网的方式或者路由设备的时间和流量等信息,对低优先级的数据流量耗费大量高成本网络的情况进行控制,避免产生不必要的高资费,当路由设备的广域网端口接入互联网的方式不属于资费敏感的方式时,按照现有技术对流经相应的广域网端口或者局域网端口的报文进行正常转发,因此也不会影响到用户正常的业务。 The technical solutions provided by the embodiments of the present invention can be applied to the field of network technologies. In the technical solution provided by the embodiment of the present invention, according to the manner in which the WAN port of the routing device accesses the Internet or the time and traffic of the routing device, the low-priority data traffic is controlled by a large number of high-cost networks, thereby avoiding When the WAN port of the routing device accesses the Internet is not in a tariff-sensitive manner, the packets flowing through the corresponding WAN port or LAN port are forwarded normally according to the prior art, and therefore will not be Affect the normal business of the user.

Claims (14)

  1. 一种控制终端网络数据的方法,包括:A method for controlling network data of a terminal, comprising:
    对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;Setting a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered out;
    根据所述报文过滤策略对流经所述通信端口的报文进行过滤。Packets flowing through the communication port are filtered according to the packet filtering policy.
  2. 根据权利要求1所述的控制终端网络数据的方法,其中,所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:目的网络地址,目的网络地址和目的端口,源网络地址,源网络地址和源端口。The method for controlling network data of a terminal according to claim 1, wherein the feature of the packet to be filtered includes at least one of the following settings: a destination network address, a destination network address, and a destination port, and a source network. Address, source network address, and source port.
  3. 根据权利要求2所述的控制终端网络数据的方法,其中,针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;The method for controlling network data of a terminal according to claim 2, wherein, for the packet sent by the terminal, the feature of the packet to be filtered includes at least one of the following: the destination network address is a software upgrade package. The server's network address, destination network address, and destination port are the network addresses and ports of the server that provides the software upgrade package.
    针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:源网络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。For the packet sent by the Internet side, the feature of the packet to be filtered includes at least one of the following: the source network address is a network address of a server that provides push information, and the source network address and the source port are push information. The network address and port of the server.
  4. 根据权利要求1所述的控制终端网络数据的方法,其中,所述报文过滤策略,还包括:启动过滤的条件;The method for controlling network data of a terminal according to claim 1, wherein the packet filtering policy further includes: a condition for starting filtering;
    所述根据所述报文过滤策略对流经所述通信端口的报文进行过滤,包括:And filtering the packet that flows through the communication port according to the packet filtering policy, including:
    在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;And the packet flowing through the communication port is filtered according to the feature of the packet that needs to be filtered;
    在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
  5. 根据权利要求4所述的控制终端网络数据的方法,其中,所述通信端口包括:广域网端口,和/或,局域网端口;The method of controlling network data of a terminal according to claim 4, wherein said communication port comprises: a wide area network port, and/or a local area network port;
    所述启动过滤的条件,包括:The conditions for starting the filtering include:
    所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过无线局域网络WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN mode of the wireless local area network, accessing the Internet through the wired mode, and passing through the cellular Mobile communication network access to the Internet;
    或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
    或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
  6. 一种控制终端网络数据的装置,包括:An apparatus for controlling network data of a terminal, comprising:
    设置模块,设置为对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;The setting module is configured to set a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered;
    过滤模块,设置为根据所述报文过滤策略对流经所述通信端口的报文进行过滤。The filtering module is configured to filter the packets flowing through the communication port according to the packet filtering policy.
  7. 根据权利要求6所述的控制终端网络数据的装置,其中,所述需要过滤掉的报文的特征,至少包括以下设定的内容之一:目的网络地址,目的网络地址和目的 端口,源网络地址,源网络地址和源端口。The device for controlling network data of a terminal according to claim 6, wherein the feature of the packet to be filtered includes at least one of the following settings: a destination network address, a destination network address, and a destination. Port, source network address, source network address, and source port.
  8. 根据权利要求7所述的控制终端网络数据的装置,其中,针对终端发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:目的网络地址为提供软件升级包的服务器的网络地址,目的网络地址和目的端口为提供软件升级包的服务器的网络地址和端口;The device for controlling network data of a terminal according to claim 7, wherein, for the packet sent by the terminal, the feature of the packet to be filtered includes at least one of the following: the destination network address is a software upgrade package. The server's network address, destination network address, and destination port are the network addresses and ports of the server that provides the software upgrade package.
    针对互联网侧发来的报文,所述需要过滤掉的报文的特征,至少包括以下之一:源网络地址为提供推送信息的服务器的网络地址,源网络地址和源端口为提供推送信息的服务器的网络地址和端口。For the packet sent by the Internet side, the feature of the packet to be filtered includes at least one of the following: the source network address is a network address of a server that provides push information, and the source network address and the source port are push information. The network address and port of the server.
  9. 根据权利要求6所述的控制终端网络数据的装置,其中,所述报文过滤策略,还包括:启动过滤的条件;The apparatus for controlling network data of a terminal according to claim 6, wherein the packet filtering policy further includes: a condition for starting filtering;
    所述过滤模块,设置为在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;The filtering module is configured to filter, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition of the startup filtering is reached;
    在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
  10. 根据权利要求9所述的控制终端网络数据的装置,其中,所述通信端口包括:广域网端口,和/或,局域网端口;The apparatus for controlling network data of a terminal according to claim 9, wherein the communication port comprises: a wide area network port, and/or a local area network port;
    所述启动过滤的条件,包括:The conditions for starting the filtering include:
    所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is selected from at least the following methods: accessing the Internet through the WLAN, accessing the Internet through the wired mode, and using the cellular mobile communication network. Way to access the Internet;
    或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
    或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
  11. 一种路由设备,包括处理器以及存储有所述处理器可执行指令的存储器,当所述指令被处理器执行时,执行如下操作:A routing device includes a processor and a memory storing the processor-executable instructions, when the instructions are executed by the processor, performing the following operations:
    对路由设备的通信端口设置相应的报文过滤策略,所述报文过滤策略包括:需要过滤掉的报文的特征;Setting a corresponding packet filtering policy for the communication port of the routing device, where the packet filtering policy includes: a feature of the packet to be filtered out;
    根据所述报文过滤策略对流经所述通信端口的报文进行过滤。Packets flowing through the communication port are filtered according to the packet filtering policy.
  12. 根据权利要求11所述的路由设备,其中,所述报文过滤策略,还包括:启动过滤的条件;The routing device according to claim 11, wherein the packet filtering policy further includes: a condition for starting filtering;
    所述处理器执行的操作还包括:在达到所述启动过滤的条件时,根据所述需要过滤掉的报文的特征对流经所述通信端口的报文进行过滤;The operation performed by the processor further includes: filtering, according to the feature of the packet that needs to be filtered, the packet flowing through the communication port, when the condition for starting the filtering is reached;
    在不满足所述启动过滤的条件时,对流经所述通信端口的报文进行转发。When the condition for starting the filtering is not satisfied, the packet flowing through the communication port is forwarded.
  13. 根据权利要求12所述的路由设备,其中,所述处理器执行的操作还包括:所述通信端口包括:广域网端口,和/或,局域网端口;The routing device according to claim 12, wherein the operation performed by the processor further comprises: the communication port comprises: a wide area network port, and/or a local area network port;
    所述启动过滤的条件,包括:The conditions for starting the filtering include:
    所述广域网端口接入互联网的方式与设定的接入方式相符,设定的接入方式从 至少以下方式中选取:通过WLAN方式接入互联网、通过有线方式接入互联网、通过蜂窝移动通信网络方式接入互联网;The manner in which the WAN port accesses the Internet is consistent with the set access mode, and the set access mode is At least the following methods are selected: accessing the Internet through a WLAN, accessing the Internet through a wired connection, and accessing the Internet through a cellular mobile communication network;
    或者,路由设备进入设定的时间段;Or, the routing device enters the set time period;
    或者,路由设备使用的数据流量超过设定的流量阈值。Or, the data traffic used by the routing device exceeds the set traffic threshold.
  14. 一种计算机存储介质,所述计算机存储介质中存储有计算机可执行的一个或多个程序,所述一个或多个程序被所述计算机执行时使所述计算机执行如根据权利要求1-5中任一项所述的控制终端网络数据的方法。 A computer storage medium having stored therein one or more programs executable by a computer, the one or more programs being executed by the computer to cause the computer to perform as in claims 1-5 A method of controlling network data of a terminal as described in any one of the preceding claims.
PCT/CN2017/111762 2016-11-21 2017-11-18 Method and apparatus for controlling terminal network data, and routing device WO2018090988A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611026501.2A CN108092916A (en) 2016-11-21 2016-11-21 A kind of method, apparatus and routing device of control terminal network data
CN201611026501.2 2016-11-21

Publications (1)

Publication Number Publication Date
WO2018090988A1 true WO2018090988A1 (en) 2018-05-24

Family

ID=62145911

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/111762 WO2018090988A1 (en) 2016-11-21 2017-11-18 Method and apparatus for controlling terminal network data, and routing device

Country Status (2)

Country Link
CN (1) CN108092916A (en)
WO (1) WO2018090988A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110661722B (en) * 2019-09-09 2022-07-22 新华三信息安全技术有限公司 Flow control method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101005458A (en) * 2007-01-30 2007-07-25 华为技术有限公司 Method, device and system for down sending route
CN101155175A (en) * 2006-09-27 2008-04-02 华为技术有限公司 Method and device for routing filter based on BGP protocol
US20100132031A1 (en) * 2007-09-27 2010-05-27 Huawei Technologies Co., Ltd. Method, system, and device for filtering packets
CN103532872A (en) * 2012-07-03 2014-01-22 杭州华三通信技术有限公司 Method for reducing link state packet flooding and router
CN103561001A (en) * 2013-10-21 2014-02-05 华为技术有限公司 Safety protection method and routing device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090178131A1 (en) * 2008-01-08 2009-07-09 Microsoft Corporation Globally distributed infrastructure for secure content management
CN105307235B (en) * 2015-09-22 2019-03-22 Oppo广东移动通信有限公司 A kind of hot spot sharing method, device and system
CN105577573B (en) * 2015-12-31 2020-03-24 联想(北京)有限公司 Information processing method and electronic equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101155175A (en) * 2006-09-27 2008-04-02 华为技术有限公司 Method and device for routing filter based on BGP protocol
CN101005458A (en) * 2007-01-30 2007-07-25 华为技术有限公司 Method, device and system for down sending route
US20100132031A1 (en) * 2007-09-27 2010-05-27 Huawei Technologies Co., Ltd. Method, system, and device for filtering packets
CN103532872A (en) * 2012-07-03 2014-01-22 杭州华三通信技术有限公司 Method for reducing link state packet flooding and router
CN103561001A (en) * 2013-10-21 2014-02-05 华为技术有限公司 Safety protection method and routing device

Also Published As

Publication number Publication date
CN108092916A (en) 2018-05-29

Similar Documents

Publication Publication Date Title
US10367728B2 (en) Methods for forwarding rule hopping based secure communications
JP6509219B2 (en) Methods, systems, and computer readable media for Diameter routing using software defined network (SDN) functionality
US9730156B1 (en) System and method for providing power saving mode enhancements in a network environment
US9479443B2 (en) System and method for transporting information to services in a network environment
US9379931B2 (en) System and method for transporting information to services in a network environment
KR100950840B1 (en) Modular network-assisted policy resolution
US8607304B2 (en) System and method for policy-enabled mobile service gateway
JP2018530193A (en) Mobile core network service exposure for user equipment
RU2744809C2 (en) Method carried out in device capable of connecting to subscriber equipment of first-type network, corresponding device
CN114073043B (en) Method and device for managing Ethernet bridge ports
WO2014119715A1 (en) Communication terminal, communication method, program, communication system, and information processing apparatus
US10979349B2 (en) Methods and apparatuses for flexible mobile steering in cellular networks
US9699725B1 (en) System and method for providing power saving mode enhancements in a network environment
WO2018090988A1 (en) Method and apparatus for controlling terminal network data, and routing device
JP6377837B2 (en) Method for establishing OTA session between terminal and OTA server, corresponding OTA server and reverse proxy server
EP3440810B1 (en) Quality of service (qos) support for tactile traffic
WO2014205647A1 (en) Forwarding node, control node and processing method for forwarding node
US10382274B2 (en) System and method for wide area zero-configuration network auto configuration
US20170155543A1 (en) Control apparatus, communication system, and control method
US11924752B2 (en) Device onboarding using cellular data services directory
WO2013116978A1 (en) Method, device and system for processing user resource request
CN109104370B (en) Real-time refreshing method and system for prefix list
CN108667879B (en) Data service session binding method, routing equipment and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17871728

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17871728

Country of ref document: EP

Kind code of ref document: A1