WO2018099342A1 - Method and device for saving power of terminal on the basis of network access control - Google Patents

Method and device for saving power of terminal on the basis of network access control Download PDF

Info

Publication number
WO2018099342A1
WO2018099342A1 PCT/CN2017/113065 CN2017113065W WO2018099342A1 WO 2018099342 A1 WO2018099342 A1 WO 2018099342A1 CN 2017113065 W CN2017113065 W CN 2017113065W WO 2018099342 A1 WO2018099342 A1 WO 2018099342A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
data packet
network interface
terminal
network data
Prior art date
Application number
PCT/CN2017/113065
Other languages
French (fr)
Chinese (zh)
Inventor
孔令坤
余红波
Original Assignee
腾讯科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 腾讯科技(深圳)有限公司 filed Critical 腾讯科技(深圳)有限公司
Publication of WO2018099342A1 publication Critical patent/WO2018099342A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72454User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions according to context-related or environment-related conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0225Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal
    • H04W52/0235Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal where the received signal is a power saving command
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72463User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions to restrict the functionality of the device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0251Power saving arrangements in terminal devices using monitoring of local events, e.g. events related to user activity
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Definitions

  • the present application relates to the field of computer technologies, and in particular, to a method for saving power by a terminal based on network access control and a device for saving power by a terminal based on network access control.
  • the largest power consumption applications include CPU (Central Processing Unit), screen and data traffic.
  • CPU Central Processing Unit
  • the increase in power consumption of various types of applications of terminal equipment may not only directly reduce the standby time of the terminal equipment, but also may cause the terminal equipment to be charged and discharged repeatedly, which may affect the terminal to a certain extent.
  • the service life of the device therefore, the power saving of the terminal application has become a direction of terminal application development.
  • the embodiment of the present application provides a method for saving power by a terminal based on network access control and a device for saving power based on network access control, so as to achieve power saving and extend the service life of the terminal.
  • a method for saving power by a terminal based on network access control comprising the steps of:
  • a device for saving power based on network access control comprising:
  • a virtual interface creation module configured to receive a power-saving application opening instruction, and create a virtual network interface
  • a terminal data routing module configured to route the first network data packet of the application that meets the preset condition to the virtual network interface, so that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal .
  • a method for saving power by a terminal based on network access control is used on a terminal, the terminal includes a processor and a memory, and the method includes the steps of:
  • the first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  • a non-volatile storage medium having stored therein computer readable instructions executable by a processor to perform the following operations:
  • the first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  • FIG. 1 is a schematic diagram of an application environment of an embodiment of the present application in an embodiment
  • FIG. 2 is a schematic structural diagram of a terminal in an embodiment
  • FIG. 3 is a schematic flowchart of a method for saving power of a terminal based on network access control in an embodiment
  • FIG. 4 is a schematic flowchart of a method for saving power of a terminal based on network access control in a specific application example
  • FIG. 5 is a block diagram showing a transmission of a data stream of the method of the specific application example shown in FIG. 3;
  • FIG. 6 is a schematic flowchart of a method for saving power of a terminal based on network access control in another specific application example
  • FIG. 7 is a block diagram showing a transmission of a data stream of the method of the specific application example shown in FIG. 6;
  • FIG. 8 is a schematic structural diagram of an apparatus for saving power according to a network access control in an embodiment
  • FIG. 9 is a schematic structural diagram of an apparatus for saving power of a terminal based on network access control in a specific application example
  • FIG. 10 is a schematic diagram showing the logical relationship between modules of the apparatus of the specific application example shown in FIG. 9;
  • FIG. 11 is a schematic structural diagram of an apparatus for saving power based on a network access control in another specific application example
  • FIG. 12 is a schematic diagram showing the logical relationship between modules of the apparatus of the specific application example shown in FIG.
  • the power-saving application for the terminal device basically lists the system setting items related to power saving (such as sound size, Wifi switch, mobile network switch, screen brightness, automatic screen-off time, etc.) for the user to set. .
  • the corresponding setting items are mainly changed by calling the provided interface of the system. For example, in the case of the Android system, the setWifiEnabled() function provided by the WifiManager is called when the Wifi is closed/opened; the setMobileDataEnabled() function in the ConnectivityManager is called when the mobile data is closed/opened.
  • FIG. 1 is a schematic diagram of a working environment in an embodiment of the present application.
  • the working environment relates to the terminal 101 and the network server 100.
  • the terminal 101 and the network server 100 can enter through the network. Line communication.
  • the terminal 101 communicates with the network server 100 via the network, the terminal 101 needs to transmit its data packet to the network through its own physical network interface, thereby reaching each network server 100 or other terminal 101.
  • the network data packet of the application that meets the condition is routed to the virtual network interface, so that the physical network interface of the terminal 101 cannot be reached, and the network server 100 or other network cannot be reached.
  • the terminal 101 implements control of the application access network, that is, filters out unnecessary network traffic through the virtual network interface, and restricts unnecessary network access, thereby achieving the purpose of saving power and extending the service life of the terminal.
  • the terminal 101 includes a processor, a storage medium, a communication interface, a power interface, and a memory connected through a system bus.
  • the storage medium of the terminal 101 stores a device for saving power based on the network access control, and the device is used to implement a method for saving power by the terminal based on the network access control.
  • the communication interface of the terminal 101 is used to connect and communicate with the network server 100 or other network terminal 101, and the power interface of the terminal 101 is used for connection with an external power source through which the external power source supplies power to the terminal 101.
  • the terminal 101 can be any device capable of implementing intelligent input and output, such as a mobile terminal, such as a mobile phone, a tablet computer, etc., or other devices having the above structure.
  • FIG. 3 is a schematic flowchart of a method for saving power by a network access control based terminal in an embodiment. As shown in FIG. 3, the method in this embodiment includes:
  • Step S301 Create a virtual network interface when receiving a power-saving application open command
  • Step S302 The network data packet of the application that meets the preset condition is used. (In order to distinguish the data packet that is received from the network, the network data packet that needs to be sent to the network in the embodiment of the present application is referred to as the first network data. The packet is routed to the virtual network interface such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  • the terminal when receiving the power-saving application open command, the terminal creates a virtual network interface, and routes the first network data packet of the application that meets the preset condition to the virtual network interface, because the network virtual interface does not correspond to any real The physical network card, so the operation of the virtual network interface does not generate data transmission in the real physical network, so that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal, thereby passing through the virtual network.
  • Interface filters out unnecessary network flows The amount, limit non-essential network access, achieves the purpose of saving power and extending the life of the terminal.
  • the first network data packet of the application that meets the preset condition is routed to the pre-created virtual network interface, so that when the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal, It can be done in any way possible.
  • the first network data packet of the application satisfying the preset condition described above may be routed to the virtual network interface, and the first network data packet of other applications is directly routed to the physical network interface.
  • the first network data packet of all applications may be routed to the virtual network interface, and when the application is an application that meets the preset condition, the first network data packet is not further processed or directly If the application is not an application that meets the preset condition, the first network data packet that is routed to the virtual network interface is forwarded to the physical network interface to implement network access of the normal application.
  • FIG. 4 is a schematic flowchart diagram of a method for saving power of a network access control-based terminal in a specific application example, where the first network packet of the application satisfying the preset condition is routed to a virtual network.
  • the interface, while the network packets of other applications are directly routed to the physical network interface of the terminal as an example.
  • the method for saving power of a network access control based terminal in the specific application example includes the following steps:
  • Step S401 Receive a power-saving application open command, and create a virtual network interface of the terminal;
  • Step S402 setting an application of a preset condition
  • Step S403 When detecting that the application has the first network data packet sent to the network, analyzing whether the application to which the first network data packet belongs is an application of the preset condition, if not, proceeding to step S404, and if yes, proceeding to the step S405;
  • Step S404 Routing the first network data packet of the application to the physical network interface of the terminal, so that the first network data packet can be sent to the network through the physical network interface;
  • Step S405 Routing the first network data packet of the application to the created virtual network interface, so that the first network data packet cannot reach the physical network interface and cannot be sent to the network.
  • the terminal will use the first network number of the application that meets the preset condition.
  • the traffic interception is realized, thereby achieving the effect of saving power and extending the duration of the terminal, and the first network packet for the application that does not meet the preset condition can be normally routed to Physical network interface for normal network access.
  • the physical network interface is an abstraction of the real physical network card, and the terminal can read and send data in the network by performing read and write operations on the physical network interface
  • the virtual network interface is an abstraction of the virtual network card, and is not Corresponding to any real physical network card, the terminal's read and write operations on this virtual network interface will not generate data transmission in the real physical network. Based on this performance of the virtual network interface, any of the possible ways can be used when creating the virtual network interface as described above.
  • the application of setting the preset condition may be performed in any possible manner.
  • the application running in the background may be determined to be an application that meets the preset condition, and only the first network packet of the foreground application can be routed to Physical network interface.
  • the foreground application can be an application to which the content displayed on the current user interface of the terminal belongs.
  • the background application can be an application that is not displayed but still working on the current interface.
  • other methods can be used to determine the application of the preset condition.
  • the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set.
  • the foregoing application that meets the preset condition includes: an application that does not belong to the preset white list.
  • the first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
  • a global mode (Aggressive Mode ()) may be set, and in the global mode, the foreground application of the terminal may be performed. Monitoring, and automatically allowing network access to the foreground application, ie the first network packet of the foreground application will be routed to the physical network interface of the terminal, regardless of whether the foreground application is not in the whitelist. That is, the above application that satisfies the preset condition includes: not the current foreground application of the terminal.
  • the non-whitelist application when used by the terminal When a user opens a non-whitelist application, the non-whitelist application will become a foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized, and the power saving effect can be maximized.
  • the global mode can be determined by the end user whether to open, for example, a global mode control can be set, and the terminal user can issue an instruction to open the global mode through the global mode control.
  • the global mode is turned on as an example.
  • Android 5.0 and above can use the addDisallowedApplication() method in the VpnService.Builder class to set the data packets that do not allow whitelists and foreground applications to enter the virtual network interface, so the whitelist and foreground application data will enter.
  • Real network interface which enables sub-applications to intercept. Therefore, for Android 5.0 and above of the Android system, for example, in the process of creating a virtual network interface, setting a data packet that does not allow the whitelist and the foreground application to enter the virtual network interface may be set.
  • the specific process of creating a virtual network interface can be as follows:
  • the network address can be an arbitrary legal IP address.
  • the routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
  • a whitelist setting information is monitored (ie, when the whitelist changes), or when the current foreground application of the terminal is changed, a new virtual network interface is created, and the new virtual network interface is used.
  • a new virtual network interface covers the virtual network interface.
  • FIG. 5 is a block diagram showing the transmission of data streams based on the method of the specific application example shown in FIG. 4.
  • network packets are directly routed to the physical network interface. Thereby sent to the network, and for non-whitelisted applications and non-foreground applications, their network data The packet is routed to the virtual network interface to enable interception of the first network packet for non-whitelisted applications and non-foreground applications.
  • FIG. 6 is a schematic flowchart diagram of a method for saving power of a network access control-based terminal in another specific application example, where the specific example is to route the first network data packet of all applications to the virtual network interface. Be explained.
  • the method for saving power of a network access control based terminal in the specific application example includes the following steps:
  • Step S601 Receive a power-saving application open command, and create a virtual network interface of the terminal;
  • Step S602 setting an application of a preset condition
  • Step S603 When the application has the first network data packet sent to the network, routing the application to the created virtual network interface;
  • Step S604 Parsing a first network data packet that is routed to the virtual network interface, and determining an application to which the first network data packet belongs;
  • Step S605 Combining the application of the preset condition set above, determining whether the application to which the first network data packet belongs is the application of the preset condition, if not, proceeding to step S606, and if yes, proceeding to step S607;
  • Step S606 Forwarding the first network data packet routed to the virtual network interface to the physical network interface of the terminal, so that the first network data packet can be sent to the network through the physical network interface;
  • Step S607 No further processing is performed on the first network data packet routed to the virtual network interface, or the first network data packet is directly discarded, so that the first network data packet cannot reach the physical network interface, and cannot be sent to the network. .
  • the terminal after receiving the power-saving application opening instruction, the terminal, after creating the virtual network interface, routes the first network data packet of all applications to the created virtual network interface, and then the first The network data packet is analyzed, and when the application to which the first network data packet belongs belongs to the foregoing preset condition, the first network data packet is not further processed to implement traffic interception, thereby achieving power saving and extending terminal use.
  • the effect of the duration, and for the first network packet of the application that does not meet the preset condition can be forwarded to the physical network interface to achieve normal network access.
  • the foregoing manner of routing the first network data packet of the application that meets the preset condition to the pre-created virtual network interface includes: routing the first network data packet of each application of the terminal to the virtual network interface, the application of the terminal Including the application that meets the preset condition;
  • the method for making the first network data packet of the application that meets the preset condition fail to reach the physical network interface of the terminal includes: analyzing the first network data packet, and determining an application to which the first network data packet belongs.
  • the application to which the first network data packet belongs is an application that meets the preset condition
  • the first network data packet is not further processed or the first network data packet is discarded, so that the first network data packet is Unable to reach the physical network interface of the terminal.
  • the first network data packet may be forwarded to a physical network interface of the terminal.
  • the physical network interface is an abstraction of the real physical network card, and the terminal can read and send data in the network by performing read and write operations on the physical network interface
  • the virtual network interface is an abstraction of the virtual network card, and is not Corresponding to any real physical network card, the terminal's read and write operations on this virtual network interface will not generate data transmission in the real physical network. Based on this performance of the virtual network interface, any of the possible ways can be used when creating the virtual network interface as described above.
  • the application of setting the preset condition may be performed in any possible manner.
  • the application running in the background may be determined to be an application that meets the preset condition, and only the first network packet of the foreground application can be routed to Physical network interface.
  • the application running in the background may be determined to be an application that meets the preset condition, and only the first network packet of the foreground application can be routed to Physical network interface.
  • other methods can be used to determine the application of the preset condition.
  • the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set.
  • the above applications that meet the preset conditions include: applications that are not in the preset white list.
  • the first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
  • a global mode (Aggressive Mode ()) may be set, and in the global mode, the foreground application of the terminal may be performed. Monitoring, and automatically allowing network access to the foreground application, ie the first network packet of the foreground application will be routed to the physical network interface of the terminal, regardless of whether the foreground application is not in the whitelist. That is, the above application that satisfies the preset condition includes: not the current foreground application of the terminal.
  • the non-whitelist application when the end user opens the non-whitelist application, the non-whitelist application will become the foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized.
  • the global mode can be determined by the end user whether to open, for example, a global mode control can be set, and the terminal user can issue an instruction to open the global mode through the global mode control.
  • the global mode is turned on as an example.
  • the network address can be an arbitrary legal IP address.
  • the routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
  • the virtual network interface is forwarded to the physical network interface to implement network access. Therefore, for the network data packet received from the network (in order to distinguish from the data packet sent to the network, the network data packet received from the network in the embodiment of the present application is referred to as a second network data packet), It is given to a specific application via the virtual network interface.
  • the terminal can also be from the object
  • the network interface reads the second network data packet received by the physical network interface, and forwards the second network data packet to the application corresponding to the second network data packet.
  • FIG. 7 is a block diagram showing the transmission of a data stream based on the method of the specific application example shown in FIG. 6.
  • the virtual network interface of the terminal receives the first network data packet of all applications, in order to implement the application.
  • the first network data packet of each application is routed to the virtual network interface, and the first network data packet is read, and the application to which the first network data packet belongs is analyzed from the first network data packet, and the specific analysis is performed.
  • the method can be performed in any possible manner, for example, analyzing the application to which the packet belongs from the source port number of the TCP/IP header of the IP packet, and then forwarding the first network packet of the whitelist application and the foreground application to the physical network interface.
  • the second network data packet is read from the physical network interface, the second network data packet is written to the virtual network interface (the data packet written to the virtual network interface is transmitted to the corresponding application of the upper layer).
  • the embodiment of the present application further provides a device for saving power based on a network access control.
  • FIG. 8 is a schematic structural diagram of an apparatus for saving power based on a network access control in an embodiment. As shown in FIG. 8, the apparatus in this embodiment includes:
  • a virtual interface creation module 801 configured to receive a power-saving application open command, and create a virtual network interface
  • the terminal data routing module 802 is configured to route the first network data packet of the application that meets the preset condition to the virtual network interface, so that the first network data packet of the application that meets the preset condition cannot reach the physical network of the terminal. interface.
  • a virtual network interface is created, and the first network data packet of the application meeting the preset condition is routed to the virtual network interface, since the network virtual interface does not correspond to any real physics.
  • the network card therefore, the operation of the virtual network interface does not generate data transmission in the real physical network, so that the first network data packet of the application satisfying the preset condition cannot reach the physical network interface of the terminal, thereby passing the virtual network interface Filter out unnecessary network traffic, limit non-essential network access, and achieve power saving and extended terminal life.
  • the first network data packet of the application that meets the preset condition is routed to the pre-created
  • the virtual network interface may be performed in any possible manner when the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  • the first network data packet of the application satisfying the preset condition described above may be routed to the virtual network interface, and the first network data packet of other applications is directly routed to the physical network interface.
  • the first network data packet of all applications may be routed to the virtual network interface, and when the application is an application that meets the preset condition, the first network data packet is not further processed or directly If the application is not an application that meets the preset condition, the first network data packet that is routed to the virtual network interface is forwarded to the physical network interface to implement network access of the normal application.
  • FIG. 9 is a schematic structural diagram of a device for saving power based on a network access control in a specific application example, where the first network packet of the application satisfying the preset condition is routed to a virtual network.
  • the interface, while the network packets of other applications are directly routed to the physical network interface of the terminal as an example.
  • the device for saving power based on the network access control in the specific application example includes:
  • a virtual interface creation module 901 configured to receive a power-saving application open command, and create a virtual network interface
  • the terminal data routing module 902 is configured to route the first network data packet of the application that meets the preset condition to the virtual network interface, so that the first network data packet of the application that meets the preset condition cannot reach the physical network of the terminal.
  • the interface may also be used to route the first network data packet of the application that does not meet the preset condition to the physical network interface of the terminal.
  • the first network data packet of the application that meets the preset condition is routed to the created virtual network interface to implement traffic interception, thereby achieving the effect of saving power and extending the duration of the terminal, and
  • the first network data packet of the application that does not meet the preset condition can be normally routed to the physical network interface to achieve normal network access.
  • the application of the foregoing preset conditions may be set in any possible manner.
  • an application running in the background may be determined to be an application that satisfies a preset condition, and only the first network data packet of the foreground application can be routed to the physical Network Interface.
  • a preset condition For example, it can be understood that other parties can also be used.
  • the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set. application.
  • the apparatus in the specific example further includes:
  • the whitelist setting module 903 is configured to receive a whitelist setting instruction, and set an application of the whitelist of the virtual network interface.
  • the foregoing application that meets the preset condition includes: an application that is not in the white list set by the whitelist setting module 903.
  • the first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
  • the apparatus in this specific example may further include:
  • the foreground application monitoring module 904 is configured to monitor the current application of the terminal.
  • the foregoing application that meets the preset condition includes: the current foreground application of the terminal that is not monitored by the foreground application monitoring module 904.
  • the non-whitelist application when used in conjunction with the whitelist setting module 903, when the terminal user opens the non-whitelist application, the non-whitelist application will become the foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized. .
  • FIG. A schematic diagram of the logical relationship between the modules of the device of the specific application example shown in FIG.
  • a process in a specific example may be as follows:
  • the network address can be an arbitrary legal IP address.
  • the routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
  • the virtual interface creation module 901 is further configured to: when the whitelist setting module 903 receives the whitelist setting instruction, or when the foreground application monitoring module 904 detects that the current foreground application of the terminal changes. Create a new virtual network interface and overwrite the virtual network interface with the new virtual network interface.
  • FIG. 11 is a schematic structural diagram of an apparatus for saving power of a network access control based terminal in another specific application example, which is an example of routing a first network data packet of all applications to a virtual network interface. Be explained.
  • the device for saving power based on the network access control in the specific application example includes:
  • a virtual interface creation module 1101 configured to receive a power-saving application open command, and create a virtual network interface
  • the terminal data routing module 1102 is configured to route the first network data packet of each application of the terminal to the virtual network interface, where the application of the terminal includes the application that meets a preset condition.
  • the device for saving power based on the network access control in the specific application example may further include:
  • the packet forwarding module 1103 is configured to analyze the first network data packet, and determine an application to which the first network data packet belongs, where the application to which the first network data packet belongs is an application that meets the preset condition When the first network data packet is not further processed or the first network data packet is discarded, the first network data packet cannot reach the physical network interface of the terminal.
  • the terminal data routing module 1102 routes the first network data packet of all applications of the terminal to the virtual network interface, thereby necessarily routing the first network data packet of the application satisfying the preset condition to the virtual network.
  • Network interface if these first network packets are not forwarded or For further processing, these first network data packets must not reach the physical network interface of the terminal, thereby implementing interception of the first network data packet of these applications.
  • the packet forwarding module 1103 may analyze the first network data packet to determine an application to which the first network data packet belongs, when the application to which the first network data packet belongs is satisfied. When the preset condition is applied, it is determined that the first network data packet is not further processed or the first network data packet is discarded, so that only the first network data packet of the application that meets the predetermined condition cannot reach the physical network interface of the terminal. .
  • the packet forwarding module 1103 may be further configured to: when the application to which the first network data packet belongs is not an application that meets the preset condition, forward the first network data packet to a physical entity of the terminal. Network Interface.
  • the first network data packet of all applications is routed to the created virtual network interface, and then the first network data packet is analyzed, and the application belonging to the first network data packet belongs to the preset.
  • the first network data packet is not further processed to implement traffic interception, thereby achieving the effect of saving power and extending the duration of the terminal, and the first network data packet for the application that does not meet the preset condition. , can be forwarded to the physical network interface to achieve normal network access.
  • the first application data packet of the application that can access the network is routed to the virtual network interface, it is forwarded to the physical network interface to implement network access. Therefore, for the network data packet received from the network (in order to distinguish from the data packet sent to the network, the network data packet received from the network in the embodiment of the present application is referred to as a second network data packet), It is given to a specific application via the virtual network interface.
  • the packet forwarding module 1103 is further configured to: read, by the physical network interface, the second network data packet received by the physical network interface, and forward the second network data packet to the second network.
  • the application corresponding to the packet is further configured to: read, by the physical network interface, the second network data packet received by the physical network interface, and forward the second network data packet to the second network.
  • the application corresponding to the packet is further configured to: read, by the physical network interface, the second network data packet received by the physical network interface, and forward the second network data packet to the second network.
  • the application corresponding to the packet is further configured to: read, by the physical network interface, the second network data packet received by the physical network interface, and forward the second network data packet to the second network.
  • the application of the foregoing preset conditions may be set in any possible manner.
  • an application running in the background may be determined to be an application that satisfies a preset condition, and only the first network data packet of the foreground application can be routed to the physical Network Interface.
  • a preset condition an application running in the background
  • only the first network data packet of the foreground application can be routed to the physical Network Interface.
  • other methods can be used to determine the application of the preset condition.
  • the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set. application.
  • the apparatus in the specific example further includes:
  • the whitelist setting module 1104 is configured to receive a whitelist setting instruction, and set an application of the whitelist of the virtual network interface.
  • the foregoing application that meets the preset condition includes: an application that is not in the white list set by the whitelist setting module 1104.
  • the first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
  • the apparatus in this specific example may further include:
  • the foreground application monitoring module 1105 is configured to monitor the current application of the terminal.
  • the foregoing application that meets the preset condition includes: the current foreground application of the terminal that is not monitored by the foreground application monitoring module 1105.
  • the non-whitelist application when used in conjunction with the whitelist setting module 1104, when the terminal user opens the non-whitelist application, the non-whitelist application will become the foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized. .
  • a process in a specific example may be as follows:
  • the network address can be an arbitrary legal IP address.
  • the routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
  • the packet forwarding module 1103 needs to analyze whether the first network data packet routed to the virtual network interface needs to be forwarded to the physical network interface of the terminal, and the addDisallowApplication is not called when the virtual network interface is created.
  • () method when the application in the whitelist or the current foreground application of the terminal, only need to notify the packet forwarding module 1103, no need to create a new network virtual interface by the virtual interface creation module, and the packet forwarding module 1103 is based on the new whitelist And the current foreground application determines whether the newly received first network data packet needs to be forwarded to the physical network interface of the terminal.
  • the solution in each embodiment as described above may be run in the terminal device in an application manner, and the application may create a virtual network interface in the background based on the granted VPN permission (only once granted), thereby organizing other applications. Non-essential network access to save power.
  • the program can be stored in a non-volatile computer readable storage.
  • the program may be stored in a storage medium of the computer system and executed by at least one processor in the computer system to implement a flow including an embodiment of the methods as described above.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Human Computer Interaction (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephone Function (AREA)

Abstract

A method and a device for saving the power of a terminal on the basis of network access control. The method in one embodiment comprises the steps: when receiving a power-saving application starting instruction, creating a virtual network interface, and routing, to the virtual network interface, a first network data packet of an application satisfying a preset condition, so that the first network data packet of the application satisfying the preset condition cannot arrive at the physical network interface of the terminal.

Description

基于网络访问控制的终端节省电量的方法及装置Method and device for saving power of terminal based on network access control
本申请要求于2016年12月01日提交中国专利局、申请号为201611091417.9、发明名称为“基于网络访问控制的终端节省电量的方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese Patent Application filed on Dec. 1, 2016, the Chinese Patent Office, the application No. 201611091417.9, and the title of the method and device for saving power based on the network access control terminal, the entire contents of which are incorporated by reference. Combined in this application.
技术领域Technical field
本申请涉及计算机技术领域,特别是涉及一种基于网络访问控制的终端节省电量的方法以及一种基于网络访问控制的终端节省电量的装置。The present application relates to the field of computer technologies, and in particular, to a method for saving power by a terminal based on network access control and a device for saving power by a terminal based on network access control.
背景技术Background technique
以手机、智能平板这类终端设备为例,其最大的耗电的应用主要包括CPU(Central Processing Unit,中央处理器)、屏幕和数据流量。终端设备各类应用的耗电量的加大,不仅可能会直接减少终端设备的待机时长,而且由于可能会造成需要反复地对终端设备进行充放电操作,从而还会在一定程度上影响到终端设备的使用寿命,因此,实现终端应用的省电成为了终端应用开发的一个方向。Take terminal devices such as mobile phones and smart tablets as examples. The largest power consumption applications include CPU (Central Processing Unit), screen and data traffic. The increase in power consumption of various types of applications of terminal equipment may not only directly reduce the standby time of the terminal equipment, but also may cause the terminal equipment to be charged and discharged repeatedly, which may affect the terminal to a certain extent. The service life of the device, therefore, the power saving of the terminal application has become a direction of terminal application development.
发明内容Summary of the invention
本申请实施例提供一种基于网络访问控制的终端节省电量的方法以及一种基于网络访问控制的终端节省电量的装置,以达到省电和延长终端使用寿命的效果。The embodiment of the present application provides a method for saving power by a terminal based on network access control and a device for saving power based on network access control, so as to achieve power saving and extend the service life of the terminal.
本申请实施例提供以下技术方案:The embodiments of the present application provide the following technical solutions:
一种基于网络访问控制的终端节省电量的方法,包括步骤:A method for saving power by a terminal based on network access control, comprising the steps of:
在接收到省电应用开启指令时,创建虚拟网络接口;Creating a virtual network interface when receiving a power saving application open command;
将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得 所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。Routing a first network data packet of an application that meets a preset condition to the virtual network interface, such that The first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
一种基于网络访问控制的终端节省电量的装置,包括:A device for saving power based on network access control, comprising:
虚拟接口创建模块,用于接收省电应用开启指令,创建虚拟网络接口;a virtual interface creation module, configured to receive a power-saving application opening instruction, and create a virtual network interface;
终端数据路由模块,用于将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。a terminal data routing module, configured to route the first network data packet of the application that meets the preset condition to the virtual network interface, so that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal .
一种基于网络访问控制的终端节省电量的方法,用于终端上,该终端包括处理器和存储器,所述方法包括步骤:A method for saving power by a terminal based on network access control is used on a terminal, the terminal includes a processor and a memory, and the method includes the steps of:
在接收到省电应用开启指令时,创建虚拟网络接口;Creating a virtual network interface when receiving a power saving application open command;
将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。The first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
一种非易失性存储介质,其中存储有计算机可读指令,所述计算机可读指令可以由处理器执行以完成如下操作:A non-volatile storage medium having stored therein computer readable instructions executable by a processor to perform the following operations:
在接收到省电应用开启指令时,创建虚拟网络接口;Creating a virtual network interface when receiving a power saving application open command;
将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。The first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
附图简要说明BRIEF DESCRIPTION OF THE DRAWINGS
图1是一个实施例中的本申请实施例的应用环境的示意图;1 is a schematic diagram of an application environment of an embodiment of the present application in an embodiment;
图2是一个实施例中的终端的结构示意图;2 is a schematic structural diagram of a terminal in an embodiment;
图3是一个实施例中的基于网络访问控制的终端节省电量的方法的流程示意图;3 is a schematic flowchart of a method for saving power of a terminal based on network access control in an embodiment;
图4是一个具体应用示例中的基于网络访问控制的终端节省电量的方法的流程示意图;4 is a schematic flowchart of a method for saving power of a terminal based on network access control in a specific application example;
图5是图3所示的具体应用示例的方法的数据流的传输框图示意图;5 is a block diagram showing a transmission of a data stream of the method of the specific application example shown in FIG. 3;
图6是另一个具体应用示例中的基于网络访问控制的终端节省电量的方法的流程示意图; 6 is a schematic flowchart of a method for saving power of a terminal based on network access control in another specific application example;
图7是图6所示的具体应用示例的方法的数据流的传输框图示意图;7 is a block diagram showing a transmission of a data stream of the method of the specific application example shown in FIG. 6;
图8是一个实施例中的基于网络访问控制的终端节省电量的装置的结构示意图;FIG. 8 is a schematic structural diagram of an apparatus for saving power according to a network access control in an embodiment; FIG.
图9是一个具体应用示例中的基于网络访问控制的终端节省电量的装置的结构示意图;9 is a schematic structural diagram of an apparatus for saving power of a terminal based on network access control in a specific application example;
图10是图9所示的具体应用示例的装置的各模块之间的逻辑关系示意图;10 is a schematic diagram showing the logical relationship between modules of the apparatus of the specific application example shown in FIG. 9;
图11是另一个具体应用示例中的基于网络访问控制的终端节省电量的装置的结构示意图;11 is a schematic structural diagram of an apparatus for saving power based on a network access control in another specific application example;
图12是图11所示的具体应用示例的装置的各模块之间的逻辑关系示意图。FIG. 12 is a schematic diagram showing the logical relationship between modules of the apparatus of the specific application example shown in FIG.
实施本发明的方式Mode for carrying out the invention
为使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步的详细说明。应当理解,此处所描述的具体实施方式仅仅用以解释本申请,并不限定本申请的保护范围。The present application will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the application and are not intended to limit the scope of the application.
目前针对终端设备的省电应用,基本上是将与省电有关的系统设置项(例如声音大小、Wifi开关、移动网络开关、屏幕亮度、自动灭屏时间等等)罗列出来,供用户进行设置。其实现时,主要是通过调用系统的提供的接口改变相应的设置项。例如,以Android系统为例,在关闭\打开Wifi时调用WifiManager提供的setWifiEnabled()函数;关闭\打开移动数据时则调用ConnectivityManager中的setMobileDataEnabled()函数。At present, the power-saving application for the terminal device basically lists the system setting items related to power saving (such as sound size, Wifi switch, mobile network switch, screen brightness, automatic screen-off time, etc.) for the user to set. . When it is implemented, the corresponding setting items are mainly changed by calling the provided interface of the system. For example, in the case of the Android system, the setWifiEnabled() function provided by the WifiManager is called when the Wifi is closed/opened; the setMobileDataEnabled() function in the ConnectivityManager is called when the mobile data is closed/opened.
然而,降低屏幕亮度、降低铃声音量、关闭Wifi和移动数据等,虽然能达到省电的目的,但却是以损害用户使用终端设备的体验为代价,而且某些设置对省电的作用并不大。在关闭wifi和移动数据时,是直接把WiFi模块或移动网络模块关闭,从而所有应用都不能访问网络,也会在一定程度上制约了移动终端的使用性能。However, reducing screen brightness, lowering ring volume, turning off Wifi and moving data, etc., can achieve the purpose of power saving, but at the expense of the user experience of using the terminal device, and some settings do not have a power saving effect. Big. When the wifi and mobile data are turned off, the WiFi module or the mobile network module is directly closed, so that all applications cannot access the network, and the usage performance of the mobile terminal is also restricted to some extent.
图1示出了本申请一个实施例中的工作环境示意图,如图1所示,其工作环境涉及终端101以及网络服务器100,终端101与网络服务器100可以通过网络进 行通信。终端101在与网络服务器100通过网络进行通信时,终端101需要将其数据包通过其自身的物理网络接口发送到网络,从而到达各网络服务器100或者其他的终端101。在本申请实施例中,通过在终端101创建虚拟网络接口,将满足条件的应用的网络数据包路由到该虚拟网络接口,从而无法到达终端101的物理网络接口,进而无法到达网络服务器100或者其他的终端101,实现了对应用访问网络的控制,即通过虚拟网络接口过滤掉非必要的网络流量,限制非必要的网络访问,从而达到省电和延长终端使用寿命的目的。FIG. 1 is a schematic diagram of a working environment in an embodiment of the present application. As shown in FIG. 1 , the working environment relates to the terminal 101 and the network server 100. The terminal 101 and the network server 100 can enter through the network. Line communication. When the terminal 101 communicates with the network server 100 via the network, the terminal 101 needs to transmit its data packet to the network through its own physical network interface, thereby reaching each network server 100 or other terminal 101. In the embodiment of the present application, by creating a virtual network interface in the terminal 101, the network data packet of the application that meets the condition is routed to the virtual network interface, so that the physical network interface of the terminal 101 cannot be reached, and the network server 100 or other network cannot be reached. The terminal 101 implements control of the application access network, that is, filters out unnecessary network traffic through the virtual network interface, and restricts unnecessary network access, thereby achieving the purpose of saving power and extending the service life of the terminal.
终端101在一个实施例中的结构示意图如图2所示。该终端101包括通过系统总线连接的处理器、存储介质、通信接口、电源接口和内存。其中,终端101的存储介质存储有一种基于网络访问控制的终端节省电量的装置,该装置用于实现一种基于网络访问控制的终端节省电量的方法。终端101的通信接口用于与网络服务器100或者其他的网络终端101连接和通信,终端101的电源接口用于与外部电源连接,外部电源通过该电源接口向终端101供电。终端101可以是任何一种能够实现智能输入输出的设备,例如移动终端,比如手机、平板电脑等;也可以是其它具有上述结构的设备。A schematic structural diagram of the terminal 101 in one embodiment is shown in FIG. 2. The terminal 101 includes a processor, a storage medium, a communication interface, a power interface, and a memory connected through a system bus. The storage medium of the terminal 101 stores a device for saving power based on the network access control, and the device is used to implement a method for saving power by the terminal based on the network access control. The communication interface of the terminal 101 is used to connect and communicate with the network server 100 or other network terminal 101, and the power interface of the terminal 101 is used for connection with an external power source through which the external power source supplies power to the terminal 101. The terminal 101 can be any device capable of implementing intelligent input and output, such as a mobile terminal, such as a mobile phone, a tablet computer, etc., or other devices having the above structure.
图3示出了一个实施例中的基于网络访问控制的终端节省电量的方法的流程示意图,如图3所示,该实施例中的方法包括:FIG. 3 is a schematic flowchart of a method for saving power by a network access control based terminal in an embodiment. As shown in FIG. 3, the method in this embodiment includes:
步骤S301:在接收到省电应用开启指令时,创建虚拟网络接口;Step S301: Create a virtual network interface when receiving a power-saving application open command;
步骤S302:将满足预设条件的应用的网络数据包(为了与从网络中接收到的数据包进行区分,本申请实施例中将应用需要发送到网络的网络数据包称之为第一网络数据包)路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。Step S302: The network data packet of the application that meets the preset condition is used. (In order to distinguish the data packet that is received from the network, the network data packet that needs to be sent to the network in the embodiment of the present application is referred to as the first network data. The packet is routed to the virtual network interface such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
从而,终端在接收到省电应用开启指令时,通过创建虚拟网络接口,并将满足预设条件的应用的第一网络数据包路由到该虚拟网络接口,由于网络虚拟接口并不对应任何真实的物理网卡,因此对该虚拟网络接口的操作并不会在真正的物理网络中产生数据的传输,使得满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口,从而通过虚拟网络接口过滤掉非必要的网络流 量,限制非必要的网络访问,达到了省电和延长终端使用寿命的目的。Therefore, when receiving the power-saving application open command, the terminal creates a virtual network interface, and routes the first network data packet of the application that meets the preset condition to the virtual network interface, because the network virtual interface does not correspond to any real The physical network card, so the operation of the virtual network interface does not generate data transmission in the real physical network, so that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal, thereby passing through the virtual network. Interface filters out unnecessary network flows The amount, limit non-essential network access, achieves the purpose of saving power and extending the life of the terminal.
其中,在上述将满足预设条件的应用的第一网络数据包路由至预先创建的虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口时,可以采用任何可能的方式进行。在其中一种应用示例中,可以是将上述满足预设条件的应用的第一网络数据包路由到虚拟网络接口,而其他的应用的第一网络数据包则直接路由到物理网络接口。在另外一种应用示例中,可以是将所有应用的第一网络数据包均路由到虚拟网络接口,在该应用为满足预设条件的应用时,不对该第一网络数据包做进一步处理或者直接丢弃,在该应用不是满足预设条件的应用时,再将路由至该虚拟网络接口的第一网络数据包转发至物理网络接口,实现正常应用的网络访问。以下结合这两种应用示例进行详细举例说明。The first network data packet of the application that meets the preset condition is routed to the pre-created virtual network interface, so that when the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal, It can be done in any way possible. In one of the application examples, the first network data packet of the application satisfying the preset condition described above may be routed to the virtual network interface, and the first network data packet of other applications is directly routed to the physical network interface. In another application example, the first network data packet of all applications may be routed to the virtual network interface, and when the application is an application that meets the preset condition, the first network data packet is not further processed or directly If the application is not an application that meets the preset condition, the first network data packet that is routed to the virtual network interface is forwarded to the physical network interface to implement network access of the normal application. The following is a detailed illustration of the two application examples.
图4中示出了一个具体应用示例中的基于网络访问控制的终端节省电量的方法的流程示意图,该具体示例中是以将上述满足预设条件的应用的第一网络数据包路由到虚拟网络接口,而其他的应用的网络数据包则直接路由到终端的物理网络接口为例进行说明。FIG. 4 is a schematic flowchart diagram of a method for saving power of a network access control-based terminal in a specific application example, where the first network packet of the application satisfying the preset condition is routed to a virtual network. The interface, while the network packets of other applications are directly routed to the physical network interface of the terminal as an example.
如图4所示,该具体应用示例中的基于网络访问控制的终端节省电量的方法包括步骤:As shown in FIG. 4, the method for saving power of a network access control based terminal in the specific application example includes the following steps:
步骤S401:接收到省电应用开启指令,创建终端的虚拟网络接口;Step S401: Receive a power-saving application open command, and create a virtual network interface of the terminal;
步骤S402:设定预设条件的应用;Step S402: setting an application of a preset condition;
步骤S403:在检测到应用有第一网络数据包发送至网络时,分析该第一网络数据包所属的应用是否为上述预设条件的应用,若否,则进入步骤S404,若是,则进入步骤S405;Step S403: When detecting that the application has the first network data packet sent to the network, analyzing whether the application to which the first network data packet belongs is an application of the preset condition, if not, proceeding to step S404, and if yes, proceeding to the step S405;
步骤S404:将该应用的第一网络数据包路由至终端的物理网络接口,从而使得该第一网络数据包可以通过物理网络接口发送至网络;Step S404: Routing the first network data packet of the application to the physical network interface of the terminal, so that the first network data packet can be sent to the network through the physical network interface;
步骤S405:将该应用的第一网络数据包路由至上述创建的虚拟网络接口,从而使得该第一网络数据包无法到达物理网络接口,无法发送到网络。Step S405: Routing the first network data packet of the application to the created virtual network interface, so that the first network data packet cannot reach the physical network interface and cannot be sent to the network.
从而,基于该实施例中的方法,终端将符合预设条件的应用的第一网络数 据包路由至创建的虚拟网络接口,实现流量的拦截,据此达到省电和延长终端使用时长的效果,而对于不符合预设条件的应用的第一网络数据包,则可以正常地路由至物理网络接口,实现正常的网络访问。Therefore, based on the method in this embodiment, the terminal will use the first network number of the application that meets the preset condition. According to the packet routing to the created virtual network interface, the traffic interception is realized, thereby achieving the effect of saving power and extending the duration of the terminal, and the first network packet for the application that does not meet the preset condition can be normally routed to Physical network interface for normal network access.
在本申请实施例中,物理网络接口是真实物理网卡的抽象,终端通过对物理网络接口进行读写操作,可以在网络中读取和发送数据,而虚拟网络接口是虚拟网卡的抽象,并不对应任何真实的物理网卡,终端对这个虚拟网络接口的读写操作,并不会在真正的物理网络中产生数据的传输。基于虚拟网络接口的这种性能,在上述创建虚拟网络接口时,可以采用任何可能的方式进行。In the embodiment of the present application, the physical network interface is an abstraction of the real physical network card, and the terminal can read and send data in the network by performing read and write operations on the physical network interface, and the virtual network interface is an abstraction of the virtual network card, and is not Corresponding to any real physical network card, the terminal's read and write operations on this virtual network interface will not generate data transmission in the real physical network. Based on this performance of the virtual network interface, any of the possible ways can be used when creating the virtual network interface as described above.
以Android(安卓,一种综合操作系统)系统为例,可以通过Android提供的VPNService(Android SDK提供的一个基类,继承自这个基类的服务,将会获得创建和读写虚拟接口的能力)为终端创建一个虚拟网络接口。Take Android (Android, a comprehensive operating system) system as an example, you can use the VPNService provided by Android (a base class provided by the Android SDK, which inherits the services of this base class, will gain the ability to create and read and write virtual interfaces) Create a virtual network interface for the terminal.
上述设定预设条件的应用时,可以结合任何可能的方式进行,例如,可以将在后台运行的应用都判定为是满足预设条件的应用,只有前台应用的第一网络数据包能够路由到物理网络接口。前台应用可以为在终端当前用户界面上展示的内容所属的应用。后台应用可以为当前界面没有展示但还在工作的应用。当然,可以理解的是,还可以采用其他的方式来确定预设条件的应用。The application of setting the preset condition may be performed in any possible manner. For example, the application running in the background may be determined to be an application that meets the preset condition, and only the first network packet of the foreground application can be routed to Physical network interface. The foreground application can be an application to which the content displayed on the current user interface of the terminal belongs. The background application can be an application that is not displayed but still working on the current interface. Of course, it can be understood that other methods can be used to determine the application of the preset condition.
在终端用户的实际使用过程中,通常仍然需要一些在后台运行的应用能够访问网络,例如一些即时聊天工具的应用、一些办公类应用等。因此,在一个具体示例中,在上述设定预设条件的应用时,可以通过设定白名单的方式进行,即在设定预设条件的应用时,实际上可以是设置白名单中包含的应用。此时,上述满足预设条件的应用包括:不属于预设的白名单中的应用。白名单中的应用的第一网络数据包可以直接路由至终端的物理网络接口。In the actual use of the end user, it is still necessary to have some applications running in the background to access the network, such as some instant messenger applications, some office applications, and the like. Therefore, in a specific example, when the application of the preset condition is set, the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set. application. At this time, the foregoing application that meets the preset condition includes: an application that does not belong to the preset white list. The first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
另一方面,在该实施例的方案中,为了不影响终端用户对非白名单应用的使用,还可以设置有全局模式(Aggressive Mode()),在全局模式下,会对终端的前台应用进行监测,并自动允许前台应用的网络访问,即前台应用的第一网络数据包将被路由至终端的物理网络接口,而无论该前台应用在不在白名单中。即上述满足预设条件的应用包括:不是终端的当前前台应用。从而,当终端用 户打开非白名单应用时,非白名单应用将会成为前台应用,而被允许访问网络,使得对用户使用手机的影响降到最少,又能最大限度的达到省电的目的。可以理解的是,该全局模式可以由终端用户确定是否打开,例如可以设置有全局模式控件,终端用户可以通过该全局模式控件来发出将全局模式打开的指令。为便于说明,在下述的具体示例的说明中,是以打开了全局模式为例进行说明。On the other hand, in the solution of the embodiment, in order not to affect the use of the non-white list application by the terminal user, a global mode (Aggressive Mode ()) may be set, and in the global mode, the foreground application of the terminal may be performed. Monitoring, and automatically allowing network access to the foreground application, ie the first network packet of the foreground application will be routed to the physical network interface of the terminal, regardless of whether the foreground application is not in the whitelist. That is, the above application that satisfies the preset condition includes: not the current foreground application of the terminal. Thus, when used by the terminal When a user opens a non-whitelist application, the non-whitelist application will become a foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized, and the power saving effect can be maximized. It can be understood that the global mode can be determined by the end user whether to open, for example, a global mode control can be set, and the terminal user can issue an instruction to open the global mode through the global mode control. For convenience of explanation, in the following description of the specific examples, the global mode is turned on as an example.
以Android系统为例,Android 5.0及以上版本可以使用VpnService.Builder类中的addDisallowedApplication()方法设置不允许白名单和前台应用的数据包进入虚拟网络接口,于是白名单和前台应用的数据就会进入真实的网络接口,从而实现分应用进行拦截。因此,以Android系统的Android 5.0及以上版本为例,可以是在创建虚拟网络接口的过程中设定设置不允许白名单和前台应用的数据包进入虚拟网络接口。其具体的创建虚拟网络接口的过程可以是如下所述:Take the Android system as an example. Android 5.0 and above can use the addDisallowedApplication() method in the VpnService.Builder class to set the data packets that do not allow whitelists and foreground applications to enter the virtual network interface, so the whitelist and foreground application data will enter. Real network interface, which enables sub-applications to intercept. Therefore, for Android 5.0 and above of the Android system, for example, in the process of creating a virtual network interface, setting a data packet that does not allow the whitelist and the foreground application to enter the virtual network interface may be set. The specific process of creating a virtual network interface can be as follows:
创建VPNService.Builder对象mBuilder,mBuilder将用于接口的配置和创建;Create a VPNService.Builder object mBuilder, mBuilder will be used for interface configuration and creation;
调用mBuilder对象的addAddress()方法对虚拟网络接口的网络地址进行配置,网络地址可以是一任意合法的IP地址;Call the mAddresser object's addAddress() method to configure the network address of the virtual network interface. The network address can be an arbitrary legal IP address.
调用mBuilder对象的setRoute()方法设置虚拟网络接口的路由地址,该路由IP地址设为0.0.0.0/0,这样发往任何地址的数据包都会被发到此虚拟网络接口上;Call the setRoute() method of the mBuilder object to set the routing address of the virtual network interface. The routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
调用mBuilder对象的addDisallowedApplication()方法,设置不允许白名单应用和前台应用的数据包发往虚拟网络接口;Call the addDisallowedApplication() method of the mBuilder object to set the data packet that does not allow the whitelist application and the foreground application to be sent to the virtual network interface.
调用mBuilder对象的establish()方法,创建虚拟网络接口。Create a virtual network interface by calling the establish() method of the mBuilder object.
以上述创建虚拟网络接口的方式为例,设置白名单应用和前台应用是在创建虚拟网络接口的过程中完成的。因此,在一个具体应用示例中,可以是在监测到白名单设置信息时(即白名单有变化时),或者是监测到终端的当前前台应用发生变化时,创建新的虚拟网络接口,并用该新的虚拟网络接口覆盖所述虚拟网络接口。Taking the above method of creating a virtual network interface as an example, setting a whitelist application and a foreground application is completed in the process of creating a virtual network interface. Therefore, in a specific application example, when a whitelist setting information is monitored (ie, when the whitelist changes), or when the current foreground application of the terminal is changed, a new virtual network interface is created, and the new virtual network interface is used. A new virtual network interface covers the virtual network interface.
图5中示出了基于图4所示的具体应用示例的方法的数据流的传输框图示意图,由图5可见,对于白名单应用和前台应用,其网络数据包会被直接路由至物理网络接口从而发送至网络,而对于非白名单应用和非前台应用,其网络数据 包则会路由至虚拟网络接口,从而实现对非白名单应用和非前台应用的第一网络数据包的拦截。FIG. 5 is a block diagram showing the transmission of data streams based on the method of the specific application example shown in FIG. 4. As can be seen from FIG. 5, for whitelist applications and foreground applications, network packets are directly routed to the physical network interface. Thereby sent to the network, and for non-whitelisted applications and non-foreground applications, their network data The packet is routed to the virtual network interface to enable interception of the first network packet for non-whitelisted applications and non-foreground applications.
图6中示出了另一个具体应用示例中的基于网络访问控制的终端节省电量的方法的流程示意图,该具体示例中是以将所有应用的第一网络数据包均路由到虚拟网络接口为例进行说明。FIG. 6 is a schematic flowchart diagram of a method for saving power of a network access control-based terminal in another specific application example, where the specific example is to route the first network data packet of all applications to the virtual network interface. Be explained.
如图6所示,该具体应用示例中的基于网络访问控制的终端节省电量的方法包括步骤:As shown in FIG. 6, the method for saving power of a network access control based terminal in the specific application example includes the following steps:
步骤S601:接收到省电应用开启指令,创建终端的虚拟网络接口;Step S601: Receive a power-saving application open command, and create a virtual network interface of the terminal;
步骤S602:设定预设条件的应用;Step S602: setting an application of a preset condition;
步骤S603:在应用有第一网络数据包发送至网络时,将该应用路由至上述创建的虚拟网络接口;Step S603: When the application has the first network data packet sent to the network, routing the application to the created virtual network interface;
步骤S604:对路由至虚拟网络接口的第一网络数据包进行解析,确定该第一网络数据包所属的应用;Step S604: Parsing a first network data packet that is routed to the virtual network interface, and determining an application to which the first network data packet belongs;
步骤S605:结合上述设定的预设条件的应用,判断该第一网络数据包所属的应用是否为上述预设条件的应用,若否,则进入步骤S606,若是,则进入步骤S607;Step S605: Combining the application of the preset condition set above, determining whether the application to which the first network data packet belongs is the application of the preset condition, if not, proceeding to step S606, and if yes, proceeding to step S607;
步骤S606:将路由至虚拟网络接口的第一网络数据包转发至终端的物理网络接口,从而使得该第一网络数据包可以通过物理网络接口发送至网络;Step S606: Forwarding the first network data packet routed to the virtual network interface to the physical network interface of the terminal, so that the first network data packet can be sent to the network through the physical network interface;
步骤S607:对路由至虚拟网络接口的该第一网络数据包不做进一步的处理,或者直接将该第一网络数据包丢弃,使得该第一网络数据包无法到达物理网络接口,无法发送到网络。Step S607: No further processing is performed on the first network data packet routed to the virtual network interface, or the first network data packet is directly discarded, so that the first network data packet cannot reach the physical network interface, and cannot be sent to the network. .
从而,基于该实施例中的方法,终端在接收到省电应用开启指令时,创建虚拟网络接口之后,是将所有应用的第一网络数据包均路由至创建的虚拟网络接口,再对第一网络数据包进行分析,在该第一网络数据包所属应用属于上述预设条件的应用时,则不对该第一网络数据包做进一步处理,实现流量的拦截,据此达到省电和延长终端使用时长的效果,而对于不符合预设条件的应用的第一网络数据包,则可以转发至物理网络接口,实现正常的网络访问。 Therefore, based on the method in the embodiment, after receiving the power-saving application opening instruction, the terminal, after creating the virtual network interface, routes the first network data packet of all applications to the created virtual network interface, and then the first The network data packet is analyzed, and when the application to which the first network data packet belongs belongs to the foregoing preset condition, the first network data packet is not further processed to implement traffic interception, thereby achieving power saving and extending terminal use. The effect of the duration, and for the first network packet of the application that does not meet the preset condition, can be forwarded to the physical network interface to achieve normal network access.
据此,可以明确的是:According to this, it is clear that:
上述将满足预设条件的应用的第一网络数据包路由至预先创建的虚拟网络接口的方式包括:将终端的各应用的第一网络数据包路由至所述虚拟网络接口,所述终端的应用包括所述满足预设条件的应用;The foregoing manner of routing the first network data packet of the application that meets the preset condition to the pre-created virtual network interface includes: routing the first network data packet of each application of the terminal to the virtual network interface, the application of the terminal Including the application that meets the preset condition;
而上述使得满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口的方式包括:对所述第一网络数据包进行分析,确定所述第一网络数据包所属的应用,当所述第一网络数据包所属的应用为满足所述预设条件的应用时,不对所述第一网络数据包做进一步处理或者丢弃所述第一网络数据包,使得所述第一网络数据包无法到达终端的物理网络接口。The method for making the first network data packet of the application that meets the preset condition fail to reach the physical network interface of the terminal includes: analyzing the first network data packet, and determining an application to which the first network data packet belongs. When the application to which the first network data packet belongs is an application that meets the preset condition, the first network data packet is not further processed or the first network data packet is discarded, so that the first network data packet is Unable to reach the physical network interface of the terminal.
此外,当所述第一网络数据包所属的应用不是满足所述预设条件的应用时,还可以将所述第一网络数据包转发至终端的物理网络接口。In addition, when the application to which the first network data packet belongs is not an application that meets the preset condition, the first network data packet may be forwarded to a physical network interface of the terminal.
在本申请实施例中,物理网络接口是真实物理网卡的抽象,终端通过对物理网络接口进行读写操作,可以在网络中读取和发送数据,而虚拟网络接口是虚拟网卡的抽象,并不对应任何真实的物理网卡,终端对这个虚拟网络接口的读写操作,并不会在真正的物理网络中产生数据的传输。基于虚拟网络接口的这种性能,在上述创建虚拟网络接口时,可以采用任何可能的方式进行。In the embodiment of the present application, the physical network interface is an abstraction of the real physical network card, and the terminal can read and send data in the network by performing read and write operations on the physical network interface, and the virtual network interface is an abstraction of the virtual network card, and is not Corresponding to any real physical network card, the terminal's read and write operations on this virtual network interface will not generate data transmission in the real physical network. Based on this performance of the virtual network interface, any of the possible ways can be used when creating the virtual network interface as described above.
以Android(安卓,一种综合操作系统)系统为例,可以通过Android提供的VPNService(Android SDK提供的一个基类,继承自这个基类的服务,将会获得创建和读写虚拟接口的能力)为终端创建一个虚拟网络接口。Take Android (Android, a comprehensive operating system) system as an example, you can use the VPNService provided by Android (a base class provided by the Android SDK, which inherits the services of this base class, will gain the ability to create and read and write virtual interfaces) Create a virtual network interface for the terminal.
上述设定预设条件的应用时,可以结合任何可能的方式进行,例如,可以将在后台运行的应用都判定为是满足预设条件的应用,只有前台应用的第一网络数据包能够路由到物理网络接口。当然,可以理解的是,还可以采用其他的方式来确定预设条件的应用。The application of setting the preset condition may be performed in any possible manner. For example, the application running in the background may be determined to be an application that meets the preset condition, and only the first network packet of the foreground application can be routed to Physical network interface. Of course, it can be understood that other methods can be used to determine the application of the preset condition.
在终端用户的实际使用过程中,通常仍然需要一些在后台运行的应用能够访问网络,例如一些即时聊天工具的应用、一些办公类应用等。因此,在一个具体示例中,在上述设定预设条件的应用时,可以通过设定白名单的方式进行,即在设定预设条件的应用时,实际上可以是设置白名单中包含的应用。此时, 上述满足预设条件的应用包括:不属于预设的白名单中的应用。白名单中的应用的第一网络数据包可以直接路由至终端的物理网络接口。In the actual use of the end user, it is still necessary to have some applications running in the background to access the network, such as some instant messenger applications, some office applications, and the like. Therefore, in a specific example, when the application of the preset condition is set, the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set. application. at this time, The above applications that meet the preset conditions include: applications that are not in the preset white list. The first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
另一方面,在该实施例的方案中,为了不影响终端用户对非白名单应用的使用,还可以设置有全局模式(Aggressive Mode()),在全局模式下,会对终端的前台应用进行监测,并自动允许前台应用的网络访问,即前台应用的第一网络数据包将被路由至终端的物理网络接口,而无论该前台应用在不在白名单中。即上述满足预设条件的应用包括:不是终端的当前前台应用。从而,当终端用户打开非白名单应用时,非白名单应用将会成为前台应用,而被允许访问网络,使得对用户使用手机的影响降到最少。可以理解的是,该全局模式可以由终端用户确定是否打开,例如可以设置有全局模式控件,终端用户可以通过该全局模式控件来发出将全局模式打开的指令。为便于说明,在下述的具体示例的说明中,是以打开了全局模式为例进行说明。On the other hand, in the solution of the embodiment, in order not to affect the use of the non-white list application by the terminal user, a global mode (Aggressive Mode ()) may be set, and in the global mode, the foreground application of the terminal may be performed. Monitoring, and automatically allowing network access to the foreground application, ie the first network packet of the foreground application will be routed to the physical network interface of the terminal, regardless of whether the foreground application is not in the whitelist. That is, the above application that satisfies the preset condition includes: not the current foreground application of the terminal. Thus, when the end user opens the non-whitelist application, the non-whitelist application will become the foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized. It can be understood that the global mode can be determined by the end user whether to open, for example, a global mode control can be set, and the terminal user can issue an instruction to open the global mode through the global mode control. For convenience of explanation, in the following description of the specific examples, the global mode is turned on as an example.
以Android系统为例,Android 5.0以下版本的系统中的VpnService.Builder类里没有addDisallowedApplication()函数,因此可以通过设置统一的虚拟网络接口来接收所有应用的第一网络数据包。其创建虚拟网络接口的过程可以是如下所述:Take the Android system as an example. There is no addDisallowedApplication() function in the VpnService.Builder class in the Android 5.0 or later system. Therefore, you can receive the first network packet of all applications by setting a unified virtual network interface. The process of creating a virtual network interface can be as follows:
创建VPNService.Builder对象mBuilder,mBuilder将用于接口的配置和创建;Create a VPNService.Builder object mBuilder, mBuilder will be used for interface configuration and creation;
调用mBuilder对象的addAddress()方法对虚拟网络接口的网络地址进行配置,网络地址可以是一任意合法的IP地址;Call the mAddresser object's addAddress() method to configure the network address of the virtual network interface. The network address can be an arbitrary legal IP address.
调用mBuilder对象的setRoute()方法设置虚拟网络接口的路由地址,该路由IP地址设为0.0.0.0/0,这样发往任何地址的数据包都会被发到此虚拟网络接口上;Call the setRoute() method of the mBuilder object to set the routing address of the virtual network interface. The routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
调用mBuilder对象的establish()方法,创建虚拟网络接口。Create a virtual network interface by calling the establish() method of the mBuilder object.
如上所述,由于可以访问网络的应用的第一应用数据包是路由到虚拟网络接口后,再从虚拟网络接口转发到物理网络接口实现网络访问。因此,对于从网络中接收到的网络数据包(为了与向网络发送的数据包进行区分,本申请实施例中将从网络中接收的网络数据包称之为第二网络数据包),也可以是经由该虚拟网络接口给到具体的应用。据此,在一个具体示例中,终端还可以从物 理网络接口读取物理网络接口接收到的第二网络数据包,并将该第二网络数据包转发给该第二网络数据包对应的应用。As described above, since the first application data packet of the application that can access the network is routed to the virtual network interface, the virtual network interface is forwarded to the physical network interface to implement network access. Therefore, for the network data packet received from the network (in order to distinguish from the data packet sent to the network, the network data packet received from the network in the embodiment of the present application is referred to as a second network data packet), It is given to a specific application via the virtual network interface. According to this, in a specific example, the terminal can also be from the object The network interface reads the second network data packet received by the physical network interface, and forwards the second network data packet to the application corresponding to the second network data packet.
图7中示出了基于图6所示的具体应用示例的方法的数据流的传输框图示意图,由图7可见,终端的虚拟网络接口会接收所有应用的第一网络数据包,为了实现按应用过滤,将各应用的第一网络数据包路由到虚拟网络接口后,通过读取该第一网络数据包,从第一网络数据包中分析出该第一网络数据包所属的应用,具体的分析方式可以采用任何可能的方式进行,例如从IP包的TCP/IP头的源端口号分析出包所属的应用,然后将白名单应用和前台应用的第一网络数据包转发到物理网络接口上。当从物理网络接口上读到第二网络数据包时,把第二网络数据包写到虚拟网络接口上(被写到虚拟网络接口上的数据包,将会传给上层相对应的应用)。FIG. 7 is a block diagram showing the transmission of a data stream based on the method of the specific application example shown in FIG. 6. As can be seen from FIG. 7, the virtual network interface of the terminal receives the first network data packet of all applications, in order to implement the application. After filtering, the first network data packet of each application is routed to the virtual network interface, and the first network data packet is read, and the application to which the first network data packet belongs is analyzed from the first network data packet, and the specific analysis is performed. The method can be performed in any possible manner, for example, analyzing the application to which the packet belongs from the source port number of the TCP/IP header of the IP packet, and then forwarding the first network packet of the whitelist application and the foreground application to the physical network interface. When the second network data packet is read from the physical network interface, the second network data packet is written to the virtual network interface (the data packet written to the virtual network interface is transmitted to the corresponding application of the upper layer).
基于上述基于网络访问控制的终端节省电量的方法的思想,本申请实施例还提供一种基于网络访问控制的终端节省电量的装置。Based on the foregoing method for saving power by a network access control based terminal, the embodiment of the present application further provides a device for saving power based on a network access control.
图8中示出了一个实施例中的基于网络访问控制的终端节省电量的装置的结构示意图。如图8所示,该实施例中的装置包括:FIG. 8 is a schematic structural diagram of an apparatus for saving power based on a network access control in an embodiment. As shown in FIG. 8, the apparatus in this embodiment includes:
虚拟接口创建模块801,用于接收到省电应用开启指令,创建虚拟网络接口;a virtual interface creation module 801, configured to receive a power-saving application open command, and create a virtual network interface;
终端数据路由模块802,用于将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。The terminal data routing module 802 is configured to route the first network data packet of the application that meets the preset condition to the virtual network interface, so that the first network data packet of the application that meets the preset condition cannot reach the physical network of the terminal. interface.
从而,通过在接收到省电应用开启指令时,创建虚拟网络接口,并将满足预设条件的应用的第一网络数据包路由到该虚拟网络接口,由于网络虚拟接口并不对应任何真实的物理网卡,因此对该虚拟网络接口的操作并不会在真正的物理网络中产生数据的传输,使得满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口,从而通过虚拟网络接口过滤掉非必要的网络流量,限制非必要的网络访问,达到了省电和延长终端使用寿命的目的。Thus, by receiving a power-saving application open command, a virtual network interface is created, and the first network data packet of the application meeting the preset condition is routed to the virtual network interface, since the network virtual interface does not correspond to any real physics. The network card, therefore, the operation of the virtual network interface does not generate data transmission in the real physical network, so that the first network data packet of the application satisfying the preset condition cannot reach the physical network interface of the terminal, thereby passing the virtual network interface Filter out unnecessary network traffic, limit non-essential network access, and achieve power saving and extended terminal life.
其中,在上述将满足预设条件的应用的第一网络数据包路由至预先创建的 虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口时,可以采用任何可能的方式进行。在其中一种应用示例中,可以是将上述满足预设条件的应用的第一网络数据包路由到虚拟网络接口,而其他的应用的第一网络数据包则直接路由到物理网络接口。在另外一种应用示例中,可以是将所有应用的第一网络数据包均路由到虚拟网络接口,在该应用为满足预设条件的应用时,不对该第一网络数据包做进一步处理或者直接丢弃,在该应用不是满足预设条件的应用时,再将路由至该虚拟网络接口的第一网络数据包转发至物理网络接口,实现正常应用的网络访问。以下结合这两种应用示例进行详细举例说明。Wherein, the first network data packet of the application that meets the preset condition is routed to the pre-created The virtual network interface may be performed in any possible manner when the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal. In one of the application examples, the first network data packet of the application satisfying the preset condition described above may be routed to the virtual network interface, and the first network data packet of other applications is directly routed to the physical network interface. In another application example, the first network data packet of all applications may be routed to the virtual network interface, and when the application is an application that meets the preset condition, the first network data packet is not further processed or directly If the application is not an application that meets the preset condition, the first network data packet that is routed to the virtual network interface is forwarded to the physical network interface to implement network access of the normal application. The following is a detailed illustration of the two application examples.
图9中示出了一个具体应用示例中的基于网络访问控制的终端节省电量的装置的结构示意图,该具体示例中是以将上述满足预设条件的应用的第一网络数据包路由到虚拟网络接口,而其他的应用的网络数据包则直接路由到终端的物理网络接口为例进行说明。FIG. 9 is a schematic structural diagram of a device for saving power based on a network access control in a specific application example, where the first network packet of the application satisfying the preset condition is routed to a virtual network. The interface, while the network packets of other applications are directly routed to the physical network interface of the terminal as an example.
如图9所示,该具体应用示例中的基于网络访问控制的终端节省电量的装置包括:As shown in FIG. 9, the device for saving power based on the network access control in the specific application example includes:
虚拟接口创建模块901,用于接收省电应用开启指令,创建虚拟网络接口;a virtual interface creation module 901, configured to receive a power-saving application open command, and create a virtual network interface;
终端数据路由模块902,用于将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口,还可以用于将不满足预设条件的应用的第一网络数据包路由至终端的物理网络接口。The terminal data routing module 902 is configured to route the first network data packet of the application that meets the preset condition to the virtual network interface, so that the first network data packet of the application that meets the preset condition cannot reach the physical network of the terminal. The interface may also be used to route the first network data packet of the application that does not meet the preset condition to the physical network interface of the terminal.
基于该实施例中的装置,对于符合预设条件的应用的第一网络数据包,路由至创建的虚拟网络接口,实现流量的拦截,据此达到省电和延长终端使用时长的效果,而对于不符合预设条件的应用的第一网络数据包,则可以正常地路由至物理网络接口,实现正常的网络访问。Based on the device in this embodiment, the first network data packet of the application that meets the preset condition is routed to the created virtual network interface to implement traffic interception, thereby achieving the effect of saving power and extending the duration of the terminal, and The first network data packet of the application that does not meet the preset condition can be normally routed to the physical network interface to achieve normal network access.
上述预设条件的应用,可以结合任何可能的方式进行设定,例如,可以将在后台运行的应用都判定为是满足预设条件的应用,只有前台应用的第一网络数据包能够路由到物理网络接口。当然,可以理解的是,还可以采用其他的方 式来确定预设条件的应用。The application of the foregoing preset conditions may be set in any possible manner. For example, an application running in the background may be determined to be an application that satisfies a preset condition, and only the first network data packet of the foreground application can be routed to the physical Network Interface. Of course, it can be understood that other parties can also be used. To determine the application of the preset condition.
在终端用户的实际使用过程中,通常仍然需要一些在后台运行的应用能够访问网络,例如一些即时聊天工具的应用、一些办公类应用等。因此,在一个具体示例中,在上述设定预设条件的应用时,可以通过设定白名单的方式进行,即在设定预设条件的应用时,实际上可以是设置白名单中包含的应用。In the actual use of the end user, it is still necessary to have some applications running in the background to access the network, such as some instant messenger applications, some office applications, and the like. Therefore, in a specific example, when the application of the preset condition is set, the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set. application.
据此,如图9所示,该具体示例中的装置还包括:Accordingly, as shown in FIG. 9, the apparatus in the specific example further includes:
白名单设置模块903,用于接收白名单设置指令,设置所述虚拟网络接口的白名单的应用。The whitelist setting module 903 is configured to receive a whitelist setting instruction, and set an application of the whitelist of the virtual network interface.
此时,上述满足预设条件的应用包括:不属于白名单设置模块903设置的白名单中的应用。白名单中的应用的第一网络数据包可以直接路由至终端的物理网络接口。At this time, the foregoing application that meets the preset condition includes: an application that is not in the white list set by the whitelist setting module 903. The first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
另一方面,如图9所示,该具体示例中的装置还可以包括:On the other hand, as shown in FIG. 9, the apparatus in this specific example may further include:
前台应用监测模块904,用于监测终端的当前应用。The foreground application monitoring module 904 is configured to monitor the current application of the terminal.
此时,上述满足预设条件的应用包括:不是前台应用监测模块904监测到的终端的当前前台应用。At this time, the foregoing application that meets the preset condition includes: the current foreground application of the terminal that is not monitored by the foreground application monitoring module 904.
从而,其在与白名单设置模块903结合使用时,当终端用户打开非白名单应用时,非白名单应用将会成为前台应用,而被允许访问网络,使得对用户使用手机的影响降到最少。Therefore, when used in conjunction with the whitelist setting module 903, when the terminal user opens the non-whitelist application, the non-whitelist application will become the foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized. .
以Android系统为例,Android 5.0及以上版本可以使用VpnService.Builder类中的addDisallowedApplication()方法设置不允许白名单和前台应用的数据包进入虚拟网络接口,据此,图10中示出了基于图9所示的具体应用示例的装置的各模块之间的逻辑关系示意图。Taking the Android system as an example, Android 5.0 and above can use the addDisallowedApplication() method in the VpnService.Builder class to set a packet that does not allow the whitelist and the foreground application to enter the virtual network interface. Accordingly, based on the figure, FIG. A schematic diagram of the logical relationship between the modules of the device of the specific application example shown in FIG.
如图10所示,虚拟接口创建块在创建虚拟网络接口时,一个具体示例中的过程可以是如下所述:As shown in FIG. 10, when a virtual interface creation block is created, a process in a specific example may be as follows:
创建VPNService.Builder对象mBuilder,mBuilder将用于接口的配置和创建;Create a VPNService.Builder object mBuilder, mBuilder will be used for interface configuration and creation;
调用mBuilder对象的addAddress()方法对虚拟网络接口的网络地址进行配置,网络地址可以是一任意合法的IP地址; Call the mAddresser object's addAddress() method to configure the network address of the virtual network interface. The network address can be an arbitrary legal IP address.
调用mBuilder对象的setRoute()方法设置虚拟网络接口的路由地址,该路由IP地址设为0.0.0.0/0,这样发往任何地址的数据包都会被发到此虚拟网络接口上;Call the setRoute() method of the mBuilder object to set the routing address of the virtual network interface. The routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
调用mBuilder对象的addDisallowedApplication()方法,设置不允许白名单应用和前台应用的数据包发往虚拟网络接口;Call the addDisallowedApplication() method of the mBuilder object to set the data packet that does not allow the whitelist application and the foreground application to be sent to the virtual network interface.
调用mBuilder对象的establish()方法,创建虚拟网络接口。Create a virtual network interface by calling the establish() method of the mBuilder object.
以上述创建虚拟网络接口的方式为例,设置白名单应用和前台应用是在创建虚拟网络接口的过程中完成的。因此,在一个具体应用示例中,上述虚拟接口创建模块901,还用于在白名单设置模块903接收到白名单设置指令时,或者是前台应用监测模块904监测到终端的当前前台应用发生变化时,创建新的虚拟网络接口,并用该新的虚拟网络接口覆盖所述虚拟网络接口。Taking the above method of creating a virtual network interface as an example, setting a whitelist application and a foreground application is completed in the process of creating a virtual network interface. Therefore, in a specific application example, the virtual interface creation module 901 is further configured to: when the whitelist setting module 903 receives the whitelist setting instruction, or when the foreground application monitoring module 904 detects that the current foreground application of the terminal changes. Create a new virtual network interface and overwrite the virtual network interface with the new virtual network interface.
图11中示出了另一个具体应用示例中的基于网络访问控制的终端节省电量的装置的结构示意图,该具体示例中是以将所有应用的第一网络数据包均路由到虚拟网络接口为例进行说明。FIG. 11 is a schematic structural diagram of an apparatus for saving power of a network access control based terminal in another specific application example, which is an example of routing a first network data packet of all applications to a virtual network interface. Be explained.
如图11所示,该具体应用示例中的基于网络访问控制的终端节省电量的装置包括:As shown in FIG. 11, the device for saving power based on the network access control in the specific application example includes:
虚拟接口创建模块1101,用于接收省电应用开启指令,创建虚拟网络接口;a virtual interface creation module 1101, configured to receive a power-saving application open command, and create a virtual network interface;
终端数据路由模块1102,用于将终端的各应用的第一网络数据包路由至所述虚拟网络接口,所述终端的应用包括所述满足预设条件的应用。The terminal data routing module 1102 is configured to route the first network data packet of each application of the terminal to the virtual network interface, where the application of the terminal includes the application that meets a preset condition.
如图11所示,该具体应用示例中的基于网络访问控制的终端节省电量的装置还可以包括:As shown in FIG. 11, the device for saving power based on the network access control in the specific application example may further include:
包转发模块1103,用于对所述第一网络数据包进行分析,确定所述第一网络数据包所属的应用,当所述第一网络数据包所属的应用为满足所述预设条件的应用时,不对所述第一网络数据包做进一步处理或者丢弃所述第一网络数据包,使得所述第一网络数据包无法到达终端的物理网络接口。The packet forwarding module 1103 is configured to analyze the first network data packet, and determine an application to which the first network data packet belongs, where the application to which the first network data packet belongs is an application that meets the preset condition When the first network data packet is not further processed or the first network data packet is discarded, the first network data packet cannot reach the physical network interface of the terminal.
从而,在该具体示例中,终端数据路由模块1102是将终端的所有应用的第一网络数据包路由至虚拟网络接口,从而必然会将满足预设条件的应用的第一网络数据包路由至虚拟网络接口,如果不对这些第一网络数据包进行转发或者 做进一步处理,则这些第一网络数据包必然无法到达终端的物理网络接口,从而实现对这些应用的第一网络数据包的拦截。而结合包转发模块1103,包转发模块1103可以对所述第一网络数据包进行分析,确定所述第一网络数据包所属的应用,当所述第一网络数据包所属的应用为满足所述预设条件的应用时,再确定不对所述第一网络数据包做进一步处理或者丢弃所述第一网络数据包,使得只有满足预定条件的应用的第一网络数据包无法到达终端的物理网络接口。Thus, in this specific example, the terminal data routing module 1102 routes the first network data packet of all applications of the terminal to the virtual network interface, thereby necessarily routing the first network data packet of the application satisfying the preset condition to the virtual network. Network interface, if these first network packets are not forwarded or For further processing, these first network data packets must not reach the physical network interface of the terminal, thereby implementing interception of the first network data packet of these applications. In combination with the packet forwarding module 1103, the packet forwarding module 1103 may analyze the first network data packet to determine an application to which the first network data packet belongs, when the application to which the first network data packet belongs is satisfied. When the preset condition is applied, it is determined that the first network data packet is not further processed or the first network data packet is discarded, so that only the first network data packet of the application that meets the predetermined condition cannot reach the physical network interface of the terminal. .
可以理解的是,上述包转发模块1103,还可以用于当所述第一网络数据包所属的应用不是满足所述预设条件的应用时,将所述第一网络数据包转发至终端的物理网络接口。It is to be understood that the packet forwarding module 1103 may be further configured to: when the application to which the first network data packet belongs is not an application that meets the preset condition, forward the first network data packet to a physical entity of the terminal. Network Interface.
即,在该具体示例中,是将所有应用的第一网络数据包均路由至创建的虚拟网络接口,再对第一网络数据包进行分析,在该第一网络数据包所属应用属于上述预设条件的应用时,则不对该第一网络数据包做进一步处理,实现流量的拦截,据此达到省电和延长终端使用时长的效果,而对于不符合预设条件的应用的第一网络数据包,则可以转发至物理网络接口,实现正常的网络访问。That is, in the specific example, the first network data packet of all applications is routed to the created virtual network interface, and then the first network data packet is analyzed, and the application belonging to the first network data packet belongs to the preset. When the condition is applied, the first network data packet is not further processed to implement traffic interception, thereby achieving the effect of saving power and extending the duration of the terminal, and the first network data packet for the application that does not meet the preset condition. , can be forwarded to the physical network interface to achieve normal network access.
如上所述,由于可以访问网络的应用的第一应用数据包是路由到虚拟网络接口后,再转发到物理网络接口实现网络访问。因此,对于从网络中接收到的网络数据包(为了与向网络发送的数据包进行区分,本申请实施例中将从网络中接收的网络数据包称之为第二网络数据包),也可以是经由该虚拟网络接口给到具体的应用。As described above, since the first application data packet of the application that can access the network is routed to the virtual network interface, it is forwarded to the physical network interface to implement network access. Therefore, for the network data packet received from the network (in order to distinguish from the data packet sent to the network, the network data packet received from the network in the embodiment of the present application is referred to as a second network data packet), It is given to a specific application via the virtual network interface.
据此,在一个具体示例中,上述包转发模块1103,还用于从物理网络接口读取物理网络接口接收到的第二网络数据包,并将该第二网络数据包转发给该第二网络数据包对应的应用。According to this, in a specific example, the packet forwarding module 1103 is further configured to: read, by the physical network interface, the second network data packet received by the physical network interface, and forward the second network data packet to the second network. The application corresponding to the packet.
上述预设条件的应用,可以结合任何可能的方式进行设定,例如,可以将在后台运行的应用都判定为是满足预设条件的应用,只有前台应用的第一网络数据包能够路由到物理网络接口。当然,可以理解的是,还可以采用其他的方式来确定预设条件的应用。The application of the foregoing preset conditions may be set in any possible manner. For example, an application running in the background may be determined to be an application that satisfies a preset condition, and only the first network data packet of the foreground application can be routed to the physical Network Interface. Of course, it can be understood that other methods can be used to determine the application of the preset condition.
在终端用户的实际使用过程中,通常仍然需要一些在后台运行的应用能够 访问网络,例如一些即时聊天工具的应用、一些办公类应用等。因此,在一个具体示例中,在上述设定预设条件的应用时,可以通过设定白名单的方式进行,即在设定预设条件的应用时,实际上可以是设置白名单中包含的应用。In the actual use of the end user, usually still need some applications running in the background can Access the network, such as some instant messenger apps, some office apps, and more. Therefore, in a specific example, when the application of the preset condition is set, the whitelist may be set, that is, when the application of the preset condition is set, the actually included in the whitelist may be set. application.
据此,如图11所示,该具体示例中的装置还包括:Accordingly, as shown in FIG. 11, the apparatus in the specific example further includes:
白名单设置模块1104,用于接收白名单设置指令,设置所述虚拟网络接口的白名单的应用。The whitelist setting module 1104 is configured to receive a whitelist setting instruction, and set an application of the whitelist of the virtual network interface.
此时,上述满足预设条件的应用包括:不属于白名单设置模块1104设置的白名单中的应用。白名单中的应用的第一网络数据包可以直接路由至终端的物理网络接口。At this time, the foregoing application that meets the preset condition includes: an application that is not in the white list set by the whitelist setting module 1104. The first network packet of the application in the whitelist can be directly routed to the physical network interface of the terminal.
另一方面,如图11所示,该具体示例中的装置还可以包括:On the other hand, as shown in FIG. 11, the apparatus in this specific example may further include:
前台应用监测模块1105,用于监测终端的当前应用。The foreground application monitoring module 1105 is configured to monitor the current application of the terminal.
此时,上述满足预设条件的应用包括:不是前台应用监测模块1105监测到的终端的当前前台应用。At this time, the foregoing application that meets the preset condition includes: the current foreground application of the terminal that is not monitored by the foreground application monitoring module 1105.
从而,其在与白名单设置模块1104结合使用时,当终端用户打开非白名单应用时,非白名单应用将会成为前台应用,而被允许访问网络,使得对用户使用手机的影响降到最少。Therefore, when used in conjunction with the whitelist setting module 1104, when the terminal user opens the non-whitelist application, the non-whitelist application will become the foreground application and be allowed to access the network, so that the impact on the user's use of the mobile phone is minimized. .
以Android系统为例,Android 5.0以下版本的系统中的VpnService.Builder类里没有addDisallowedApplication()函数,因此可以通过设置统一的虚拟网络接口来接收所有应用的第一网络数据包。据此,图12中示出了基于图11所示的具体应用示例的装置的各模块之间的逻辑关系示意图。Take the Android system as an example. There is no addDisallowedApplication() function in the VpnService.Builder class in the Android 5.0 or later system. Therefore, you can receive the first network packet of all applications by setting a unified virtual network interface. Accordingly, a schematic diagram of the logical relationship between the modules of the apparatus based on the specific application example shown in FIG. 11 is shown in FIG.
如图12所示,虚拟接口创建块在创建虚拟网络接口时,一个具体示例中的过程可以是如下所述:As shown in FIG. 12, when a virtual interface creation block is created, a process in a specific example may be as follows:
创建VPNService.Builder对象mBuilder,mBuilder将用于接口的配置和创建;Create a VPNService.Builder object mBuilder, mBuilder will be used for interface configuration and creation;
调用mBuilder对象的addAddress()方法对虚拟网络接口的网络地址进行配置,网络地址可以是一任意合法的IP地址;Call the mAddresser object's addAddress() method to configure the network address of the virtual network interface. The network address can be an arbitrary legal IP address.
调用mBuilder对象的setRoute()方法设置虚拟网络接口的路由地址,该路由IP地址设为0.0.0.0/0,这样发往任何地址的数据包都会被发到此虚拟网络接口上; Call the setRoute() method of the mBuilder object to set the routing address of the virtual network interface. The routing IP address is set to 0.0.0.0/0, so that packets destined for any address will be sent to the virtual network interface.
调用mBuilder对象的establish()方法,创建虚拟网络接口。Create a virtual network interface by calling the establish() method of the mBuilder object.
可见,在图11所示示例的装置中,需要由包转发模块1103来分析是否需要将路由到虚拟网络接口的第一网络数据包转发到终端的物理网络接口,创建虚拟网络接口时没有调用addDisallowApplication()方法,在白名单中的应用或者终端的当前前台应用时,只需通知到包转发模块1103,无需由虚拟接口创建模块创建新的网络虚拟接口,由包转发模块1103基于新的白名单和当前前台应用来决定最新接收到的第一网络数据包是否需要转发到终端的物理网络接口即可。It can be seen that, in the device shown in FIG. 11, the packet forwarding module 1103 needs to analyze whether the first network data packet routed to the virtual network interface needs to be forwarded to the physical network interface of the terminal, and the addDisallowApplication is not called when the virtual network interface is created. () method, when the application in the whitelist or the current foreground application of the terminal, only need to notify the packet forwarding module 1103, no need to create a new network virtual interface by the virtual interface creation module, and the packet forwarding module 1103 is based on the new whitelist And the current foreground application determines whether the newly received first network data packet needs to be forwarded to the physical network interface of the terminal.
如上所述的各实施例中的方案,可以以应用的方式运行在终端设备中,该应用可以基于授予的VPN权限(只需授予一次),在后台运行创建虚拟网络接口,从而组织其他应用的非必要网络访问,达到省电的目的。The solution in each embodiment as described above may be run in the terminal device in an application manner, and the application may create a virtual network interface in the background based on the granted VPN permission (only once granted), thereby organizing other applications. Non-essential network access to save power.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一非易失性的计算机可读取存储介质中,如本申请实施例中,该程序可存储于计算机系统的存储介质中,并被该计算机系统中的至少一个处理器执行,以实现包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存储记忆体(Random Access Memory,RAM)等。One of ordinary skill in the art can understand that all or part of the process of implementing the above embodiment method can be completed by a computer program to instruct related hardware, and the program can be stored in a non-volatile computer readable storage. In the medium, as in the embodiment of the present application, the program may be stored in a storage medium of the computer system and executed by at least one processor in the computer system to implement a flow including an embodiment of the methods as described above. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).
以上所述实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾,都应当认为是本说明书记载的范围。The technical features of the above-described embodiments may be arbitrarily combined. For the sake of brevity of description, all possible combinations of the technical features in the above embodiments are not described. However, as long as there is no contradiction between the combinations of these technical features, All should be considered as the scope of this manual.
以上所述实施例仅表达了本申请的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对申请专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请专利的保护范围应以所附权利要求为准。 The above-mentioned embodiments are merely illustrative of several embodiments of the present application, and the description thereof is more specific and detailed, but is not to be construed as limiting the scope of the claims. It should be noted that a number of variations and modifications may be made by those skilled in the art without departing from the spirit and scope of the present application. Therefore, the scope of the invention should be determined by the appended claims.

Claims (20)

  1. 一种基于网络访问控制的终端节省电量的方法,其特征在于,包括步骤:A method for saving power by a terminal based on network access control, characterized in that the method comprises the steps of:
    在接收到省电应用开启指令时,创建虚拟网络接口;Creating a virtual network interface when receiving a power saving application open command;
    将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。The first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  2. 根据权利要求1所述的基于网络访问控制的终端节省电量的方法,其特征在于:The method for saving power of a terminal based on network access control according to claim 1, wherein:
    所述满足预设条件的应用包括:不属于预设的白名单中的应用,和/或,不是终端的当前前台应用。The application that meets the preset condition includes: an application that does not belong to the preset whitelist, and/or is not the current foreground application of the terminal.
  3. 根据权利要求1或2所述的基于网络访问控制的终端节省电量的方法,其特征在于:The method for saving power by a network access control based terminal according to claim 1 or 2, characterized in that:
    将满足预设条件的应用的第一网络数据包路由至预先创建的虚拟网络接口的方式包括:将终端的各应用的第一网络数据包路由至所述虚拟网络接口,所述终端的应用包括所述满足预设条件的应用;The method of routing the first network data packet of the application that meets the preset condition to the pre-created virtual network interface includes: routing the first network data packet of each application of the terminal to the virtual network interface, where the application of the terminal includes The application that meets the preset condition;
    使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口的方式包括:对所述第一网络数据包进行分析,确定所述第一网络数据包所属的应用,当所述第一网络数据包所属的应用为满足所述预设条件的应用时,不对所述第一网络数据包做进一步处理或者丢弃所述第一网络数据包,使得所述第一网络数据包无法到达终端的物理网络接口。The method for the first network data packet of the application that meets the preset condition to be inaccessible to the physical network interface of the terminal includes: analyzing the first network data packet, determining an application to which the first network data packet belongs, and determining When the application to which the first network data packet belongs is an application that meets the preset condition, the first network data packet is not further processed or the first network data packet is discarded, so that the first network data packet is Unable to reach the physical network interface of the terminal.
  4. 根据权利要求3所述的基于网络访问控制的终端节省电量的方法,其特征在于,还包括步骤:The method for saving power by a network access control based terminal according to claim 3, further comprising the steps of:
    当所述第一网络数据包所属的应用不是满足所述预设条件的应用时,将所述第一网络数据包转发至终端的物理网络接口;And when the application to which the first network data packet belongs is not an application that meets the preset condition, forwarding the first network data packet to a physical network interface of the terminal;
    从物理网络接口读取物理网络接口接收到的第二网络数据包,并将该第二网络数据包转发给该第二网络数据包对应的应用。Reading, by the physical network interface, the second network data packet received by the physical network interface, and forwarding the second network data packet to the application corresponding to the second network data packet.
  5. 根据权利要求2所述的基于网络访问控制的终端节省电量的方法,其特征在于,在监测到白名单设置信息时,或者是监测到终端的当前前台应用发生 变化时,创建新的虚拟网络接口,并用该新的虚拟网络接口覆盖所述虚拟网络接口。The method for saving power by a network access control based terminal according to claim 2, wherein when the whitelist setting information is monitored, or the current foreground application of the terminal is detected When changing, a new virtual network interface is created and the virtual network interface is overwritten with the new virtual network interface.
  6. 一种基于网络访问控制的终端节省电量的装置,其特征在于,包括:处理器和存储器,所述存储器上存储有计算机可读指令,所述计算机可读指令由所述处理器执行以完成所述账号筛选方法的以下操作:A device for saving power based on a network access control, comprising: a processor and a memory, wherein the memory stores computer readable instructions, the computer readable instructions being executed by the processor to complete The following operations of the account screening method:
    在接收到省电应用开启指令时,创建虚拟网络接口;Creating a virtual network interface when receiving a power saving application open command;
    将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。The first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  7. 根据权利要求6所述的基于网络访问控制的终端节省电量的装置,其特征在于:The apparatus for saving power of a network access control based terminal according to claim 6, wherein:
    所述满足预设条件的应用包括:不属于预设的白名单中的应用,和/或,不是终端的当前前台应用。The application that meets the preset condition includes: an application that does not belong to the preset whitelist, and/or is not the current foreground application of the terminal.
  8. 根据权利要求6或7所述的基于网络访问控制的终端节省电量的装置,其特征在于:The device for saving power based on a network access control according to claim 6 or 7, wherein:
    将满足预设条件的应用的第一网络数据包路由至预先创建的虚拟网络接口的方式包括:将终端的各应用的第一网络数据包路由至所述虚拟网络接口,所述终端的应用包括所述满足预设条件的应用;The method of routing the first network data packet of the application that meets the preset condition to the pre-created virtual network interface includes: routing the first network data packet of each application of the terminal to the virtual network interface, where the application of the terminal includes The application that meets the preset condition;
    使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口的方式包括:对所述第一网络数据包进行分析,确定所述第一网络数据包所属的应用,当所述第一网络数据包所属的应用为满足所述预设条件的应用时,不对所述第一网络数据包做进一步处理或者丢弃所述第一网络数据包,使得所述第一网络数据包无法到达终端的物理网络接口。The method for the first network data packet of the application that meets the preset condition to be inaccessible to the physical network interface of the terminal includes: analyzing the first network data packet, determining an application to which the first network data packet belongs, and determining When the application to which the first network data packet belongs is an application that meets the preset condition, the first network data packet is not further processed or the first network data packet is discarded, so that the first network data packet is Unable to reach the physical network interface of the terminal.
  9. 根据权利要求8所述的基于网络访问控制的终端节省电量的装置,其特征在于,所述计算机可读指令还使所述处理器执行以下操作:The apparatus for saving power of a network access control based terminal according to claim 8, wherein the computer readable instructions further cause the processor to:
    当所述第一网络数据包所属的应用不是满足所述预设条件的应用时,将所述第一网络数据包转发至终端的物理网络接口;And when the application to which the first network data packet belongs is not an application that meets the preset condition, forwarding the first network data packet to a physical network interface of the terminal;
    从物理网络接口读取物理网络接口接收到的第二网络数据包,并将该第二 网络数据包转发给该第二网络数据包对应的应用。Reading a second network packet received by the physical network interface from the physical network interface, and the second The network data packet is forwarded to the application corresponding to the second network data packet.
  10. 根据权利要求7所述的基于网络访问控制的终端节省电量的装置,其特征在于,所述计算机可读指令还使所述处理器执行以下操作:The apparatus for saving power of a network access control based terminal according to claim 7, wherein the computer readable instructions further cause the processor to:
    在监测到白名单设置信息时,或者是监测到终端的当前前台应用发生变化时,创建新的虚拟网络接口,并用该新的虚拟网络接口覆盖所述虚拟网络接口。When the whitelist setting information is monitored, or when the current foreground application of the terminal is changed, a new virtual network interface is created, and the virtual network interface is overwritten with the new virtual network interface.
  11. 一种基于网络访问控制的终端节省电量的方法,用于终端上,该终端包括处理器和存储器,其特征在于,所述方法包括步骤:A method for saving power by a terminal based on network access control is used on a terminal, the terminal includes a processor and a memory, and the method includes the steps of:
    在接收到省电应用开启指令时,创建虚拟网络接口;Creating a virtual network interface when receiving a power saving application open command;
    将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。The first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  12. 根据权利要求11所述的基于网络访问控制的终端节省电量的方法,其特征在于:The method for saving power of a network access control based terminal according to claim 11, wherein:
    所述满足预设条件的应用包括:不属于预设的白名单中的应用,和/或,不是终端的当前前台应用。The application that meets the preset condition includes: an application that does not belong to the preset whitelist, and/or is not the current foreground application of the terminal.
  13. 根据权利要求11或12所述的基于网络访问控制的终端节省电量的方法,其特征在于:The method for saving power by a network access control based terminal according to claim 11 or 12, characterized in that:
    将满足预设条件的应用的第一网络数据包路由至预先创建的虚拟网络接口的方式包括:将终端的各应用的第一网络数据包路由至所述虚拟网络接口,所述终端的应用包括所述满足预设条件的应用;The method of routing the first network data packet of the application that meets the preset condition to the pre-created virtual network interface includes: routing the first network data packet of each application of the terminal to the virtual network interface, where the application of the terminal includes The application that meets the preset condition;
    使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口的方式包括:对所述第一网络数据包进行分析,确定所述第一网络数据包所属的应用,当所述第一网络数据包所属的应用为满足所述预设条件的应用时,不对所述第一网络数据包做进一步处理或者丢弃所述第一网络数据包,使得所述第一网络数据包无法到达终端的物理网络接口。The method for the first network data packet of the application that meets the preset condition to be inaccessible to the physical network interface of the terminal includes: analyzing the first network data packet, determining an application to which the first network data packet belongs, and determining When the application to which the first network data packet belongs is an application that meets the preset condition, the first network data packet is not further processed or the first network data packet is discarded, so that the first network data packet is Unable to reach the physical network interface of the terminal.
  14. 根据权利要求13所述的基于网络访问控制的终端节省电量的方法,其特征在于,还包括步骤:The method for saving power by a network access control based terminal according to claim 13, further comprising the steps of:
    当所述第一网络数据包所属的应用不是满足所述预设条件的应用时,将所 述第一网络数据包转发至终端的物理网络接口;When the application to which the first network data packet belongs is not an application that satisfies the preset condition, Transmitting the first network data packet to the physical network interface of the terminal;
    从物理网络接口读取物理网络接口接收到的第二网络数据包,并将该第二网络数据包转发给该第二网络数据包对应的应用。Reading, by the physical network interface, the second network data packet received by the physical network interface, and forwarding the second network data packet to the application corresponding to the second network data packet.
  15. 根据权利要求12所述的基于网络访问控制的终端节省电量的方法,其特征在于,在监测到白名单设置信息时,或者是监测到终端的当前前台应用发生变化时,创建新的虚拟网络接口,并用该新的虚拟网络接口覆盖所述虚拟网络接口。The method for saving power by a network access control based terminal according to claim 12, wherein when a whitelist setting information is monitored, or when a current foreground application of the terminal is changed, a new virtual network interface is created. And overwriting the virtual network interface with the new virtual network interface.
  16. 一种非易失性存储介质,其特征在于,其中存储有计算机可读指令,所述计算机可读指令可以由处理器执行以完成如下操作:A non-volatile storage medium, wherein computer readable instructions are stored, the computer readable instructions being executable by a processor to perform the following operations:
    在接收到省电应用开启指令时,创建虚拟网络接口;Creating a virtual network interface when receiving a power saving application open command;
    将满足预设条件的应用的第一网络数据包路由至所述虚拟网络接口,使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口。The first network data packet of the application that meets the preset condition is routed to the virtual network interface, such that the first network data packet of the application that meets the preset condition cannot reach the physical network interface of the terminal.
  17. 根据权利要求16所述的非易失性存储介质,其特征在于:A nonvolatile storage medium according to claim 16, wherein:
    所述满足预设条件的应用包括:不属于预设的白名单中的应用,和/或,不是终端的当前前台应用。The application that meets the preset condition includes: an application that does not belong to the preset whitelist, and/or is not the current foreground application of the terminal.
  18. 根据权利要求16或17所述的非易失性存储介质,其特征在于:A nonvolatile storage medium according to claim 16 or 17, wherein:
    将满足预设条件的应用的第一网络数据包路由至预先创建的虚拟网络接口的方式包括:将终端的各应用的第一网络数据包路由至所述虚拟网络接口,所述终端的应用包括所述满足预设条件的应用;The method of routing the first network data packet of the application that meets the preset condition to the pre-created virtual network interface includes: routing the first network data packet of each application of the terminal to the virtual network interface, where the application of the terminal includes The application that meets the preset condition;
    使得所述满足预设条件的应用的第一网络数据包无法到达终端的物理网络接口的方式包括:对所述第一网络数据包进行分析,确定所述第一网络数据包所属的应用,当所述第一网络数据包所属的应用为满足所述预设条件的应用时,不对所述第一网络数据包做进一步处理或者丢弃所述第一网络数据包,使得所述第一网络数据包无法到达终端的物理网络接口。The method for the first network data packet of the application that meets the preset condition to be inaccessible to the physical network interface of the terminal includes: analyzing the first network data packet, determining an application to which the first network data packet belongs, and determining When the application to which the first network data packet belongs is an application that meets the preset condition, the first network data packet is not further processed or the first network data packet is discarded, so that the first network data packet is Unable to reach the physical network interface of the terminal.
  19. 根据权利要求18所述的非易失性存储介质,其特征在于,所述计算机可读指令还使所述处理器执行以下操作:The non-volatile storage medium of claim 18, wherein the computer readable instructions further cause the processor to:
    当所述第一网络数据包所属的应用不是满足所述预设条件的应用时,将所 述第一网络数据包转发至终端的物理网络接口;When the application to which the first network data packet belongs is not an application that satisfies the preset condition, Transmitting the first network data packet to the physical network interface of the terminal;
    从物理网络接口读取物理网络接口接收到的第二网络数据包,并将该第二网络数据包转发给该第二网络数据包对应的应用。Reading, by the physical network interface, the second network data packet received by the physical network interface, and forwarding the second network data packet to the application corresponding to the second network data packet.
  20. 根据权利要求17所述的非易失性存储介质,其特征在于,所述计算机可读指令还使所述处理器执行以下操作:The non-volatile storage medium of claim 17, wherein the computer readable instructions further cause the processor to:
    在监测到白名单设置信息时,或者是监测到终端的当前前台应用发生变化时,创建新的虚拟网络接口,并用该新的虚拟网络接口覆盖所述虚拟网络接口。 When the whitelist setting information is monitored, or when the current foreground application of the terminal is changed, a new virtual network interface is created, and the virtual network interface is overwritten with the new virtual network interface.
PCT/CN2017/113065 2016-12-01 2017-11-27 Method and device for saving power of terminal on the basis of network access control WO2018099342A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611091417.9 2016-12-01
CN201611091417.9A CN106714287B (en) 2016-12-01 2016-12-01 Method and device for saving electric quantity of terminal based on network access control

Publications (1)

Publication Number Publication Date
WO2018099342A1 true WO2018099342A1 (en) 2018-06-07

Family

ID=58935316

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/113065 WO2018099342A1 (en) 2016-12-01 2017-11-27 Method and device for saving power of terminal on the basis of network access control

Country Status (2)

Country Link
CN (1) CN106714287B (en)
WO (1) WO2018099342A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108934056A (en) * 2018-06-20 2018-12-04 联想(北京)有限公司 The control method and system of electronic equipment
CN111083009A (en) * 2019-11-29 2020-04-28 北京云测信息技术有限公司 Packet capturing method and device and mobile terminal

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106714287B (en) * 2016-12-01 2020-05-12 腾讯科技(深圳)有限公司 Method and device for saving electric quantity of terminal based on network access control
CN109587074B (en) * 2017-09-29 2022-04-29 中兴通讯股份有限公司 Message processing method, device, storage medium and processor
CN110012464A (en) * 2018-01-04 2019-07-12 中兴通讯股份有限公司 The control method and device of internetwork operation

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102736723A (en) * 2011-04-13 2012-10-17 上海三旗通信科技股份有限公司 Method for automatically regulating screen backlight duration of mobile terminal
US20150261284A1 (en) * 2014-03-12 2015-09-17 Samsung Electronics Co., Ltd. Method and apparatus for saving power of portable electronic device
CN105530255A (en) * 2015-12-16 2016-04-27 网宿科技股份有限公司 Method and device for verifying request data
CN105960003A (en) * 2016-06-30 2016-09-21 努比亚技术有限公司 Control method and terminal
CN106714287A (en) * 2016-12-01 2017-05-24 腾讯科技(深圳)有限公司 Method and device of terminal to save energy based on network access control

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014140693A1 (en) * 2013-03-15 2014-09-18 Pismo Labs Technology Limited Methods and systems for receiving and transmitting internet protocol (ip) data packets
IN2013CH05983A (en) * 2013-12-23 2015-06-26 Ineda Systems Pvt Ltd

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102736723A (en) * 2011-04-13 2012-10-17 上海三旗通信科技股份有限公司 Method for automatically regulating screen backlight duration of mobile terminal
US20150261284A1 (en) * 2014-03-12 2015-09-17 Samsung Electronics Co., Ltd. Method and apparatus for saving power of portable electronic device
CN105530255A (en) * 2015-12-16 2016-04-27 网宿科技股份有限公司 Method and device for verifying request data
CN105960003A (en) * 2016-06-30 2016-09-21 努比亚技术有限公司 Control method and terminal
CN106714287A (en) * 2016-12-01 2017-05-24 腾讯科技(深圳)有限公司 Method and device of terminal to save energy based on network access control

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108934056A (en) * 2018-06-20 2018-12-04 联想(北京)有限公司 The control method and system of electronic equipment
CN111083009A (en) * 2019-11-29 2020-04-28 北京云测信息技术有限公司 Packet capturing method and device and mobile terminal

Also Published As

Publication number Publication date
CN106714287A (en) 2017-05-24
CN106714287B (en) 2020-05-12

Similar Documents

Publication Publication Date Title
WO2018099342A1 (en) Method and device for saving power of terminal on the basis of network access control
CN103117906B (en) A kind of mobile terminal shares flux monitoring method during Wi-Fi hotspot
WO2014153967A1 (en) Method, apparatus and system for configuring flow table in openflow network
US20180102959A1 (en) Tracing network packets through logical and physical networks
JP5440712B2 (en) COMMUNICATION SYSTEM, COMMUNICATION DEVICE, CONTROL DEVICE, PACKET FLOW TRANSFER ROUTE CONTROL METHOD, AND PROGRAM
KR101473783B1 (en) Method and apparatus for control of dynamic service chaining by using tunneling
CN109088820B (en) Cross-device link aggregation method and device, computing device and storage medium
US20160080263A1 (en) Sdn-based service chaining system
US20150163145A1 (en) Reporting elephant flows to a network controller
CA2700866A1 (en) Network operating system for managing and securing networks
US10069686B2 (en) Methods and systems for managing a device through a manual information input module
CN107615710B (en) Direct reply actions in SDN switches
CN109862127B (en) Message transmission method and related device
US8233390B2 (en) Priority and source aware packet memory reservation and flow control in forwarding planes
US20220070091A1 (en) Open fronthaul network system
CN106230640B (en) Security rule port configuration method and device
KR20160116622A (en) Openflow switch capable of service chaining
US20200295988A1 (en) Systems and methods for automatically configuring network isolation
US9369477B2 (en) Mitigation of path-based convergence attacks
CN106209440B (en) Service quality QoS implementation method and device in software defined network SDN
US20120170581A1 (en) Policy homomorphic network extension
US20150381488A1 (en) Network virtualization using just-in-time distributed capability for classification encoding
CN104683139B (en) A kind of remote operation maintaining method of communication equipment
KR101363338B1 (en) Method, appratus, system and computer-readable recording medium for assisting communication between terminal by using openflow
WO2017000745A1 (en) Traffic monitoring method, apparatus, and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17876563

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17876563

Country of ref document: EP

Kind code of ref document: A1