CN101873640B - Flow processing method, device and mobile terminal - Google Patents
Flow processing method, device and mobile terminal Download PDFInfo
- Publication number
- CN101873640B CN101873640B CN2010101877915A CN201010187791A CN101873640B CN 101873640 B CN101873640 B CN 101873640B CN 2010101877915 A CN2010101877915 A CN 2010101877915A CN 201010187791 A CN201010187791 A CN 201010187791A CN 101873640 B CN101873640 B CN 101873640B
- Authority
- CN
- China
- Prior art keywords
- application
- user
- portable terminal
- packet
- control information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a flow processing method, a device and a mobile terminal. The method comprises the following steps: acquiring application identification and packet lengths corresponding to packets of all inflow and outflow protocol stacks in the mobile terminal by a hook function additionally added in a kernel space; sending the application identification and packet lengths corresponding to the packets to a user space; and calculating flow generated by each application in the mobile terminal by the user space based on the application identification and packet lengths corresponding to the packets. The device has an acquiring module, a sending module and a calculating module. The embodiment of the invention also provides a mobile terminal. The embodiment of the invention realizes calculation on flow generated by the mobile terminal in a Linux operation system, can provide comprehensive and detailed flow data for users and enhances control initiative and flexibility of the users on each internet module in the mobile terminal.
Description
Technical field
The embodiment of the invention relates to communication technical field, relates in particular to a kind of flow processing method, device and portable terminal.
Background technology
Along with the extensive use of Linux, the advantage of its open source code has attracted increasing portable terminal manufacturer and operator, and is therefore also more and more based on the portable terminal of (SuSE) Linux OS.At present, support the portable terminal of browser by WAP (wireless application protocol) (Wireless Application Protocol; Hereinafter to be referred as: WAP) link with the Internet and can realize the mobile terminal Internet access function, and because the convenience of mobile terminal Internet access and property whenever and wherever possible, mobile terminal Internet access becomes one of network access important in the modern life gradually.And the flow that mobile terminal Internet access produces is with costs related for the user, therefore for the portable terminal based on (SuSE) Linux OS, for providing the concrete statistical analysis of the flow that each module consumes in the portable terminal and accurately control, the user becomes problem demanding prompt solution.
There have been some realizations for the statistics that produces flow on the portable terminals such as mobile phone and control in the prior art, but also there is not the statistics based on the flow of the portable terminal of linux kernel, therefore, for the portable terminal based on (SuSE) Linux OS, the user can't be known the flow that portable terminal produces, for the user brings very big inconvenience.
Summary of the invention
The embodiment of the invention provides a kind of flow processing method, device and portable terminal, realization is added up the flow that the portable terminal based on (SuSE) Linux OS produces, for the user provides comprehensive, detailed data on flows, strengthen the user to initiative and the flexibility of the control of each on-line module in the portable terminal.
The embodiment of the invention provides a kind of flow processing method, comprising:
Obtain all inflows in the portable terminal and flow out corresponding application identities and the data packet length of packet of protocol stack by the Hook Function of setting up in the kernel spacing;
Application identities and data packet length that described packet is corresponding send to user's space;
Each is used the flow that produces and adds up in to described portable terminal at the described user's space application identities corresponding according to described packet and data packet length.
The embodiment of the invention provides a kind of flow processing unit, comprising:
Acquisition module is used for obtaining all inflows in the portable terminal and flowing out corresponding application identities and the data packet length of packet of protocol stack by the Hook Function that kernel spacing is set up;
Sending module is used for application identities and the data packet length that described packet is corresponding and sends to user's space;
Statistical module is used for each flow of using generation of described portable terminal being added up according to described packet corresponding application identities and data packet length at described user's space.
The embodiment of the invention provides a kind of portable terminal, comprises above-mentioned flow processing unit.
The flow processing method of the embodiment of the invention, device and portable terminal, obtain all inflows in the portable terminal and flow out corresponding UID and the data packet length of packet of protocol stack by the Hook Function of setting up in the kernel spacing, and UID and the data packet length of packet sent to user's space by kernel spacing, in user's space according to the UID of packet and data packet length to each is used the flow that produces and adds up in the portable terminal; The present embodiment has been realized the flow that the portable terminal based on (SuSE) Linux OS produces is added up, and can provide comprehensive, detailed data on flows for the user, has strengthened initiative and the flexibility of user to the control of each on-line module in the portable terminal.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, the below will do one to the accompanying drawing of required use in embodiment or the description of the Prior Art and introduce simply, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the flow chart of flow processing method embodiment one of the present invention;
Fig. 2 is the configuration diagram of netfilter among the flow processing method embodiment one of the present invention;
Fig. 3 is the flow chart of flow processing method embodiment two of the present invention;
Fig. 4 is the structural representation of flow processing unit embodiment one of the present invention;
Fig. 5 is the structural representation of flow processing unit embodiment two of the present invention.
Embodiment
For the purpose, technical scheme and the advantage that make the embodiment of the invention clearer, below in conjunction with the accompanying drawing in the embodiment of the invention, technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that obtains under the creative work prerequisite.
Fig. 1 is the flow chart of flow processing method embodiment one of the present invention, and as shown in Figure 1, the present embodiment provides a kind of flow processing method, can specifically comprise the steps:
The present embodiment is specially processing based on each flow of using in the portable terminal of linux system, sets up a Hook Function in IP stack, under the netfilter of this Hook Function carry in the linux kernel space.Particularly, the portable terminal of indication specifically refers to mobile phone or has the smart mobile phone of multiple application function in the present embodiment.In linux system; kernel spacing is any event that occurs in linux kernel inside; a part of kernel software of system is independent of common applications; reside on the protected memory headroom; all authorities that have access hardware devices, and user's space is relative with kernel spacing refer to outside at linux kernel or occur in any event of linux kernel outside; application program operates on the user's space, and it is access kernel space and hardware device directly.Netfilter is the cover fire compartment wall framework that Linux makes up in kernel spacing, and it can be used for extracting the packet of kernel spacing, and with the information guidance that extracts in other spaces.Be illustrated in figure 2 as the configuration diagram of netfilter among the flow processing method embodiment one of the present invention, the working point of netfilter framework on linux kernel IPv4 protocol stack comprises INPUT, OUTPUT, FORWARD, PRE_ROUTING and POST_ROUTING.Wherein, send to the data packet stream of the machine through PRE_ROUTING and INPUT, the data packet stream that is sent by the machine is through OUTPUT and POST_ROUTING, and the data packet stream of being transmitted by the machine is through PRE_ROUTING and POST_ROUTING.IPtables is that the Linux fire compartment wall is in the hypervisor of user's space.
This step is from INPUT and two working points of OUTPUT, the framework that provides based on netfilter, expand a Hook Function that is embedded in the protocol stack, for example, can be specifically form by following code realize the carry that newly-increased Hook Function is ordered at the NF_IP_PRE_ROUTING of netfilter framework in the kernel spacing in the present embodiment:
Static?struct?nf_hook_ops?imp2_ops={
.hook=get_count,
.hooknum=NF_IP_PRE_ROUTING,
};
The present embodiment is followed the tracks of processing by this Hook Function to the packet of all inflows in the portable terminal and outflow protocol stack, can specifically be configured by the circulation rule to packet on IPtables, so that the packet of all inflows and outflow protocol stack is all processed through this Hook Function.For example, can be as follows with the circulation rule configuration: iptables-t COUNTER-A OUTPUT and iptables-tCOUNTER-A INPUT, wherein, COUNTER be Hook Function.This step is by carrying out Function Extension to netfilter, in protocol stack, set up a Hook Function, come to follow the tracks of and record in the packet of linux kernel circulating in the portable terminal, from the packet that gets access to, extract its corresponding application identities UID and process identification (PID) PID, and the data packet length of each packet.Because UID respectively uses corresponding unique identification in the linux system, then Hook Function can be distinguished according to the UID that extracts the packet of different application from different packets.
In kernel spacing, get access to the packet that flows into and flow out protocol stack by Hook Function, and after packet analysis got access to its corresponding UID and data packet length, UID and data packet length that this packet is corresponding sent to user's space by kernel spacing.Can specifically send to user's space by netlink UID and data packet length that packet is corresponding, wherein, netlink is the distinctive communication mechanism based on socket (socket) DLL (dynamic link library) of linux system.
Step 103, each is used the flow that produces and adds up in to described portable terminal at the described user's space application identities corresponding according to described packet and data packet length.
After the UID that each packet is corresponding and data packet length send to user's space, in user's space, can carry out the book of final entry to it according to each packet corresponding UID and data packet length.In the database of user's space, preserved the respectively total length of data packets of correspondence of paid-in types of applications, when the new packet information that at every turn receives from kernel spacing, the data packet length that identical UID is corresponding is added on the data with existing packet length of this UID in the database, because different UID represent respectively the different application in the portable terminal, then can realize the statistics to the corresponding data packet length of different application, and then realize the flow that different on-line modules in the portable terminal produce is added up.
As from the foregoing, the present embodiment is expanded by the framework to netfilter, in protocol stack, set up Hook Function, realize each network traffics that have the application of network resource request to produce in the portable terminal are added up, for the user provides the most detailed data traffic data.The flow processing method that the present embodiment provides is in conjunction with the realization of upper layer application, can also show the flow details for the user from many aspects, as reflecting each flow situation that is applied in each time period in conjunction with practice, can also reflect in conjunction with the tariff information of the operator flow rate to each application; The flow analysis data that can also provide each to use are for the exploitation of each application and the performance design of system provide service.
The present embodiment provides a kind of flow processing method, obtain all inflows in the portable terminal and flow out corresponding UID and the data packet length of packet of protocol stack by the Hook Function of setting up in the kernel spacing, and the UID that packet is corresponding and data packet length send to user's space by kernel spacing, in user's space according to UID corresponding to packet and data packet length to each is used the flow that produces and adds up in the portable terminal; The present embodiment has been realized the flow that the portable terminal based on (SuSE) Linux OS produces is added up, and can provide comprehensive, detailed data on flows for the user, has strengthened initiative and the flexibility of user to the control of each on-line module in the portable terminal.
Fig. 3 is the flow chart of flow processing method embodiment two of the present invention, and as shown in Figure 3, the present embodiment provides a kind of flow processing method, and the present embodiment can comprise the steps:
Step 301 is obtained all inflows in the portable terminal and is flowed out corresponding application identities and the data packet length of packet of protocol stack by the Hook Function of setting up in the kernel spacing, and this step can be similar with above-mentioned steps 101, repeats no more herein.
Step 302, application identities and data packet length that described packet is corresponding send to user's space, and this step can be similar with above-mentioned steps 102, repeats no more herein.
Step 303, each is used the flow that produces and adds up in to described portable terminal at the described user's space application identities corresponding according to described packet and data packet length, and this step can be similar with above-mentioned steps 103, repeats no more herein.
Step 304, kernel spacing receives the application identities from control information and the application to be controlled of described user's space.
By the Hook Function set up to portable terminal in all inflows and the packet that flows out protocol stack follow the tracks of and record, and at user's space each is used after flow that online produces adds up in to portable terminal according to the application identities of the packet that obtains and data packet length, the user can also control the internet behavior that the user use each to use in the present embodiment.The user can send to kernel spacing with the UID of application to be controlled and concrete control information by user's space according to the actual operating position of portable terminal.Kernel spacing receives from the corresponding control information of user's space and the UID of application to be controlled, wherein, and the application that the user of being applied as to be controlled need to control its internet behavior.
Step 305 uses the internet behavior of described application to control according to the application identities of described control information and application to be controlled to the user by described Hook Function.
After kernel spacing receives the UID of control information that user's space sends and application to be controlled, can be controlled the packet under this application by the UID of the Hook Function in the kernel spacing according to this control information and application to be controlled, namely realize using the internet behavior of each application to control to the user.
Particularly, the control information that user's space sends in the step 304 is for forbidding or when allowing the user to use certain application access network, step 305 can specifically comprise: all abandoned or reservation process according to the described control information packet that described application identities is corresponding by described Hook Function, to forbid or to allow the user to use described application online.The present embodiment describes as an example of the cell phone system of Android example, and in this cell phone system, different application is to there being different UID.When the user need to forbid certain application access network, the user was by consisting of the UID of corresponding control information and this application in user's space, and the control information of this moment is used this application access network for forbidding the user.Kernel spacing is after receiving this control information and UID, and the Hook Function in the kernel spacing carries out whole discard processing according to this control information packet that this UID is corresponding, to realize forbidding that the user uses the function of this application online.Because the Hook Function in the kernel spacing all filters the packet of all inflows and outflow protocol stack, then the present embodiment carries out discard processing by this Hook Function with the packet of using, and just the user can be used the function of this application access network forbid.Similarly, when the user need to allow certain forbidden application again during accesses network, the user is by consisting of the UID of corresponding control information and this application in user's space, and the control information of this moment is for allowing the user to use this application access network.Kernel spacing is after receiving this control information and UID, Hook Function in the kernel spacing carries out whole reservation process according to this control information packet that this UID is corresponding, namely no longer abandon packet corresponding to this UID, to realize the allowing user to use the function of this application online, no longer its internet behavior is controlled.
Further, the step 304 in the present embodiment can be specially: when judging that default restrictive condition reaches the restrictive condition threshold value in described user's space, kernel spacing receives the application identities from control information and the application to be controlled of described user's space.Be that the user can come to use the internet behavior of application to control to the user according to some default restrictive condition, restrictive condition herein can be specially signal strength signal intensity, the portable terminal of portable terminal battery electric quantity, use the corresponding surf time, use in the corresponding surfing flow.When restrictive condition was the signal strength signal intensity of portable terminal, the user can arrange according to the actual conditions of the portable terminal signal strength signal intensity to portable terminal, and a signal strength signal intensity higher limit and a signal strength signal intensity lower limit can be set.When the signal strength signal intensity of portable terminal is lower than this signal strength signal intensity lower limit, send the UID of corresponding control information and application to be controlled to kernel spacing, control information this moment also can be used this application access network for forbidding the user, then step 305 is specially: according to this control information packet corresponding to this UID carried out whole discard processing by the Hook Function in the kernel spacing, realization uses the online ability of this application to control to the user, and namely limited subscriber uses this application that network is conducted interviews when the signal strength signal intensity of portable terminal is hanged down.When the signal strength signal intensity of portable terminal is higher than this signal strength signal intensity higher limit, send the UID of corresponding control information and application to be controlled to kernel spacing, control information this moment also can be used this application access network for allowing the user, then step 305 is specially: according to this control information packet corresponding to this UID carried out reservation process by the Hook Function in the kernel spacing, to allow the user to use this application access network, namely when the signal strength signal intensity of portable terminal is higher, allow the user to use to use network is conducted interviews.When restrictive condition was the battery electric quantity of portable terminal, the user also can arrange according to the actual conditions of the portable terminal battery electric quantity to portable terminal, and a battery electric quantity higher limit and a battery electric quantity lower limit can be set.When the battery electric quantity of portable terminal is lower than this battery electric quantity lower limit, send the UID of corresponding control information and application to be controlled to kernel spacing, control information this moment also can be for forbidding this application access network, then step 305 is specially: according to this control information packet corresponding to this UID carried out whole discard processing by the Hook Function in the kernel spacing, realization uses the online ability of this application to control to the user, and namely limited subscriber uses application that network is conducted interviews when the battery electric quantity of portable terminal hangs down.When the battery electric quantity of portable terminal is higher than this battery electric quantity higher limit, send the UID of corresponding control information and application to be controlled to kernel spacing, control information this moment also can allow this application access network for the user uses, then step 305 is specially: according to this control information packet corresponding to this UID carried out reservation process by the Hook Function in the kernel spacing, to allow the user to use this application access network, namely when the battery electric quantity of portable terminal is higher, allow the user to use to use network is conducted interviews.When restrictive condition is when using the surfing flow of corresponding surf time or application correspondence, similar to the above to the control of online ability corresponding to application in the portable terminal, repeat no more herein.
Perhaps, the present embodiment not only can use the internet behavior of application to control to the user, can also control using corresponding concrete speed of surfing the Internet, step 305 can specifically comprise: by described Hook Function according to described control information, packet within the unit interval that described application identities is corresponding carries out the part discard processing, to control the described corresponding speed of surfing the Internet of using.When the user need to limit speed of surfing the Internet corresponding to certain application, the user was by consisting of the UID of corresponding control information and this application in user's space, and control information at this moment is restricted to certain rate value for using corresponding speed of surfing the Internet.Kernel spacing is after receiving this control information and UID, and the Hook Function in the kernel spacing is according to this control information, and packet within the unit interval that this UID is corresponding carries out the part discard processing, has reached the purpose that limited subscriber uses this application to surf the Net.Because Hook Function can be in real time all packets of this application is carried out filtration treatment, in the time need to limiting speed of surfing the Internet corresponding to this application, as its speed of surfing the Internet is restricted to 30kB/s, the size of supposing each bag is 1500bytes, then represent 20 bags of per second parsing, when then Hook Function filters packet corresponding to this UID in kernel spacing, its partial data bag can be carried out discard processing, in each second 20 packets are carried out reservation process, namely realize to use corresponding networking speed and be restricted to 30kB/s.
Further, the step 304 in the present embodiment can be specially: when judging that default restrictive condition reaches the restrictive condition threshold value in described user's space, kernel spacing receives the application identities from control information and the application to be controlled of described user's space.Be that the user can come to limit using corresponding speed of surfing the Internet according to some default restrictive condition, restrictive condition herein can be specially signal strength signal intensity, the portable terminal of portable terminal battery electric quantity, use the corresponding surf time, use in the corresponding surfing flow.When restrictive condition was the signal strength signal intensity of portable terminal, the user can arrange according to the actual conditions of the portable terminal signal strength signal intensity to portable terminal, and a signal strength signal intensity higher limit and a signal strength signal intensity lower limit can be set.When the signal strength signal intensity of portable terminal is lower than this signal strength signal intensity lower limit, send the UID of corresponding control information and application to be controlled to kernel spacing, control information this moment can be for limiting speed of surfing the Internet corresponding to this application, then step 305 is specially: according to this control information packet corresponding to this UID carried out the part discard processing by the Hook Function in the kernel spacing, realization is controlled speed of surfing the Internet corresponding to this application, and namely corresponding speed of surfing the Internet is used in restriction when the signal strength signal intensity of portable terminal is hanged down.When the signal strength signal intensity of portable terminal is higher than this signal strength signal intensity higher limit, send the UID of corresponding control information and application to be controlled to kernel spacing, control information this moment also can be used this application access network for allowing the user, then step 305 is specially: according to this control information packet corresponding to this UID carried out reservation process by the Hook Function in the kernel spacing, to allow the user to use this application access network, namely when the signal strength signal intensity of portable terminal is higher, no longer control using corresponding speed of surfing the Internet.When restrictive condition is the surfing flow of the battery electric quantity of portable terminal, the surf time of using correspondence or application correspondence, similar to the above to the control of using corresponding networking speed in the portable terminal, repeat no more herein.
As from the foregoing, the present embodiment not only can for the user provides detailed data traffic data, can also be controlled for the user provides abundant packet circulation on the aspect of Linux protocol stack.The each side such as flow that the user can produce from signal strength signal intensity, the battery electric quantity of equipment, the memory space of equipment, current network conditions, the application of equipment arrange, and come to use the online ability of application to control to the user.The present embodiment combines thorough flow control and detailed flow analysis, can improve to greatest extent user's use impression, all internet behaviors in the portable terminal allow the user really can become the owner that each is used, so that all can be inquired about and control by the user.
The present embodiment provides a kind of flow processing method, obtain all inflows in the portable terminal and flow out corresponding UID and the data packet length of packet of protocol stack by the Hook Function of setting up in the kernel spacing, and UID and the data packet length of packet sent to user's space by kernel spacing, UID and data packet length according to packet in user's space are added up the flow that each application in the portable terminal produces, and internet behavior and online ability that the user uses each to use are controlled according to the control information that user's space sends by Hook Function; The present embodiment has been realized the flow that the portable terminal based on (SuSE) Linux OS produces is added up, and internet behavior and online ability that the user uses each to use controlled, can for the user provides the data on flows of extensive and abundant circulation control, strengthen initiative and the flexibility of user to the control of each on-line module in the portable terminal.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can be finished by the relevant hardware of program command, aforesaid program can be stored in the computer read/write memory medium, this program is carried out the step that comprises said method embodiment when carrying out; And aforesaid storage medium comprises: the various media that can be program code stored such as ROM, RAM, magnetic disc or CD.
Fig. 4 is the structural representation of flow processing unit embodiment one of the present invention, and as shown in Figure 4, the present embodiment provides a kind of flow processing unit, and the present embodiment can specifically be carried out each step among the said method embodiment one, repeats no more herein.The flow processing unit that the present embodiment provides can comprise acquisition module 401, sending module 402 and statistical module 403.Wherein, acquisition module 401 is used for obtaining all inflows in the portable terminal and flowing out corresponding application identities and the data packet length of packet of protocol stack by the Hook Function that kernel spacing is set up.Sending module 402 is used for application identities and the data packet length that described packet is corresponding and sends to user's space.Statistical module 403 is used for each flow of using generation of described portable terminal being added up according to described packet corresponding application identities and data packet length at described user's space.
Fig. 5 is the structural representation of flow processing unit embodiment two of the present invention, and as shown in Figure 5, the present embodiment provides a kind of flow processing unit, and the present embodiment can specifically be carried out each step among the said method embodiment two, repeats no more herein.The flow processing unit that the present embodiment provides can also comprise receiver module 501 and control module 502 on the basis of above-mentioned embodiment shown in Figure 4.Wherein, receiver module 501 is used for receiving the application identities from control information and the application to be controlled of described user's space.Control module 502 is used for using the internet behavior of described application to control according to the application identities of described control information and application to be controlled to the user by described Hook Function.
Particularly, receiver module 501 can also specifically be used for when when described user's space judges that default restrictive condition reaches the restrictive condition threshold value, receives the application identities from control information and the application to be controlled of described user's space.Control module 502 can comprise the first control unit 512.The first control unit 512 is used for being abandoned or reservation process according to the described control information packet that described application identities is corresponding by described Hook Function, to forbid or to allow the user to use described application online.Perhaps, control module 502 can comprise the second control unit 522.The second control unit 522 is used for by described Hook Function according to described control information, and packet within the unit interval that described application identities is corresponding carries out the part discard processing, to control the described corresponding speed of surfing the Internet of using.
The present embodiment provides a kind of flow processing unit, obtain all inflows in the portable terminal and flow out corresponding UID and the data packet length of packet of protocol stack by the Hook Function of setting up in the kernel spacing, and UID and the data packet length of packet sent to user's space by kernel spacing, UID and data packet length according to packet in user's space are added up the flow that each application in the portable terminal produces, and internet behavior and online ability that the user uses each to use are controlled according to the control information that user's space sends by Hook Function; The present embodiment has been realized the flow that the portable terminal based on (SuSE) Linux OS produces is added up, and internet behavior and online ability that the user uses each to use controlled, can for the user provides the data on flows of extensive and abundant circulation control, strengthen initiative and the flexibility of user to the control of each on-line module in the portable terminal.
The present embodiment also provides a kind of portable terminal, can comprise above-mentioned Fig. 4 or flow processing unit shown in Figure 5, and the portable terminal in the present embodiment is specially mobile phone, is preferably the smart mobile phone with multiple application function.
It should be noted that at last: above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment puts down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (7)
1. a flow processing method is characterized in that, comprising:
Obtain all inflows in the portable terminal and flow out corresponding application identities and the data packet length of packet of protocol stack by the Hook Function of setting up in the kernel spacing;
Application identities and data packet length that described packet is corresponding send to user's space;
Each is used the flow that produces and adds up in to described portable terminal at the described user's space application identities corresponding according to described packet and data packet length;
When in described user's space, judging that default restrictive condition reaches the restrictive condition threshold value, receive the application identities from control information and the application to be controlled of described user's space; Described default restrictive condition comprises the surf time of the battery electric quantity of the signal strength signal intensity of described portable terminal, described portable terminal, described application correspondence and the surfing flow of described application correspondence;
Use the internet behavior of described application to control according to the application identities of described control information and described application to be controlled to the user by described Hook Function.
2. method according to claim 1 is characterized in that, describedly uses the internet behavior of described application to control according to the application identities of described control information and described application to be controlled to the user by described Hook Function to comprise:
All abandoned or reservation process according to the application identities of described control information and the described application to be controlled packet that described application identities is corresponding by described Hook Function, to forbid or to allow the user to use described application online.
3. method according to claim 1 is characterized in that, describedly uses the internet behavior of described application to control according to the application identities of described control information and described application to be controlled to the user by described Hook Function to comprise:
According to described control information, packet within the unit interval that described application identities is corresponding carries out the part discard processing by described Hook Function, to control the described corresponding speed of surfing the Internet of using.
4. a flow processing unit is characterized in that, comprising:
Acquisition module is used for obtaining all inflows in the portable terminal and flowing out corresponding application identities and the data packet length of packet of protocol stack by the Hook Function that kernel spacing is set up;
Sending module is used for application identities and the data packet length that described packet is corresponding and sends to user's space;
Statistical module is used for each flow of using generation of described portable terminal being added up according to described packet corresponding application identities and data packet length at described user's space;
Receiver module is used for receiving the application identities from control information and the application to be controlled of described user's space when when described user's space judges that default restrictive condition reaches the restrictive condition threshold value; Described default restrictive condition comprises the surf time of the battery electric quantity of the signal strength signal intensity of described portable terminal, described portable terminal, described application correspondence and the surfing flow of described application correspondence;
Control module is used for using the internet behavior of described application to control according to the application identities of described control information and described application to be controlled to the user by described Hook Function.
5. device according to claim 4 is characterized in that, described control module comprises:
The first control unit is used for being abandoned or reservation process according to the application identities of described control information and the described application to be controlled packet that described application identities is corresponding by described Hook Function, to forbid or to allow the user to use described application online.
6. device according to claim 4 is characterized in that, described control module comprises:
The second control unit is used for by described Hook Function according to described control information, and packet within the unit interval that described application identities is corresponding carries out the part discard processing, to control the described corresponding speed of surfing the Internet of using.
7. a portable terminal is characterized in that, comprises each described flow processing unit among the claims 4-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101877915A CN101873640B (en) | 2010-05-27 | 2010-05-27 | Flow processing method, device and mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101877915A CN101873640B (en) | 2010-05-27 | 2010-05-27 | Flow processing method, device and mobile terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101873640A CN101873640A (en) | 2010-10-27 |
| CN101873640B true CN101873640B (en) | 2013-04-24 |
Family
ID=42998248
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101877915A Active CN101873640B (en) | 2010-05-27 | 2010-05-27 | Flow processing method, device and mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101873640B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11855967B2 (en) | 2015-12-28 | 2023-12-26 | Huawei Technologies Co., Ltd. | Method for identifying application information in network traffic, and apparatus |
Families Citing this family (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101919777B1 (en) * | 2012-01-09 | 2018-11-19 | 엘지전자 주식회사 | Mobile terminal and method for controlling thereof |
| CN102711139B (en) * | 2012-04-24 | 2017-10-17 | 华为终端有限公司 | A kind of data flow statistic method and terminal |
| CN103416040B (en) * | 2012-08-29 | 2016-11-16 | 华为终端有限公司 | Terminal control method and device and terminal |
| CN103428754A (en) | 2012-12-05 | 2013-12-04 | 中兴通讯股份有限公司 | Method and device for reporting traffic, network traffic statistical method and device |
| CN104346137B (en) * | 2013-07-24 | 2019-05-14 | 腾讯科技(深圳)有限公司 | A kind of management method, system and the computer readable storage medium of application networking |
| CN104702460A (en) * | 2013-12-10 | 2015-06-10 | 中国科学院沈阳自动化研究所 | Method for detecting anomaly of Modbus TCP (transmission control protocol) communication on basis of SVM (support vector machine) |
| CN104717189A (en) * | 2013-12-16 | 2015-06-17 | 中兴通讯股份有限公司 | Network data package sending method and device |
| WO2015100615A1 (en) * | 2013-12-31 | 2015-07-09 | 华为技术有限公司 | Method and apparatus for processing service packet, and gateway device |
| CN105101302B (en) * | 2014-04-30 | 2019-03-08 | 宇龙计算机通信科技(深圳)有限公司 | Flow managing method and system based on user's use habit |
| CN104104560A (en) * | 2014-08-08 | 2014-10-15 | 广东欧珀移动通信有限公司 | Monitoring method and device for application flow and mobile terminal |
| CN104486138A (en) * | 2014-11-25 | 2015-04-01 | 北京奇虎科技有限公司 | Flow monitoring method and device and monitoring server |
| CN104852833A (en) * | 2015-06-04 | 2015-08-19 | 上海斐讯数据通信技术有限公司 | Network protocol stack management method and system in Linux system |
| CN105357362A (en) * | 2015-08-03 | 2016-02-24 | 努比亚技术有限公司 | Mobile terminal control method and device |
| CN105407481A (en) * | 2015-10-23 | 2016-03-16 | 上海斐讯数据通信技术有限公司 | Internet access data acquisition method |
| US20170195250A1 (en) * | 2016-01-06 | 2017-07-06 | Google Inc. | Automatic data restrictions based on signals |
| CN106230662B (en) * | 2016-08-01 | 2019-04-23 | 北京小米移动软件有限公司 | Network flux statistical method and device |
| CN106254646A (en) * | 2016-08-02 | 2016-12-21 | 北京小米移动软件有限公司 | Network flux statistical method and device |
| CN106341350A (en) * | 2016-08-16 | 2017-01-18 | 陈银芳 | Mobile phone internet accessing dynamic control method and system |
| CN106452856A (en) * | 2016-09-28 | 2017-02-22 | 杭州鸿雁智能科技有限公司 | Traffic flow statistics method and device, and wireless access equipment with traffic flow statistics function |
| CN106603345B (en) * | 2017-02-04 | 2019-07-09 | Oppo广东移动通信有限公司 | Monitor method, apparatus and terminal that application program uses flow |
| CN107682892B (en) * | 2017-09-30 | 2021-06-25 | Oppo广东移动通信有限公司 | Flow control method and device, computer equipment and computer readable storage medium |
| CN108600121A (en) * | 2018-03-29 | 2018-09-28 | 烽火通信科技股份有限公司 | The method and apparatus of single user uplink, downlink speed limit is realized in network-termination device |
| KR102667260B1 (en) | 2018-09-19 | 2024-05-21 | 삼성전자주식회사 | Electronic device for filtering packet and method for operating thereof |
| CN112583767A (en) * | 2019-09-29 | 2021-03-30 | 北京安云世纪科技有限公司 | Flow statistical method and device |
| CN111031500A (en) * | 2019-11-11 | 2020-04-17 | 深圳市麦谷科技有限公司 | Method and device for separately charging intelligent terminal |
| CN111225112B (en) * | 2020-01-03 | 2021-02-19 | 北京小米移动软件有限公司 | Flow use control method, device and storage medium |
| CN113660279B (en) * | 2021-08-19 | 2022-12-13 | 平安科技(深圳)有限公司 | Security protection method, device, equipment and storage medium of network host |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008111382A1 (en) * | 2007-02-22 | 2008-09-18 | Nec Corporation | Information processing device, information processing method, and program |
| CN101383785A (en) * | 2008-10-24 | 2009-03-11 | 中国科学院计算技术研究所 | Service stream management method oriented to SIP application |
| CN101483658A (en) * | 2009-01-09 | 2009-07-15 | 招商银行股份有限公司 | System and method for input content protection of browser |
| WO2009113468A1 (en) * | 2008-03-11 | 2009-09-17 | Nec Corporation | Network access control |
| CN101577645A (en) * | 2009-06-12 | 2009-11-11 | 北京星网锐捷网络技术有限公司 | Method and device for detecting counterfeit network equipment |
| CN101640825A (en) * | 2009-08-19 | 2010-02-03 | 刘文祥 | Integration of three networks |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101651672B (en) * | 2008-08-14 | 2012-12-19 | 鸿富锦精密工业(深圳)有限公司 | Network device and method for processing encapsulated packet |
-
2010
- 2010-05-27 CN CN2010101877915A patent/CN101873640B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008111382A1 (en) * | 2007-02-22 | 2008-09-18 | Nec Corporation | Information processing device, information processing method, and program |
| WO2009113468A1 (en) * | 2008-03-11 | 2009-09-17 | Nec Corporation | Network access control |
| CN101383785A (en) * | 2008-10-24 | 2009-03-11 | 中国科学院计算技术研究所 | Service stream management method oriented to SIP application |
| CN101483658A (en) * | 2009-01-09 | 2009-07-15 | 招商银行股份有限公司 | System and method for input content protection of browser |
| CN101577645A (en) * | 2009-06-12 | 2009-11-11 | 北京星网锐捷网络技术有限公司 | Method and device for detecting counterfeit network equipment |
| CN101640825A (en) * | 2009-08-19 | 2010-02-03 | 刘文祥 | Integration of three networks |
Non-Patent Citations (5)
| Title |
|---|
| 刘军良.基于流量分析的网络访问控制架构研究与设计.《中国优秀硕士学位论文全文数据库信息科技辑(月刊 )》.2009,(第1期), * |
| 杨建华等.基于Linux 内核的流量分析方法.《计 算 机 工 程》.2006,第 32 卷(第8 期), * |
| 郭江平.基于Linux的网络准入控制代理服务器的设计与实现.《电脑知识与技术》.2010,第6卷(第6期), * |
| 鲍娟.基于嵌入式Linux的网络流量监测系统.《中国优秀硕士学位论文全文数据库信息科技辑(月刊 )》.2010,(第2期), * |
| 鲍娟等.基于Netfilter 内核态网络流量分析研究.《微计算机信息》.2009,第25卷(第18(6-3)期), * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11855967B2 (en) | 2015-12-28 | 2023-12-26 | Huawei Technologies Co., Ltd. | Method for identifying application information in network traffic, and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101873640A (en) | 2010-10-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101873640B (en) | Flow processing method, device and mobile terminal | |
| CN104348677A (en) | Deep packet inspection method and equipment and coprocessor | |
| CN107566381A (en) | Equipment safety control method, apparatus and system | |
| CN103369707A (en) | Wireless network connection establishing method and terminal equipment | |
| CN104468552B (en) | A kind of connection control method and device | |
| CN102711110A (en) | Wi-Fi (wireless fidelity) network management method and wireless router | |
| CN107426800B (en) | Method and device for reducing power consumption of terminal and smart card | |
| CN113301568B (en) | Network distribution method and device and intelligent household equipment | |
| CN104125307A (en) | Data flow sharing method and device | |
| CN102833268A (en) | Method, equipment and system for resisting wireless network flooding attack | |
| CN102299834A (en) | Data sharing method, equipment and system for local area network | |
| CN106302448A (en) | remote access control method and device | |
| CN103781043A (en) | Charging control method, device and system for roaming user data business | |
| CN104137641A (en) | Method, permanent online controller and device for keeping application online | |
| CN102438288A (en) | APN (Access Point Name) switch method and system as well as mobile terminal | |
| CN106559386B (en) | A kind of authentication method and device | |
| CN106657154A (en) | Wireless access method and system, WiFi platform and operator number taking platform | |
| CN101351045B (en) | Method, equipment for marking terminal PRI and equipment for identifying terminal PRI | |
| CN109587053A (en) | Network shunt method and relevant device | |
| CN103152794A (en) | Service access method and access controller | |
| EP3468261A1 (en) | Control method and apparatus for smart card, terminal device, and smart card | |
| CN103561025B (en) | Method, device and system for detecting DOS attack prevention capacity | |
| CN103458438A (en) | Method and device for processing service wireless side behavioral analysis | |
| CN103354513A (en) | Flow monitoring method and mobile terminal | |
| CN107852441A (en) | The non-transient computer-readable medium of communication control unit, call control method and storage call control program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171101 Address after: Metro Songshan Lake high tech Industrial Development Zone, Guangdong Province, Dongguan City Road 523808 No. 2 South Factory (1) project B2 -5 production workshop Patentee after: HUAWEI terminal (Dongguan) Co., Ltd. Address before: 518129 Longgang District, Guangdong, Bantian HUAWEI base B District, building 2, building No. Patentee before: Huawei Device Co., Ltd. |
|
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province Patentee after: Huawei Device Co., Ltd. Address before: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province Patentee before: HUAWEI terminal (Dongguan) Co., Ltd. |