CN102638470B - WIFI (wireless fidelity) internet surfing filtering method - Google Patents
WIFI (wireless fidelity) internet surfing filtering method Download PDFInfo
- Publication number
- CN102638470B CN102638470B CN201210118616.XA CN201210118616A CN102638470B CN 102638470 B CN102638470 B CN 102638470B CN 201210118616 A CN201210118616 A CN 201210118616A CN 102638470 B CN102638470 B CN 102638470B
- Authority
- CN
- China
- Prior art keywords
- data
- user
- user side
- access controller
- special
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The invention discloses a WIFI (wireless fidelity) internet surfing filtering method, comprising the following steps of: connecting a user side of a non-operational occasion with a local area network interface of a special AC (access controller) by a wireless AP (access point), and building data connection between the AP and the AC by a VLAN (virtual local area network); leading the AC of WIFI equipment to adopt a concentrated transmission mode, accessing the AP of the non-operational occasion by the special AC, and starting up the concentrated transmission mode; due to the knowing, analyzing and filtering of user data of the non-operational occasion, obtaining the incidence relation among the user side data, the user real identity and the internet surfing occasion; when the user side needs internet surfing, clicking an IE (internet explorer) to sent out an internet surfing request by the wireless AP, and transmitting the request to a portal server (a web application server) after the request is received by the special AC; and pushing an authentication page to the user side after the request is received by the portal server.
Description
Technical field
The present invention relates to the filter method of surfing the Net, especially the filter method of WIFI online.
Background technology
Non-profit-making online place has comprised coffee shop, teahouse, lobby and some dining rooms etc., and this class place, in order to meet client's demand of surfing the Net anywhere or anytime, promotes service quality, and free service on net is usually provided.Due to WIFI access section management side just, without a large amount of wirings and cheap, a large amount of non-profit-making places has adopted the access way of WIFI as Free Internet Access.
Therefore,, in non-profit-making online place, the WIFI signal sending except searching each large carrier network, has also comprised the free WIFI signal that non-profit-making online place oneself configures.The WIFI signal access of operator adopts input handset number to authenticate with the mode of password conventionally, and in non-profit-making online place, conventionally by a broadband account number of place side's application, the client who surfs the Net in shop is freely informed to online account number and password, and client can surf the Net input this account and password on the page pushing after.
Can find out, for operator, WIFI access user in non-profit-making online place is owing to not inputting true identity information, even if relevant information has been understood by operator, also its place, place be can only be associated with, cannot further location and network behavior value analysis, information filtering be carried out to particular user, therefore, this type of user is that operator carries out a user behavior analysis and commercial value business blind spot while promoting, need to take measures effectively to process.
For meeting WIFI data analysis and the filtration needs of operator to non-profit-making place, need to set up and can obtain the data that are associated with Internet user's true identity information.For this reason, learn about first the load mode of WIFI data in current network.
WIFI equipment has comprised AC(access controller) and AP(WAP (wireless access point)) two parts.AP is for accessing the terminal use in non-profit-making place etc.; AC is responsible for converging and accessing Internet from the data of different AP, completes the configuration management of AP equipment, wireless user's the control such as certification, management and broadband-access, safety function simultaneously.AC supports to concentrate to forward with this locality and forwards two kinds of patterns.Concentrate in forward mode, AC is except completing the management of AP, and the business datum message that user side is accessed the Internet after certification is also encapsulated in AP and transmits in the business datum tunnel of AC; And in local forward mode, AC only completes the management to AP, once user side has authenticated, its business datum is without directly being forwarded by BRAS(broadband inserting service BRAS (Broadband Remote Access Server---broad band remote access service equipment) through AC.
Current existing several WIFI data filtering schemes are due to integrality deficiency of fail safe, data etc., the demand that all cannot meet operator completely and user behavior is carried out to accurate commercial value analysis.
Summary of the invention
The present invention seeks to: propose a kind of WIFI online filter method, AC adopts to concentrate under the pattern forwarding and facilitates operator to obtain user data.Therefore, the AP in the non-profit-making place of being concerned about for operator, adopts special AC access, and enables the pattern forwarding of concentrating.And for general user data, select voluntarily forward mode by operator.Meanwhile, by the understanding to non-profit-making place user data, analysis, filtration, obtain the incidence relation between user data and user real identification, online place, for unlawful activities on operator's screen pack provide basic data.For general place, select voluntarily forward mode by operator.
A kind of WIFI online filter method, the access controller AC of WIFI equipment adopts and concentrates the pattern forwarding, and to the AP in non-profit-making place, adopts special access controller AC access, and enables the pattern forwarding of concentrating; By the understanding to non-profit-making place user data, analysis, filtration, obtain the incidence relation between user data and user real identification, online place, for operator provides basic data by unlawful activities on special access controller AC screen pack;
The user side in non-profit-making place is connected with the lan mouth of special access controller AC by wireless access point AP, and AP sets up data with AC by virtual LAN VLAN (privately owned tunnel) and is connected;
Realize the corresponding of user side data and true identity, need user's input handset number in the time of certification, job step is as follows:
1) special access controller AC is to user side distributing IP address;
2) when user side has online demand, click IE and can send online request by wireless access point AP, special access controller AC is transmitted to portal server (web application server) after receiving this request; Portal server is received backward this user side pushing certification page;
3) user side input handset number and authentication password in certification page, wireless access point AP will include user terminal mobile phone number, IP and APID(access point numbering) verify data forward to portal server by special access controller AC;
4) forward in the process of message identifying at special access controller AC, data send to the service-specific disposable plates in special access controller AC to process simultaneously, extract the corresponding relation between subscriber phone number and IP and APID;
5) by special access controller AC and portal server interaction, portal server sends user and authenticates by instruction;
6) user side is by after authenticating, and business datum is encapsulated in privately owned tunnel to be transmitted; When user side arrives at special AC place by the business datum of AP, carry out data tunnel decapsulation and filtration work by the business board in special AC, now normally accesses network of user, the business board in special AC can copy the user service data after decapsulation a to service-specific disposable plates simultaneously;
7) service-specific disposable plates is processed data, each appliance services dedicated processes plate data after treatment converge and mail to operator backstage and carry out integrated treatment through WDM, realize simultaneously the content of the act of non-profit-making place WIFI online is filtered and management.
By above-mentioned flow process, operator's background system is the association obtaining between phone number, business datum and the APID of noncommercial place user while surfing the Net, provides and provides powerful support for for operator carries out accurate commercial value analysis and information filtering to the network data in non-profit-making place.
Beneficial effect of the present invention, operator of the present invention background system has been realized following function:
1, data correlationwifi data to non-profit-making place are carried out overall monitor, realize user service data Real-time Association Analyzing, have set up the associated of user data and cell-phone number, APID; Solve the problem of user real identification with the associated and data filtering of business datum;
2, data filteringin the service-specific disposable plates of special AC, arrange according to specific rule, the junk data that there is no practical significance is filtered to cleaning, the treatment effeciency of elevator system for operator; Also can filter the content that does not meet state's laws laws and regulations requirement.
, AP managementsystem can be supervised the wireless access point AP of normal operation at present, realizes simultaneously all users under AP are monitored.Comprise user's statistics to noncommercial place AP, traffic statistics, on the roll off the production line management of the information such as daily record.
, and alarmsystem can arrange rule, produces in time warning message for hitting regular data;
The present invention program takes into account technology and realizes and market interest, and scheme is with the obvious advantage:
1, importance.By the wifi data filtering to non-profit-making place, fill up commercial value analysis and the data filtering blind area of noncommercial place wifi Internet data, be that the strong of the existing business analysis ability of operator supplemented;
2, fail safe.The service-specific disposable plates of special AC adopts the mode of bypass completely, can not impact systematic function, and this disposable plates of box lunch breaks down, and the user under this AC also can surf the Net smoothly, without potential safety hazard; Do not worry that wireless data message eavesdropped the problem of the leakage privacy causing by other users under AP yet.
3, convenient management.Can implement comprehensive state and Content Management to online AP.
Brief description of the drawings
Fig. 1 is the topological diagram of structure of the present invention.
Fig. 2 is the network architecture diagram that the present invention applies.
Fig. 3 is pie graph of the present invention, is special AC business board face (six groove position examples).
Fig. 4 is data flow figure of the present invention.
Embodiment
Service terminal for common place in network is managed by common AC, and the service terminal in non-profit-making place is managed by special AC, adopts and concentrates forward mode.Shown in system topological Fig. 1 of the present invention: Fig. 1 system topological figure.
Build independent Wlan network (WIFI WLAN (wireless local area network)) for non-profit-making place, the wireless traffic completing in the construction of common place for operator can not impact.
The special AC equipment that connects noncommercial place converges at operator's machine room by WDM, carry out further deeply processing in the background system of operator's machine room by Optical Fiber Transmission, realize noncommercial place WIFI internet behavior Accurate Analysis and filtration system construction.
The network architecture is shown in Fig. 2.
Plate face Fig. 3 (taking six groove position equipment as example) of special AC: provide special AC business board face figure (six groove position examples).
As shown in Figure 3, the WIFI online filter that the present invention adopts is special access controller AC, comprises master control borad, power board, special access controller AC business board (abbreviation business board) and service-specific disposable plates; Master control borad completes the control to user side online and filtration operation flow, the exchange of power board finishing service data, each piece business board and a service-specific disposable plates form one group, be connected in same virtual LAN VLAN, each piece business board and a service-specific disposable plates are interconnected by case back plate and power board.Master control borad, power board, special access controller AC business board and service-specific disposable plates composition: master control borad, business board, special access controller AC business board can adopt OCTEON treatment system (can be also other system), there are two 10,000,000,000 mouthfuls, two BASE(100,000,000) mouthful; One of them 10,000,000,000 mouthfuls are connected with Fabrice Ethernet Switch exchange chip, and another 10,000,000,000 mouthfuls connect expansion slot position with zone3(, 24 gigabit mouths can be provided) be connected; One of them BASE mouth is connected with Base Ethernet Switch exchange chip, and another base mouth and junction plate provide RS232 to turn RJ45 serial ports; Fabrice Ethernet Switch exchange chip: provide two 10,000,000,000 mouthfuls interconnected with AC backboard, one 10,000,000,000 mouthfuls and 24 gigabits and ZONE3 are interconnected; Base Ethernet Switch exchange chip: provide 2 10/100M Base passages and backboard interconnected, and the management mouth of a 10/100M is provided on panel; Fabric channel is for the transmission of user data, and Base passage is for communication between plate.Power board is made up of Switch fabric exchange chip and Base switch exchange chip.Switch fabric data surface exchange chip provide 13 10,000,000,000 mouthfuls with backboard interconnected, 11 tunnel ten thousand mbit ethernets are connected to front panel; Base switch chain of command exchange chip comprises that 14 road 100 m ethernets are connected to Zone2 from Base exchange, and 1 road 100 m ethernet is connected to front panel from Base exchange, and 1 road 100 m ethernet is connected to processor from Base exchange; Exchange chip provides 480G exchange capacity altogether.Service-specific disposable plates is made up of multinuclear and special FPGA.
Workflow:
Non-profit-making place data flow is as shown in Fig. 4 data flow figure.
As shown in Figure 4, the user data in non-profit-making place all passes through special access controller AC forwarding.The AP in non-profit-making place is connected with the lan mouth of the special AC of operator, and AP sets up data with AC by privately owned tunnel and is connected.
For realizing the corresponding of user data and true identity, need user's input handset number in the time of certification, the job step of system is as follows:
1. special AC is to user side distributing IP address (being generally private network IP);
2. when user has online demand, click IE and can send online request by AP, special access controller AC is transmitted to portal server (web application server) after receiving this request; Portal server is received backward this user side pushing certification page;
3. user's input handset number and authentication password in certification page, AP forwards by special access controller AC the verify data that includes user mobile phone number, IP and APID to portal server;
4. forward in the process of message identifying at special AC, data send to the service-specific disposable plates in special AC to process simultaneously, extract the corresponding relation between subscriber phone number and IP and APID;
5. by special access controller AC and portal, radius server interaction, server sends user and authenticates by instruction;
6. user is by after authenticating, and business datum is encapsulated in privately owned tunnel to be transmitted.When the special AC of data arrives place, carry out data tunnel decapsulation and filtration work (now normally accesses network of user) by the business board in special AC, the business board in special AC can copy the user service data after decapsulation a to service-specific disposable plates simultaneously;
7. service-specific disposable plates is carried out certain processing to data, data after each device processes converge and mail to operator backstage and carry out integrated treatment through WDM, realize the analysis of behavior commercial value, information filtering and management to non-profit-making place WIFI online simultaneously.
By above-mentioned flow process, system is the association obtaining between phone number, business datum and the APID of noncommercial place user while surfing the Net, provides and provides powerful support for for operator carries out accurate commercial value analysis and information filtering to the network data in non-profit-making place.
Claims (2)
1. a WIFI online filter method, is characterized in that the user side in non-profit-making place to be connected with the lan interfaces of special access controller AC by wireless access point AP, and AP and AC are that privately owned tunnel is set up data and is connected by virtual LAN VLAN; The access controller AC of WIFI equipment adopts and concentrates the pattern forwarding, and to the AP in non-profit-making place, adopts special access controller AC access, and enables the pattern forwarding of concentrating; By understanding, analysis, filtration to non-profit-making place user side data, obtain the incidence relation between user data and user real identification, online place;
User side data are corresponding with true identity, need user side input handset number in the time of certification, and step is as follows:
1) special access controller AC is to user side distributing IP address;
2) when user side has online demand, click IE and can send online request by wireless access point AP, special access controller AC receives and is transmitted to portal server after this request is web application server; Portal server is received backward this user side pushing certification page;
3) user side input handset number and authentication password in certification page, wireless access point AP forwards by special access controller AC the verify data that includes user terminal mobile phone number, IP and access point identity AP ID to portal server;
4) forward in the process of message identifying at special access controller AC, data send to the service-specific disposable plates in special access controller AC to process simultaneously, extract the corresponding relation between subscriber phone number and IP and access point identity AP ID;
5) by special access controller AC and portal server interaction, portal server sends user and authenticates by instruction;
6) user side is by after authenticating, and business datum is encapsulated in privately owned tunnel to be transmitted; When user side arrives at special access controller AC place by the business datum of AP, carry out data tunnel decapsulation and filtration work by the business board in special access controller AC, now normally accesses network of user, the business board in special access controller AC can copy the user service data after decapsulation a to service-specific disposable plates simultaneously;
7) service-specific disposable plates is processed data, each appliance services dedicated processes plate data after treatment converge and mail to operator backstage and carry out integrated treatment through WDM, realize simultaneously the content of the act of non-profit-making place WIFI online is filtered and management.
2. WIFI online filter method according to claim 1, it is characterized in that user side accesses the WIFI online filter adopting by wireless access point AP, WIFI online filter is special access controller AC, comprises business board and the service-specific disposable plates of master control borad, power board, special access controller AC; Master control borad completes the control to user side online and filtration operation flow, the exchange of power board finishing service data, each piece business board and a service-specific disposable plates form one group, be connected in same virtual LAN VLAN, each piece business board and a service-specific disposable plates are interconnected by case back plate and power board.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210118616.XA CN102638470B (en) | 2012-04-20 | 2012-04-20 | WIFI (wireless fidelity) internet surfing filtering method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210118616.XA CN102638470B (en) | 2012-04-20 | 2012-04-20 | WIFI (wireless fidelity) internet surfing filtering method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102638470A CN102638470A (en) | 2012-08-15 |
| CN102638470B true CN102638470B (en) | 2014-09-17 |
Family
ID=46622713
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210118616.XA Expired - Fee Related CN102638470B (en) | 2012-04-20 | 2012-04-20 | WIFI (wireless fidelity) internet surfing filtering method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102638470B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932792B (en) * | 2012-11-14 | 2016-06-15 | 邦讯技术股份有限公司 | A kind of method realizing wireless network cloud and controller |
| CN103929504A (en) * | 2013-01-14 | 2014-07-16 | 中兴通讯股份有限公司 | Method and system for distributing user addresses in wireless local area network and fixed network interaction |
| CN104144491B (en) * | 2013-05-10 | 2017-12-29 | 中国电信股份有限公司 | A kind of method and system to the real-time positioning of WiFi terminal |
| CN104023017A (en) * | 2014-06-10 | 2014-09-03 | 北京傲天动联技术股份有限公司 | Method and device for providing data |
| CN105282127A (en) * | 2014-07-25 | 2016-01-27 | 深圳市携网科技有限公司 | Wifi authentication server and authentication method |
| CN104299298A (en) * | 2014-09-02 | 2015-01-21 | 成都千帆科技开发有限公司 | Vehicle anti-theft method for intelligent parking lot system |
| CN111953672B (en) * | 2020-08-07 | 2023-04-28 | 中移(杭州)信息技术有限公司 | Network access method, server and storage medium |
| CN111917626B (en) * | 2020-08-14 | 2022-01-18 | 上海中兴易联通讯股份有限公司 | Centralized forwarding method for Wlan AC service data and electronic equipment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1469604A (en) * | 2002-07-16 | 2004-01-21 | 华为技术有限公司 | Internet access method based on radio block network gateway |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060101116A1 (en) * | 2004-10-28 | 2006-05-11 | Danny Rittman | Multifunctional telephone, walkie talkie, instant messenger, video-phone computer, based on WiFi (Wireless Fidelity) and WiMax technology, for establishing global wireless communication, network and video conferencing via the internet |
-
2012
- 2012-04-20 CN CN201210118616.XA patent/CN102638470B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1469604A (en) * | 2002-07-16 | 2004-01-21 | 华为技术有限公司 | Internet access method based on radio block network gateway |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102638470A (en) | 2012-08-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102638470B (en) | WIFI (wireless fidelity) internet surfing filtering method | |
| CN111669362B (en) | Information processing method, network node, verification method and server | |
| CN103476023B (en) | The collocation method of access point apparatus, access controller and communication system | |
| CN101841815B (en) | Cluster controlling method based on wireless router and network system | |
| CN104780069B (en) | A kind of key-course towards SDN and data Layer communication port self-configuration method and its system | |
| CN104113915B (en) | A kind of WLAN and its sharing method, Wireless Local Area Network Gateway | |
| CN104093149B (en) | The radio switch-in method and device of a kind of monitoring device | |
| CN105119787B (en) | A kind of public internet access system and method based on software definition | |
| JP2002538663A (en) | Method and apparatus for providing high-speed connectivity to a hotel environment | |
| CN107241454B (en) | A kind of method, apparatus that realizing address administration, aaa server and SDN controller | |
| CN209233564U (en) | Electric power monitoring system laminates office network Security Situation Awareness Systems | |
| CN109714206A (en) | Electric power monitoring system Generating Network Topology Map, network bus topological diagram | |
| CN104618522B (en) | The method and Ethernet access equipment that IP address of terminal automatically updates | |
| CN107770012A (en) | A kind of broad band access method, device and virtual broadband RAS system | |
| CN107888613A (en) | A kind of management system framework based on cloud platform | |
| CN107241255A (en) | A kind of network merging method and system and router | |
| CN104506627B (en) | A kind of deskmate dining more plates of personnel method for ordering and system simultaneously | |
| CN104539539B (en) | A kind of AC equipment multi-service plate data forwarding method | |
| CN102883327A (en) | Virtual sharing method for WiFi (wireless fidelity) wireless access point | |
| CN106533934A (en) | Border gateway applicable to all interconnected manufacturing networks | |
| CN103841537B (en) | The managing and control system and method for WLAN Metropolitan Area Network (MAN)s are disposed using home gateway | |
| CN202602699U (en) | WIFI-enabled Internet-surfing filtering device | |
| CN107257573A (en) | A kind of equipment accesses the system and method for wireless network | |
| CN105959060A (en) | External optical amplifier monitoring system and external optical amplifier monitoring method based on networking way | |
| CN107071900A (en) | A kind of user facility positioning method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140917 Termination date: 20210420 |