Summary of the invention
Main purpose of the present invention is to provide a kind of network configuration to bind and the method automatically recovered, the method has fundamentally been stopped terminal computer user and has privately been revised network configuration, and service end can be upgraded by network remote or the network configuration information of batch modification terminal computer.
In order to achieve the above object, the technical solution adopted in the present invention is as follows:
Network configuration binding and the method automatically recovered, comprise following steps:
A. service end obtains the network configuration information of terminal computer:
Service end obtains network configuration information and the hardware information of all terminal computers in network, using the unique identifying information of hardware information as this terminal computer;
Described network configuration information comprises computer name, IP address, subnet mask, gateway, DNS, WINS;
Described hardware information comprises mainboard ID, MAC Address;
B. service end generates the list of legitimate network configuration information:
Service end carries out unified planning by long-range for the network configuration information of all terminal computers obtained, and in service end, store network configuration information and the hardware information of all terminal computers, generate the list of legitimate network configuration information according to the network configuration information stored and hardware information;
C. the network configuration information of binding terminal computer:
Service end sets in service end needs the network configuration information of the terminal computer of binding to change;
Service end is according to the described terminal computer needing the hardware information notice of the terminal computer of binding to need binding;
The described terminal computer of binding that needs utilizes API hook technology, and the network configuration information setting its terminal computer can not be changed;
D. the change of the network configuration information of its terminal computer of terminal computer Real-Time Monitoring:
The terminal computer bound utilizes API hook technology, the change of the network configuration information of its terminal computer of Real-Time Monitoring.
In described steps d, the terminal computer bound utilizes API hook technology, and the change of the network configuration information of its terminal computer of Real-Time Monitoring is further comprising the steps:
If the terminal computer d1. bound monitors the request of the network configuration information of its terminal computer of amendment, continue to perform steps d 2; If the terminal computer bound does not monitor the request of the network configuration information of its terminal computer of amendment, then perform steps d 4;
D2. the terminal computer bound judges whether described amendment request is legitimate request, if the amendment request that service end sends, is then legitimate request, continue to perform steps d 3, if not the amendment request that service end sends, be then illegal request, perform steps d 4;
D3. according to described legitimate request, service end this legitimate request upgraded in the legitimate network configuration information list in service end requires the network configuration information of the terminal computer of amendment, and this terminal computer of remote access, revise the network configuration information of this terminal computer, perform steps d 1;
D4. terminal computer judges whether its terminal computer is first time operation after starting:
If the terminal computer bound is first time operation after starting, this terminal computer sends the hardware information of its terminal computer to service end;
The hardware information of this terminal computer that service end foundation receives obtains the network configuration information of this terminal computer from legitimate network configured list;
Service end transmission obtains the network configuration information of this terminal computer to this terminal computer from legitimate network configured list;
The network configuration information of this terminal computer received from service end and the network configuration information of its terminal computer are compared by this terminal computer, if the two is inconsistent, then there is abnormal change in the network configuration information of this terminal computer, continues to perform steps d 5; If the two is consistent, then the network configuration information no exceptions of this terminal computer changes, and performs steps d 1;
If the terminal computer bound is not first time operation after starting, perform steps d 1;
D5. the hardware information of its terminal computer is sent to service end by the described terminal computer that abnormal change occurs;
D6. service end is according to the hardware information of the abnormal terminal computer changed of the generation received, and obtains the network configuration information of the abnormal terminal computer changed of this generation from the legitimate network configuration information list service end;
D7. there is the abnormal terminal computer changed described in service end remote access, recover the network configuration information of this terminal computer with the network configuration information of the abnormal terminal computer changed of this generation obtained from the list of legitimate network configuration information;
D8. there is the network configuration information of the abnormal terminal computer changed in binding:
Service end sets the network configuration information that the abnormal terminal computer changed occurs and can not change in service end;
Service end notifies the abnormal terminal computer changed of this generation according to the described hardware information that the abnormal terminal computer changed occurs;
The described terminal computer that abnormal change occurs utilizes API hook technology, and the network configuration information setting its terminal computer can not be changed, and performs steps d 1.
the invention has the beneficial effects as follows:
Network configuration binding of the present invention and the method automatically recovered, by the long-range network configuration information carrying out unified planning terminal computer, the network configuration information of binding terminal computer, the mode of the change of the network configuration information of its terminal computer of terminal computer Real-Time Monitoring, according to specifically needing the network configuration information of remote update terminal computer or recovering the illegal network configuration information that the terminal computer changed occurs, solving grid configuration in extensive LAN binds with the amount of resuming work is large automatically, efficiency is low, system resource takies height, can not centralized and unified planning and the problem automatically safeguarded, drastically increase operating efficiency, decrease operation maintenance cost.
Detailed description of the invention
Below in conjunction with drawings and Examples, network configuration binding of the present invention is described in further detail with the method automatically recovered.
The centralized and unified management configured IP address and network of relation is the basic work guaranteeing that computer network normally runs.
Network configuration binding of the present invention and the method automatically recovered be not by the quantity of terminal computer and the restriction of network condition in network, can the network configuration information of binding terminal computer, service end can the network configuration information of remotely modifying terminal computer as IP address, subnet mask, gateway, DNS etc., support the multiple situations such as the two IP of Single NIC, double netcard, isolation card and Single NIC, therefore, the application demand of commodity network configuration can be met, break away from sesquipedalian network configuration troublesome operation, improve operating efficiency.In addition, also can carry out network configuration operations in batches, configuration is unified to the attribute such as gateway, DNS, WINS of multiple stage terminal computer, and all settings not need terminal computer restart and come into force.
Embodiment
Such as, 500 station terminal computers are had in a LAN, terminal computer PC1, PC2 ..., PC500, a server computer (SERVER), carry out network configuration binding and to network configuration information, the abnormal terminal computer changed occurs automatically recovering its former network configuration information to this 500 station terminal computer, network configuration binding of the present invention and the method automatically recovered, specifically comprise the steps:
A. server computer obtains the network configuration information of terminal computer:
Server computer obtains network configuration information and the hardware information of all 500 station terminal computers in LAN, using the unique identifying information of hardware information as terminal computer;
Described network configuration information comprises computer name, IP address, subnet mask, gateway, DNS, WINS;
Described hardware information comprises mainboard ID, MAC Address;
Wherein the computer name of terminal computer PC2 is Name2, IP address is 192.168.0.123, subnet mask is 255.255.255.0, gateway to be 192.168.0.1, DNS be 202.96.75.68, WINS for empty, mainboard ID be 64-0503-032608-MCP61, MAC Address is 00-1F-C6-D1-31-90;
B. server computer generates the list of legitimate network configuration information:
Server computer carries out unified planning by long-range for the network configuration information of 500 station terminal computers all in the LAN of acquisition, be 192.168.0.1 by the gateway unified planning of terminal computer PC1 to PC100, be 192.168.0.6 by the gateway unified planning of terminal computer PC101 to PC200, be 192.168.0.8 by the gateway unified planning of terminal computer PC201 to PC500, and on server computer, store network configuration information and the hardware information of all 500 station terminal computers, the list of legitimate network configuration information is generated according to the network configuration information stored and hardware information,
Wherein: the network configuration information of the terminal computer PC2 in the list of legitimate network configuration information is computer name: Name2, IP address: 192.168.0.123, subnet mask: 255.255.255.0, gateway: 192.168.0.1, DNS are 202.96.75.68, WINS is sky, and hardware information is mainboard ID:64-0503-032608-MCP61, MAC Address: 00-1F-C6-D1-31-90;
C. the network configuration information of binding terminal computer:
The network configuration information that server computer sets all 500 station terminal computers on server computer can not be changed;
Server computer notifies this 500 station terminal computer according to the described hardware information of 500 station terminal computers of binding that needs;
Described 500 terminal computers of binding that need utilize API hook technology respectively, and the network configuration information setting its terminal computer can not be changed;
D. the change of the network configuration information of this terminal computer of terminal computer Real-Time Monitoring:
The terminal computer bound utilizes API hook technology, the change of the network configuration information of this terminal computer of Real-Time Monitoring, and specific works step is as follows:
D1. in the present embodiment, the gateway 192.168.0.6 of terminal computer PC101 to PC200 is revised as the request of 192.168.0.7 by server computer request, therefore, terminal computer PC101 to PC200 can monitor the amendment request of server computer, continues to perform steps d 2; And terminal computer PC1 to PC100 and PC201 to PC500 can not monitor the amendment request of server computer, perform steps d 4;
D2. because be that the gateway 192.168.0.6 of PC101 to PC200 is revised as 192.168.0.7 by the amendment request that server computer sends, be therefore legitimate request, continue to perform steps d 3; (if not the amendment request that service end sends, being the amendment request that terminal computer sends, is then illegal request, performs steps d 4; )
D3. according to described legitimate request, the gateway that server computer upgrades PC101 to PC200 in the list of legitimate network configuration information is 192.168.0.7, server computer is by remote terminal access computer PC 101 to PC200, be updated to 192.168.0.7 by unified for the gateway 192.168.0.6 of terminal computer PC101 to PC200, perform steps d 1;
D4. terminal computer judges whether its terminal computer is first time operation after starting:
In the present embodiment, terminal computer PC2 has reinstalled operating system, and its network configuration information there occurs change, is specially; Computer name is PC2, IP address is 192.168.0.120, subnet mask is 255.255.255.0, gateway to be 192.168.0.1, DNS be 202.96.75.68, WINS for empty, its hardware information is: mainboard ID is 64-0503-032608-MCP61, MAC Address is 00-1F-C6-D1-31-90;
After terminal computer PC2 starts, first time is run, and this terminal computer PC2 sends the hardware information (mainboard ID be 64-0503-032608-MCP61, MAC Address be 00-1F-C6-D1-31-90) of its terminal computer to server computer;
Server computer obtains the network configuration information (computer name is Name2, IP address is 192.168.0.123, subnet mask is 255.255.255.0, gateway be 192.168.0.1, DNS be that 202.96.75.68, WINS are for empty) of this terminal computer according to the hardware information of this terminal computer PC2 received from legitimate network configured list;
Server computer sends the network configuration information of this terminal computer obtained from legitimate network configured list to this terminal computer PC2;
The network configuration information of this terminal computer PC2 received from server computer and the network configuration information of this terminal computer are compared by this terminal computer PC2, in the present embodiment, the operating system because terminal computer PC2 has reset, computer name in its network configuration information is PC2, IP address is 192.168.0.120, be Name2 with the computer name of the terminal computer PC2 in the list of legitimate network configuration information, IP address is 192.168.0.123, the two is inconsistent, there is abnormal change in the network configuration information of this terminal computer PC2, continue to perform steps d 5, if (the two is consistent, then the network configuration information no exceptions of terminal computer changes, and performs steps d 1, )
If (terminal computer bound is not first time operation after starting, and performs steps d 1; Reason is: if the terminal computer bound is not first time operation after starting, because the network configuration information of binding terminal computer, the network configuration information of terminal computer can not be changed, therefore do not need to judge whether its network configuration information abnormal change occurs again, to improve the operating efficiency of system, reduce system resource and take; Whether if first time operation after starting, may there is the operation that repacking operation system etc. changes its network configuration informations in terminal computer, therefore need to rejudge its network configuration information and change);
D5. the hardware information (mainboard ID:64-0503-032608-MCP61, MAC Address: 00-1F-C6-D1-31-90) of its terminal computer PC2 is sent to server computer by described terminal computer PC2;
D6. server computer obtains the former network configuration information of terminal computer PC2 from the list of legitimate network configuration information according to the hardware information (mainboard: ID64-0503-032608-MCP61, MAC Address: 00-1F-C6-D1-31-90) of the terminal computer PC2 received, and namely computer name is Name2, IP address is 192.168.0.123, subnet mask is 255.255.255.0, gateway to be 192.168.0.1, DNS be 202.96.75.68, WINS be for empty;
D7. server computer remote terminal access computer PC 2, with the former network configuration information of the terminal computer PC2 obtained from the list of legitimate network configuration information, (computer name is Name2, IP address is 192.168.0.123, subnet mask is 255.255.255.0, gateway is 192.168.0.1, DNS is 202.96.75.68, WINS is empty) recover the network configuration information of terminal computer PC2, the network configuration information being about to the terminal computer PC2 on terminal computer PC2 reverts to: computer name is Name2, IP address is 192.168.0.123, subnet mask is 255.255.255.0, gateway is 192.168.0.1, DNS is 202.96.75.68, WINS is empty,
D8. the network configuration information of binding terminal computer PC 2:
The network configuration information of server computer setting terminal computer PC 2 on server computer can not be changed;
Server computer is according to hardware information (mainboard ID be 64-0503-032608-MCP61, MAC Address be 00-1F-C6-D1-31-90) the notification terminal computer PC 2 of terminal computer PC2;
Terminal computer PC2 utilizes API hook technology, and the network configuration information setting its terminal computer PC2 can not be changed, and performs steps d 1.
system resource involved in the present invention takies situation and mainly comprises the system resource needed for real time monitoring network configuration and recover the system resource that consumes of correct network configuration, contrasts as follows with existing periodic monitor method:
For 5 minutes periodic monitor network configuration, when there is an illegal modifications in terminal computer user, the method of periodic monitor of the prior art about takies 100 milliseconds, recover the system resource time that correct network configuration consumes and be about 3000 milliseconds, therefore, the system resources consumption of every day is 24 * 60/5 * 100+3000=31800 milliseconds.Method of the present invention is not owing to relating to periodic monitor, system resource required for periodic monitor is 0 millisecond, because illegal modifications operation can not be changed successfully, the time of therefore recovering the system resource required for correct network configuration is less than 1 millisecond,, the system resources consumption of method of the present invention every day is less than 1 millisecond.
Method of the present invention is operated by long-range, the network configuration information of centralized and unified management terminal computer is to guarantee the normal operation and maintenance of network, the configuration of Centralized Monitoring, long-range point to multi--point, realizes IP address, computer name, the planning of gateway and configuration intuitively.Strict IP address binding, even if terminal use reinstalls operating system, also can revert to the IP address before binding, make existing network configuration specification; Binding computer name, and recover there is the abnormal computer name changed, preventing user's private from changing terminal computer name, avoiding the network information confusion and the inconvenient problem of management brought because privately renaming.