CN104283715B - A kind of massive logs retransmission method - Google Patents
A kind of massive logs retransmission method Download PDFInfo
- Publication number
- CN104283715B CN104283715B CN201410567607.8A CN201410567607A CN104283715B CN 104283715 B CN104283715 B CN 104283715B CN 201410567607 A CN201410567607 A CN 201410567607A CN 104283715 B CN104283715 B CN 104283715B
- Authority
- CN
- China
- Prior art keywords
- network
- packet
- network packet
- data
- linked list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A kind of massive logs retransmission method disclosed by the invention, the data packet flow for flowing through network interface card is intercepted, after being replicated to the packet of care, change the purpose IP of packet, last amended packet is reentered into network protocol stack, corresponding route is carried out according to purpose IP to set, and forwarding destination address is sent data packets to, so as to realize daily record forwarding capability;The invention has the advantages that ensuring that multiple platforms can be positioned by the source IP of daily record to equipment, network packet copy and modification efficiency are improved.
Description
Technical field
The invention belongs to software application technology field, and in particular to a kind of massive logs retransmission method.
Background technology
With the development of cloud computing technology, the O&M of cloud computation data center and management seem particularly significant, cloud computing number
According to the log information that various equipment and application are largely needed during center O&M and management, multiple management platforms are collected simultaneously
Device log, but when equipment is not supported, toward the transmission of multiple destination addresses, can not thus meet individual platform while collect day
The demand of will, if syslog daily records are directed to, using itself forwarding capability of syslog daily records, it is possible to achieve syslog daily records turn
Hair, but the daily record source address after forwarding is changed, if the platform for receiving syslog daily records does not support main frame chain query
If, then the source IP of platform reception syslog daily records will be indicated as forwarding the IP of main frame, and so platform can not just lead to
Cross the specific equipment that source IP identification sends syslog daily records.
The content of the invention
It is an object of the invention to provide a kind of massive logs retransmission method, solves forwarding platform present in prior art
The problem of specific equipment for sending daily record can not be identified by source IP.
The technical solution adopted in the present invention is a kind of massive logs retransmission method, specifically to implement according to following steps:
Step 1, log information network packet is subjected to Interception Technology processing, obtains the IP bags of network data, and will obtain
The network IP bags taken are put into the doubly linked list of storage network packet;
Step 2, network interface is based on to the network data IP bags that step 2 obtains and procotol carries out network packet mistake
Technical finesse is filtered, obtains retaining IP packets;
Step 3, the reservation IP packets obtained by step 2 are done into packet reconstruct, by the reservation IP in network protocol stack
Packet is copied and changed, and copies the network packet regenerated, still controlled it using doubly linked list and
Modification;
Step 4, to the multiple routing forwarding technical finesse of network packet in step 3.
The features of the present invention also resides in,
Interception Technology in step 1 refers specifically to, call back function defined in network interface, when network packet is assisted into network
Call back function will be called after view stack, the call back function is located at the data link layer of network, in the data link layer of network, according to
Network interface definition carries out intercept process to network packet, obtains the IP bags of network data, and the network IP bags of acquisition are put
In the doubly linked list for entering to store network packet.
Filtering technique in step 2 refers specifically to, and in the doubly linked list of storage network packet, passes through link layer header pointer
Link layer header information is found, all information of NIC can be found according to link layer header information, to network interface of concern
Carry out the filtering of network packet.
Network data packet filtering refers to, in the doubly linked list of storage network packet, is obtained according to data offset information
Transport layer header information, the content of transport layer header information is taken to look for destination interface of TCP/UDP protocol informations and udp protocol etc. three
Condition filters to network packet.
Copy and modification in step 3 refer specifically to, and define call back function in a network interface, network packet was completed
Call back function is called after filter, the distribution of the memory headroom of network packet is carried out in the call back function, by the net after filtering
Network packet is copied in newly assigned memory headroom, the network packet regenerated is copied, still using doubly linked list pair
It is controlled and changed.Network layer header information is obtained in the doubly linked list of network packet, according to network layer header information
Content is modified to the purpose IP address of network packet, is mainly revised as the purpose IP of network packet to forward purpose
The IP of address.
The multiple routing forwarding technology of network packet in step 4 refers specifically to, using array in daily record repeater system
The forwarding parameter such as destination address IP and network interface is specified in form storage, and array is traveled through in the form of circulation, traversed
The network packet for meeting forwarding condition is subjected to copy in journey and corresponding destination address is changed, by improved network data
Bag is put into data packet forward module, and data packet forward module is routed according to the destination address IP of network packet,
Network packet is sent to amended destination according to corresponding routing iinformation.
The invention has the advantages that a kind of massive logs retransmission method, during massive logs forward process, is solved
Not the problem of network equipment daily record does not support more purpose IP to send, while ensure that the source IP of the log information after forwarding is not repaiied
Change, it is ensured that multiple platforms can be positioned by the source IP of daily record to equipment, by using the filtering of network packet
Technology copies and changed to network packet technology and optimizes, and improves network packet copy and modification efficiency.
Brief description of the drawings
Fig. 1 is a kind of massive logs retransmission method forwarding schematic diagram;
Fig. 2 is a kind of massive logs retransmission method forwarding process figure.
Embodiment
The present invention is described in detail with reference to the accompanying drawings and detailed description.
A kind of massive logs retransmission method of the present invention, forwarding schematic diagram is as shown in figure 1, transmitting terminal daily record to be forwarded passes through day
Will forwarding module is sent to each application platform of daily record receiving terminal, and specific forwarding process figure is as shown in Fig. 2 according to following step
It is rapid to implement:
Step 1, log information network packet is subjected to Interception Technology processing, obtains the IP bags of network data, and will obtain
The network IP bags taken are put into the doubly linked list of storage network packet;
Step 2, network interface is based on to the network data IP bags that step 1 obtains and procotol carries out network packet mistake
Technical finesse is filtered, obtains retaining IP packets;
Step 3, the reservation IP packets obtained by step 2 are done into packet reconstruct, by the reservation IP in network protocol stack
Packet is copied and changed, and copies the network packet regenerated, still controlled it using doubly linked list and
Modification;
Step 4, to the multiple routing forwarding technical finesse of network packet in step 3.
Interception Technology in step 1 refers specifically to, call back function defined in network interface, when network packet is assisted into network
Call back function will be called after view stack, the call back function is located at the data link layer of network, in the data link layer of network, according to
Network interface definition carries out intercept process to network packet, obtains the IP bags of network data, and the network IP bags of acquisition are put
In the doubly linked list for entering to store network packet.
Filtering technique in step 2 refers specifically to, and in the doubly linked list of storage network packet, passes through link layer header pointer
Link layer header information is found, all information of NIC can be found according to link layer header information, to network interface of concern
Carry out the filtering of network packet.
Network data packet filtering refers to, in the doubly linked list of storage network packet, is obtained according to data offset information
Transport layer header information, the content of transport layer header information is taken to look for destination interface of TCP/UDP protocol informations and udp protocol etc. three
Condition filters to network packet.
Copy and modification in step 3 refer specifically to, and define call back function in a network interface, network packet was completed
Call back function is called after filter, the distribution of the memory headroom of network packet is carried out in the call back function, by the net after filtering
Network packet is copied in newly assigned memory headroom, the network packet regenerated is copied, still using doubly linked list pair
It is controlled and changed.Network layer header information is obtained in the doubly linked list of network packet, according to network layer header information
Content is modified to the purpose IP address of network packet, is mainly revised as the purpose IP of network packet to forward purpose
The IP of address.
The multiple routing forwarding technology of network packet in step 4 refers specifically to, using array in daily record repeater system
The forwarding parameter such as destination address IP and network interface is specified in form storage, and array is traveled through in the form of circulation, traversed
The network packet for meeting forwarding condition is subjected to copy in journey and corresponding destination address is changed, by improved network data
Bag is put into data packet forward module, and data packet forward module is routed according to the destination address IP of network packet,
Network packet is sent to amended destination according to corresponding routing iinformation.
Four steps more than, the network packet of log information are that have modified the destination address IP in packet,
And network packet is re-routed after packet rs destination address ip is changed, so not changing daily record letter in this process
The source address IP of network packet is ceased, after the daily record that daily record application receiving platform receives, is received relative to daily record application flat
Platform Log Router is like to be not present, and its effect is exactly that daily record is directly sent to multiple application platforms one by Log Source
Sample.
A kind of massive logs retransmission method of the present invention, after being replicated to the packet of care, change the purpose of packet
IP, last amended packet are reentered into network protocol stack, and carrying out corresponding route according to purpose IP is set, by data
Bag is sent to forwarding destination address, so as to realize daily record forwarding capability.
Embodiment
Step 1, log information network packet is subjected to Interception Technology processing, obtains the IP bags of network data, and will obtain
The network IP bags taken are put into the doubly linked list of storage network packet;
Step 2, network interface is based on to the network data IP bags that step 1 obtains and procotol carries out network packet mistake
Technical finesse is filtered, obtains retaining IP packets;
Step 3, the reservation IP packets obtained by step 2 are done into packet reconstruct, by the reservation IP in network protocol stack
Packet is copied and changed, and copies the network packet regenerated, still controlled it using doubly linked list and
Modification;
Step 4, to the multiple routing forwarding technical finesse of network packet in step 3.
Specific instructions row is as follows:
Insmod LogForward.ko src=eth0dst=eth1, eth2dstip=1.1.1.1,2.2.2.2
Mentioned order is meant that:The reception of datagram is carried out by eth0 network interfaces, is turned datagram by eth1
It is 1.1.1.1 to be dealt into purpose IP, and it is 2.2.2.2 that datagram is forwarded into purpose IP by eth2.
Above example is merely to illustrate the preferred embodiment of the present invention, but the present invention is not limited to above-mentioned embodiment party
Formula, in the field those of ordinary skill possessed knowledge, that is made within the spirit and principles in the present invention is any
Modification, equivalent substitute and improvement etc., it all should cover within the scope of the claimed technical scheme of the present invention.
Claims (4)
1. a kind of massive logs retransmission method, it is characterised in that specifically implement according to following steps:
Step 1, log information network packet is subjected to intercept process, obtains the IP bags of network data, and by the network of acquisition
The IP bags of data are put into the doubly linked list of storage network packet;Interception Technology refers specifically in step 1, defined in network interface
Call back function, call back function will be called after network packet enters network protocol stack, the call back function is located at the number of network
According to link layer, in the data link layer of network, intercept process is carried out to network packet according to network interface definition, obtains network
The IP bags of data, and the network IP bags of acquisition are put into the doubly linked list of storage network packet;
Step 2, network interface is based on to the network data IP bags that step 1 obtains and procotol carries out network data packet filtering skill
Art processing, obtain retaining IP packets;Filtering technique refers specifically in step 2, in the doubly linked list of storage network packet, leads to
Cross link layer header pointer and find link layer header information, all information of NIC can be found according to link layer header information, to net
Network interface carries out the filtering of network packet;
Step 3, the reservation IP packets obtained by step 2 are done into packet reconstruct, by the reservation IP data in network protocol stack
Bag is copied and changed, and is copied the network packet regenerated, is still controlled it and changed using doubly linked list;
Step 4, to the multiple routing forwarding technical finesse of the network packet regenerated in step 3;
Step 5, daily record data bag is realized in the case where not changing source address by routing forwarding technology to step 4, by daily record
It is forwarded to multiple destination addresses.
2. a kind of massive logs retransmission method according to claim 1, it is characterised in that the network data packet filtering is
Refer to, in the doubly linked list of storage network packet, believed according to data offset acquisition of information transport layer header information, transport layer header
The content of breath looks for three conditions of destination interface of TCP/UDP protocol informations and udp protocol to filter network packet.
3. a kind of massive logs retransmission method according to claim 1, it is characterised in that copy and repair in the step 3
Change and refer specifically to, define call back function in a network interface, call back function is called after completing filtering to network packet, at this
Call back function carries out the distribution of the memory headroom of network packet, and the network packet after filtering is copied into newly assigned internal memory
In space, the network packet regenerated is copied, still controls it and changes using doubly linked list, in network data
Network layer header information, the purpose IP address according to the content of network layer header information to network packet are obtained in the doubly linked list of bag
Modify, be the IP that the purpose IP of network packet is revised as forwarding to destination address.
A kind of 4. massive logs retransmission method according to claim 1, it is characterised in that network data in the step 4
Wrap multiple routing forwarding technology to refer specifically to, stored in daily record repeater system in the form of array and specify forwarding destination address IP
And network interface parameters, array is traveled through in the form of circulation, the network data of forwarding condition will be met in ergodic process
Bag carries out copy and the modification of corresponding destination address, improved network packet is put into data packet forward module, data
Packet forward module is routed according to the destination address IP of network packet, according to corresponding routing iinformation by network data
Bag is sent to amended destination.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410567607.8A CN104283715B (en) | 2014-10-22 | 2014-10-22 | A kind of massive logs retransmission method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410567607.8A CN104283715B (en) | 2014-10-22 | 2014-10-22 | A kind of massive logs retransmission method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104283715A CN104283715A (en) | 2015-01-14 |
| CN104283715B true CN104283715B (en) | 2018-01-12 |
Family
ID=52258223
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410567607.8A Active CN104283715B (en) | 2014-10-22 | 2014-10-22 | A kind of massive logs retransmission method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104283715B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI625950B (en) * | 2016-08-04 | 2018-06-01 | 群暉科技股份有限公司 | Method for relaying packets with aid of network address translation in a network system, and associated apparatus |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101079798A (en) * | 2006-05-26 | 2007-11-28 | 华为技术有限公司 | NAT method and method for realizing access control list |
| CN101087210A (en) * | 2007-05-22 | 2007-12-12 | 网御神州科技(北京)有限公司 | High-performance Syslog processing and storage method |
| CN101931584A (en) * | 2009-06-22 | 2010-12-29 | 中兴通讯股份有限公司 | Method and system supporting data forwarding among multiple protocol stacks in same system |
| CN102638453A (en) * | 2012-03-13 | 2012-08-15 | 广州华多网络科技有限公司 | Voice data kernel forwarding method based on Linux system server |
| CN103166855A (en) * | 2011-12-12 | 2013-06-19 | 深圳市共进电子股份有限公司 | Method and system for recognizing and transforming address information in network message |
| CN104010000A (en) * | 2014-06-13 | 2014-08-27 | 北京联宇益通科技发展有限公司 | Data package filtering method, device and system for Android system under non-super user authority |
-
2014
- 2014-10-22 CN CN201410567607.8A patent/CN104283715B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101079798A (en) * | 2006-05-26 | 2007-11-28 | 华为技术有限公司 | NAT method and method for realizing access control list |
| CN101087210A (en) * | 2007-05-22 | 2007-12-12 | 网御神州科技(北京)有限公司 | High-performance Syslog processing and storage method |
| CN101931584A (en) * | 2009-06-22 | 2010-12-29 | 中兴通讯股份有限公司 | Method and system supporting data forwarding among multiple protocol stacks in same system |
| CN103166855A (en) * | 2011-12-12 | 2013-06-19 | 深圳市共进电子股份有限公司 | Method and system for recognizing and transforming address information in network message |
| CN102638453A (en) * | 2012-03-13 | 2012-08-15 | 广州华多网络科技有限公司 | Voice data kernel forwarding method based on Linux system server |
| CN104010000A (en) * | 2014-06-13 | 2014-08-27 | 北京联宇益通科技发展有限公司 | Data package filtering method, device and system for Android system under non-super user authority |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104283715A (en) | 2015-01-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107911258B (en) | SDN network-based security resource pool implementation method and system | |
| CN1875585B (en) | Dynamic unknown L2 flooding control with MAC limits | |
| CN108809854B (en) | Reconfigurable chip architecture for large-flow network processing | |
| EP2552059B1 (en) | Packet transfer system, control apparatus, transfer apparatus, method of creating processing rules, and program | |
| CN102970227B (en) | The method and apparatus of VXLAN message repeating is realized in ASIC | |
| US9565120B2 (en) | Method and system for performing distributed deep-packet inspection | |
| US10148459B2 (en) | Network service insertion | |
| US20200280502A1 (en) | Network device snapshots | |
| CN104994065A (en) | Access control list operation system and method based on software-defined network | |
| CN109842529A (en) | Method, apparatus and network system for configuration service | |
| CN104601467B (en) | A kind of method and apparatus for sending message | |
| US10992553B2 (en) | Method and apparatus for tap aggregation and network data truncation | |
| EP3588859B1 (en) | Network device configuration versioning | |
| CN103001883B (en) | Internal communication method of programmable virtual router based on Net field programmable gate array (FPGA) | |
| CN102761483B (en) | Tunnel implementation method, system and device implemented without occupying IP addresses | |
| US10887408B2 (en) | Remote monitoring of network communication devices | |
| EP3200398A1 (en) | Automated mirroring and remote switch port analyzer (rspan)/encapsulated remote switch port analyzer (erspan) functions using fabric attach (fa) signaling | |
| CN104135548A (en) | Static NAT realization method and device based on FPGA | |
| CN105052106B (en) | For receiving the method and system with transport of internet protocol (IP) packet | |
| CN108696435A (en) | For the single lookup table entries symmetrically flowed | |
| CN110247908A (en) | The methods, devices and systems that data based on programmable network switching technology are sent | |
| CN104283715B (en) | A kind of massive logs retransmission method | |
| CN103179109A (en) | Secondary session query function based filtering and distribution device and method thereof | |
| CN103428044A (en) | Data packet monitoring method, device and system | |
| CN104158743A (en) | Method and device of cross-card forwarding of message of distributed router |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |