CN105227685A - The correlating method of user profile and data flow, master control set, radius server - Google Patents
The correlating method of user profile and data flow, master control set, radius server Download PDFInfo
- Publication number
- CN105227685A CN105227685A CN201410265613.8A CN201410265613A CN105227685A CN 105227685 A CN105227685 A CN 105227685A CN 201410265613 A CN201410265613 A CN 201410265613A CN 105227685 A CN105227685 A CN 105227685A
- Authority
- CN
- China
- Prior art keywords
- radius
- client
- data flow
- master control
- user profile
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
Abstract
The invention discloses the correlating method of a kind of user profile and data flow.The method comprises: master control set sends the RADIUS message bag of intercepting to radius client; Master control set sends the SYSLOG packet of intercepting to SYSLOG client; To make radius server associated user information and described public network address and port range, obtain user context information; When master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.The invention also discloses a kind of master control set, radius server.The present invention can associated user information and data flow under special networking scene, for user behavior analysis lays the foundation, and the requirement significantly reduced load-balancing device and dependence.
Description
Technical field
The present invention relates to communication technical field, particularly relate to the correlating method of user profile and data flow, master control set, radius server.
Background technology
In some metropolitan area network construction frameworks, this locality does not have RADIUS (RemoteAuthenticationDialInUserService, remote customer dialing authentication service) server, and radius server is unified is built up in province's net center.Local fixed network user's online, RADIUS message returns user terminal exported the radius server delivered to and be positioned at province's net center by metropolitan area network after again.Optical splitter is deployed in core router (CR, CoreRouter) and economize net outlet between, metropolitan area network address transition (NAT, NetworkAddressTranslation) function is by the long-range BAS Broadband Access Server (BRAS between core router, BroadbandRemoteAccessServer) realize, namely the packet collected in optical splitting link, packet after being network address translation, the source address of packet has been public network address, the private net address of user terminal cannot be obtained, load-balancing device cannot realize RADIUS message and data flow being distributed to same service processor and process, thus cause user profile cannot associate with data flow.
Foregoing, only for auxiliary understanding technical scheme of the present invention, does not represent and admits that foregoing is prior art.
Summary of the invention
Main purpose of the present invention is the technical problem that solution user profile cannot associate with data flow.
For achieving the above object, the correlating method of a kind of user profile provided by the invention and data flow, is applied to master control set, and the correlating method of described user profile and data flow comprises the following steps:
Master control set sends the RADIUS message bag of intercepting to radius client, obtains the user profile of user terminal for radius client decoding and sends described user profile to radius server;
Master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, obtain user context information;
When master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.
Preferably, when described master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and the step associating described data flow and described user profile comprises:
When master control set creates data flow, read public network address and the port numbers of described data flow;
Master control set judges whether to there is the described user context information corresponding with public network address that is described data flow and port numbers that be that store;
If not, master control set sends query statement to radius client, obtain and store radius client and receive the described user context information corresponding with the public network address of described data flow and port numbers that radius server sends, according to obtaining and the described user context information stored, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile;
If so, master control set is according to the described user context information stored, and obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
Preferably, described master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, comprise after obtaining the step of user context information:
Master control set intercepts and to roll off the production line packet, the packet that rolls off the production line described in transmission to radius client, for roll off the production line described in radius client decoding packet and send decoded described in roll off the production line packet to radius server;
Master control set receives the notice that rolls off the production line that radius server sends through radius client, deletes the described user context information be stored in master control set.
Preferably, described master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, comprise after obtaining the step of user context information:
Master control set intercepts new RADIUS message bag, send described new RADIUS message bag to radius client, obtain new user profile corresponding to user terminal for radius client decoding and send described new user profile to radius server, to make radius server obtain new user context information according to described new user profile, and send update notification to master control set through radius client;
Master control set intercepts new SYSLOG packet, send described new SYSLOG packet to SYSLOG client, obtain new public network address corresponding to user terminal and port range for the decoding of SYSLOG client and send described new public network address and port range to radius server, to make radius server obtain new user context information according to described new public network address and port range, and send update notification to master control set through radius client.
In addition, for achieving the above object, the present invention also provides the correlating method of a kind of user profile and data flow, is applied to radius server, and the correlating method of described user profile and data flow comprises the following steps:
The user profile of the user terminal that the decoding RADIUS message bag that radius server receives radius client transmission obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Wherein, described RADIUS message bag is intercepted by master control set and is sent to radius client, and described SYSLOG packet is intercepted by master control set and is sent to SYSLOG client;
Radius server associates the described user profile and described public network address and port range that receive, obtain user context information, when creating data flow to make master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.
In addition, for achieving the above object, the present invention also provides a kind of master control set, and described master control set comprises:
First sending module, for sending the RADIUS message bag of intercepting to radius client, obtaining the user profile of user terminal for radius client decoding and sending described user profile to radius server;
Second sending module, for sending the SYSLOG packet of intercepting to SYSLOG client, obtaining public network address corresponding to user terminal and port range for the decoding of SYSLOG client and sending described public network address and port range to radius server; To make radius server associated user information and described public network address and port range, obtain user context information;
First relating module, during for creating data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
Preferably, described first relating module comprises:
Reading unit, during for creating data flow, reads public network address and the port numbers of described data flow;
, there is the described user context information corresponding with public network address that is described data flow and port numbers that be that store for judging whether in judging unit;
First associative cell, for if not, query statement is sent to radius client, obtain and store radius client and receive the described user context information corresponding with the public network address of described data flow and port numbers that radius server sends, according to obtaining and the described user context information stored, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile;
Second associative cell, for if so, according to the described user context information stored, obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
Preferably, described master control set also comprises:
Downline module, to roll off the production line packet for intercepting, the packet that rolls off the production line described in transmission to radius client, for roll off the production line described in radius client decoding packet and send decoded described in roll off the production line packet to radius server;
Receiver module, for receiving the notice that rolls off the production line that radius server sends through radius client, deletes the described user context information be stored in master control set.
Preferably, described master control set also comprises:
First update module, for intercepting new RADIUS message bag, send described new RADIUS message bag to radius client, obtain new user profile corresponding to user terminal for radius client decoding and send described new user profile to radius server, to make radius server obtain new user context information according to described new user profile, and send update notification to the first update module through radius client;
Second update module, for intercepting new SYSLOG packet, send described new SYSLOG packet to SYSLOG client, obtain new public network address corresponding to user terminal and port range for the decoding of SYSLOG client and send described new public network address and port range to radius server, to make radius server obtain new user context information according to described new public network address and port range, and send update notification to the second update module through radius client.
In addition, for achieving the above object, the present invention also provides a kind of radius server, and described radius server comprises:
3rd sending module, the user profile of the user terminal that the decoding RADIUS message bag sent for receiving radius client obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Wherein, described RADIUS message bag is intercepted by master control set and is sent to radius client, and described SYSLOG packet is intercepted by master control set and is sent to SYSLOG client;
Second relating module, for associating the described user profile of reception and described public network address and port range, obtain user context information, when creating data flow to make master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtains the described user profile corresponding with described user context information and associates described data flow and described user profile.
Master control set of the present invention sends the RADIUS message bag of intercepting to radius client, obtains the user profile of user terminal for radius client decoding and sends described user profile to radius server; Master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associated user information and described public network address and port range, obtain user context information; When master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.Compared to prior art, the present invention is the address that user terminal distributes at radius server is private net address, when user profile and data flow point-score cannot carry out processing to same master control set by load-balancing device, user profile is associated with data flow, the user behavior analysis under this special networking scene is made to become possibility, and the requirement significantly reduced load-balancing device and dependence.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of correlating method first embodiment of user profile of the present invention and data flow;
Fig. 2 is the schematic flow sheet of correlating method second embodiment of user profile of the present invention and data flow;
Fig. 3 is the schematic flow sheet of correlating method one embodiment of user profile of the present invention and data flow;
Fig. 4 is master control set first embodiment high-level schematic functional block diagram of the present invention;
Fig. 5 is the high-level schematic functional block diagram of master control set second embodiment of the present invention;
Fig. 6 is the high-level schematic functional block diagram of Fig. 5 master control set one of the present invention preferred embodiment;
Fig. 7 is the high-level schematic functional block diagram of Fig. 5 another preferred embodiment of master control set of the present invention;
Fig. 8 is the high-level schematic functional block diagram of radius server first embodiment of the present invention.
The realization of the object of the invention, functional characteristics and advantage will in conjunction with the embodiments, are described further with reference to accompanying drawing.
Embodiment
Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
It will be appreciated by those skilled in the art that, the correlating method of user profile of the present invention and data flow, master control set, the master control set described in following embodiment of radius server, radius client, SYSLOG client can be used as an entirety and are located in an equipment and carry out with radius server alternately, certainly, also can be divided in different devices or equipment, but master control set needs to be connected with radius client, SYSLOG client communication respectively.The present invention is not construed as limiting the mounting means of master control set, radius client, SYSLOG client.
The invention provides the correlating method of a kind of user profile and data flow, be applied to master control set.
With reference to the schematic flow sheet that Fig. 1, Fig. 1 are correlating method first embodiment of user profile of the present invention and data flow.
In correlating method first embodiment of user profile of the present invention and data flow, the method comprises:
Step S10, master control set sends the RADIUS message bag of intercepting to radius client, obtains the user profile of user terminal for radius client decoding and sends described user profile to radius server;
Step S20, master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, obtain user context information;
RADIUS message bag is issued to radius server by user terminal, master control set press port (as, 1813 ports of radius server) intercept RADIUS message bag, SYSLOG packet is sent by BRAS, master control set is pressed port (e.g., 514 ports of SYSLOG server) and is intercepted this SYSLOG packet.Master control set sends the RADIUS message bag of intercepting to radius client, after radius client receives this RADIUS message bag, it is decoded and obtains the user profile of user terminal, this user profile can comprise account, password, the private net address of user, can also comprise the geographical position etc. of user terminal.Radius client only can obtain the private net address of this user terminal to the decoding of RADIUS message bag, and can not obtain the public network address of this user terminal.Master control set sends the SYSLOG packet of intercepting to SYSLOG client, SYSLOG client receives this SYSLOG packet, carries out decoding obtain the public network address of user terminal (i.e. user profile) and port range and send this public network address and described port range to radius server it.After radius server receives user profile and public network address corresponding to user terminal and port range, associated user information and public network address and port range, obtain user context information, user context information can be the mapping table of user profile and public network address and port range, it can be the packet comprising user profile and public network address and port range, can also be a kind of algorithm utilizing public network address and port to obtain corresponding user profile, or other forms be suitable for.
Step S30, when master control set creates data flow, obtain according to radius server with the described user context information of described data flow created, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.
Master control set is when being truncated to handshake packet, create data flow, this data flow is formed by the packet transmitted between user terminal and Website server, the source port number of the packet in this data flow, source address, destination address, destination slogan are identical, namely the port numbers of user terminal of the packet in stream of transmitting and receive data is identical with public network address, and the port numbers of the Website server of the packet in stream that transmits and receive data is identical with public network address.Public network address corresponding to user terminal and port range can be obtained by user context information, therefore master control set can find the user context information corresponding with the port numbers of the user terminal of the packet in flowing that transmits and receive data and public network address, user profile can be obtained, by user profile and data stream association by user context information.
The method of associated data stream and user profile can be: the mapping table setting up data flow and user profile; Utilize algorithm, can user profile be obtained by data flow, and the information of data flow can be obtained by user profile.
The present embodiment master control set sends the RADIUS message bag of intercepting to radius client, obtains the user profile of user terminal for radius client decoding and sends described user profile to radius server; Master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, obtain user context information; When master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.Compared to prior art, the present embodiment is the address that user terminal distributes at radius server is private net address, when user profile and data flow point-score cannot carry out processing to same master control set by load-balancing device, user profile is associated with data flow, the user behavior analysis under this special networking scene is made to become possibility, and the requirement significantly reduced load-balancing device and dependence.
With reference to the schematic flow sheet that Fig. 2, Fig. 2 are correlating method second embodiment of user profile of the present invention and data flow.
In correlating method second embodiment of user profile of the present invention and data flow, the difference of the present embodiment and the first embodiment is, the present embodiment is on the basis of the first embodiment, when described master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and the step associating described data flow and described user profile comprises:
Step S31, when master control set creates data flow, reads public network address and the port numbers of described data flow;
Master control set, when getting the handshake packet that user terminal sends, creates data flow.This data flow is formed by the packet transmitted between user terminal and Website server, the source port number of the packet in this data flow, source address, destination address, destination slogan are identical, namely the port numbers of user terminal of the packet in stream of transmitting and receive data is identical with public network address, and the port numbers of the Website server of the packet in stream that transmits and receive data is identical with public network address.Therefore, from the packet data flow, directly read port numbers and the public network address of user terminal.Using the port numbers of user terminal and public network address as the public network address of data flow and port numbers.
Step S32, master control set judges whether to there is the described user context information corresponding with public network address that is described data flow and port numbers that be that store;
User context information may be obtained from radius server and be stored in master control set, according to public network address and the port range of user terminal corresponding to user context information, the user context information corresponding with the public network address of data flow and port numbers that master control set judges whether to exist in master control set storage, such as, judge that the public network address of the user terminal whether public network address of data flow is corresponding with user context information is identical, and whether the port numbers of data flow is in the port range of user terminal, if above-mentioned two conditions are all satisfied, then think that this user context information is the user context information corresponding with the public network address of data flow and port numbers.
Step S33, if not, master control set sends query statement to radius client, obtain and store radius client and receive the described user context information corresponding with the public network address of described data flow and port numbers that radius server sends, according to obtaining and the described user context information stored, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile;
Step S34, if so, master control set is according to the described user context information stored, and obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
If not, then user context information is stored in radius server, is not issued to master control set or radius client.Master control set sends query statement to radius client, when radius client receives this query statement, inquiry is initiated to radius server, user context information corresponding for public network address and port numbers with data flow is sent to radius client by radius server, and preserve the information of this radius client, when radius client receives this user context information, send this user context information to master control set as inquiry response.Master control set receives this user context information, according to this user context information, obtains the user profile corresponding with user context information, and associated data stream and user profile.
In certain embodiments, user context information also may be obtained from radius server and be stored in radius client, therefore, the master control set described user context information corresponding with the public network address of described data flow and port numbers that judge whether to exist in radius server storage; If not, master control set sends query statement to radius client, receives and store the user context information corresponding with the public network address of data flow and port numbers that radius server sends to make radius client.
If so, master control set is according to the user context information be stored in master control set or radius client, obtains the user profile corresponding with this user context information, and associated data stream and user profile.
Compared to prior art, user context information is stored in radius client or master control set by the present invention, during follow-up if desired inquiring user contextual information, does not need repetition to obtain this user context information from radius server, simplify query steps, improve search efficiency.
In one embodiment of the present invention, described master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, comprise after obtaining the step of user context information:
Master control set intercepts and to roll off the production line packet, the packet that rolls off the production line described in transmission to radius client, for the packet that rolls off the production line described in radius client decoding, and send decoded described in roll off the production line packet to radius server;
Master control set receives the notice that rolls off the production line that radius server sends through radius client, deletes the described user context information be stored in master control set.
Master control set intercepts the packet that rolls off the production line that user terminal sends, master control set directly can not read the content of this packet that rolls off the production line, therefore, transmission rolls off the production line packet to radius client, after radius client receives the packet that rolls off the production line, it is decoded, and send the decoded packet that rolls off the production line to radius server, after radius server receives this decoded packet that rolls off the production line, transmission rolls off the production line notice to radius client, the radius client notice that this rolled off the production line sends to master control set, master control set receive this roll off the production line notice time, delete the user context information be stored in master control set.
In certain embodiments, user context information may be obtained from radius server and be stored in radius client, after radius client receives the notice that rolls off the production line of radius server transmission, the notice that this rolled off the production line sends to master control set, master control set receive this roll off the production line notice time, delete the user context information that is stored in radius client.
In a preferred embodiment, described master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associated user information and described public network address and port range, comprise after obtaining the step of user context information:
Master control set intercepts new RADIUS message bag, send described new RADIUS message bag to radius client, obtain new user profile corresponding to user terminal for radius client decoding and send described new user profile to radius server, to make radius server obtain new user context information according to described new user profile, and send update notification to master control set through radius client;
Master control set intercepts new SYSLOG packet, send described new SYSLOG packet to SYSLOG client, obtain new public network address corresponding to user terminal and port range for the decoding of SYSLOG client and send described new public network address and port range to radius server, to make radius server obtain new user context information according to described new public network address and port range, and send update notification to master control set through radius client.
Master control set intercepts new RADIUS message bag, send this new RADIUS message bag to radius client, radius client receives and the RADIUS message bag of decoding new obtains new user profile corresponding to user terminal, and send this new user profile to radius server, radius server receives this new user profile, new user profile is associated with original public network address and port range, obtain new user context information, and send update notification to master control set through radius client.
Master control set intercepts new SYSLOG packet, send new SYSLOG packet to SYSLOG client, SYSLOG client receives and this new SYSLOG packet of decoding obtains new public network address corresponding to user terminal and port range, and send this new public network address and port range to radius server, after radius server receives this new public network address and port range, according to described new public network address and port range, by new public network address and port range and original user information correlation, obtain new user context information, and send update notification to master control set through radius client.
It should be noted that, there is the situation that master control set intercepts new RADIUS message bag and new SYSLOG packet simultaneously, master control set is by new RADIUS message bag and new SYSLOG packet is sent to radius client respectively and SYSLOG client is decoded, radius client sends new user profile corresponding to the user terminal that obtains of the new RADIUS message bag of decoding to radius server, the new public network address that the user terminal that the new SYSLOG packet of SYSLOG client transmission decoding obtains is corresponding and port range are to radius server, radius server associates new user profile and new public network address and port range, obtain new user context information, and send update notification to master control set through radius client.
After master control set receives update notification, can obtain from radius server and store new user context information, or master control set sends and obtains instruction to radius client, radius client responds this acquisition instruction, and obtaining from radius server and store new user is contextual information.
The present invention further provides the correlating method of a kind of user profile and data flow, be applied to radius server.
With reference to the schematic flow sheet that Fig. 3, Fig. 3 are correlating method one embodiment of user profile of the present invention and data flow.
In correlating method one embodiment of user profile of the present invention and data flow, the correlating method of described user profile and data flow comprises the following steps:
Step S01, the user profile of the user terminal that the decoding RADIUS message bag that radius server receives radius client transmission obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Wherein, described RADIUS message bag is intercepted by master control set and is sent to radius client, and described SYSLOG packet is intercepted by master control set and is sent to SYSLOG client;
Master control set intercepts the method reference user profile of RADIUS message bag and SYSLOG packet and correlating method first embodiment of data flow.After radius client receives this RADIUS message bag, decode obtain the user profile of user terminal to it, this user profile can comprise account, password, the private net address of user, can also comprise the geographical position etc. of user terminal.Radius client only can obtain the private net address of this user terminal to the decoding of RADIUS message bag, and can not obtain the public network address of this user terminal.Master control set sends the SYSLOG packet of intercepting to SYSLOG client, SYSLOG client receives this SYSLOG packet, carries out decoding obtain the public network address of user terminal (i.e. user profile) and port range and send this public network address and described port range to radius server it.
Step S02, radius server associates the described user profile and described public network address and port range that receive, obtain user context information, when creating data flow to make master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtains the described user profile corresponding with described user context information and associates described data flow and described user profile.
After radius server receives user profile and public network address corresponding to user terminal and port range, associated user information and public network address and port range, obtain user context information, user context information can be the mapping table of user profile and public network address and port range, it can be the packet comprising user profile and public network address and port range, can also be a kind of algorithm utilizing public network address and port to obtain corresponding user profile, or other forms be suitable for.
When master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate the first embodiment of the method reference user profile of described data flow and described user profile and the correlating method of data flow.
The user profile of the user terminal that the decoding RADIUS message bag that the present embodiment radius server receives radius client transmission obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Radius server associates the described user profile and described public network address and port range that receive, obtain user context information, when creating data flow for master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.Compared to prior art, the present embodiment is the address that user terminal distributes at radius server is private net address, load-balancing device cannot by user profile and data flow cannot point-score to same master control set process when, user profile is associated with data flow, the user behavior analysis under this special networking scene is made to become possibility, and the requirement significantly reduced load-balancing device and dependence.
In the present embodiment, described radius server associates the described user profile and described public network address and port range that receive, comprises after obtaining the step of user context information:
Radius server is when receiving the query statement that master control set sends through radius client, respond described query statement and send the described user context information corresponding with the public network address of described data flow and port numbers to master control set through radius client, and storing the information of radius client.
When master control set creates data flow, read public network address and the port numbers of described data flow; The described user context information corresponding with the public network address of described data flow and port numbers that master control set judges whether to exist in master control set storage; If not, master control set sends through radius client the second embodiment that query statement to the manner of execution of the steps such as radius server can refer to the correlating method of user profile and data flow.Compared to prior art, user context information is stored in radius client or master control set by the present invention, during follow-up if desired inquiring user contextual information, does not need repetition to obtain this user context information from radius server, simplify query steps, improve search efficiency.
This selects in embodiment, described radius server associates the described user profile and described public network address and port range that receive, obtain user context information, when creating data flow for master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and comprise after associating the step of described data flow and described user profile:
Master control set obtain roll off the production line packet time, radius server receive that radius client sends decoded described in roll off the production line packet; The described packet that rolls off the production line is sent to radius client by master control set;
Radius server sends the notice that rolls off the production line to master control set through radius client, deletes to make master control set the described user context information be stored in master control set.
Master control set intercepts the packet that rolls off the production line that user terminal sends, master control set directly can not read the content of this packet that rolls off the production line, therefore, transmission rolls off the production line packet to radius client, after radius client receives the packet that rolls off the production line, it is decoded, and send the decoded packet that rolls off the production line to radius server, after radius server receives this decoded packet that rolls off the production line, transmission rolls off the production line notice to radius client, the radius client notice that this rolled off the production line sends to master control set, master control set receive this roll off the production line notice time, delete the user context information be stored in master control set.
In certain embodiments, user context information may be obtained from radius server and be stored in radius client, after radius client receives the notice that rolls off the production line of radius server transmission, the notice that this rolled off the production line sends to master control set, master control set receive this roll off the production line notice time, delete the user context information that is stored in radius client.
In the present embodiment, described radius server associates the described user profile and described public network address and port range that receive, obtain user context information, when creating data flow for master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and comprise after associating the step of described data flow and described user profile:
When master control set obtains new RADIUS message bag, the new user profile that the user terminal that the described new RADIUS message bag of decoding that radius server receives radius client transmission obtains is corresponding; Radius server, according to described new user profile, obtains new user context information, and sends update notification to master control set through radius client; Described new RADIUS message bag is obtained by master control set and is sent to radius client;
When master control set obtains new SYSLOG packet, the new public network address that the user terminal that the described new SYSLOG packet of radius server reception SYSLOG client decoding obtains is corresponding and port range; Radius server, according to described new public network address and port range, obtains new user context information, and sends update notification to master control set through radius client; Described new SYSLOG packet is obtained by master control set and is sent to SYSLOG client.
The present invention further provides a kind of master control set.
Reference Fig. 4, Fig. 4 are master control set first embodiment high-level schematic functional block diagram of the present invention.
In master control set first embodiment of the present invention, this master control set comprises:
First sending module 10, for sending the RADIUS message bag of intercepting to radius client, obtaining the user profile of user terminal for radius client decoding and sending described user profile to radius server;
Second sending module 20, for sending the SYSLOG packet of intercepting to SYSLOG client, obtaining public network address corresponding to user terminal and port range for the decoding of SYSLOG client and sending described public network address and port range to radius server; To make radius server associate described user profile and described public network address and port range, obtain user context information; RADIUS message bag is issued to radius server by user terminal, first sending module 10 press port (as, 1813 ports of radius server) intercept RADIUS message bag, SYSLOG packet is sent by BRAS, second sending module 20 is pressed port (e.g., 514 ports of SYSLOG server) and is intercepted this SYSLOG packet.First sending module 10 sends the RADIUS message bag of intercepting to radius client, after radius client receives this RADIUS message bag, it is decoded and obtains the user profile of user terminal, this user profile can comprise account, password, the private net address of user, can also comprise the geographical position etc. of user terminal.Radius client only can obtain the private net address of this user terminal to the decoding of RADIUS message bag, and can not obtain the public network address of this user terminal.Second sending module 20 sends the SYSLOG packet of intercepting to SYSLOG client, SYSLOG client receives this SYSLOG packet, carries out decoding obtain the public network address of user terminal (i.e. user profile) and port range and send this public network address and described port range to radius server it.After radius server receives user profile and public network address corresponding to user terminal and port range, associated user information and public network address and port range, obtain user context information, user context information can be the mapping table of user profile and public network address and port range, it can be the packet comprising user profile and public network address and port range, can also be a kind of algorithm utilizing public network address and port to obtain corresponding user profile, or other forms be suitable for.
First relating module 30, during for creating data flow, obtain according to radius server with the described user context information of described data flow created, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.
First relating module 30 is when being truncated to handshake packet, create data flow, this data flow is formed by the packet transmitted between user terminal and Website server, the source port number of the packet in this data flow, source address, destination address, destination slogan are identical, namely the port numbers of user terminal of the packet in stream of transmitting and receive data is identical with public network address, and the port numbers of the Website server of the packet in stream that transmits and receive data is identical with public network address.Public network address corresponding to user terminal and port range can be obtained by user context information, therefore the first relating module 30 can find the user context information corresponding with the port numbers of the user terminal of the packet in flowing that transmits and receive data and public network address, user profile can be obtained, by user profile and data stream association by user context information.
The method of associated data stream and user profile can be: the mapping table setting up data flow and user profile; Utilize algorithm, can user profile be obtained by data flow, and the information of data flow can be obtained by user profile.
The present embodiment first sending module 10 sends the RADIUS message bag of intercepting to radius client, obtains the user profile of user terminal for radius client decoding and sends described user profile to radius server; Second sending module 20 sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, obtain user context information; When first relating module 30 creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.Compared to prior art, the present embodiment is the address that user terminal distributes at radius server is private net address, when user profile and data flow point-score cannot carry out processing to same master control set by load-balancing device, user profile is associated with data flow, the user behavior analysis under this special networking scene is made to become possibility, and the requirement significantly reduced load-balancing device and dependence.
With reference to the high-level schematic functional block diagram that Fig. 5, Fig. 5 are master control set second embodiment of the present invention.
In master control set second embodiment of the present invention, the difference of the present embodiment and the first embodiment is, the present embodiment is on the basis of the first embodiment, and described first relating module 30 comprises:
Reading unit 31, during for creating data flow, reads public network address and the port numbers of described data flow;
Reading unit 31, when getting the handshake packet that user terminal sends, creates data flow.This data flow is formed by the packet transmitted between user terminal and Website server, the source port number of the packet in this data flow, source address, destination address, destination slogan are identical, namely the port numbers of user terminal of the packet in stream of transmitting and receive data is identical with public network address, and the port numbers of the Website server of the packet in stream that transmits and receive data is identical with public network address.Therefore, from the packet data flow, directly read port numbers and the public network address of user terminal.Using the port numbers of user terminal and public network address as the public network address of data flow and port numbers.
, there is the described user context information corresponding with public network address that is described data flow and port numbers that be that store for judging whether in judging unit 32;
User context information may be obtained from radius server and be stored in master control set, according to public network address and the port range of user terminal corresponding to user context information, the user context information corresponding with the public network address of data flow and port numbers that judging unit 32 judges whether to exist in master control set storage, such as, judge that the public network address of the user terminal whether public network address of data flow is corresponding with user context information is identical, and whether the port numbers of data flow is in the port range of user terminal, if above-mentioned two conditions are all satisfied, then think that this user context information is the user context information corresponding with the public network address of data flow and port numbers.
First associative cell 33, query statement is sent to radius client, obtain and store radius client and receive the described user context information corresponding with the public network address of described data flow and port numbers that radius server sends, according to obtaining and the described user context information stored, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile;
Second associative cell 34, for if so, according to the described user context information stored, obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
If not, then user context information is stored in radius server, is not issued to master control set or radius client.First associative cell 33 sends query statement to radius client, when radius client receives this query statement, inquiry is initiated to radius server, user context information corresponding for public network address and port numbers with data flow is sent to radius client by radius server, and preserve the information of this radius client, when radius client receives this user context information, send this user context information to master control set as inquiry response.First associative cell 33 receives this user context information, according to this user context information, obtains the user profile corresponding with user context information, and associated data stream and user profile.
In certain embodiments, user context information also may be obtained from radius server and be stored in radius client, therefore, the judging unit 32 described user context information corresponding with the public network address of described data flow and port numbers that judge whether to exist in radius server storage; If not, the first associative cell 33 sends query statement to radius client, receives and store the user context information corresponding with the public network address of data flow and port numbers of radius server transmission to make radius client.
If so, the second associative cell 34 is according to the user context information be stored in master control set or radius client, obtains the user profile corresponding with this user context information, and associated data stream and user profile.
Compared to prior art, user context information is stored in radius client or master control set by the present invention, during follow-up if desired inquiring user contextual information, does not need repetition to obtain this user context information from radius server, simplify query steps, improve search efficiency.
With reference to the high-level schematic functional block diagram that Fig. 6, Fig. 6 are Fig. 5 master control set one of the present invention preferred embodiment.
In one embodiment of the present invention, described master control set also comprises:
Downline module 40, to roll off the production line packet for intercepting, the packet that rolls off the production line described in transmission to radius client, for the packet that rolls off the production line described in radius client decoding, and send decoded described in roll off the production line packet to radius server;
Receiver module 50, for receiving the notice that rolls off the production line that radius server sends through radius client, deletes the described user context information be stored in master control set.
Downline module 40 intercepts the packet that rolls off the production line that user terminal sends, downline module 40 directly can not read the content of this packet that rolls off the production line, therefore, transmission rolls off the production line packet to radius client, after radius client receives the packet that rolls off the production line, it is decoded, and send the decoded packet that rolls off the production line to radius server, after radius server receives this decoded packet that rolls off the production line, transmission rolls off the production line notice to radius client, the radius client notice that this rolled off the production line sends to master control set, receiver module 50 receive this roll off the production line notice time, delete the user context information be stored in master control set.
In certain embodiments, user context information may be obtained from radius server and be stored in radius client, after radius client receives the notice that rolls off the production line of radius server transmission, the notice that this rolled off the production line sends to master control set, master control set receive this roll off the production line notice time, delete the user context information that is stored in radius client.
With reference to the high-level schematic functional block diagram that Fig. 7, Fig. 7 are Fig. 5 another preferred embodiment of master control set of the present invention.
In a preferred embodiment, described master control set also comprises:
First update module 60, for intercepting new RADIUS message bag, send described new RADIUS message bag to radius client, obtain new user profile corresponding to user terminal for radius client decoding and send described new user profile to radius server, to make radius server according to described new user profile, obtain new user context information, and send update notification to the first update module 60 through radius client;
Second update module 70, for intercepting new SYSLOG packet, send described new SYSLOG packet to SYSLOG client, obtain new public network address corresponding to user terminal and port range for the decoding of SYSLOG client and send described new public network address and port range to radius server, to make radius server according to described new public network address and port range, obtain new user context information, and send update notification to the second update module 70 through radius client.
First update module 60 intercepts new RADIUS message bag, send this new RADIUS message bag to radius client, radius client receives and the RADIUS message bag of decoding new obtains new user profile corresponding to user terminal, and send this new user profile to radius server, radius server receives this new user profile, new user profile is associated with original public network address and port range, obtain new user context information, and send update notification to the first update module 60 through radius client.
Second update module 70 intercepts new SYSLOG packet, send new SYSLOG packet to SYSLOG client, SYSLOG client receives and this new SYSLOG packet of decoding obtains new public network address corresponding to user terminal and port range, and send this new public network address and port range to radius server, after radius server receives this new public network address and port range, according to described new public network address and port range, by new public network address and port range and original user information correlation, obtain new user context information, and send update notification to the second update module 70 through radius client.
It should be noted that, there is the situation that the first update module 60 and the second update module 70 intercept new RADIUS message bag and new SYSLOG packet simultaneously, new RADIUS message bag is sent to radius client by the first update module 60, new SYSLOG Packet Generation is decoded to SYSLOG client by the second update module 70, radius client sends new user profile corresponding to the user terminal that obtains of the new RADIUS message bag of decoding to radius server, the new public network address that the user terminal that the new SYSLOG packet of SYSLOG client transmission decoding obtains is corresponding and port range are to radius server, radius server associates new user profile and new public network address and port range, obtain new user context information, and send update notification to the first update module 60 and the second update module 70 through radius client.
After first update module 60 and/or the second update module 70 receive update notification, can obtain from radius server and store new user context information, or master control set sends and obtains instruction to radius client, radius client responds this acquisition instruction, and obtaining from radius server and store new user is contextual information.
The present invention further provides a kind of radius server.
With reference to the high-level schematic functional block diagram that Fig. 8, Fig. 8 are radius server first embodiment of the present invention.
In radius server one embodiment of the present invention, described radius server comprises:
3rd sending module 01, the user profile of the user terminal that the decoding RADIUS message bag sent for receiving radius client obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Described RADIUS message bag is intercepted by master control set and is sent to radius client, and described SYSLOG packet is intercepted by master control set and is sent to SYSLOG client;
Master control set intercepts the method reference user profile of RADIUS message bag and SYSLOG packet and correlating method first embodiment of data flow.After radius client receives this RADIUS message bag, decode obtain the user profile of user terminal to it, this user profile can comprise account, password, the private net address of user, can also comprise the geographical position etc. of user terminal.The user profile of the user terminal that the decoding RADIUS message bag that the 3rd sending module 01 receives radius client transmission obtains, radius client only can obtain the private net address of this user terminal to the decoding of RADIUS message bag, and can not obtain the public network address of this user terminal.Master control set sends the SYSLOG packet of intercepting to SYSLOG client, SYSLOG client receives this SYSLOG packet, carries out decoding obtain the public network address of user terminal (i.e. user profile) and port range and send this public network address and described port range to the 3rd sending module 01 it.
Second relating module 02, for associating the described user profile of reception and described public network address and port range, obtain user context information, when creating data flow to make master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.
After 3rd sending module 01 receives user profile and public network address corresponding to user terminal and port range, second relating module 02 associated user information and public network address and port range, obtain user context information, user context information can be the mapping table of user profile and public network address and port range, it can be the packet comprising user profile and public network address and port range, can also be a kind of algorithm utilizing public network address and port to obtain corresponding user profile, or other forms be suitable for.
When master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate the first embodiment of the method reference user profile of described data flow and described user profile and the correlating method of data flow.
The user profile of the user terminal that the decoding RADIUS message bag that the present invention the 3rd sending module 01 receives radius client transmission obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Second relating module 02 associates the described user profile and described public network address and port range that receive, obtain user context information, when creating data flow for master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.Compared to prior art, the present invention is the address that user terminal distributes at radius server is private net address, load-balancing device cannot by user profile and data flow cannot point-score to same master control set process when, user profile is associated with data flow, the user behavior analysis under this special networking scene is made to become possibility, and the requirement significantly reduced load-balancing device and dependence.
In the present embodiment, described radius server also comprises:
Enquiry module (not shown), for when receiving the query statement that master control set sends through radius client, respond described query statement and send the described user context information corresponding with the public network address of described data flow and port numbers to master control set through radius client, and storing the information of radius client.
When master control set creates data flow, read public network address and the port numbers of described data flow; Master control set judges whether to there is the described user context information corresponding with public network address that is described data flow and port numbers that be that store; If not, master control set sends through radius client the second embodiment that query statement to the manner of execution of the steps such as radius server can refer to the correlating method of user profile and data flow.
Compared to prior art, user context information is stored in radius client or master control set by the present invention, during follow-up if desired inquiring user contextual information, does not need repetition to obtain this user context information from radius server, simplify query steps, improve search efficiency.
In the present embodiment, described radius server also comprises:
Roll off the production line receiver module (not shown), when rolling off the production line packet for obtaining at master control set, receive that radius client sends decoded described in roll off the production line packet; The described packet that rolls off the production line is sent to radius client by master control set;
Notification module (not shown), for sending the notice that rolls off the production line through radius client to master control set, deletes to make master control set the described user context information be stored in master control set.
Master control set intercepts the packet that rolls off the production line that user terminal sends, master control set directly can not read the content of this packet that rolls off the production line, therefore, transmission rolls off the production line packet to radius client, after radius client receives the packet that rolls off the production line, it is decoded, and send the decoded packet that rolls off the production line to the receiver module that rolls off the production line, after the receiver module that rolls off the production line receives this decoded packet that rolls off the production line, notification module sends the notice that rolls off the production line to radius client, the radius client notice that this rolled off the production line sends to master control set, master control set receive this roll off the production line notice time, delete the user context information be stored in master control set.
In certain embodiments, user context information may be obtained from radius server and be stored in radius client, after the notice that rolls off the production line of the notified module transmission of radius client, the notice that this rolled off the production line sends to master control set, master control set receive this roll off the production line notice time, delete the user context information that is stored in radius client.
In the present embodiment, described radius server also comprises:
3rd update module (not shown), during for obtaining new RADIUS message bag at master control set, the new user profile that the user terminal that the described new RADIUS message bag of decoding receiving radius client transmission obtains is corresponding; Radius server, according to described new user profile, obtains new user context information, and sends update notification to master control set through radius client; Described new RADIUS message bag is obtained by master control set and is sent to radius client;
4th update module (not shown), during for obtaining new SYSLOG packet at master control set, the new public network address that the user terminal that the described new SYSLOG packet of reception SYSLOG client decoding obtains is corresponding and port range; According to described new public network address and port range, obtain new user context information, and send update notification to master control set through radius client; Described new SYSLOG packet is obtained by master control set and is sent to SYSLOG client.
These are only the preferred embodiments of the present invention; not thereby the scope of the claims of the present invention is limited; every utilize specification of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.
Claims (10)
1. a correlating method for user profile and data flow, is applied to master control set, it is characterized in that, the correlating method of described user profile and data flow comprises the following steps:
Master control set sends the RADIUS message bag of intercepting to radius client, obtains the user profile of user terminal for radius client decoding and sends described user profile to radius server;
Master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, obtain user context information;
When master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile.
2. the correlating method of user profile as claimed in claim 1 and data flow, it is characterized in that, when described master control set creates data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtain the described user profile corresponding with described user context information, and the step associating described data flow and described user profile comprises:
When master control set creates data flow, read public network address and the port numbers of described data flow;
Master control set judges whether to there is the described user context information corresponding with public network address that is described data flow and port numbers that be that store;
If not, master control set sends query statement to radius client, obtain and store radius client and receive the described user context information corresponding with the public network address of described data flow and port numbers that radius server sends, according to obtaining and the described user context information stored, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile;
If so, master control set is according to the described user context information stored, and obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
3. the correlating method of user profile as claimed in claim 1 or 2 and data flow, it is characterized in that, described master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, comprise after obtaining the step of user context information:
Master control set intercepts and to roll off the production line packet, the packet that rolls off the production line described in transmission to radius client, for roll off the production line described in radius client decoding packet and send decoded described in roll off the production line packet to radius server;
Master control set receives the notice that rolls off the production line that radius server sends through radius client, deletes the described user context information be stored in master control set.
4. the correlating method of user profile as claimed in claim 1 or 2 and data flow, it is characterized in that, described master control set sends the SYSLOG packet that intercepts to SYSLOG client, obtains public network address corresponding to user terminal and port range and send described public network address and port range to radius server for the decoding of SYSLOG client; To make radius server associate described user profile and described public network address and port range, comprise after obtaining the step of user context information:
Master control set intercepts new RADIUS message bag, send described new RADIUS message bag to radius client, obtain new user profile corresponding to user terminal for radius client decoding and send described new user profile to radius server, to make radius server obtain new user context information according to described new user profile, and send update notification to master control set through radius client;
Master control set intercepts new SYSLOG packet, send described new SYSLOG packet to SYSLOG client, obtain new public network address corresponding to user terminal and port range for the decoding of SYSLOG client and send described new public network address and port range to radius server, to make radius server obtain new user context information according to described new public network address and port range, and send update notification to master control set through radius client.
5. a correlating method for user profile and data flow, is applied to radius server, it is characterized in that, the correlating method of described user profile and data flow comprises the following steps:
The user profile of the user terminal that the decoding RADIUS message bag that radius server receives radius client transmission obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Wherein, described RADIUS message bag is intercepted by master control set and is sent to radius client, and described SYSLOG packet is intercepted by master control set and is sent to SYSLOG client;
Radius server associates the described user profile and described public network address and port range that receive, obtain user context information, when creating data flow to make master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtains the described user profile corresponding with described user context information and associates described data flow and described user profile.
6. a master control set, is characterized in that, described master control set comprises:
First sending module, for sending the RADIUS message bag of intercepting to radius client, obtaining the user profile of user terminal for radius client decoding and sending described user profile to radius server;
Second sending module, for sending the SYSLOG packet of intercepting to SYSLOG client, obtaining public network address corresponding to user terminal and port range for the decoding of SYSLOG client and sending described public network address and port range to radius server; To make radius server associated user information and described public network address and port range, obtain user context information;
First relating module, during for creating data flow, the described user context information corresponding with the described data flow created obtained according to radius server, obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
7. master control set as claimed in claim 6, it is characterized in that, described first relating module comprises:
Reading unit, during for creating data flow, reads public network address and the port numbers of described data flow;
, there is the described user context information corresponding with public network address that is described data flow and port numbers that be that store for judging whether in judging unit;
First associative cell, for if not, query statement is sent to radius client, obtain and store radius client and receive the described user context information corresponding with the public network address of described data flow and port numbers that radius server sends, according to obtaining and the described user context information stored, obtain the described user profile corresponding with described user context information, and associate described data flow and described user profile;
Second associative cell, for if so, according to the described user context information stored, obtains the described user profile corresponding with described user context information, and associates described data flow and described user profile.
8. master control set as claimed in claims 6 or 7, it is characterized in that, described master control set also comprises:
Downline module, to roll off the production line packet for intercepting, the packet that rolls off the production line described in transmission to radius client, for roll off the production line described in radius client decoding packet and send decoded described in roll off the production line packet to radius server;
Receiver module, for receiving the notice that rolls off the production line that radius server sends through radius client, deletes the described user context information be stored in master control set.
9. main control module as claimed in claims 6 or 7, it is characterized in that, described master control set also comprises:
First update module, for intercepting new RADIUS message bag, send described new RADIUS message bag to radius client, obtain new user profile corresponding to user terminal for radius client decoding and send described new user profile to radius server, to make radius server obtain new user context information according to described new user profile, and send update notification to the first update module through radius client;
Second update module, for intercepting new SYSLOG packet, send described new SYSLOG packet to SYSLOG client, obtain new public network address corresponding to user terminal and port range for the decoding of SYSLOG client and send described new public network address and port range to radius server, to make radius server obtain new user context information according to described new public network address and port range, and send update notification to the second update module through radius client.
10. a radius server, is characterized in that, described radius server comprises:
3rd sending module, the user profile of the user terminal that the decoding RADIUS message bag sent for receiving radius client obtains, the public network address that the user terminal that the decoding SYSLOG packet receiving the transmission of SYSLOG client obtains is corresponding and port range; Wherein, described RADIUS message bag is intercepted by master control set and is sent to radius client, and described SYSLOG packet is intercepted by master control set and is sent to SYSLOG client;
Second relating module, for associating the described user profile of reception and described public network address and port range, obtain user context information, when creating data flow to make master control set, the described user context information corresponding with the described data flow created obtained according to radius server, obtains the described user profile corresponding with described user context information and associates described data flow and described user profile.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410265613.8A CN105227685A (en) | 2014-06-13 | 2014-06-13 | The correlating method of user profile and data flow, master control set, radius server |
| PCT/CN2014/088204 WO2015188536A1 (en) | 2014-06-13 | 2014-10-09 | Method for associating user information and data flow, main control apparatus, and radius server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410265613.8A CN105227685A (en) | 2014-06-13 | 2014-06-13 | The correlating method of user profile and data flow, master control set, radius server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105227685A true CN105227685A (en) | 2016-01-06 |
Family
ID=54832823
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410265613.8A Withdrawn CN105227685A (en) | 2014-06-13 | 2014-06-13 | The correlating method of user profile and data flow, master control set, radius server |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105227685A (en) |
| WO (1) | WO2015188536A1 (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101330754A (en) * | 2007-10-25 | 2008-12-24 | 中兴通讯股份有限公司 | Method for implementing authentication charging of remote subscriber dialing authentication system |
| CN101883111A (en) * | 2010-06-25 | 2010-11-10 | 中兴通讯股份有限公司 | Accounting server for processing online business log and method thereof |
| CN102868539A (en) * | 2012-10-19 | 2013-01-09 | 中太数据通信(深圳)有限公司 | Method and system for managing nationwide billing identification gateways |
| CN103067532A (en) * | 2012-10-19 | 2013-04-24 | 中太数据通信(深圳)有限公司 | Method and system of unified identification management of mobile internet users |
| CN103441859A (en) * | 2013-08-26 | 2013-12-11 | 暨南大学 | Generation management method and system for identifiers for user charging services |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1825812A (en) * | 2005-02-25 | 2006-08-30 | 华为技术有限公司 | System and method for managing network web log information |
| US20130067062A1 (en) * | 2011-09-12 | 2013-03-14 | Microsoft Corporation | Correlation of Users to IP Address Lease Events |
| CN103686661A (en) * | 2012-09-26 | 2014-03-26 | 三亚中兴软件有限责任公司 | Charging method, charging device and charging system |
| CN103532752A (en) * | 2013-10-10 | 2014-01-22 | 北京首信科技股份有限公司 | Management device and method for realizing integration of surfing logs of mobile internet users |
-
2014
- 2014-06-13 CN CN201410265613.8A patent/CN105227685A/en not_active Withdrawn
- 2014-10-09 WO PCT/CN2014/088204 patent/WO2015188536A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101330754A (en) * | 2007-10-25 | 2008-12-24 | 中兴通讯股份有限公司 | Method for implementing authentication charging of remote subscriber dialing authentication system |
| CN101883111A (en) * | 2010-06-25 | 2010-11-10 | 中兴通讯股份有限公司 | Accounting server for processing online business log and method thereof |
| CN102868539A (en) * | 2012-10-19 | 2013-01-09 | 中太数据通信(深圳)有限公司 | Method and system for managing nationwide billing identification gateways |
| CN103067532A (en) * | 2012-10-19 | 2013-04-24 | 中太数据通信(深圳)有限公司 | Method and system of unified identification management of mobile internet users |
| CN103441859A (en) * | 2013-08-26 | 2013-12-11 | 暨南大学 | Generation management method and system for identifiers for user charging services |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2015188536A1 (en) | 2015-12-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9439026B2 (en) | Method and system for communication between machine to machine M2M service provider networks | |
| CN104967595A (en) | Method and apparatus for registering devices on Internet of things platform | |
| CN102821109A (en) | Method, associated equipment and system for realizing data sharing in instant communication application | |
| WO2008062313A3 (en) | Communication system and method | |
| CN102843391A (en) | Information transmitting method and gateway | |
| CN104394577B (en) | The wireless network access method of wireless routing device and electronic equipment | |
| CN106899500B (en) | Message processing method and device for cross-virtual extensible local area network | |
| CN107889194B (en) | Obtain, provide method, equipment and the medium of wireless access point access information | |
| US8472420B2 (en) | Gateway device | |
| CN106507414B (en) | Message forwarding method and device | |
| CN102123362A (en) | Method for automatically acquiring mobile phone number by mobile equipment | |
| CN105959188B (en) | Method and device for controlling user terminal to be on-line | |
| CN103581040A (en) | Server distributing device and server distributing method | |
| CN105187311A (en) | Message forwarding method and message forwarding device | |
| CN108307479B (en) | Communication module, network distribution method and device thereof, storage medium, equipment and terminal | |
| CN108093390A (en) | A kind of smart machine of feature based information finds method | |
| CN104750723A (en) | File sharing method, system, browser and server | |
| KR101748302B1 (en) | System and method of anqp querying using a common anqp group version | |
| US20180091944A1 (en) | Prose information transmission method, terminal, and communications device | |
| CN104735174A (en) | HTTP transparent proxy implementing method and device | |
| CN105490913A (en) | Instant message processing method and device | |
| CN106850760A (en) | Geographical position acquisition methods and device | |
| CN105227685A (en) | The correlating method of user profile and data flow, master control set, radius server | |
| CN104144230A (en) | Simple method and device for binding monitoring terminals | |
| US20160234685A1 (en) | Methods and Devices for Processing Identification Information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20160106 |