CN105471895A - Visual data packet filter configuration system and realizing method - Google Patents
Visual data packet filter configuration system and realizing method Download PDFInfo
- Publication number
- CN105471895A CN105471895A CN201511002183.1A CN201511002183A CN105471895A CN 105471895 A CN105471895 A CN 105471895A CN 201511002183 A CN201511002183 A CN 201511002183A CN 105471895 A CN105471895 A CN 105471895A
- Authority
- CN
- China
- Prior art keywords
- filter
- user
- packet filtering
- configuration
- interactive interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a visual data packet filter configuration system and a realizing method relating to the network technique, aiming at providing a data packet filter configuration method with better user experience. The technical key points of the invention comprise: step 1, providing an interactive interface for a user, displaying filter configuration items and logic operators for the user to click and select by the interactive interface, simultaneously recording the configuration item content filled out by the user; step 2, recording the configuration items, logic operators selected by the user and the configuration item content filled out by the user, obtaining a configuration logic expression, storing and displaying the configuration logic expression on the interactive interface in graphic mode; step 3, generating a data packet filter, wherein the configuration logic expression is taken as the filtering condition of the data packet filter.
Description
Technical field
The present invention relates to network technology, especially a kind of collocation method of packet filtering.
Background technology
It is of a great variety that current data packet captures software (being called for short packet capturing software below), but substantially all packet capturing software is in the setting of packet filtering, be all use write configuration item logical expression, as Ipv4.address==192.168.0.1, mode complete, the maximum shortcoming of which is exactly higher to the professional requirement of user, require that the use of user to current packet capturing software is very familiar, understand each configuration item (as configuration object and attribute) in packet filtering configuration logic expression formula, the meaning of oeprator, otherwise just can not configure the filter of needs, and the configuration item of various packet capturing software filter, the expression symbol of oeprator and implication are not quite similar, often changing a packet capturing software just needs user to relearn its filter settings rule, for user brings very large trouble.
Summary of the invention
Technical problem to be solved by this invention is: for above-mentioned Problems existing, the implementation method providing a kind of visualized data IP filter to configure and system, is convenient to user and carries out setting configuration to the filter of packet capturing software, improve Consumer's Experience.
The implementation method of a kind of visualized data IP filter configuration provided by the invention, comprising:
Step 1: provide interactive interface to user, interactive interface display filter configuration item and logical operator click selection for user, simultaneously the recording user configuration item content of filling in;
Step 2: the configuration item content that configuration item, logical operator and user that recording user is selected fill in obtains configuration logic expression formula, described configuration logic expression formula is preserved and is graphically presented on interactive interface;
Step 3: generate a packet filtering, described configuration logic expression formula is as the filter condition of this packet filtering.
Described step 1 also comprises, and interactive interface also shows the packet filtering that user has configured, and each packet filtering in interactive interface has three kinds of states to select for user; Described three kinds of states comprise acceptance, refusal and do not select.
Described step 2 also comprises, the packet filtering that recording user is selected and state thereof; Each packet filtering of the selection of user is cascaded and obtains complex data IP filter; Wherein the acceptance of each selected packet filtering or disarmed state determination data bag flow to; Interactive interface graphically shows described complex data IP filter.
Described step 3 also comprises: the filter condition of setting complex data IP filter: packet is successively by each packet filtering in complex data IP filter; When the state of certain packet filtering is for accepting, will through it and the packet meeting its filter condition pass through; When the state of certain packet filtering is for refusal, will through it and the packet not meeting its filter condition pass through.
A kind of visualized data IP filter configuration-system provided by the invention, comprising:
Interactive interface administrative unit, provides interactive interface with about to user, and interactive interface display filter configuration item and logical operator click selection for user, simultaneously the recording user configuration item content of filling in;
Configuration logic expression formula generates and display unit, the configuration item content that the configuration item selected for recording user, logical operator and user fill in obtains configuration logic expression formula, described configuration logic expression formula is preserved and is graphically presented on interactive interface;
Packet filtering generation unit, for generating a packet filtering, described configuration logic expression formula is as the filter condition of this packet filtering.
Described interactive interface administrative unit also for, interactive interface shows the packet filtering that user has configured, and each packet filtering in interactive interface has three kinds of states to select for user; Described three kinds of states comprise acceptance, refusal and do not select.
Further, also comprise complex data IP filter and generate and display unit, the packet filtering selected for recording user and state thereof; Each packet filtering of the selection of user is cascaded and obtains complex data IP filter; Wherein the acceptance of each selected packet filtering or disarmed state determination data bag flow to; Interactive interface graphically shows described complex data IP filter.
Further, complex data IP filter filter condition setup unit is also comprised, for setting the filter condition of complex data IP filter: packet is successively by each packet filtering in complex data IP filter; When the state of certain packet filtering is for accepting, will through it and the packet meeting its filter condition pass through; When the state of certain packet filtering is for refusal, will through it and the packet not meeting its filter condition pass through.
In sum, owing to have employed technique scheme, the invention has the beneficial effects as follows:
The present invention's visualization interface achieves the configuration of packet capturing software data IP filter, user can choose according to the content of interface display the configuration item needing setting voluntarily, fill in deploy content, just general configuration item literal expression can be generated, on backstage, literal expression is converted to according to corresponding relation the setting that configuration item logical expression just can realize filter, substantially increases user experience.
Accompanying drawing explanation
Examples of the present invention will be described by way of reference to the accompanying drawings, wherein:
Fig. 1 is the configuration interface of the single configuration item of individual data IP filter in one embodiment of the invention.
Fig. 2 is configuration item and the logical operator selection schematic diagram of the multiple configuration item of individual data IP filter in one embodiment of the invention.
Fig. 3 ~ 5 are the content input dialogue frame of each configuration item of the multiple configuration item of individual data IP filter in one embodiment of the invention.
Fig. 6 is the result of Fig. 2 ~ 5.
Fig. 7 is the configuration interface of the complex data IP filter in the present invention in an embodiment.
Embodiment
All features disclosed in this specification, or the step in disclosed all methods or process, except mutually exclusive feature and/or step, all can combine by any way.
Arbitrary feature disclosed in this specification, unless specifically stated otherwise, all can be replaced by other equivalences or the alternative features with similar object.That is, unless specifically stated otherwise, each feature is an example in a series of equivalence or similar characteristics.
The implementation method of a kind of visualized data IP filter configuration provided by the invention, comprising:
Step 1: provide interactive interface to user, interactive interface display filter configuration item and logical operator click selection for user, simultaneously the recording user configuration item content of filling in.
See Fig. 1, this interactive interface is for configuring the single configuration item of individual data IP filter, the title of data filter is had in display, this title can sets itself, name in the present embodiment is called HTTP, its configuration item comprises address rule, port rule and protocol rule, and the present embodiment is only configured with this single configuration item of protocol rule.
In other embodiments, more than one of configuration item comprising of the configuration logic expression formula of packet filtering.See Fig. 6, each configuration item for configuring multiple configuration items of individual data IP filter, and is carried out logical operation and obtains a complicated configuration logic expression formula by this interactive interface.Configuration item on this interface comprises protocol rule, data package size, packet content etc., and each configuration item has concrete content.In Fig. 2, just the selection drop-down menu of configuration item can be ejected after choosing a logical operator, just the configuration item content input frame shown in Fig. 3 ~ 5 can be ejected, as the deploy content input dialogue frame of the configuration items such as protocol rule, data package size, packet content after user chooses a configuration item.Each configuration item is carried out the logical operation of certain rule by user by logical operator, obtain configuration logic expression formula.
Step 2: the configuration item content that configuration item, logical operator and user that recording user is selected fill in obtains configuration logic expression formula, described configuration logic expression formula is preserved and is presented on interactive interface; See Fig. 6.No matter be the configuration logic expression formula of single configuration item composition or the configuration logic expression formula of multiple configuration item composition, all can be used as a packet filtering.
Step 3: use step 2 to obtain configuration logic expression formula setting data IP filter, it can be used as the filter condition of this filter.
The packet filtering that another embodiment of the present invention also can choose it once to write for user is carried out combination and is obtained complex data IP filter.
The present embodiment step 1 also comprises, and interactive interface shows packet filtering and three kinds of states that user configured, selects, on the left of Fig. 7 for user.When two check boxes after packet filtering are not chosen, its state is not for select, and this packet filtering participates in the composition of complex data IP filter; This packet filtering when check box is chosen that accepts after certain packet is receive status, as name is called the packet filtering of HTTP and CIFS; When refusal check box after certain packet is chosen, this packet filtering is disarmed state, as name is called the packet filtering of DNS and Multicast.
The present embodiment step 2 also comprises, the packet filtering that recording user is selected and state thereof; Each packet filtering of the selection of user be cascaded and obtain complex data IP filter, wherein the acceptance of each selected packet filtering or disarmed state determination data bag flow to; Interactive interface graphically shows described complex data IP filter.As the flow chart on the right side of Fig. 7.
Described step 3 also comprises: the filter condition of setting complex data IP filter: packet is successively by each packet filtering in complex data IP filter; When the state of certain packet filtering is for accepting, will through it and the packet meeting its filter condition pass through; When the state of certain packet filtering is for refusal, will through it and the packet not meeting its filter condition pass through.
As in Fig. 3, when packet is through DNS packet filtering, because this filter state is refusal, the packet not meeting DNS packet filtering filter condition passes through and flows to Multicast packet filtering.State due to Multicast packet filtering is also refusal, the packet so not meeting Multicast packet filtering filter condition passes through and flows to HTTP packet filtering, because the state of HTTP packet filtering is for accepting, therefore the packet meeting HTTP packet filtering filter condition passes through and flows to CIFS packet filtering, and the packet finally meeting CIFS packet filtering filter condition passes through and enters next processing links.
The present invention is not limited to aforesaid embodiment.The present invention expands to any new feature of disclosing in this manual or any combination newly, and the step of the arbitrary new method disclosed or process or any combination newly.
Claims (8)
1. an implementation method for visualized data IP filter configuration, is characterized in that, comprising:
Step 1: provide interactive interface to user, interactive interface display filter configuration item and logical operator click selection for user, simultaneously the recording user configuration item content of filling in;
Step 2: the configuration item content that configuration item, logical operator and user that recording user is selected fill in obtains configuration logic expression formula, described configuration logic expression formula is preserved and is graphically presented on interactive interface;
Step 3: generate a packet filtering, described configuration logic expression formula is as the filter condition of this packet filtering.
2. the implementation method of a kind of visualized data IP filter configuration according to claim 1, it is characterized in that, described step 1 also comprises, and interactive interface also shows the packet filtering that user has configured, and each packet filtering in interactive interface has three kinds of states to select for user; Described three kinds of states comprise acceptance, refusal and do not select.
3. the implementation method of a kind of visualized data IP filter configuration according to claim 2, it is characterized in that, described step 2 also comprises, the packet filtering that recording user is selected and state thereof; Each packet filtering of the selection of user is cascaded and obtains complex data IP filter; Wherein the acceptance of each selected packet filtering or disarmed state determination data bag flow to; Interactive interface graphically shows described complex data IP filter.
4. the implementation method of a kind of visualized data IP filter configuration according to claim 3, it is characterized in that, described step 3 also comprises: the filter condition of setting complex data IP filter: packet is successively by each packet filtering in complex data IP filter; When the state of certain packet filtering is for accepting, will through it and the packet meeting its filter condition pass through; When the state of certain packet filtering is for refusal, will through it and the packet not meeting its filter condition pass through.
5. a visualized data IP filter configuration-system, is characterized in that, comprising:
Interactive interface administrative unit, provides interactive interface with about to user, and interactive interface display filter configuration item and logical operator click selection for user, simultaneously the recording user configuration item content of filling in;
Configuration logic expression formula generates and display unit, the configuration item content that the configuration item selected for recording user, logical operator and user fill in obtains configuration logic expression formula, described configuration logic expression formula is preserved and is graphically presented on interactive interface;
Packet filtering generation unit, for generating a packet filtering, described configuration logic expression formula is as the filter condition of this packet filtering.
6. a kind of visualized data IP filter configuration-system according to claim 5, it is characterized in that, described interactive interface administrative unit also for, interactive interface shows the packet filtering that user has configured, and each packet filtering in interactive interface has three kinds of states to select for user; Described three kinds of states comprise acceptance, refusal and do not select.
7. a kind of visualized data IP filter configuration-system according to claim 6, is characterized in that, also comprises complex data IP filter and generates and display unit, the packet filtering selected for recording user and state thereof; Each packet filtering of the selection of user is cascaded and obtains complex data IP filter; Wherein the acceptance of each selected packet filtering or disarmed state determination data bag flow to; Interactive interface graphically shows described complex data IP filter.
8. a kind of visualized data IP filter configuration-system according to claim 7, it is characterized in that, also comprise complex data IP filter filter condition setup unit, for setting the filter condition of complex data IP filter: packet is successively by each packet filtering in complex data IP filter; When the state of certain packet filtering is for accepting, will through it and the packet meeting its filter condition pass through; When the state of certain packet filtering is for refusal, will through it and the packet not meeting its filter condition pass through.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511002183.1A CN105471895A (en) | 2015-12-29 | 2015-12-29 | Visual data packet filter configuration system and realizing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511002183.1A CN105471895A (en) | 2015-12-29 | 2015-12-29 | Visual data packet filter configuration system and realizing method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105471895A true CN105471895A (en) | 2016-04-06 |
Family
ID=55609165
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201511002183.1A Pending CN105471895A (en) | 2015-12-29 | 2015-12-29 | Visual data packet filter configuration system and realizing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105471895A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302149A (en) * | 2016-08-30 | 2017-01-04 | 成都科来软件有限公司 | A kind of method and device based on service logic many-to-many communication path analysis |
| CN107391691A (en) * | 2017-07-26 | 2017-11-24 | 成都科来软件有限公司 | The filter method of data in a kind of network analysis |
| CN108920532A (en) * | 2018-06-06 | 2018-11-30 | 成都深思科技有限公司 | A kind of graphical filter expression generation method, equipment and storage medium |
| CN111131057A (en) * | 2019-12-17 | 2020-05-08 | 北京网太科技发展有限公司 | Visualization-based routing protocol security protection rule configuration method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103678349A (en) * | 2012-09-10 | 2014-03-26 | 腾讯科技(深圳)有限公司 | Method and device for filtering useless data |
| CN104536997A (en) * | 2014-12-12 | 2015-04-22 | 北京国双科技有限公司 | Method and device for data batch processing of client interface |
| CN105022335A (en) * | 2015-07-03 | 2015-11-04 | 北京科技大学 | Method and device for filtering link command of PLC upper computer based on RS232 communication protocol |
-
2015
- 2015-12-29 CN CN201511002183.1A patent/CN105471895A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103678349A (en) * | 2012-09-10 | 2014-03-26 | 腾讯科技(深圳)有限公司 | Method and device for filtering useless data |
| CN104536997A (en) * | 2014-12-12 | 2015-04-22 | 北京国双科技有限公司 | Method and device for data batch processing of client interface |
| CN105022335A (en) * | 2015-07-03 | 2015-11-04 | 北京科技大学 | Method and device for filtering link command of PLC upper computer based on RS232 communication protocol |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302149A (en) * | 2016-08-30 | 2017-01-04 | 成都科来软件有限公司 | A kind of method and device based on service logic many-to-many communication path analysis |
| CN107391691A (en) * | 2017-07-26 | 2017-11-24 | 成都科来软件有限公司 | The filter method of data in a kind of network analysis |
| CN108920532A (en) * | 2018-06-06 | 2018-11-30 | 成都深思科技有限公司 | A kind of graphical filter expression generation method, equipment and storage medium |
| CN111131057A (en) * | 2019-12-17 | 2020-05-08 | 北京网太科技发展有限公司 | Visualization-based routing protocol security protection rule configuration method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105471895A (en) | Visual data packet filter configuration system and realizing method | |
| CN105490851A (en) | Method and device for monitoring network traffic | |
| US9807462B2 (en) | Apparatus and method for aggregating media content | |
| EP2747340B1 (en) | Method and apparatus for presenting network path | |
| CN104598436B (en) | A kind of dynamic creation method and device of three-dimensional chart | |
| CN106446184B (en) | Operation system data processing method and device | |
| CN102955794B (en) | Method and device for displaying click condition of web page | |
| CN105099861A (en) | User emotion-based display control method and display control device | |
| CN103248521B (en) | Method, device and the communication system of a kind of business game rule configuration | |
| US9674045B2 (en) | Methods, systems, and computer readable media for modeling packet technology services using a packet virtual network (PVN) | |
| CN104104588B (en) | Instant message display methods and device | |
| CN104866567A (en) | Method and apparatus for presenting business data | |
| CN106294299A (en) | A kind of report form generation method and device | |
| US20160246491A1 (en) | User interface adjusting method and apparatus using the same | |
| CN104793835A (en) | System for changing interface colors and implementation method thereof | |
| CN105867864A (en) | Method and device for displaying of K virtual machines (KVMs) | |
| CN104820764A (en) | Method and device for producing electronic assembly technologic document | |
| CN107124443A (en) | Data analysing method and device based on block chain | |
| CN107930118B (en) | Method and device for visualizing post-processing effect process of Unity engine | |
| CN103605806B (en) | Implementation method for configurable structural data organization mode | |
| CN107407923A (en) | PLC control datas generating means, PLC control datas generation method and PLC control datas generation program | |
| CN106301941B (en) | Mono- key dispositions method of Overlay and system | |
| EP2378713B1 (en) | Register configurator, register configuration method and field control system | |
| CN105162780A (en) | URL (Uniform Resource Locator) filter address setting method and URL filter address setting system | |
| CN106652047A (en) | Virtual scene panoramic experience system capable of carrying out free editing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160406 |