CN105516162B - 一种基于规则描述语言的动态配置过滤规则的方法 - Google Patents
一种基于规则描述语言的动态配置过滤规则的方法 Download PDFInfo
- Publication number
- CN105516162B CN105516162B CN201510958869.1A CN201510958869A CN105516162B CN 105516162 B CN105516162 B CN 105516162B CN 201510958869 A CN201510958869 A CN 201510958869A CN 105516162 B CN105516162 B CN 105516162B
- Authority
- CN
- China
- Prior art keywords
- session connection
- rule
- connection
- field
- integer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
表示值 | 功能 | 说明 |
1 | 放行 | |
2 | 丢弃 | |
3 | 记日志 | |
4 | 创建新的会话连接 | |
5 | 转入另一个状态 |
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510958869.1A CN105516162B (zh) | 2015-12-18 | 2015-12-18 | 一种基于规则描述语言的动态配置过滤规则的方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510958869.1A CN105516162B (zh) | 2015-12-18 | 2015-12-18 | 一种基于规则描述语言的动态配置过滤规则的方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105516162A CN105516162A (zh) | 2016-04-20 |
CN105516162B true CN105516162B (zh) | 2019-02-19 |
Family
ID=55723798
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510958869.1A Active CN105516162B (zh) | 2015-12-18 | 2015-12-18 | 一种基于规则描述语言的动态配置过滤规则的方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105516162B (zh) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106302177A (zh) * | 2016-08-23 | 2017-01-04 | 杭州迪普科技有限公司 | 一种路由过滤规则的组织方法和装置 |
CN106886558B (zh) * | 2016-12-28 | 2020-10-16 | 浙江宇视科技有限公司 | 一种数据处理方法以及服务器 |
CN110417745B (zh) * | 2019-07-03 | 2021-09-03 | 长沙学院 | 一种支持ModbusTCP低延时处理的规则匹配方法和系统 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101060521A (zh) * | 2006-04-18 | 2007-10-24 | 华为技术有限公司 | 信息包过滤方法及网络防火墙 |
CN103944858A (zh) * | 2013-01-18 | 2014-07-23 | 北京睿骊通电子技术有限公司 | 内外测网间隔离计算机 |
CN104426837A (zh) * | 2013-08-20 | 2015-03-18 | 中兴通讯股份有限公司 | Ftp的应用层报文过滤方法及装置 |
CN104519065A (zh) * | 2014-12-22 | 2015-04-15 | 北京卓越信通电子股份有限公司 | 一种支持过滤Modbus TCP协议的工控防火墙实现方法 |
-
2015
- 2015-12-18 CN CN201510958869.1A patent/CN105516162B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101060521A (zh) * | 2006-04-18 | 2007-10-24 | 华为技术有限公司 | 信息包过滤方法及网络防火墙 |
CN103944858A (zh) * | 2013-01-18 | 2014-07-23 | 北京睿骊通电子技术有限公司 | 内外测网间隔离计算机 |
CN104426837A (zh) * | 2013-08-20 | 2015-03-18 | 中兴通讯股份有限公司 | Ftp的应用层报文过滤方法及装置 |
CN104519065A (zh) * | 2014-12-22 | 2015-04-15 | 北京卓越信通电子股份有限公司 | 一种支持过滤Modbus TCP协议的工控防火墙实现方法 |
Non-Patent Citations (1)
Title |
---|
基于Linux高校网络防火墙的设计;张海春,屈爽;《微计算机信息》;20090125;第25卷(第1-3期);第77页 |
Also Published As
Publication number | Publication date |
---|---|
CN105516162A (zh) | 2016-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Cui et al. | A session-packets-based encrypted traffic classification using capsule neural networks | |
Su et al. | Distributed consensus control of multi-agent systems with higher order agent dynamics and dynamically changing directed interaction topologies | |
CN106464577B (zh) | 网络系统、控制装置、通信装置以及通信控制方法 | |
Zuo et al. | Robust consensus control of uncertain multi‐agent systems with input delay: a model reduction method | |
CN105516162B (zh) | 一种基于规则描述语言的动态配置过滤规则的方法 | |
US9031959B2 (en) | Method and apparatus for identifying application protocol | |
Ogiwara et al. | Maximizing algebraic connectivity in the space of graphs with a fixed number of vertices and edges | |
CN106506486A (zh) | 一种基于白名单矩阵的智能工控网络信息安全监控方法 | |
EP2768200B1 (en) | Receiving data packets | |
Liu et al. | Sampled-data-based consensus of multi-agent systems under asynchronous denial-of-service attacks | |
GB2365668A (en) | Network data packet classification and demultiplexing | |
US20150201047A1 (en) | Block mask register | |
Alhussain et al. | A Neural Network-Based Trust Management System for Edge Devices in Peer-to-Peer Networks. | |
CN105359472A (zh) | 一种用于OpenFlow网络的数据处理方法和装置 | |
US9275336B2 (en) | Method and system for skipping over group(s) of rules based on skip group rule | |
CN109413069A (zh) | 基于区块链的虚拟网站防火墙的应用方法及装置 | |
CN105871856B (zh) | 批处理包过滤防火墙的实现方法 | |
CN113904950A (zh) | 基于流的网络监测方法、装置、计算机设备及存储介质 | |
Wang et al. | Consensus design for continuous-time multi-agent systems with communication delay | |
CN106549969B (zh) | 数据过滤方法及装置 | |
Choi et al. | Traffic-locality-based creation of flow whitelists for SCADA networks | |
WO2020170802A1 (ja) | 検知装置および検知方法 | |
Andon et al. | Modeling conflict processes on the internet | |
Xu et al. | Minimization of job waiting time variance on identical parallel machines | |
Chen et al. | A new lookup model for multiple flow tables of open flow with implementation and optimization considerations |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20190709 Address after: Room 622, Building A, China Electronic Information Security Industry Base, Changping District, Beijing, 102200 Co-patentee after: No.6 Research Institute of China Electronics Corporation Patentee after: Zhongdian Intelligent Technology Co., Ltd. Address before: No. 25 Tsinghua East Road, Haidian District, Beijing 100085 Patentee before: No.6 Research Institute of China Electronics Corporation |
|
TR01 | Transfer of patent right | ||
CB03 | Change of inventor or designer information |
Inventor after: Song Liding Inventor after: Feng Dajun Inventor after: Fu Yifan Inventor after: Gong Chunyan Inventor after: Wang Shuai Inventor before: Feng Dajun Inventor before: Fu Yifan Inventor before: Gong Chunyan Inventor before: Wang Shuai |
|
CB03 | Change of inventor or designer information |