CN105740716B - A kind of network printing auditing method based on iptables - Google Patents

A kind of network printing auditing method based on iptables Download PDF

Info

Publication number
CN105740716B
CN105740716B CN201610034816.5A CN201610034816A CN105740716B CN 105740716 B CN105740716 B CN 105740716B CN 201610034816 A CN201610034816 A CN 201610034816A CN 105740716 B CN105740716 B CN 105740716B
Authority
CN
China
Prior art keywords
print
printer
data packet
iptables
print data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610034816.5A
Other languages
Chinese (zh)
Other versions
CN105740716A (en
Inventor
郭燕慧
周韬
徐国爱
张闯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eversec Beijing Technology Co Ltd
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN201610034816.5A priority Critical patent/CN105740716B/en
Publication of CN105740716A publication Critical patent/CN105740716A/en
Application granted granted Critical
Publication of CN105740716B publication Critical patent/CN105740716B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • G06F21/608Secure printing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1202Dedicated interfaces to print systems specifically adapted to achieve a particular effect
    • G06F3/1203Improving or facilitating administration, e.g. print management
    • G06F3/1209Improving or facilitating administration, e.g. print management resulting in adapted or bridged legacy communication protocols, e.g. emulation, protocol extension
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1202Dedicated interfaces to print systems specifically adapted to achieve a particular effect
    • G06F3/1222Increasing security of the print job
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1223Dedicated interfaces to print systems specifically adapted to use a particular technique
    • G06F3/1237Print job management
    • G06F3/1238Secure printing, e.g. user identification, user rights for device usage, unallowed content, blanking portions or fields of a page, releasing held jobs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/12Digital output to print unit, e.g. line printer, chain printer
    • G06F3/1201Dedicated interfaces to print systems
    • G06F3/1278Dedicated interfaces to print systems specifically adapted to adopt a particular infrastructure
    • G06F3/1285Remote printer device, e.g. being remote from client or server
    • G06F3/1288Remote printer device, e.g. being remote from client or server in client-server-printer device configuration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Accessory Devices And Overall Control Thereof (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a kind of network printing auditing method based on iptables, steps are as follows:One, Print-auditing System is disposed, iptables, connection client, Print-auditing System and printer are configured;Step 2: client sends print data packet and non-print data packet to Print-auditing System;Step 3: Print-auditing System carries out audit processing according to audit regulation to print data packet, and it is transmitted to printer;Step 4: non-print task data packet is directly forwarded to printer;Step 5: checking whether the file of printer printing is normal, and compare, checks whether normal with the print out task document of Print-auditing System storage;If normal, terminate, otherwise, return step two.Advantage is:Under the premise of not influencing functions normal use, user installation other software or the drivers such as printer other facsimile copyings, not having to change any configuration, the network of multiple operating system, the monitor audit system of Multiple Type printer printing are supported.

Description

A kind of network printing auditing method based on iptables
Technical field
The invention belongs to information security fields, are related to the monitor audit of network printing, specifically a kind of to be based on The network printing auditing method of iptables.
Background technique
In recent years, growing about the risk of internet security, the complexity of safety problem increasingly increases, printing safety Accident is more and more, it is therefore desirable to safety management is carried out using mature audit technique, so that risk is preferably minimized.
Print auditing is that the data for printing behavior to user carry out analysis examination, processing and tracking, to guarantee safety regulation It is executed correctly, is reported by being generated after alarm or security audit, misarrangement measure is given a warning or taken automatically to administrator.
At present in Windows printing system, Print auditing technology has 4 classes, respectively:API HOOK technology, Driver Hook technology, virtual printer technology and poll print queue technology;
In linux system, using CUPS (the general Unix print system of Common Unix Printing System), It is a set of relatively complete print solution;
The advantage and disadvantage and application conditions of various Print auditing technologies are as follows:
API HOOK technology, implements relatively easy, and accuracy is relatively high;But API Hook is incomplete;
Driver Hook technology, accuracy highest, but develop and debug all relatively difficult;
Virtual printer technology, the relative simplicity that the completeness and technology that can reach access control are realized, but change The printing habit of user is become;
Poll print queue technology, printing type maintain the former style of Windows, but not general, not can refer to Case, be still not perfect at present.
CUPS technology includes Linux, MacOs suitable for Unix class system;With perfect printing system, printing effect It is outstanding, but data is few, audit function is insufficient.
Pass through the comparison to existing Print auditing technology, it is known that, virtual printer technology and Driver Hook technology can change The printing habit for becoming user, uses inconvenience, is easy to manslaughter wrong report by security software.Moreover, operating system is to beat at present A big limitation of audit technique is printed, the technologies such as API HOOK can only be realized in Windows system.And with the hair of internet Exhibition, linux system using more and more extensive, and also have in personal and enterprise customer in internet industry and are much using apple The MacOs system of fruit company, it is therefore necessary to study a set of Print-auditing System that can support multiple operating system.
In Small-scale LAN, for being connected to the printing device of network, standard port monitor use TCP/IP as Transport protocol is configured and monitor printer state using Simple Network Management Protocol (SNMP);Meanwhile standard port monitor Document is sent to printer using RAW or LPR print protocol.RAW agreement is the default protocol of most of printing devices.In order to The operation of RAW format is sent, printing server will open the TCP flow for being directed to printer network interface.For many equipment For, this interface is port 9100.After creating the port TCP/IP, Windows will be according to 1759 (Printer of RFC MIB), the object identifier (Object Identifier, OID) of query facility is carried out using SNMP.
So-called iptables is one group of rule of the firewall tool that linux kernel provides or linux firewall. Linux firewall is relied on by one group of rule in the predefined center control point of network or system manager, determines network Whether flow is legal, and legal network flow is only allowed to pass in and out system.Network flow is by IP data packet group in the form of streaming From source, system is transferred to purpose system.Containing the information such as source address, destination address and protocol type, fire prevention in IP packet header The foot of a wall checks the attached data of IP packet header according to rule, determines and receives or refuse the IP data packet passed through.
Iptables function is very powerful, using flexible, and can carry out refinement control to the information flowed in and out. Iptables component includes packet filtration table (tables), contains the rule set (rules) of control IP data packet processing.Root According to the type of IP data packet handled by rule, rule, which is grouped, to be placed in chain (chains), it is specified that interior verification is from certain Source, to certain destination or the method for disposal of the IP data packet with certain protocol types.
Iptables component provides 3 basic function tables:Packet Filtering table (filter), network address translation table (NAT) and data packet handles table (man-gle).Each table is made of several chains again, and a chain is an inspection in numerous rules Investigate thoroughly list.Rule can be grouped into chain by the type of the packet according to handled by rule.If some IP data packet and rule It then matches, then (ACCEPT) packet is allowed to pass through;Otherwise, (DROP) or refusal (REJECT) packet are abandoned, to ensure network system The safety of system.
Iptables reads the packet header of the IP data packet flowed in and out, and packet header is compared with rule set, will be subjected to IP data packet be forwarded.For the IP data packet being rejected, abandons or handle in a defined way.Linux built-in 5 A iptables is used for general IP Packet Filtering, includes input, output and forward chain;Nat:For what is forwarded IP data packet includes prerouting, output and postrouting chain;Mangle:It is marked comprising some rules for height The IP data packet of grade routing includes prerouting and output chain.The rule relation chain of iptables is as shown in Figure 1.
Summary of the invention
The present invention is for the network in current techniques, supporting linux system and the Print auditing technology of a variety of printing types It is less, propose a kind of network printing auditing method based on iptables.
Specific step is as follows:
Step 1: disposing Print-auditing System in Linux server, iptables is configured, connection client, Print-auditing System and printer.
Print-auditing System includes iptables schedule process module, and Socket monitors Audit Module, print data conversion Module and printing content identifier module;
Specific step is as follows:
Step 101 checks the simultaneously original ip of journal printer in local area network;
Step 102, the network segment for modifying the original ip of printer, keep new network segment different from original ip network segment.
Step 103, double network interface ip that Linux server is arranged, the network interface ip being connected with client are set as printer Original ip, the network interface ip being connected with printer are set as any new ip with new network segment.
Step 2: client sends print data packet and non-print data packet to Print-auditing System.
Firstly, the print data packet that 9100 port snoop clients of Linux server issue, and save.
Then, iptables schedule process module carries out the configuration of iptables to non-print data packet, and is transmitted to and beats Print machine.
It is as follows to 3 iptables configuration of non-print data packet:
1) udp data that client is sent to Print-auditing System, is forwarded a packet into printer:iptables-t The new ip of nat-A PREROUTING-p UDP-d client ip-j DNAT--to-destination printer;
2) the Transmission Control Protocol data that printer is sent to Print-auditing System, are forwarded a packet into user:iptables-t The new ip-j DNAT--to-destination client ip of nat-A PREROUTING-p TCP-d printer;
3) udp data that printer is sent to Print-auditing System, is forwarded a packet into user:iptables-t The new ip-j DNAT--to-destination client ip of nat-A PREROUTING-p UDP-d printer;
Step 3: Print-auditing System carries out audit processing according to audit regulation to print data packet, and it is transmitted to printing Machine.Audit regulation is mainly the limitation of audit number of prints;
Step 301, Socket monitor Audit Module and handle print data packet to obtain source ip;
Source ip is the client ip for sending print data packet.
Print data packet is converted to PS formatted file and PDF text file by step 302, print data conversion module, and The number that Statistic Source ip address this month has printed;
Print data conversion module utilizes ghostpdl tool, and print data packet is converted to the file and PDF of PS format Text file;The number of PDF text file is counted, every increase one page, the tag field in PS formatted file: BeginPageSetup value increases by 1, by BeginPageSetup value accumulation calculating, can proper secondary print data packet open Number, extracts number of prints each in this month in the database, accumulates it and indicated with a field totalpaper, from And the number that Statistic Source ip address this month has printed.
Step 303, Socket monitor Audit Module judges the source address ip this month, whether number of prints was less than number of prints Otherwise the upper limit does not meet audit regulation if it is, allowing to print and update number of prints, do not allow to print, and is The administrator that unites sends mail notification.
Step 304, printing content identifier module identification PDF text file printing content, by printer by file also Original comes out.
Step 4: non-print task data packet is directly forwarded to printer;
Step 5: checking whether the file of printer printing is normal, and the print out task text with Print-auditing System storage Shelves comparison checks whether normal;If normal, terminate, otherwise, return step two;
Beneficial effects of the present invention are:Control axis using iptables as network printing data, and combine Socket programming technique is intercepted and captured print job data, is audited, is forwarded, for other non-print task data (printers Status data) packet directly carry out non-treated forwarding, realizing is not influencing printer other function (mainly facsimile copying etc.) Normal use, user installation other software or driver do not have under the premise of changing any configuration, support multiple operating system The monitor audit system that network, Multiple Type printer print.
Detailed description of the invention
Fig. 1 is the rule relation chain of iptables of the present invention;
Fig. 2 is client of the present invention, the connection schematic diagram of Print-auditing System and printer;
Fig. 3 is a kind of network printing auditing method flow chart based on iptables of the present invention;
Fig. 4 is flow chart of the Print-auditing System of the present invention to the audit processing of print data packet.
Specific embodiment
With reference to the accompanying drawing, specific implementation method of the invention is described in detail.
A kind of network printing auditing method based on iptables of the present invention, is realized based on experiment porch, as shown in Fig. 2, Experiment porch by client, Print-auditing System and groups of printers at.Wherein Print-auditing System is deployed in built-in Linux system In system, or it is deployed in dedicated high-performance Linux server.The present embodiment selects the Linux server of a double netcard Deployment platform as Print-auditing System.Physically, a network interface of Print-auditing System is connect with printer, separately LAN connection where one network interface and client.
Print-auditing System includes iptables schedule process module, and Socket monitors Audit Module, print data conversion Module and printing content identifier module;
Iptables schedule process module be entire Print-auditing System core, be responsible for receive client user be sent to All data of printer;And handle the data forwarding of print out task to print data conversion module, by non-print Business data are then directly forwarded to printer;
Socket monitors Audit Module and is responsible for the print job data of monitoring users, and turns after auditing to print out task Issue printer.Print data conversion module carries out audit work for printing content-data, then legal printing Task is transmitted to printer and is printed, and unchartered print out task content is saved, and sends mail to system manager Notice.
As shown in figure 3, specific step is as follows:
Step 1: disposing Print-auditing System in Linux server, iptables is configured, connection client, Print-auditing System and printer.
Step 101, any one equipment checks the original ip of printer in local area network;
Step 102, the network segment for modifying the original ip of printer, keep new network segment different from original ip network segment.
It carries in printer and printer ip is modified in management system or manually from printer panel, be changed to and beat The ip of the original ip different segment of print machine.
Step 103, double network interface ip that Linux server is arranged, the network interface ip being connected with client are set as printer Original ip, the network interface ip being connected with printer are set as any new ip with new network segment.
The data packet that client is sent to printer originally is received by Print-auditing System, and Print-auditing System issues visitor The data packet at family end can be considered that printer is issued its data packet and received by client.
Step 2: client sends print data packet and non-print data packet to Print-auditing System.
Firstly, open printing auditing procedure, to the TCP9100 port snoop for the Linux server for being mounted with iptables The print data packet that client issues, and save.
Since print data packet is forwarded by 9100 ports of TCP, therefore carried out in 9100 ports of Linux server It monitors, obtains the print data packet of client sending and retained not to be transmitted to printer in a device.
Then, the configuration that iptables is carried out to non-print data packet, is directly forwarded to printer.
Iptables schedule process module carries out the configuration of iptables to non-print data packet, intercepts print data packet, And it is transmitted to printer.
It is as follows to 3 iptables configuration of non-print data packet:
1) udp data that client is sent to Print-auditing System, is forwarded a packet into printer:iptables-t The new ip of nat-A PREROUTING-p UDP-d client ip-j DNAT--to-destination printer;
Effect is:Guarantee that user can normally issue the request for obtaining the state of printer.
2) the Transmission Control Protocol data that printer is sent to Print-auditing System, are forwarded a packet into user:iptables-t The new ip-j DNAT--to-destination client ip of nat-A PREROUTING-p TCP-d printer;
Effect is:Guarantee the normal use of scanning, facsimile function.
3) udp data that printer is sent to Print-auditing System, is forwarded a packet into user:iptables-t The new ip-j DNAT--to-destination client ip of nat-A PREROUTING-p UDP-d printer;
Effect is:Guarantee that the state of the printer obtained can pass user back.
Step 3: Print-auditing System carries out audit processing according to audit regulation to print data packet, and it is transmitted to printing Machine.Audit regulation is mainly the limitation of audit number of prints;
Specific steps, as shown in figure 4, as follows:
Step 301, Socket monitor Audit Module and handle print data packet to obtain source ip;
Source ip is the client ip for sending print data packet.
Step 302, print data conversion module the print data packet that iptables is forwarded be converted to PS formatted file and PDF text file, and the number that Statistic Source ip address this month has printed;
Print data conversion module utilizes ghostpdl tool, and print data packet is converted to the file and PDF of PS format Text file;The number of PDF text file is counted, every increase one page, the tag field in PS formatted file: BeginPageSetup value increases by 1, by BeginPageSetup value accumulation calculating, can proper secondary print data packet open Number, extracts number of prints each in this month in the database, accumulates it and indicated with a field totalpaper, from And count the number that the source address ip this month printed.
Step 303, Socket monitor Audit Module judges the source address ip this month, whether number of prints was less than number of prints Otherwise the upper limit does not meet audit regulation if it is, allowing to print and update number of prints, do not allow to print, and is The administrator that unites sends mail notification.
Step 304, printing content identifier module identification PDF text file printing content, by printer by file also Original comes out.
Step 4: the data packet etc. that non-print task data includes inquiry printer modes is directly forwarded to printer.By The data packet of printer broadcast is directly forwarded to user in local area network.
Step 5: checking whether the file of printer printing is normal, and the print out task text with Print-auditing System storage Shelves comparison checks whether normal;If normal, terminate, otherwise, return step two;
Embodiment:
Selection printer model is HPLaserJet1536dnfMPF, and the original address ip is 192.168.101.19;After weigh Newly it is set as 192.168.2.12.
Selecting three operating systems is respectively Windows7, the client of Unbuntu1204 and MacOsX 10.8.4;ip Address is respectively 192.168.101.11,192.168.101.12,192.168.101.13, disposes the clothes of printer auditing system The operating system of business device is CentOS6.5, and the network interface IP address connecting with client is 192.168.101.19, with printer The network interface IP address of connection is 192.168.2.1.
Selecting printing document is PDF editions《JavaScript authority's guide》, specific step is as follows
Firstly, disposing Print-auditing System in the server, iptables is configured, is mainly configured with:
echo 1>/proc/sys/net/ipv4/ip_forward
iptables-t nat-A PREROUTING-p UDP-d 192.168.101.19-j DNAT--to- destination 192.168.2.12
iptables-t nat-A PREROUTING-p TCP-d 192.168.2.12-j DNAT--to- destination 192.168.101.19
iptables-t nat-A PREROUTING-p UDP-d 192.168.2.12-j DNAT--to- destination 192.168.101.19
And printer ip is re-set as 192.168.2.12, printer and different segment at former local area network, lead at this time Cross Print-auditing System and former local area network communication.
Then, in client executing print out task, single number of prints is gradually incremented by, by C language in Print-auditing System It says that the socket program write is completed, PDF format is converted and be stored as to the user's print job data received, while will printing Task is transmitted to printer.Check whether the file of printer printing is normal, and the print out task with Print-auditing System storage Document comparison checks whether normal.
Finally, change Print-auditing System audit regulation, repeats.
Different numbers is set by audit regulation, 5 and 10 are tested respectively, experimental result such as Tables 1 and 2 institute Show.
Table 1
Table 2
The experimental results showed that it is fitted without any software and driving in client, under the premise of not changing any configuration, The number of audit regulation limits to have obtained correct execution, while printing content and having obtained complete preservation, can on this basis into Row correlation audit function, is successfully realized Print auditing function in multiple operating system, works well.

Claims (2)

1. a kind of network printing auditing method based on iptables, which is characterized in that specific step is as follows:
Step 1: disposing Print-auditing System in Linux server, iptables is configured, connection client, printing Auditing system and printer;
Print-auditing System includes iptables schedule process module, and Socket monitors Audit Module, print data conversion module With printing content identifier module;
Step 2: client sends print data packet and non-print data packet to Print-auditing System;
Firstly, the print data packet that 9100 port snoop clients of Linux server issue, and save;
Then, iptables schedule process module carries out the configuration of iptables to non-print data packet, and is transmitted to printer;
It is as follows to 3 iptables configuration of non-print data packet:
1) udp data that client is sent to Print-auditing System, is forwarded a packet into printer:iptables-t nat-A The new ip of PREROUTING-p UDP-d client ip-j DNAT--to-destination printer;
2) the Transmission Control Protocol data that printer is sent to Print-auditing System, are forwarded a packet into user:iptables-t nat-A The new ip-j DNAT--to-destination client ip of PREROUTING-p TCP-d printer;
3) udp data that printer is sent to Print-auditing System, is forwarded a packet into user:iptables-t nat-A The new ip-j DNAT--to-destination client ip of PREROUTING-p UDP-d printer;
Step 3: Print-auditing System carries out audit processing according to audit regulation to print data packet, and it is transmitted to printer;
Audit regulation is mainly the limitation of audit number of prints;
Specially:
Step 301, Socket monitor Audit Module and handle print data packet to obtain source ip;Source ip is to send print data packet Client ip;
Print data packet is converted to PS formatted file and PDF text file by step 302, print data conversion module, and is counted The number that the source address ip this month has printed;
Print data conversion module utilizes ghostpdl tool, and print data packet is converted to the file and PDF text of PS format File;The number of PDF text file is counted, every increase one page, the tag field in PS formatted file: BeginPageSetup value increases by 1, by BeginPageSetup value accumulation calculating, can proper secondary print data packet open Number, extracts number of prints each in this month in the database, accumulates it and indicated with a field totalpaper, from And the number that Statistic Source ip address this month has printed;
Step 303, Socket monitor Audit Module judges the source address ip this month, whether number of prints was less than the number of prints upper limit, If it is, allowing to print and update number of prints, audit regulation is not otherwise met, does not allow to print, and gives system pipes Reason person sends mail notification;
The printing content of step 304, printing content identifier module identification PDF text file, is restored file by printer Come;
Step 4: non-print task data packet is directly forwarded to printer;
Step 5: checking whether the file of printer printing is normal, and the print out task document pair with Print-auditing System storage Than checking whether normal;If normal, terminate, otherwise, return step two.
2. a kind of network printing auditing method based on iptables as described in claim 1, which is characterized in that the step One is specially:Step 101 checks the simultaneously original ip of journal printer in local area network;
Step 102, the network segment for modifying the original ip of printer, keep new network segment different from original ip network segment;
Step 103, double network interface ip that Linux server is arranged, the network interface ip being connected with client are set as the original of printer Ip, the network interface ip being connected with printer are set as any new ip of new network segment.
CN201610034816.5A 2016-01-19 2016-01-19 A kind of network printing auditing method based on iptables Active CN105740716B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610034816.5A CN105740716B (en) 2016-01-19 2016-01-19 A kind of network printing auditing method based on iptables

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610034816.5A CN105740716B (en) 2016-01-19 2016-01-19 A kind of network printing auditing method based on iptables

Publications (2)

Publication Number Publication Date
CN105740716A CN105740716A (en) 2016-07-06
CN105740716B true CN105740716B (en) 2018-11-27

Family

ID=56247488

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610034816.5A Active CN105740716B (en) 2016-01-19 2016-01-19 A kind of network printing auditing method based on iptables

Country Status (1)

Country Link
CN (1) CN105740716B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109543440A (en) * 2017-09-21 2019-03-29 珠海奔图电子有限公司 Image formation system and image forming method
CN107992273B (en) * 2017-11-15 2020-11-13 北信源系统集成有限公司 Printing control method and system based on CUPS
CN108229184B (en) * 2017-12-22 2023-10-03 三六零数字安全科技集团有限公司 Reliable printing audit method based on Android system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101610264A (en) * 2009-07-24 2009-12-23 深圳市永达电子股份有限公司 The management method of a kind of firewall system, safety service platform and firewall system
CN102855095A (en) * 2011-06-27 2013-01-02 德讯科技股份有限公司 Printer printing content monitoring and auditing method based on windows printing pool
CN105183403A (en) * 2015-09-21 2015-12-23 西安电子科技大学 Printing management and control method based on CUPS framework

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100027054A1 (en) * 2008-05-08 2010-02-04 Pharos Systems International, Inc. Computer network including a printer control device with web server interface and related methods

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101610264A (en) * 2009-07-24 2009-12-23 深圳市永达电子股份有限公司 The management method of a kind of firewall system, safety service platform and firewall system
CN102855095A (en) * 2011-06-27 2013-01-02 德讯科技股份有限公司 Printer printing content monitoring and auditing method based on windows printing pool
CN105183403A (en) * 2015-09-21 2015-12-23 西安电子科技大学 Printing management and control method based on CUPS framework

Also Published As

Publication number Publication date
CN105740716A (en) 2016-07-06

Similar Documents

Publication Publication Date Title
US8910275B2 (en) Network monitoring
US7706267B2 (en) Network service monitoring
CN105740716B (en) A kind of network printing auditing method based on iptables
US20060152759A1 (en) Method and system for real-time end-user status and quality monitoring of printing operations
US20110016528A1 (en) Method and Device for Intrusion Detection
WO2014085952A1 (en) Policy processing method and network device
JP2002182866A (en) Printing control method in network environment, print server, client, and storage medium
EP2490120A2 (en) Print control server and print control method
JP2012187866A (en) Printer
EP2252038B1 (en) Syslog message routing systems and methods
CN111600863A (en) Network intrusion detection method, device, system and storage medium
CN105099733B (en) The method and system of equipment safety management in safety control platform
US9179034B2 (en) Information processing system and information processing method for distributing job data among plurality of first information processing devices
CN107360198A (en) Suspicious domain name detection method and system
CN1983955A (en) Method and system for monitoring illegal message
CN108055273A (en) A kind of intranet server finds method, system and Network Security Audit System
CN105939292B (en) Control strategy generation method and device
JP2019012982A (en) Path control device and path control method
AU2018338717B2 (en) Software-as-a-service deployment of printing services in a local network
CN105607876B (en) The control method of job processing apparatus and job processing apparatus
EP3174246B1 (en) Method and device for sending bulk data acquisition request
US20140139865A1 (en) Information processing apparatus, information processing method, and non-transitory computer readable medium
US11240094B2 (en) Information processing apparatus, information processing method, and computer-readable medium
US8300244B2 (en) Automatic discovery of networked raster image processing engines
CN106657087B (en) Method for realizing industrial firewall dynamically tracked by Ethernet/Ip protocol

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20210401

Address after: Room 5002, 5th floor, building 27, No. 25, North Third Ring Road West, Haidian District, Beijing 100098

Patentee after: EVERSEC (BEIJING) TECHNOLOGY Co.,Ltd.

Address before: 100876 Beijing city Haidian District Xitucheng Road No. 10

Patentee before: Beijing University of Posts and Telecommunications