CN111277602B - Network data packet identification processing method and device, electronic equipment and storage medium - Google Patents
Network data packet identification processing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111277602B CN111277602B CN202010076961.6A CN202010076961A CN111277602B CN 111277602 B CN111277602 B CN 111277602B CN 202010076961 A CN202010076961 A CN 202010076961A CN 111277602 B CN111277602 B CN 111277602B
- Authority
- CN
- China
- Prior art keywords
- data packet
- network
- identification
- identity
- network equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/146—Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The embodiment of the invention discloses a method and a device for identifying and processing network data packets, electronic equipment and a storage medium, wherein the method comprises the following steps: before a network data packet is sent, adding a network identity of current network equipment into a message header of the network data packet to obtain an identity data packet; and sending the identification data packet to target network equipment so that the target network equipment can obtain the network identification of the current network equipment according to the identification data packet. According to the embodiment of the invention, the network identification is added to the network data packet and then sent to the target network equipment, so that the target network equipment can identify the network identification of the current network equipment, and the network request and the network connection are easily screened, thereby being convenient for managing the internet surfing behavior of all the network equipment.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method and apparatus for identifying and processing a network data packet, an electronic device, and a storage medium.
Background
With the continuous development of communication technology and computer technology, more and more network devices are in the network, and more kinds of network devices are in the network, from the original computer to the current mobile phone, watch, even refrigerator and television. The increasing number and variety of network devices now causes the network environment to become abnormally complex, and thus causes the management of the internet surfing behavior of the network device to become abnormally difficult.
Taking a multi-layer NAT (Network Address Translation ) device as an example, the network address of the NAT device in the local area network is not transparent to the outside, and thus the internet surfing behavior of these network devices cannot be managed.
The presence of non-transparent network devices in the prior art causes the management of the network device's internet behavior to become exceptionally difficult.
Disclosure of Invention
Because the existing method has the problems, the embodiment of the invention provides a method and a device for identifying and processing network data packets, electronic equipment and a storage medium.
In a first aspect, an embodiment of the present invention provides a method for identifying and processing a network data packet, including:
before a network data packet is sent, adding a network identity of current network equipment into a message header of the network data packet to obtain an identity data packet;
and sending the identification data packet to target network equipment so that the target network equipment can obtain the network identification of the current network equipment according to the identification data packet.
Optionally, before sending the network data packet, adding the network identity of the current network device to the header of the network data packet to obtain an identity data packet, which specifically includes:
before sending a network data packet, acquiring the network data packet through a hook program in current network equipment;
carrying out protocol analysis and data packet filtering on the network data packet to obtain a Transmission Control Protocol (TCP) data packet;
and adding the network identity of the current network equipment into the message header of the TCP data packet to obtain an identity data packet.
Optionally, the adding the network identifier of the current network device to the header of the TCP packet to obtain an identifier packet specifically includes:
analyzing the message of the TCP data packet to obtain a message header of the TCP data packet;
checking a preset field in a message header, and if the preset field is not occupied, updating the value of the preset field to be the network identity of the current network equipment to obtain an identity data packet.
Optionally, the sending the identification data packet to a target network device, so that the target network device identifies the network identification of the current network device according to the identification data packet, and specifically includes:
calculating a check value of the identification data packet according to a preset rule, and updating the identification data packet according to the check value;
and sending the updated identification data packet to target network equipment so that the target network equipment confirms the integrity and the accuracy of the updated identification data packet according to the updated identification data packet and identifies the network identification of the current network equipment.
In a second aspect, an embodiment of the present invention further provides a method for identifying and processing a network data packet, including:
receiving an identification data packet sent by current network equipment; the message header of the identity data packet carries the network identity of the current network equipment;
and identifying the network identity of the current network equipment according to the identity data packet.
Optionally, the identifying, according to the identification data packet, the network identification of the current network device specifically includes:
analyzing the identification data packet, obtaining a preset field in a message header of the identification data packet, and identifying a value in the preset field to obtain a network identification of the current network equipment.
Optionally, the analyzing the id packet to obtain a preset field in a header of the id packet, and identifying a value in the preset field to obtain a network id of the current network device, which specifically includes:
analyzing the identification data packet to obtain a check field in a message header of the identification data packet;
checking the check value in the check field according to a preset algorithm, if the check is passed, confirming the integrity and the accuracy of the identification data packet, and acquiring the preset field in the message header of the identification data packet;
and identifying the value in the preset field to obtain the network identity of the current network equipment.
In a third aspect, an embodiment of the present invention further provides an identification processing device for a network data packet, including:
the identification adding module is used for adding the network identification of the current network equipment into the message header of the network data packet before sending the network data packet to obtain an identification data packet;
and the data packet sending module is used for sending the identification data packet to target network equipment so that the target network equipment can obtain the network identification of the current network equipment according to the identification data packet.
Optionally, the identification adding module is specifically configured to:
before sending a network data packet, acquiring the network data packet through a hook program in current network equipment;
carrying out protocol analysis and data packet filtering on the network data packet to obtain a Transmission Control Protocol (TCP) data packet;
and adding the network identity of the current network equipment into the message header of the TCP data packet to obtain an identity data packet.
Optionally, the identification adding module is specifically configured to:
analyzing the message of the TCP data packet to obtain a message header of the TCP data packet;
checking a preset field in a message header, and if the preset field is not occupied, updating the value of the preset field to be the network identity of the current network equipment to obtain an identity data packet.
Optionally, the data packet sending module is specifically configured to:
calculating a check value of the identification data packet according to a preset rule, and updating the identification data packet according to the check value;
and sending the updated identification data packet to target network equipment so that the target network equipment confirms the integrity and the accuracy of the updated identification data packet according to the updated identification data packet and identifies the network identification of the current network equipment.
In a fourth aspect, an embodiment of the present invention further provides an identification processing device for a network data packet, including:
the data packet receiving module is used for receiving an identity identification data packet sent by the current network equipment; the message header of the identity data packet carries the network identity of the current network equipment;
and the identification recognition module is used for recognizing and obtaining the network identification of the current network equipment according to the identification data packet.
Optionally, the identification module is specifically configured to:
analyzing the identification data packet, obtaining a preset field in a message header of the identification data packet, and identifying a value in the preset field to obtain a network identification of the current network equipment.
Optionally, the identification module is specifically configured to:
analyzing the identification data packet to obtain a check field in a message header of the identification data packet;
checking the check value in the check field according to a preset algorithm, if the check is passed, confirming the integrity and the accuracy of the identification data packet, and acquiring the preset field in the message header of the identification data packet;
and identifying the value in the preset field to obtain the network identity of the current network equipment.
In a fifth aspect, an embodiment of the present invention further provides an electronic device, including:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, which are called by the processor to perform the method described above.
In a sixth aspect, embodiments of the present invention also propose a non-transitory computer-readable storage medium storing a computer program, which causes the computer to carry out the above-mentioned method.
According to the technical scheme, the network identification is added to the network data packet and then sent to the target network equipment, so that the target network equipment can identify the network identification of the current network equipment, and the network request and the network connection are easily screened, so that the network surfing behavior of all the network equipment is convenient to manage.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions of the prior art, the drawings that are necessary for the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention and that other drawings can be obtained from these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of a method for identifying and processing network data packets according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an identification scenario of a network data packet according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a scenario in which a hook program performs network packet processing according to an embodiment of the present invention;
fig. 4 is a flowchart of a method for identifying and processing a network data packet according to another embodiment of the present invention;
fig. 5 is a schematic structural diagram of an identification processing device for network data packets according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an identification processing device for network data packets according to another embodiment of the present invention;
fig. 7 is a logic block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The following describes the embodiments of the present invention further with reference to the accompanying drawings. The following examples are only for more clearly illustrating the technical aspects of the present invention, and are not intended to limit the scope of the present invention.
Fig. 1 shows a flow chart of a method for identifying and processing a network data packet according to the present embodiment, including:
s101, before a network data packet is sent, adding a network identity of current network equipment into a message header of the network data packet to obtain an identity data packet.
The network data packet is a data packet to be sent to the target network device by the current network device through the network.
The current network device is the network device which transmits the network data packet.
The target network device is a network device that receives the network data packet.
The network identity is the unique identity of the current network device in the network, such as an IP address or a MAC address.
The identification data packet is a data packet added with network identification.
S102, the identification data packet is sent to target network equipment, so that the target network equipment can obtain the network identification of the current network equipment according to the identification data packet.
Specifically, the network devices communicate with each other through data packets, and as the number and variety of network devices in the network are increased, the number of data packets transmitted in the network is increased. If the source of the data packet is not known, effective management of the internet surfing behavior of the network device cannot be realized. Therefore, before each network device sends a network data packet, the network data packet is processed again, the network identity of the current network device is added to the message header of the network data packet, and after the identity data packet capable of identifying the identity is generated, the identity data packet is sent to the target network device. Regardless of the type of target network device, upon receipt of the identification data packet, the network device that sent the identification data packet can be identified.
For example, as shown in fig. 2, which is a schematic diagram of an identification scenario of a network data packet, in a multi-layer NAT environment, a terminal a, a terminal B, and a terminal C all send the network data packet to a NAC (Network Admission Control ) server through NAT.
Taking the terminal a as an example, in this embodiment, the terminal a is the current network device, and the NAC server is the target network device. Before terminal a sends the network packet, the IP address of terminal a is 192.168.0.2:1000 is added into the network data packet to obtain an identification data packet, and then the identification data packet is sent to an NAC server; after receiving the identification data packet, the NAC server identifies the identification data packet to obtain the network identification of 192.168.0.2:1000, whereupon it is determined that the identification data packet is from terminal a. When the identification data packet is analyzed to find that viruses exist, the terminal A can be rapidly positioned.
It should be noted that, in this embodiment, the current network device and the target network device are arbitrary network devices, that is, after the current network device receives a network data packet sent by another network device, the current network device may identify the received network data packet, so as to obtain a source of the network data packet.
According to the network identification method and the network identification device, the network identification is added to the network data packet and then sent to the target network equipment, so that the target network equipment can identify the network identification of the current network equipment, and the network request and the network connection are easily screened, so that the network surfing behavior of all the network equipment is convenient to manage.
Further, on the basis of the above method embodiment, S101 specifically includes:
before sending a network data packet, acquiring the network data packet through a hook program in current network equipment;
performing protocol analysis and data packet filtering on the network data packet to obtain a TCP (Transmission Control Protocol ) data packet;
and adding the network identity of the current network equipment into the message header of the TCP data packet to obtain an identity data packet.
The HOOK program (HOOK) is a program set in the network device and used for intercepting a network data packet to be sent and adding a network identity to the network data packet.
Specifically, the hook program is a platform of the Windows message processing mechanism, on which a subroutine may be set to monitor certain messages of a specified window, and the monitored window may be created by other processes, which process the message before the target window processing function when it arrives.
The TCP data packet is obtained by analyzing and filtering a TCP protocol layer.
For example, fig. 3 is a schematic diagram of a scenario of processing a network packet by using a HOOK program, where a network HOOK driver is the HOOK program, and is located in a system kernel, and after adding a network identity in a point field of a TCP packet header, the network HOOK driver intercepts a TCP network request before sending the network packet outwards, and sends the TCP network request to a browser or a network application of a corresponding target network device.
Specifically, the HOOK program can be implemented through Netfilter, which is a general and abstract framework under the linux system, and provides a whole set of management mechanism of the HOOK function, so that the HOOK program can filter data packets, convert network addresses, track connection based on protocol types and the like. When the HOOK program is loaded on the network device, all network request packets from the current network device pass through the nf_ip_local_out HOOK point, so that all network request packets can be acquired for protocol analysis.
Further, on the basis of the above method embodiment, the adding the network identifier of the current network device to the header of the TCP packet to obtain an identifier packet specifically includes:
analyzing the message of the TCP data packet to obtain a message header of the TCP data packet;
checking a preset field in a message header, and if the preset field is not occupied, updating the value of the preset field to be the network identity of the current network equipment to obtain an identity data packet.
Specifically, the current network device performs protocol screening, checking and filtering on the acquired network request packet to obtain a TCP data packet, then analyzes the packet of the TCP data packet to obtain a TCP header, checks a preset field in the header, such as a urgent pointer field, and performs watermark identification assignment on the header, and updates the value of the preset field to be the network identity of the current network device, so that the watermark identification is added to the whole TCP data packet.
Aiming at the problems existing in the current network equipment environment, the embodiment analyzes the network equipment, the network request protocol and the TCP network data transmission protocol, defines a network identity for each network data packet in the network, adds a predefined network identity in the request message header of the network data packet in all the network data packets sent by the network equipment, so that the network access behavior of the network equipment is marked, and the network request and the network connection can be easily screened even in a multi-layer NAT environment, thereby reasonably controlling the network behavior.
Further, on the basis of the above method embodiment, S102 specifically includes:
calculating a check value of the identification data packet according to a preset rule, and updating the identification data packet according to the check value;
and sending the updated identification data packet to target network equipment so that the target network equipment confirms the integrity and the accuracy of the updated identification data packet according to the updated identification data packet and identifies the network identification of the current network equipment.
The preset rule is an existing rule for calculating a data packet check value, for example, the check value is obtained through parity check of data bits or data bit sum.
The checksum (checksum) is used to check the sum of a set of data items at a destination in the field of data processing and data communication. It is typically in the form of a hexadecimal representation of a number system. If the value of the checksum exceeds hexadecimal FF, i.e., 255, its complement is required as the checksum. Are commonly used to ensure data integrity and accuracy in communications, particularly in long-range communications.
Specifically, since the identification data packet is forcedly modified, the pre-agreed check value will no longer be applicable. In order for the opposite terminal to judge the integrity and accuracy of the identification data packet after receiving the identification data packet, the check value of the identification data packet needs to be recalculated.
For example, a new TCP checksum is obtained through a function csum_tcpudp_mac, and a new IP checksum is calculated on the identification data packet through a function ip_fast_csum, and the TCP checksum IP checksum is used as a final check value to update the identification data packet. Accordingly, after receiving the updated identification data packet, the opposite end can determine that the identification data packet is complete and accurate through the TCP checksum and the IP checksum.
In the embodiment, the verification value is updated, so that the target network equipment can confirm the integrity and the accuracy of the identification data packet after receiving the identification data packet.
Fig. 4 is a flow chart illustrating a method for identifying and processing a network data packet according to the present embodiment, including:
s401, receiving an identification data packet sent by current network equipment; the message header of the identification data packet carries the network identification of the current network equipment.
S402, the network identity of the current network equipment is obtained according to the identity data packet identification.
The identification data packet is a data packet added with a network identification.
The network identity is the unique identity of the current network device in the network, such as an IP address or a MAC address.
The network data packet is a data packet to be sent to the target network device by the current network device through the network.
The current network device is the network device which transmits the network data packet.
The target network device is a network device that receives the network data packet.
Specifically, the network devices communicate with each other through data packets, and as the number and variety of network devices in the network are increased, the number of data packets transmitted in the network is increased. If the source of the data packet is not known, effective management of the internet surfing behavior of the network device cannot be realized. Therefore, before each network device sends a network data packet, the network data packet is processed again, the network identity of the current network device is added to the message header of the network data packet, and after the identity data packet capable of identifying the identity is generated, the identity data packet is sent to the target network device. Regardless of the type of target network device, upon receipt of the identification data packet, the network device that sent the identification data packet can be identified.
For example, as shown in fig. 2, which is a schematic diagram of an identification scenario of a network data packet, in a multi-layer NAT environment, a terminal a, a terminal B, and a terminal C all send the network data packet to a NAC (Network Admission Control ) server through NAT.
Taking the terminal a as an example, in this embodiment, the terminal a is the current network device, and the NAC server is the target network device. Before terminal a sends the network packet, the IP address of terminal a is 192.168.0.2:1000 is added into the network data packet to obtain an identification data packet, and then the identification data packet is sent to an NAC server; after receiving the identification data packet, the NAC server identifies the identification data packet to obtain the network identification of 192.168.0.2:1000, whereupon it is determined that the identification data packet is from terminal a. When the identification data packet is analyzed to find that viruses exist, the terminal A can be rapidly positioned.
It should be noted that, in this embodiment, the current network device and the target network device are arbitrary network devices, that is, after the current network device receives a network data packet sent by another network device, the current network device may identify the received network data packet, so as to obtain a source of the network data packet.
According to the network identification method and the network identification device, the network identification is added to the network data packet and then sent to the target network equipment, so that the target network equipment can identify the network identification of the current network equipment, and the network request and the network connection are easily screened, so that the network surfing behavior of all the network equipment is convenient to manage.
Further, on the basis of the above method embodiment, S402 specifically includes:
analyzing the identification data packet, obtaining a preset field in a message header of the identification data packet, and identifying a value in the preset field to obtain a network identification of the current network equipment.
Specifically, the target network device analyzes the received identification data packet to obtain a tcp header message header, and identifies a preset field in the message header, for example, a urgent pointer field, to obtain the network identification of the current network device sending the identification data packet.
Aiming at the problems existing in the current network equipment environment, the embodiment analyzes the network equipment, the network request protocol and the TCP network data transmission protocol, defines a network identity for each network data packet in the network, adds a predefined network identity in the request message header of the network data packet in all the network data packets sent by the network equipment, so that the network access behavior of the network equipment is marked, and the network request and the network connection can be easily screened even in a multi-layer NAT environment, thereby reasonably controlling the network behavior.
Further, on the basis of the above method embodiment, the analyzing the id packet, obtaining a preset field in a header of the id packet, and identifying a value in the preset field to obtain a network id of the current network device, specifically includes:
analyzing the identification data packet to obtain a check field in a message header of the identification data packet;
checking the check value in the check field according to a preset algorithm, if the check is passed, confirming the integrity and the accuracy of the identification data packet, and acquiring the preset field in the message header of the identification data packet;
and identifying the value in the preset field to obtain the network identity of the current network equipment.
The preset algorithm is an existing algorithm for checking the data packet, for example, parity check of data bits or data bit sum is used for obtaining a check value.
The checksum (checksum) is used to check the sum of a set of data items at a destination in the field of data processing and data communication. It is typically in the form of a hexadecimal representation of a number system. If the value of the checksum exceeds hexadecimal FF, i.e., 255, its complement is required as the checksum. Are commonly used to ensure data integrity and accuracy in communications, particularly in long-range communications.
Specifically, since the identification data packet is forcedly modified, the pre-agreed check value will no longer be applicable. In order to enable the target network device to judge the integrity and accuracy of the identification data packet after receiving the identification data packet, the verification value of the identification data packet needs to be recalculated.
For example, a new TCP checksum is obtained through a function csum_tcpudp_mac, and a new IP checksum is calculated on the identification data packet through a function ip_fast_csum, and the TCP checksum IP checksum is used as a final check value to update the identification data packet. Accordingly, after receiving the updated identification data packet, the opposite end can determine that the identification data packet is complete and accurate through the TCP checksum and the IP checksum.
In the embodiment, the verification value is updated, so that the target network equipment can confirm the integrity and the accuracy of the identification data packet after receiving the identification data packet.
Fig. 5 shows a schematic structural diagram of an identification processing device for network data packets according to the present embodiment, where the device includes: an identification adding module 501 and a data packet sending module 502, wherein:
the identifier adding module 501 is configured to add a network identifier of a current network device to a header of a network data packet before sending the network data packet, so as to obtain an identifier data packet;
the data packet sending module 502 is configured to send the identification data packet to a target network device, so that the target network device obtains the network identification of the current network device according to the identification data packet.
Specifically, before sending a network data packet, the identifier adding module 501 adds a network identifier of a current network device to a header of the network data packet to obtain an identifier data packet; the data packet sending module 502 sends the identification data packet to a target network device, so that the target network device can obtain the network identification of the current network device according to the identification data packet.
According to the network identification method and the network identification device, the network identification is added to the network data packet and then sent to the target network equipment, so that the target network equipment can identify the network identification of the current network equipment, and the network request and the network connection are easily screened, so that the network surfing behavior of all the network equipment is convenient to manage.
Further, on the basis of the above device embodiment, the identifier adding module 501 is specifically configured to:
before sending a network data packet, acquiring the network data packet through a hook program in current network equipment;
carrying out protocol analysis and data packet filtering on the network data packet to obtain a Transmission Control Protocol (TCP) data packet;
and adding the network identity of the current network equipment into the message header of the TCP data packet to obtain an identity data packet.
Further, on the basis of the above device embodiment, the identifier adding module 501 is specifically configured to:
analyzing the message of the TCP data packet to obtain a message header of the TCP data packet;
checking a preset field in a message header, and if the preset field is not occupied, updating the value of the preset field to be the network identity of the current network equipment to obtain an identity data packet.
Further, based on the above device embodiment, the data packet sending module 502 is specifically configured to:
calculating a check value of the identification data packet according to a preset rule, and updating the identification data packet according to the check value;
and sending the updated identification data packet to target network equipment so that the target network equipment confirms the integrity and the accuracy of the updated identification data packet according to the updated identification data packet and identifies the network identification of the current network equipment.
The network data packet identification processing device in this embodiment may be used to execute the above method embodiment, and its principle and technical effects are similar, and will not be described herein again.
Fig. 6 shows a schematic structural diagram of an identification processing device for network data packets according to the present embodiment, where the device includes: a data packet receiving module 601 and an identification identifying module 602, wherein:
the data packet receiving module 601 is configured to receive an identification data packet sent by a current network device; the message header of the identity data packet carries the network identity of the current network equipment;
the identification module 602 is configured to identify, according to the identification data packet, a network identification of the current network device.
Specifically, the data packet receiving module 601 receives an identification data packet sent by a current network device; the message header of the identity data packet carries the network identity of the current network equipment; the identification module 602 identifies the network identity of the current network device according to the identity data packet.
According to the network identification method and the network identification device, the network identification is added to the network data packet and then sent to the target network equipment, so that the target network equipment can identify the network identification of the current network equipment, and the network request and the network connection are easily screened, so that the network surfing behavior of all the network equipment is convenient to manage.
Further, on the basis of the above device embodiment, the identification module 602 is specifically configured to:
analyzing the identification data packet, obtaining a preset field in a message header of the identification data packet, and identifying a value in the preset field to obtain a network identification of the current network equipment.
Further, on the basis of the above device embodiment, the identification module 602 is specifically configured to:
analyzing the identification data packet to obtain a check field in a message header of the identification data packet;
checking the check value in the check field according to a preset algorithm, if the check is passed, confirming the integrity and the accuracy of the identification data packet, and acquiring the preset field in the message header of the identification data packet;
and identifying the value in the preset field to obtain the network identity of the current network equipment.
The network data packet identification processing device in this embodiment may be used to execute the above method embodiment, and its principle and technical effects are similar, and will not be described herein again.
Referring to fig. 7, the electronic device includes: a processor (processor) 701, a memory (memory) 702, and a bus 703;
wherein, the liquid crystal display device comprises a liquid crystal display device,
the processor 701 and the memory 702 perform communication with each other through the bus 703;
the processor 701 is configured to invoke the program instructions in the memory 702 to execute the methods provided in the above method embodiments.
The present embodiments disclose a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, are capable of performing the methods provided by the method embodiments described above.
The present embodiment provides a non-transitory computer-readable storage medium storing computer instructions that cause a computer to perform the methods provided by the above-described method embodiments.
The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.
It should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. The method for identifying and processing the network data packet is characterized by comprising the following steps:
before a network data packet is sent, adding a network identity of current network equipment into a message header of the network data packet to obtain an identity data packet;
the identification data packet is sent to target network equipment, so that the target network equipment can obtain the network identification of the current network equipment according to the identification data packet;
before sending a network data packet, adding a network identity of a current network device to a header of the network data packet to obtain an identity data packet, which specifically includes:
before sending a network data packet, acquiring the network data packet through a hook program in current network equipment;
carrying out protocol analysis and data packet filtering on the network data packet to obtain a Transmission Control Protocol (TCP) data packet;
adding the network identity of the current network equipment into the message header of the TCP data packet to obtain an identity data packet;
the step of adding the network identity of the current network device to the header of the TCP data packet to obtain an identity data packet, specifically comprising:
analyzing the message of the TCP data packet to obtain a message header of the TCP data packet;
checking a preset field in a message header, if the preset field is not occupied, performing watermark identification assignment on the preset field, and updating the value of the preset field to be the network identity of the current network equipment to obtain an identity identification data packet;
the sending the identification data packet to the target network device includes:
calculating a check value of the identification data packet according to a preset rule, updating the identification data packet according to the check value, specifically, obtaining a new TCP check sum through a function csum_tcpudp_magic, simultaneously calculating a new IP check sum for the identification data packet through a function ip_fast_csum, and updating the identification data packet by taking the TCP check sum and the IP check sum as final check values.
2. The method for identifying and processing a network data packet according to claim 1, wherein the step of sending the identification data packet to a target network device so that the target network device can identify the network identification of the current network device according to the identification data packet specifically includes:
and sending the updated identification data packet to target network equipment so that the target network equipment confirms the integrity and the accuracy of the updated identification data packet according to the updated identification data packet and identifies the network identification of the current network equipment.
3. The method for identifying and processing the network data packet is characterized by comprising the following steps:
receiving an identification data packet sent by current network equipment; the identification data packet is a TCP data packet which updates the value of a preset field in a message header into the network identification of the current network equipment through watermark identification assignment, and the message header carries the network identification of the current network equipment;
the network identity of the current network equipment is obtained according to the identity data packet identification;
the network identity of the current network device is obtained by the identification according to the identity data packet, which comprises the following steps:
analyzing the identity data packet, obtaining a preset field in a message header of the identity data packet, and identifying a value in the preset field to obtain a network identity of the current network device, wherein the identity data packet is an identity data packet updated by taking a new TCP checksum and a new IP checksum calculated according to preset rules as final check values, the new TCP checksum is obtained through a function csum_tcpudp_mac, and the new IP checksum is obtained through a function ip_fast_csum.
4. The method for identifying and processing network data packets according to claim 3, wherein the analyzing the identification data packet obtains a preset field in a header of the identification data packet, and identifies a value in the preset field to obtain a network identification of the current network device, specifically including:
analyzing the identification data packet to obtain a check field in a message header of the identification data packet;
checking the check value in the check field according to a preset algorithm, if the check is passed, confirming the integrity and the accuracy of the identification data packet, and acquiring the preset field in the message header of the identification data packet;
and identifying the value in the preset field to obtain the network identity of the current network equipment.
5. An identification processing device for network data packets, comprising:
the identification adding module is used for adding the network identification of the current network equipment into the message header of the network data packet before sending the network data packet to obtain an identification data packet;
the data packet sending module is used for sending the identification data packet to target network equipment so that the target network equipment can obtain the network identification of the current network equipment according to the identification data packet;
the identification adding module is specifically configured to:
before sending a network data packet, acquiring the network data packet through a hook program in current network equipment;
carrying out protocol analysis and data packet filtering on the network data packet to obtain a Transmission Control Protocol (TCP) data packet;
adding the network identity of the current network equipment into the message header of the TCP data packet, carrying out watermark identification assignment on the TCP data packet, and updating the value of a preset field into the network identity of the current network equipment to obtain an identity data packet;
the identification adding module is specifically configured to:
analyzing the message of the TCP data packet to obtain a message header of the TCP data packet;
checking a preset field in a message header, and if the preset field is not occupied, updating the value of the preset field to be the network identity of the current network equipment to obtain an identity data packet;
the data packet sending module is specifically configured to:
calculating a check value of the identification data packet according to a preset rule, updating the identification data packet according to the check value, specifically, obtaining a new TCP check sum through a function csum_tcpudp_magic, simultaneously calculating a new IP check sum for the identification data packet through a function ip_fast_csum, and updating the identification data packet by taking the TCP check sum and the IP check sum as final check values.
6. The apparatus for identifying and processing network data packets according to claim 5, wherein the data packet transmitting module is specifically configured to:
and sending the updated identification data packet to target network equipment so that the target network equipment confirms the integrity and the accuracy of the updated identification data packet according to the updated identification data packet and identifies the network identification of the current network equipment.
7. An identification processing device for network data packets, comprising:
the data packet receiving module is used for receiving an identity identification data packet sent by the current network equipment; the identification data packet is a TCP data packet which updates the value of a preset field in a message header into the network identification of the current network equipment through watermark identification assignment, and the message header carries the network identification of the current network equipment;
the identification recognition module is used for recognizing and obtaining the network identity of the current network equipment according to the identity data packet;
the identification module is specifically used for:
analyzing the identity data packet, obtaining a preset field in a message header of the identity data packet, and identifying a value in the preset field to obtain a network identity of the current network device, wherein the identity data packet is an identity data packet updated by taking a new TCP checksum and a new IP checksum calculated according to preset rules as final check values, the new TCP checksum is obtained through a function csum_tcpudp_mac, and the new IP checksum is obtained through a function ip_fast_csum.
8. The apparatus of claim 7, wherein the identification module is specifically configured to:
analyzing the identification data packet to obtain a check field in a message header of the identification data packet;
checking the check value in the check field according to a preset algorithm, if the check is passed, confirming the integrity and the accuracy of the identification data packet, and acquiring the preset field in the message header of the identification data packet;
and identifying the value in the preset field to obtain the network identity of the current network equipment.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of identifying network data packets according to any of claims 1 to 2 and/or the method of identifying network data packets according to any of claims 3 to 4 when executing the program.
10. A non-transitory computer readable storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements the network data packet identification processing method according to any one of claims 1 to 2 and/or the network data packet identification processing method according to any one of claims 3 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010076961.6A CN111277602B (en) | 2020-01-23 | 2020-01-23 | Network data packet identification processing method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010076961.6A CN111277602B (en) | 2020-01-23 | 2020-01-23 | Network data packet identification processing method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111277602A CN111277602A (en) | 2020-06-12 |
| CN111277602B true CN111277602B (en) | 2023-07-11 |
Family
ID=71001227
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010076961.6A Active CN111277602B (en) | 2020-01-23 | 2020-01-23 | Network data packet identification processing method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111277602B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113905364B (en) * | 2021-10-25 | 2023-07-04 | 广州通则康威智能科技有限公司 | Router uplink data tracing method, device, computer equipment and storage medium |
| CN114422167B (en) * | 2021-12-02 | 2024-04-09 | 深信服科技股份有限公司 | Network access control method and device, electronic equipment and storage medium |
| CN115412616A (en) * | 2022-08-26 | 2022-11-29 | 南京中孚信息技术有限公司 | Transmission control protocol data processing method and device and electronic equipment |
| CN115865759A (en) * | 2023-02-27 | 2023-03-28 | 科来网络技术股份有限公司 | Network equipment time delay obtaining method and system based on flow mirror protocol |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1679282A (en) * | 2002-08-30 | 2005-10-05 | 美国博通公司 | System and method for TCP offload |
| CN1716912A (en) * | 2004-06-30 | 2006-01-04 | 卓联半导体股份有限公司 | Method and apparatus providing rapid end-to-end failover in a packet switched communications network |
| CN107864129A (en) * | 2017-10-31 | 2018-03-30 | 江苏神州信源系统工程有限公司 | A kind of method and apparatus for ensureing network data security |
Family Cites Families (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102025604B (en) * | 2009-09-18 | 2014-11-05 | 中兴通讯股份有限公司 | Carrying network and data transmission method |
| CN103095702A (en) * | 2013-01-11 | 2013-05-08 | 大唐移动通信设备有限公司 | Request message reporting and processing method and device thereof |
| CN103139315A (en) * | 2013-03-26 | 2013-06-05 | 烽火通信科技股份有限公司 | Application layer protocol analysis method suitable for home gateway |
| CN103338112A (en) * | 2013-07-15 | 2013-10-02 | 中国科学院信息工程研究所 | Data unidirectional lead-in method and system |
| CN104539739B (en) * | 2015-01-26 | 2019-03-29 | 浙江大学 | A kind of system, method and device that file uploads |
| CN104753928B (en) * | 2015-03-16 | 2018-08-17 | 苏州科达科技股份有限公司 | A kind of code stream retransmission method and system |
| CN105959308B (en) * | 2016-06-30 | 2019-03-15 | 中电长城网际系统应用有限公司 | A kind of Intranet IP data package management method, apparatus and system |
| CN107070866B (en) * | 2016-12-30 | 2021-01-01 | 北京奇虎科技有限公司 | Streaming data transmission method and device |
| CN107547508B (en) * | 2017-06-29 | 2021-07-30 | 新华三信息安全技术有限公司 | Message sending and receiving method, device and network equipment |
| CN110299971B (en) * | 2018-03-23 | 2022-04-08 | 天地融科技股份有限公司 | Data message receiving method and device |
| CN109145588B (en) * | 2018-07-27 | 2023-05-05 | 平安科技(深圳)有限公司 | Data processing method and device |
| CN110401669B (en) * | 2019-07-31 | 2021-06-11 | 广州方硅信息技术有限公司 | Identity verification method and related equipment |
| CN110417787A (en) * | 2019-07-31 | 2019-11-05 | 广州华多网络科技有限公司 | A kind of data processing method, device, client and storage medium |
-
2020
- 2020-01-23 CN CN202010076961.6A patent/CN111277602B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1679282A (en) * | 2002-08-30 | 2005-10-05 | 美国博通公司 | System and method for TCP offload |
| CN1716912A (en) * | 2004-06-30 | 2006-01-04 | 卓联半导体股份有限公司 | Method and apparatus providing rapid end-to-end failover in a packet switched communications network |
| CN107864129A (en) * | 2017-10-31 | 2018-03-30 | 江苏神州信源系统工程有限公司 | A kind of method and apparatus for ensureing network data security |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111277602A (en) | 2020-06-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111277602B (en) | Network data packet identification processing method and device, electronic equipment and storage medium | |
| US11082436B1 (en) | System and method for offloading packet processing and static analysis operations | |
| US11108738B2 (en) | Communication apparatus and communication system | |
| CN108809890B (en) | Vulnerability detection method, test server and client | |
| CN111314358B (en) | Attack protection method, device, system, computer storage medium and electronic equipment | |
| CN108965267B (en) | Network attack processing method and device and vehicle | |
| US20160112537A1 (en) | Remote access of peripheral device connected to serial bus | |
| CN110708215A (en) | Deep packet inspection rule base generation method and device, network equipment and storage medium | |
| CN111431871B (en) | Processing method and device of TCP (Transmission control protocol) semi-transparent proxy | |
| CN104866290A (en) | Method and device for data transmission | |
| CN110740144B (en) | Method, device, equipment and storage medium for determining attack target | |
| US10367785B2 (en) | Software defined traffic modification system | |
| CN106888185B (en) | industrial network safety protection method based on serial link | |
| CN110798451A (en) | Security authentication method and device | |
| CN109462589B (en) | Method, device and equipment for controlling network access of application program | |
| CN114095235B (en) | System identification method, device, computer equipment and medium | |
| CN110708317B (en) | Data packet matching method, device, network equipment and storage medium | |
| US10986115B2 (en) | Data analysis device, method, and storage medium | |
| CN113259490A (en) | Multi-level node network data transmission method based on UDP transmission protocol | |
| CN107864127B (en) | Application program identification method and device | |
| CN109756454B (en) | Data interaction method, device and system | |
| CN114615170B (en) | Message processing method, device and computer storage medium | |
| CN111147473A (en) | Network message forwarding method, device and system | |
| CN114338389B (en) | Heartbeat packet sending method and device, electronic equipment and storage medium | |
| CN114880148B (en) | Data processing method, device and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee after: Qianxin Technology Group Co.,Ltd. Patentee after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee before: Qianxin Technology Group Co.,Ltd. Patentee before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. |