CN112235432B - Method and device for supporting different networks to access label address - Google Patents

Method and device for supporting different networks to access label address Download PDF

Info

Publication number
CN112235432B
CN112235432B CN202011096645.1A CN202011096645A CN112235432B CN 112235432 B CN112235432 B CN 112235432B CN 202011096645 A CN202011096645 A CN 202011096645A CN 112235432 B CN112235432 B CN 112235432B
Authority
CN
China
Prior art keywords
address
http
request
gateway
tracking table
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011096645.1A
Other languages
Chinese (zh)
Other versions
CN112235432A (en
Inventor
欧军和
王通源
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Youhua Software Technology Co ltd
Original Assignee
Shenzhen Youhua Software Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Youhua Software Technology Co ltd filed Critical Shenzhen Youhua Software Technology Co ltd
Priority to CN202011096645.1A priority Critical patent/CN112235432B/en
Publication of CN112235432A publication Critical patent/CN112235432A/en
Application granted granted Critical
Publication of CN112235432B publication Critical patent/CN112235432B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/741Routing in networks with a plurality of addressing schemes, e.g. with both IPv4 and IPv6
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a method and a device for supporting a different network to access a label address, wherein the method comprises the following steps: if the HTTP GET request is received, judging whether a target port of the HTTP GET request is a TCP80 or not; if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment; if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table; and forwarding the HTTP GET request to the superior gateway, and turning to the IP address of gateway equipment by the superior gateway according to the connection tracking table. The invention achieves the aim of redirecting the access request of the user to the local router by calling the iptables rule and modifying the specific configuration options of the system kernel, thereby enabling the user to smoothly access the management page by accessing the label address and greatly facilitating the use of the user.

Description

Method and device for supporting different networks to access label address
Technical Field
The present invention relates to the field of network communication technologies, and in particular, to a method and an apparatus for supporting a different network to access a tag address.
Background
In a current gateway device, such as a router, a device label is usually marked with information such as an IP address (i.e. a label address) of the device, for example:
the power specification is 12V/1A;
SSID name YH-bGeQ;
SSID code 12345678;
the local management address is 192.168.0.1;
MAC address 00-11-22-33-44-BB.
When the router is in a bridge mode, the WAN port of the router is connected with the LAN port of the optical modem, the IP address of the router is no longer 192.168.0.1, but is distributed by the optical modem, the corresponding IP address is changed, and a user only knows that the user and the optical modem are in the same network segment and cannot know the accurate IP address of the user, so that the user cannot access the management page of the router through a browser.
Disclosure of Invention
Based on this, there is a need to provide a method and apparatus for supporting the access of a label address by a different network, so that a user can directly access a management page of a router by using the label address.
In order to achieve the above purpose, the invention adopts the following technical scheme.
The invention provides a method for supporting a different network to access a tag address, wherein the tag address is a local management address of a gateway device bridged with a superior gateway, and the method comprises the following steps:
if an HTTP GET request is received, judging whether a target port of the HTTP GET request is TCP80;
if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment;
if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table;
and forwarding the HTTP GET request to the superior gateway, and turning to the IP address of the gateway equipment by the superior gateway according to the connection tracking table.
In the above method, the step of redirecting the HTTP GET request to the local and calling the iptables rule to form a connection tracking table specifically includes:
assigning a value of 1 to/proc/sys/net/bridge/bridge-nf-call-iptables;
and calling a redirection iptables rule, enabling the HTTP GET to be diverted to a local machine, and forming the connection tracking table.
In the above method, the step of forwarding the HTTP GET request to the upper gateway, and the upper gateway steering the IP address of the gateway device according to the connection tracking table further includes:
performing NAT (network address translation) on the label address according to the connection tracking table to obtain an IP (Internet protocol) address of the gateway equipment;
and responding to the HTTP GET request, and sending response piece information with the IP address of the gateway equipment.
The invention also provides a device for supporting the access of a different network to a tag address, wherein the tag address is a local management address of a gateway device bridged with a superior gateway, and the device comprises:
the first judgment module is used for judging whether a destination port of the HTTP GET request is a TCP80 or not if the HTTP GET request is received;
a second determining module, configured to determine whether a destination address of the HTTP GET request and an IP address of the gateway device are in the same network segment if a destination port of the HTTP GET request is TCP80;
the redirection module is used for redirecting the HTTP GET request to the local and calling an iptables rule to form a connection tracking table if the HTTP GET request is not in the same network segment;
and the routing module is used for forwarding the HTTP GET request to the superior gateway, and the superior gateway turns to the IP address of the gateway equipment according to the connection tracking table.
In the above apparatus, the redirection module specifically includes:
the assignment unit is used for assigning the value of/proc/sys/net/bridge/bridge-nf-call-iptables to 1;
and the loopback unit is used for calling a redirection iptables rule, enabling the HTTP GET to be diverted to the local machine and forming the connection tracking table.
In the above apparatus, the routing module further includes:
the translation unit is used for carrying out NAT translation on the label address according to the connection tracking table to obtain the IP address of the gateway equipment;
and the feedback unit is used for responding to the HTTP GET request and sending receipt information with the IP address of the gateway equipment.
Aiming at the problem that a user cannot access a management page of a router due to the fact that an IP address of the router is changed in a bridge mode, the method achieves the purpose of redirecting an access request of the user to the local part of the router by calling an iptables rule and modifying a specific configuration option of a system kernel, so that the user can smoothly access the management page through accessing a tag address, and the method is greatly convenient for the user to use.
Drawings
Fig. 1 is a schematic flowchart illustrating a method for supporting a different network to access a tag address in this embodiment;
fig. 2 is a schematic block diagram of an apparatus for supporting a different network access tag address in this embodiment.
The implementation of the objects of the present invention and the functions and principles thereof will be further explained in the detailed description and the attached drawings.
Detailed Description
The following further description is made with reference to the drawings and specific embodiments.
As shown in fig. 1, this embodiment provides a method for supporting a different network to access a tag address, where the tag address refers to a local management address of a gateway device bridged with a higher-level gateway, and the method mainly includes the following steps:
s10: if the HTTP GET request is received, judging whether a target port of the HTTP GET request is TCP80;
s20: if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment;
s30: if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table;
s40: and forwarding the HTTP GET request to a superior gateway, and turning to the IP address of the gateway equipment by the superior gateway according to the connection tracking table.
Since the destination address of the HTTP GET request sent by the browser is random, for access requests of other destination addresses, the router operation principle in the prior art can be referred to for processing, and this embodiment mainly describes a method for processing the HTTP GET request whose destination address is a tag address of a gateway device (router, gateway).
When an HTTP GET request is received, whether a destination port of the request is an 80 port is judged firstly, so that whether the request is to access a management page of the gateway device is judged, if yes, the request is continued, and if not, the request is ignored.
Then, continuously judging whether the destination address of the request is in the same network segment with the IP address of the gateway equipment, if so, directly accessing; if not, go to the next step.
Taking a router of a Linux system as an example, because the IP address of the router may not be in the same network segment as the tag address in the bridge mode, for this reason, the present embodiment uses a redirection rule in the iptables rule to redirect the HTTP GET request to the local, and forms a connection tracking table.
Wherein, the step S30 specifically includes:
s31: assigning a value of 1 to/proc/sys/net/bridge/bridge-nf-call-iptables;
s32: and calling a redirection iptables rule, enabling the HTTP GET to be diverted to a local machine, and forming the connection tracking table.
When an HTTP GET request reaches a router, the system automatically calls a REDIRECT iptables rule because the value of/proc/sys/net/bridge/bridge-nf-call-iptables is 1, and the request is transferred to the local (REDIRECT) and forms a connection tracking table.
Step S40 further includes:
s41: performing NAT conversion on the label address according to the connection tracking table to obtain an IP address of the gateway equipment;
s42: responding to the HTTP GET request, and returning the response piece information with the IP address of the gateway equipment.
The steps are used for feeding back response piece information to the initiator of the HTTP GET request, namely the PC end, and displaying the access address of the HTTP GET request after being redirected.
For the sake of understanding, the following detailed description illustrates the principles of the present invention in a specific example.
Assume that the current network environment is as follows:
the upper gateway is 192.168.1.1 LAN dhcp address pool of 192.168.1.2-254
PC 192.168.1.5 LAN Address 192.168.1.1
Network path: PC < - - - - - - - > gateway equipment (router) < - - - - - - > superior gateway
Router bridge mode; the label address is 192.168.0.1; IP address 192.168.1.X.
First, we allow the iptables rule to be invoked at the link layer, i.e., the following code is executed:
echo 1>/proc/sys/net/bridge/bridge-nf-call-iptables。
when the PC accesses the management page of the router, if the input IP address is the label address of 192.168.0.1, the label address is not in the same network segment with the actual IP address of 192.168.1.X (X is a random number), so the access request is Forwarded (FORWARD) to the upper gateway, namely 192.168.1.1.
When the request reaches the router, because the value of 'proc/sys/net/bridge/bridge-nf-call-iptables' is already assigned to 1, the iptables rule is automatically called, the HTTP GET request is redirected to the local router through an 'iptables-t nat-I forwarding-d 192.168.0.1-p tcp-dport 80-j REDIRECT' instruction, and a connection tracking table is formed, wherein the table is in the following format:
Figure BDA0002723989070000051
in the table, src:192.168.1.5 refers to the IP address of PC, dst:192.168.0.1 refers to the destination address, src:127.0.0.1 refers to the redirected local machine address, dst:192.168.1.5 refers to the address after posing.
So far, the access request sent by the PC is diverted to 192.168.1.5, so that smooth access to the management page of the router is realized.
In addition, the router kernel sends a feedback message to the PC, where the message includes the following information:
127.0.0.1:80---->192.168.1.5:45676;
meanwhile, NAT conversion is carried out according to the connection tracking table, and a destination address is converted into an IP address of the gateway device:
192.168.0.1:80--->192.168.1.5:45676,
this is also receipt information received by the PC.
Therefore, the method of the embodiment can enable the user to directly access the management page of the router by using the label address, thereby greatly facilitating the use of the user.
Referring to fig. 2, the present invention further provides an apparatus 100 for supporting a heterogeneous network to access a tag address, where the tag address refers to a local management address of a gateway device bridged with a higher-level gateway, and the apparatus 100 includes:
a first determining module 10, configured to determine, if an HTTP GET request is received, whether a destination port of the HTTP GET request is a TCP80;
a second determining module 20, configured to determine whether a destination address of the HTTP GET request and an IP address of the gateway device are in the same network segment if a destination port of the HTTP GET request is TCP80;
a redirection module 30, configured to redirect the HTTP GET request to the local if the destination address of the HTTP GET request is not in the same network segment as the IP address of the gateway device, and invoke an iptables rule to form a connection tracking table;
and the routing module 40 is configured to forward the HTTP GET request to the upper gateway, and the upper gateway forwards the HTTP GET request to the IP address of the gateway device according to the connection tracking table.
The redirection module 30 specifically includes:
the assignment unit is used for assigning the value of/proc/sys/net/bridge/bridge-nf-call-iptables to 1;
and the loopback unit is used for calling a redirection iptables rule, enabling the HTTP GET to be diverted to the local machine and forming the connection tracking table.
In addition, the routing module 40 further includes:
a conversion unit 41, configured to perform NAT conversion on the tag address according to the connection tracking table to obtain an IP address of the gateway device;
and a feedback unit 42, configured to respond to the HTTP GET request and send response piece information with the IP address of the gateway device.
The conversion unit 41 and the feedback unit 42 are configured to feed back response piece information to the PC, which is the initiator of the HTTP GET request, and display the redirected access address of the HTTP GET request.
The functions and principles of the apparatus 100 for supporting a different network to access a tag address according to this embodiment may be described with reference to the embodiment shown in fig. 1, and are not described herein again.
In summary, the present invention achieves the purpose of redirecting the access request of the user to the local router by calling the iptables rule and modifying the specific configuration option of the system kernel, so that the user can smoothly access the management page by accessing the tag, thereby greatly facilitating the use of the user.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention.

Claims (6)

1. A method for supporting a different network to access a tag address, wherein the tag address is a local management address of a gateway device bridged with a higher-level gateway, the method comprising the steps of:
if an HTTP GET request is received, judging whether a target port of the HTTP GET request is TCP80;
if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment;
if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table;
and forwarding the HTTP GET request to the superior gateway, and turning to the IP address of gateway equipment by the superior gateway according to the connection tracking table.
2. The method of claim 1, wherein the step of redirecting the HTTP GET request to the local and invoking iptables rules to form a connection tracking table specifically comprises:
assigning a value of 1 to/proc/sys/net/bridge/bridge-nf-call-iptables;
and calling a redirection iptables rule, enabling the HTTP GET to be diverted to a local machine, and forming the connection tracking table.
3. The method of claim 1 or 2, wherein the step of forwarding the HTTP GET request to the upper level gateway, the step of steering by the upper level gateway to the IP address of the gateway device according to the connection tracking table further comprises:
performing NAT (network Address translation) conversion on the label address according to the connection tracking table to obtain an IP (Internet protocol) address of the gateway equipment;
and responding to the HTTP GET request, and sending response piece information with the IP address of the gateway equipment.
4. An apparatus for supporting a heterogeneous network to access a tag address, wherein the tag address is a local management address of a gateway device bridged with a higher-level gateway, the apparatus comprising:
the first judgment module is used for judging whether a destination port of the HTTP GET request is a TCP80 or not if the HTTP GET request is received;
a second determining module, configured to determine whether a destination address of the HTTP GET request and an IP address of the gateway device are in the same network segment if a destination port of the HTTP GET request is TCP80;
the redirection module is used for redirecting the HTTP GET request to the local and calling an iptables rule to form a connection tracking table if the HTTP GET request is not in the same network segment;
and the routing module is used for forwarding the HTTP GET request to the superior gateway, and the superior gateway turns to the IP address of the gateway equipment according to the connection tracking table.
5. The apparatus according to claim 4, wherein the redirection module specifically comprises:
the assignment unit is used for assigning the value of/proc/sys/net/bridge/bridge-nf-call-iptables to 1;
and the loopback unit is used for calling a redirection iptables rule, enabling the HTTP GET to be transferred to the local machine and forming the connection tracking table.
6. The apparatus of claim 4 or 5, wherein the routing module further comprises:
the translation unit is used for carrying out NAT translation on the label address according to the connection tracking table to obtain an IP address of the gateway equipment;
and the feedback unit is used for responding to the HTTP GET request and sending receipt information with the IP address of the gateway equipment.
CN202011096645.1A 2020-10-14 2020-10-14 Method and device for supporting different networks to access label address Active CN112235432B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011096645.1A CN112235432B (en) 2020-10-14 2020-10-14 Method and device for supporting different networks to access label address

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011096645.1A CN112235432B (en) 2020-10-14 2020-10-14 Method and device for supporting different networks to access label address

Publications (2)

Publication Number Publication Date
CN112235432A CN112235432A (en) 2021-01-15
CN112235432B true CN112235432B (en) 2022-10-21

Family

ID=74113563

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011096645.1A Active CN112235432B (en) 2020-10-14 2020-10-14 Method and device for supporting different networks to access label address

Country Status (1)

Country Link
CN (1) CN112235432B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113613274B (en) * 2021-09-01 2023-08-18 四川九州电子科技股份有限公司 Intelligent access configuration method based on Mesh networking

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243506A (en) * 2013-06-06 2014-12-24 中兴通讯股份有限公司 Browser redirection method and device
CN108683548A (en) * 2018-05-29 2018-10-19 四川斐讯信息技术有限公司 A kind of convenient method and system into configuration of routers interface
CN110879870A (en) * 2019-11-08 2020-03-13 深圳市友华软件科技有限公司 Page redirection method and device based on HTTP request

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2430849B (en) * 2004-01-09 2009-03-25 Matsushita Electric Ind Co Ltd IP Device Management Server and Network System

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243506A (en) * 2013-06-06 2014-12-24 中兴通讯股份有限公司 Browser redirection method and device
CN108683548A (en) * 2018-05-29 2018-10-19 四川斐讯信息技术有限公司 A kind of convenient method and system into configuration of routers interface
CN110879870A (en) * 2019-11-08 2020-03-13 深圳市友华软件科技有限公司 Page redirection method and device based on HTTP request

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
家庭网关的机顶盒零配置功能实现;肖军;《软件》;20171115;第38卷(第11期);全文 *

Also Published As

Publication number Publication date
CN112235432A (en) 2021-01-15

Similar Documents

Publication Publication Date Title
US9402175B2 (en) Selection of roaming gateway
US8989196B2 (en) Method and apparatus for providing host node awareness for multiple NAT64 environments
JP4832816B2 (en) Power savings for wireless packet-based networks
JP4452282B2 (en) Use of telephone services to submit requests for web information
US8917629B2 (en) Method and apparatus for detecting devices on a local area network
WO2017197582A1 (en) Home gateway and forwarding service method thereof
EP3668058B1 (en) Content distribution method and system
KR20030004135A (en) Method for transferring data form a server of virtual private network to mobile node
WO2016062077A1 (en) Method and apparatus for redirection to web page
CN101888338B (en) information forwarding method and gateway
CN112235432B (en) Method and device for supporting different networks to access label address
US20100023620A1 (en) Access controller
CN113542099A (en) Data transmission method, device, electronic equipment, medium and product
JP4600154B2 (en) Portable communication terminal, communication route selection method and communication route selection program
WO2019037120A1 (en) Two-way transparent proxy method and system
WO2015103738A1 (en) Content distribution method, apparatus and system
CN106254576B (en) Message forwarding method and device
JP5231513B2 (en) Resource record control system, resource record control method, application determination method and program
EP3021529B1 (en) Method and device for implementing layer 3 virtual private network
US10084923B2 (en) Method and system for dynamic trunk group based call routing
JP6898120B2 (en) Network system, network system address resolution method, and base-side connection device
KR100607690B1 (en) Dns system and method using default ipv6 address
GB2462939A (en) Email communications system having a secondary wireless link with static IP addresses
JP4263915B2 (en) Data communication system
JP2003115861A (en) Preferential selection name server system and client terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant