CN112235432B - Method and device for supporting different networks to access label address - Google Patents
Method and device for supporting different networks to access label address Download PDFInfo
- Publication number
- CN112235432B CN112235432B CN202011096645.1A CN202011096645A CN112235432B CN 112235432 B CN112235432 B CN 112235432B CN 202011096645 A CN202011096645 A CN 202011096645A CN 112235432 B CN112235432 B CN 112235432B
- Authority
- CN
- China
- Prior art keywords
- address
- http
- request
- gateway
- tracking table
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/741—Routing in networks with a plurality of addressing schemes, e.g. with both IPv4 and IPv6
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a method and a device for supporting a different network to access a label address, wherein the method comprises the following steps: if the HTTP GET request is received, judging whether a target port of the HTTP GET request is a TCP80 or not; if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment; if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table; and forwarding the HTTP GET request to the superior gateway, and turning to the IP address of gateway equipment by the superior gateway according to the connection tracking table. The invention achieves the aim of redirecting the access request of the user to the local router by calling the iptables rule and modifying the specific configuration options of the system kernel, thereby enabling the user to smoothly access the management page by accessing the label address and greatly facilitating the use of the user.
Description
Technical Field
The present invention relates to the field of network communication technologies, and in particular, to a method and an apparatus for supporting a different network to access a tag address.
Background
In a current gateway device, such as a router, a device label is usually marked with information such as an IP address (i.e. a label address) of the device, for example:
the power specification is 12V/1A;
SSID name YH-bGeQ;
SSID code 12345678;
the local management address is 192.168.0.1;
MAC address 00-11-22-33-44-BB.
When the router is in a bridge mode, the WAN port of the router is connected with the LAN port of the optical modem, the IP address of the router is no longer 192.168.0.1, but is distributed by the optical modem, the corresponding IP address is changed, and a user only knows that the user and the optical modem are in the same network segment and cannot know the accurate IP address of the user, so that the user cannot access the management page of the router through a browser.
Disclosure of Invention
Based on this, there is a need to provide a method and apparatus for supporting the access of a label address by a different network, so that a user can directly access a management page of a router by using the label address.
In order to achieve the above purpose, the invention adopts the following technical scheme.
The invention provides a method for supporting a different network to access a tag address, wherein the tag address is a local management address of a gateway device bridged with a superior gateway, and the method comprises the following steps:
if an HTTP GET request is received, judging whether a target port of the HTTP GET request is TCP80;
if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment;
if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table;
and forwarding the HTTP GET request to the superior gateway, and turning to the IP address of the gateway equipment by the superior gateway according to the connection tracking table.
In the above method, the step of redirecting the HTTP GET request to the local and calling the iptables rule to form a connection tracking table specifically includes:
assigning a value of 1 to/proc/sys/net/bridge/bridge-nf-call-iptables;
and calling a redirection iptables rule, enabling the HTTP GET to be diverted to a local machine, and forming the connection tracking table.
In the above method, the step of forwarding the HTTP GET request to the upper gateway, and the upper gateway steering the IP address of the gateway device according to the connection tracking table further includes:
performing NAT (network address translation) on the label address according to the connection tracking table to obtain an IP (Internet protocol) address of the gateway equipment;
and responding to the HTTP GET request, and sending response piece information with the IP address of the gateway equipment.
The invention also provides a device for supporting the access of a different network to a tag address, wherein the tag address is a local management address of a gateway device bridged with a superior gateway, and the device comprises:
the first judgment module is used for judging whether a destination port of the HTTP GET request is a TCP80 or not if the HTTP GET request is received;
a second determining module, configured to determine whether a destination address of the HTTP GET request and an IP address of the gateway device are in the same network segment if a destination port of the HTTP GET request is TCP80;
the redirection module is used for redirecting the HTTP GET request to the local and calling an iptables rule to form a connection tracking table if the HTTP GET request is not in the same network segment;
and the routing module is used for forwarding the HTTP GET request to the superior gateway, and the superior gateway turns to the IP address of the gateway equipment according to the connection tracking table.
In the above apparatus, the redirection module specifically includes:
the assignment unit is used for assigning the value of/proc/sys/net/bridge/bridge-nf-call-iptables to 1;
and the loopback unit is used for calling a redirection iptables rule, enabling the HTTP GET to be diverted to the local machine and forming the connection tracking table.
In the above apparatus, the routing module further includes:
the translation unit is used for carrying out NAT translation on the label address according to the connection tracking table to obtain the IP address of the gateway equipment;
and the feedback unit is used for responding to the HTTP GET request and sending receipt information with the IP address of the gateway equipment.
Aiming at the problem that a user cannot access a management page of a router due to the fact that an IP address of the router is changed in a bridge mode, the method achieves the purpose of redirecting an access request of the user to the local part of the router by calling an iptables rule and modifying a specific configuration option of a system kernel, so that the user can smoothly access the management page through accessing a tag address, and the method is greatly convenient for the user to use.
Drawings
Fig. 1 is a schematic flowchart illustrating a method for supporting a different network to access a tag address in this embodiment;
fig. 2 is a schematic block diagram of an apparatus for supporting a different network access tag address in this embodiment.
The implementation of the objects of the present invention and the functions and principles thereof will be further explained in the detailed description and the attached drawings.
Detailed Description
The following further description is made with reference to the drawings and specific embodiments.
As shown in fig. 1, this embodiment provides a method for supporting a different network to access a tag address, where the tag address refers to a local management address of a gateway device bridged with a higher-level gateway, and the method mainly includes the following steps:
s10: if the HTTP GET request is received, judging whether a target port of the HTTP GET request is TCP80;
s20: if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment;
s30: if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table;
s40: and forwarding the HTTP GET request to a superior gateway, and turning to the IP address of the gateway equipment by the superior gateway according to the connection tracking table.
Since the destination address of the HTTP GET request sent by the browser is random, for access requests of other destination addresses, the router operation principle in the prior art can be referred to for processing, and this embodiment mainly describes a method for processing the HTTP GET request whose destination address is a tag address of a gateway device (router, gateway).
When an HTTP GET request is received, whether a destination port of the request is an 80 port is judged firstly, so that whether the request is to access a management page of the gateway device is judged, if yes, the request is continued, and if not, the request is ignored.
Then, continuously judging whether the destination address of the request is in the same network segment with the IP address of the gateway equipment, if so, directly accessing; if not, go to the next step.
Taking a router of a Linux system as an example, because the IP address of the router may not be in the same network segment as the tag address in the bridge mode, for this reason, the present embodiment uses a redirection rule in the iptables rule to redirect the HTTP GET request to the local, and forms a connection tracking table.
Wherein, the step S30 specifically includes:
s31: assigning a value of 1 to/proc/sys/net/bridge/bridge-nf-call-iptables;
s32: and calling a redirection iptables rule, enabling the HTTP GET to be diverted to a local machine, and forming the connection tracking table.
When an HTTP GET request reaches a router, the system automatically calls a REDIRECT iptables rule because the value of/proc/sys/net/bridge/bridge-nf-call-iptables is 1, and the request is transferred to the local (REDIRECT) and forms a connection tracking table.
Step S40 further includes:
s41: performing NAT conversion on the label address according to the connection tracking table to obtain an IP address of the gateway equipment;
s42: responding to the HTTP GET request, and returning the response piece information with the IP address of the gateway equipment.
The steps are used for feeding back response piece information to the initiator of the HTTP GET request, namely the PC end, and displaying the access address of the HTTP GET request after being redirected.
For the sake of understanding, the following detailed description illustrates the principles of the present invention in a specific example.
Assume that the current network environment is as follows:
the upper gateway is 192.168.1.1 LAN dhcp address pool of 192.168.1.2-254
PC 192.168.1.5 LAN Address 192.168.1.1
Network path: PC < - - - - - - - > gateway equipment (router) < - - - - - - > superior gateway
Router bridge mode; the label address is 192.168.0.1; IP address 192.168.1.X.
First, we allow the iptables rule to be invoked at the link layer, i.e., the following code is executed:
echo 1>/proc/sys/net/bridge/bridge-nf-call-iptables。
when the PC accesses the management page of the router, if the input IP address is the label address of 192.168.0.1, the label address is not in the same network segment with the actual IP address of 192.168.1.X (X is a random number), so the access request is Forwarded (FORWARD) to the upper gateway, namely 192.168.1.1.
When the request reaches the router, because the value of 'proc/sys/net/bridge/bridge-nf-call-iptables' is already assigned to 1, the iptables rule is automatically called, the HTTP GET request is redirected to the local router through an 'iptables-t nat-I forwarding-d 192.168.0.1-p tcp-dport 80-j REDIRECT' instruction, and a connection tracking table is formed, wherein the table is in the following format:
in the table, src:192.168.1.5 refers to the IP address of PC, dst:192.168.0.1 refers to the destination address, src:127.0.0.1 refers to the redirected local machine address, dst:192.168.1.5 refers to the address after posing.
So far, the access request sent by the PC is diverted to 192.168.1.5, so that smooth access to the management page of the router is realized.
In addition, the router kernel sends a feedback message to the PC, where the message includes the following information:
127.0.0.1:80---->192.168.1.5:45676;
meanwhile, NAT conversion is carried out according to the connection tracking table, and a destination address is converted into an IP address of the gateway device:
192.168.0.1:80--->192.168.1.5:45676,
this is also receipt information received by the PC.
Therefore, the method of the embodiment can enable the user to directly access the management page of the router by using the label address, thereby greatly facilitating the use of the user.
Referring to fig. 2, the present invention further provides an apparatus 100 for supporting a heterogeneous network to access a tag address, where the tag address refers to a local management address of a gateway device bridged with a higher-level gateway, and the apparatus 100 includes:
a first determining module 10, configured to determine, if an HTTP GET request is received, whether a destination port of the HTTP GET request is a TCP80;
a second determining module 20, configured to determine whether a destination address of the HTTP GET request and an IP address of the gateway device are in the same network segment if a destination port of the HTTP GET request is TCP80;
a redirection module 30, configured to redirect the HTTP GET request to the local if the destination address of the HTTP GET request is not in the same network segment as the IP address of the gateway device, and invoke an iptables rule to form a connection tracking table;
and the routing module 40 is configured to forward the HTTP GET request to the upper gateway, and the upper gateway forwards the HTTP GET request to the IP address of the gateway device according to the connection tracking table.
The redirection module 30 specifically includes:
the assignment unit is used for assigning the value of/proc/sys/net/bridge/bridge-nf-call-iptables to 1;
and the loopback unit is used for calling a redirection iptables rule, enabling the HTTP GET to be diverted to the local machine and forming the connection tracking table.
In addition, the routing module 40 further includes:
a conversion unit 41, configured to perform NAT conversion on the tag address according to the connection tracking table to obtain an IP address of the gateway device;
and a feedback unit 42, configured to respond to the HTTP GET request and send response piece information with the IP address of the gateway device.
The conversion unit 41 and the feedback unit 42 are configured to feed back response piece information to the PC, which is the initiator of the HTTP GET request, and display the redirected access address of the HTTP GET request.
The functions and principles of the apparatus 100 for supporting a different network to access a tag address according to this embodiment may be described with reference to the embodiment shown in fig. 1, and are not described herein again.
In summary, the present invention achieves the purpose of redirecting the access request of the user to the local router by calling the iptables rule and modifying the specific configuration option of the system kernel, so that the user can smoothly access the management page by accessing the tag, thereby greatly facilitating the use of the user.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention.
Claims (6)
1. A method for supporting a different network to access a tag address, wherein the tag address is a local management address of a gateway device bridged with a higher-level gateway, the method comprising the steps of:
if an HTTP GET request is received, judging whether a target port of the HTTP GET request is TCP80;
if yes, judging whether the destination address of the HTTP GET request and the IP address of the gateway equipment are in the same network segment;
if the HTTP GET request is not in the same network segment, the HTTP GET request is redirected to the local, and an iptables rule is called to form a connection tracking table;
and forwarding the HTTP GET request to the superior gateway, and turning to the IP address of gateway equipment by the superior gateway according to the connection tracking table.
2. The method of claim 1, wherein the step of redirecting the HTTP GET request to the local and invoking iptables rules to form a connection tracking table specifically comprises:
assigning a value of 1 to/proc/sys/net/bridge/bridge-nf-call-iptables;
and calling a redirection iptables rule, enabling the HTTP GET to be diverted to a local machine, and forming the connection tracking table.
3. The method of claim 1 or 2, wherein the step of forwarding the HTTP GET request to the upper level gateway, the step of steering by the upper level gateway to the IP address of the gateway device according to the connection tracking table further comprises:
performing NAT (network Address translation) conversion on the label address according to the connection tracking table to obtain an IP (Internet protocol) address of the gateway equipment;
and responding to the HTTP GET request, and sending response piece information with the IP address of the gateway equipment.
4. An apparatus for supporting a heterogeneous network to access a tag address, wherein the tag address is a local management address of a gateway device bridged with a higher-level gateway, the apparatus comprising:
the first judgment module is used for judging whether a destination port of the HTTP GET request is a TCP80 or not if the HTTP GET request is received;
a second determining module, configured to determine whether a destination address of the HTTP GET request and an IP address of the gateway device are in the same network segment if a destination port of the HTTP GET request is TCP80;
the redirection module is used for redirecting the HTTP GET request to the local and calling an iptables rule to form a connection tracking table if the HTTP GET request is not in the same network segment;
and the routing module is used for forwarding the HTTP GET request to the superior gateway, and the superior gateway turns to the IP address of the gateway equipment according to the connection tracking table.
5. The apparatus according to claim 4, wherein the redirection module specifically comprises:
the assignment unit is used for assigning the value of/proc/sys/net/bridge/bridge-nf-call-iptables to 1;
and the loopback unit is used for calling a redirection iptables rule, enabling the HTTP GET to be transferred to the local machine and forming the connection tracking table.
6. The apparatus of claim 4 or 5, wherein the routing module further comprises:
the translation unit is used for carrying out NAT translation on the label address according to the connection tracking table to obtain an IP address of the gateway equipment;
and the feedback unit is used for responding to the HTTP GET request and sending receipt information with the IP address of the gateway equipment.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011096645.1A CN112235432B (en) | 2020-10-14 | 2020-10-14 | Method and device for supporting different networks to access label address |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011096645.1A CN112235432B (en) | 2020-10-14 | 2020-10-14 | Method and device for supporting different networks to access label address |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112235432A CN112235432A (en) | 2021-01-15 |
CN112235432B true CN112235432B (en) | 2022-10-21 |
Family
ID=74113563
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011096645.1A Active CN112235432B (en) | 2020-10-14 | 2020-10-14 | Method and device for supporting different networks to access label address |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112235432B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113613274B (en) * | 2021-09-01 | 2023-08-18 | 四川九州电子科技股份有限公司 | Intelligent access configuration method based on Mesh networking |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104243506A (en) * | 2013-06-06 | 2014-12-24 | 中兴通讯股份有限公司 | Browser redirection method and device |
CN108683548A (en) * | 2018-05-29 | 2018-10-19 | 四川斐讯信息技术有限公司 | A kind of convenient method and system into configuration of routers interface |
CN110879870A (en) * | 2019-11-08 | 2020-03-13 | 深圳市友华软件科技有限公司 | Page redirection method and device based on HTTP request |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2430849B (en) * | 2004-01-09 | 2009-03-25 | Matsushita Electric Ind Co Ltd | IP Device Management Server and Network System |
-
2020
- 2020-10-14 CN CN202011096645.1A patent/CN112235432B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104243506A (en) * | 2013-06-06 | 2014-12-24 | 中兴通讯股份有限公司 | Browser redirection method and device |
CN108683548A (en) * | 2018-05-29 | 2018-10-19 | 四川斐讯信息技术有限公司 | A kind of convenient method and system into configuration of routers interface |
CN110879870A (en) * | 2019-11-08 | 2020-03-13 | 深圳市友华软件科技有限公司 | Page redirection method and device based on HTTP request |
Non-Patent Citations (1)
Title |
---|
家庭网关的机顶盒零配置功能实现;肖军;《软件》;20171115;第38卷(第11期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN112235432A (en) | 2021-01-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9402175B2 (en) | Selection of roaming gateway | |
US8989196B2 (en) | Method and apparatus for providing host node awareness for multiple NAT64 environments | |
JP4832816B2 (en) | Power savings for wireless packet-based networks | |
JP4452282B2 (en) | Use of telephone services to submit requests for web information | |
US8917629B2 (en) | Method and apparatus for detecting devices on a local area network | |
WO2017197582A1 (en) | Home gateway and forwarding service method thereof | |
EP3668058B1 (en) | Content distribution method and system | |
KR20030004135A (en) | Method for transferring data form a server of virtual private network to mobile node | |
WO2016062077A1 (en) | Method and apparatus for redirection to web page | |
CN101888338B (en) | information forwarding method and gateway | |
CN112235432B (en) | Method and device for supporting different networks to access label address | |
US20100023620A1 (en) | Access controller | |
CN113542099A (en) | Data transmission method, device, electronic equipment, medium and product | |
JP4600154B2 (en) | Portable communication terminal, communication route selection method and communication route selection program | |
WO2019037120A1 (en) | Two-way transparent proxy method and system | |
WO2015103738A1 (en) | Content distribution method, apparatus and system | |
CN106254576B (en) | Message forwarding method and device | |
JP5231513B2 (en) | Resource record control system, resource record control method, application determination method and program | |
EP3021529B1 (en) | Method and device for implementing layer 3 virtual private network | |
US10084923B2 (en) | Method and system for dynamic trunk group based call routing | |
JP6898120B2 (en) | Network system, network system address resolution method, and base-side connection device | |
KR100607690B1 (en) | Dns system and method using default ipv6 address | |
GB2462939A (en) | Email communications system having a secondary wireless link with static IP addresses | |
JP4263915B2 (en) | Data communication system | |
JP2003115861A (en) | Preferential selection name server system and client terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |