CN112565159B - Method for plugging abnormal user equipment and electronic equipment - Google Patents
Method for plugging abnormal user equipment and electronic equipment Download PDFInfo
- Publication number
- CN112565159B CN112565159B CN201910912586.1A CN201910912586A CN112565159B CN 112565159 B CN112565159 B CN 112565159B CN 201910912586 A CN201910912586 A CN 201910912586A CN 112565159 B CN112565159 B CN 112565159B
- Authority
- CN
- China
- Prior art keywords
- user equipment
- abnormal user
- equipment
- target gateway
- network address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2101/00—Indexing scheme associated with group H04L61/00
- H04L2101/60—Types of network addresses
- H04L2101/618—Details of network addresses
- H04L2101/622—Layer-2 addresses, e.g. medium access control [MAC] addresses
Abstract
The invention discloses a method for plugging abnormal user equipment and electronic equipment, which are used for solving the problems of low efficiency and high labor cost of plugging the abnormal user equipment. The scheme comprises the following steps: acquiring network address translation information, wherein the network address translation information comprises a mapping relation between a public network address of user equipment and target gateway equipment to which the user equipment belongs, and the target gateway equipment is in communication connection with the user equipment; determining a media access control address of the abnormal user equipment through the target gateway equipment based on the network address conversion information and the public network address of the abnormal user equipment; and plugging the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment. The scheme provided by the application can automatically position the abnormal user equipment, efficiently plug the abnormal user equipment, avoid the abnormal user equipment from being reconnected to the network after the disconnection, and has the advantages of high accuracy, low cost and long plugging effectiveness.
Description
Technical Field
The present invention relates to the field of communications, and in particular, to a method for blocking an abnormal user equipment and an electronic device.
Background
With continuous innovation of mobile internet technology and fusion and innovation of application, some lawbreakers crime network security through internet technology, the situation of network security becomes more severe, major network security accidents happen sometimes, and some lawbreakers can launch security attacks through home wide networks.
In the prior art, network positioning and plugging are often performed on abnormal user equipment in a manual positioning mode, and the method is low in efficiency and needs to consume more manpower. How to efficiently and accurately plug abnormal user equipment is a technical problem to be solved by the application.
Disclosure of Invention
The embodiment of the application aims to provide a method for plugging abnormal user equipment and electronic equipment, and aims to solve the problems of low efficiency and high labor cost of plugging the abnormal user equipment.
In a first aspect, a method for blocking an abnormal user equipment is provided, including:
acquiring network address translation information, wherein the network address translation information comprises a mapping relation between a public network address of user equipment and target gateway equipment to which the user equipment belongs, and the target gateway equipment is in communication connection with the user equipment;
determining a media access control address of the abnormal user equipment through the target gateway equipment based on the network address conversion information and a public network address of the abnormal user equipment;
and plugging the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
In a second aspect, an electronic device is provided, comprising:
the system comprises a collecting unit, a judging unit and a processing unit, wherein the collecting unit is used for collecting network address conversion information, and the network address conversion information comprises a mapping relation between a public network address of user equipment and target gateway equipment to which the user equipment belongs, and the target gateway equipment is in communication connection with the user equipment;
a determining unit, configured to determine, by the target gateway device, a media access control address of an abnormal user device based on the network address translation information and a public network address of the abnormal user device;
and the plugging unit is used for plugging the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
In a third aspect, an electronic device is provided, the electronic device comprising a processor, a memory and a computer program stored on the memory and executable on the processor, the computer program, when executed by the processor, implementing the steps of the method according to the first aspect.
In a fourth aspect, a computer-readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, realizes the steps of the method according to the first aspect.
In the embodiment of the application, the media access control address of the abnormal user equipment is determined through the acquired network address conversion information and the external network address of the abnormal user equipment, and then the media access control address of the abnormal user equipment is blocked. The scheme provided by the application can automatically position the abnormal user equipment, efficiently plug the abnormal user equipment, avoid the abnormal user equipment from being reconnected to the network after the disconnection, and has the advantages of high accuracy, low cost and long plugging effectiveness.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic diagram of connectivity of network devices in a network system;
fig. 2 is a schematic flow chart of a method for blocking an abnormal user equipment according to the present invention;
fig. 3 is a second flowchart of a method for blocking an abnormal ue according to the present invention;
fig. 4 is a third flowchart illustrating a method for blocking an abnormal ue according to the present invention;
fig. 5 is a fourth flowchart illustrating a method of blocking an abnormal ue according to the present invention;
fig. 6 is a fifth flowchart illustrating a method for blocking an abnormal ue according to the present invention;
fig. 7 is a sixth flowchart illustrating a method of blocking an abnormal ue according to the present invention;
FIG. 8 is one of the schematic structural diagrams of an electronic device of the present application;
fig. 9 is a second schematic structural diagram of an electronic device according to the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without inventive step based on the embodiments of the present invention, are within the scope of protection of the present invention. The reference numbers in the present application are only used for distinguishing the steps in the scheme and are not used for limiting the execution sequence of the steps, and the specific execution sequence is described in the specification.
In the field of communication technology, some users can use terminal devices to surf the internet through a mobile home broadband network, and fig. 1 is a schematic diagram of network device connectivity in a network system. The Mobile home Broadband Network is usually connected to an Optical Line Terminal (OLT) of a Gigabit-Capable Passive Optical Network (GPON) through an Optical Network Unit (ONU), connected to Broadband Network Gateway control equipment (BNG) through the OLT, and finally connected to a Core Router (CR) at an outlet of a metropolitan area Network to a China Mobile internet (cmnetwork) in province. The terminal device may access the BNG device through a Point-to-Point Protocol over Ethernet (PPPOE) mode based on the Ethernet, and implement Network Address Translation (NAT) of the private Network Address and the public Network Address on the BNG device.
When an illegal user crimes through the network, a worker logs in each device in the network system one by one to track and position, finally positions the BNG device communicated with the illegal user, and determines an Internet Protocol Address (IP) of the illegal user connected with the BNG device. The determined IP is then kicked off the line on the BNG device to cut off the illegitimate subscriber network. However, this method can only cut off the user's network temporarily, and the user can dial up again to get the public network IP to surf the internet, establish a new network connection, and continue to pass the network crime. Therefore, the network can be cut off only temporarily in this way, and the effect is poor.
In order to solve the problems in the prior art, the present application provides a method for blocking an abnormal user equipment, as shown in fig. 2, including the following steps:
s21: acquiring network address translation information, wherein the network address translation information comprises a mapping relation between a public network address of user equipment and target gateway equipment to which the user equipment belongs, and the target gateway equipment is in communication connection with the user equipment;
s22: determining a media access control address of the abnormal user equipment through the target gateway equipment based on the network address conversion information and a public network address of the abnormal user equipment;
s23: and plugging the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
In step S21, the collected network address translation information includes the mapping relationship between the public network IP of the user equipment and the BNG device to which the user equipment belongs. For example, the NAT translation address pool may be periodically collected on the BNG device of the home gateway, and the public network IP corresponding to the user device belonging to the BNG device may be collected. For example, after the end time of the project specified by the province, the NAT public network address pools of all the BNG devices in the province are collected to obtain the mapping relationship between the public network IP of the user equipment in the province and the BNG device to which the user equipment belongs.
Step S21 in the present application may be executed by the acquisition unit, and the acquired network address translation information may be stored in the storage unit, and may be called and obtained from the storage unit when the network address translation information needs to be used. The network address conversion information acquired by the acquisition unit can be directly stored in the storage unit in a covering manner, so that the information in the storage unit is consistent with the actual situation.
And a synchronization unit can be arranged between the storage unit and the acquisition unit, and the synchronization unit can be used for screening the acquired network address conversion information and storing the changed information into the storage unit. Preferably, the step S21 includes: and periodically collecting the network address conversion information by taking preset time as an interval. For example, the 6 o' clock acquisition unit executes the above steps every day to obtain the network address conversion information, and before the network address conversion information acquired on the current day is stored in the storage unit, the storage unit stores the network address conversion information acquired on the previous day. The synchronization unit is configured to determine updated information according to the network address translation information acquired on the previous day and the network translation information acquired on the current day, where the updated information may include information that the network address translation information acquired on the current day is different from the network address translation information acquired on the previous day. Then, the synchronization unit overwrites the updated information in the storage unit to realize information updating. Therefore, the information quantity of the read-write information of the storage unit can be reduced, the efficiency is improved, and the acquisition time is saved.
After the network Address translation information is collected, step S22 is executed to determine a Media Access Control Address (MAC) of the abnormal user device according to the collected network Address translation information and the public network Address of the abnormal user device. The MAC address may also be referred to as a MAC address, which is an address used to identify the location of the network device. The MAC address is used to uniquely identify a network card in the network, and for a user equipment including a network card, the MAC address may identify the user equipment.
In the actual application process, once the abnormal user equipment is identified, the public network address of the abnormal user equipment can be determined according to the behavior of the abnormal user equipment. Subsequently, the network address translation information stored in the storage unit may be called, and the target BNG device corresponding to the public network address of the abnormal user device may be searched in the network address translation information. Then, the MAC address of the abnormal subscriber device can be determined by the target BNG device determining the public network address of the abnormal subscriber device.
After determining the MAC address of the abnormal user device, step S23 is executed, and the MAC address of the abnormal user device is blocked by the target BNG device determined in the above step, so as to block the abnormal user device. Because the MAC address corresponds to the network card of the abnormal user equipment, the abnormal user equipment can not surf the internet in a reconnection mode after the MAC address is blocked, the blocking effect is good, and the blocking time is long.
In the embodiment of the application, the media access control address of the abnormal user equipment is determined through the acquired network address conversion information and the external network address of the abnormal user equipment, and then the media access control address of the abnormal user equipment is blocked. The scheme provided by the application can automatically position the abnormal user equipment, efficiently plug the abnormal user equipment, avoid the abnormal user equipment from being reconnected to the network after the disconnection, and has the advantages of high accuracy, low cost and long plugging effectiveness.
Based on the method provided by the foregoing embodiment, preferably, the foregoing step S22, as shown in fig. 3, includes the following steps:
s221: sending a session user query instruction to the target gateway equipment;
s222: determining an internal network address corresponding to the public network address of the abnormal user equipment according to the session user information fed back by the target gateway equipment;
s223: sending an intranet user information query instruction to the target gateway equipment;
s224: and determining a media access control address corresponding to the intranet address of the abnormal user equipment according to intranet user information fed back by the target gateway equipment, wherein the intranet user information comprises a mapping relation between the intranet address of the user equipment in communication connection with the target gateway equipment and the media access control address.
In this embodiment, the SESSION user query instruction sent to the target gateway device may be a real-time query instruction of the NAT SESSION. After receiving the real-time query instruction of NAT SESSION ashing, the target gateway device feeds back SESSION user information according to the actual NAT conversion situation, where the SESSION user information may include a correspondence between a public network address and an internal network address of a user connected to the network through the target gateway device. Therefore, according to the session user information fed back by the target gateway device and the public network address of the abnormal user device, the internal network address of the abnormal user device can be determined.
And then, sending an intranet user information query instruction to the target gateway equipment, and feeding back the whole home-wide-area user information table by the target gateway equipment according to the intranet user information query instruction. The home wide area user information table comprises the corresponding relation between the intranet address and the MAC address of each user connected with the target gateway in the home wide area. In addition, the home wide area user information report may further include information such as connection interface information and connection status of each device and the target gateway device.
According to the scheme provided by the application, the session user information and the intranet user information can be obtained by sending the instruction to the target gateway equipment, the intranet address of the abnormal user equipment is further determined according to the public network address of the abnormal user equipment, and the MAC address of the abnormal user equipment is finally determined. By the scheme provided by the application, the MAC address of the abnormal user equipment can be accurately determined through the target gateway equipment, so that the abnormal user equipment can be blocked in a targeted manner.
Based on the method provided in the foregoing embodiment, preferably, the intranet user information further includes sub-interface information for communication connection between the gateway device and the user equipment, and as shown in fig. 4, before the step S23, the method further includes the following steps:
s24: determining target sub-interface information of communication connection between the abnormal user equipment and target gateway equipment according to the intranet user information;
the step S23 includes:
s231: and blocking the media access control address of the abnormal user equipment under the target sub-interface according to the target sub-interface information.
In this embodiment of the application, the intranet user information includes sub-interface information of a communication connection between the target gateway device and the abnormal user device, and the target sub-interface information may be determined according to the intranet user information. And then, performing targeted plugging on the abnormal user equipment according to the target sub-interface information and the MAC address of the abnormal user equipment. Specifically, a preset blocking policy for the MAC address may be invoked under the target sub-interface.
According to the scheme provided by the application, not only can the MAC address of the abnormal user equipment be determined, but also the sub-interface of the abnormal user equipment connected with the target gateway equipment can be determined, and then the abnormal user equipment is blocked in a targeted manner according to the target sub-interface information and the MAC address of the abnormal user equipment.
Based on the method provided in the foregoing embodiment, preferably, as shown in fig. 5, after step S23, the method further includes:
s25: generating a plugging record according to the abnormal user equipment for plugging, wherein the plugging record comprises at least one of the following items: the media access control address of the abnormal user equipment, the target gateway equipment to which the abnormal user equipment belongs, and the target sub-interface information of the communication connection between the abnormal user equipment and the target gateway equipment.
The blocking record generated by the scheme of the application can be stored in the storage unit, and the blocking record can include the blocking condition of abnormal user equipment, such as 'successful blocking' or 'failed blocking'. When the plugging fails, the plugging record may further include a reason of the plugging failure, and then the abnormal user equipment may be plugged again according to the reason of the plugging failure. When plugging is successful, the plugging record may include time information of successful plugging, MAC address of abnormal user to be plugged, target sub-interface information, target gateway device information, and the like.
Through the scheme, the related information of plugging can be recorded after the abnormal user equipment is plugged. The plugging information can be used for analyzing abnormal user equipment, such as tracing and evidence obtaining for network security crimes.
Based on the method provided in the foregoing embodiment, preferably, as shown in fig. 6, after step S25, the method further includes:
s26: and according to the blocking record, decapsulating the media access control address of the abnormal user equipment through a target sub-interface of the target gateway equipment.
In the embodiment of the application, the blocking record generated according to the scheme can be decapsulated for the abnormal user equipment. Specifically, the blocking record may be stored in the storage unit, and when the abnormal user equipment needs to be decapsulated, the blocking record may be retrieved from the storage unit to obtain the blocking information of the abnormal user equipment. When the blocking information includes the MAC address of the abnormal user information and the target sub-interface of the target gateway device, the operation of deblocking the abnormal user device may be performed through the target sub-interface recorded in the blocking record.
The operation of deblocking may correspond to an actual blocking operation, for example, if the blocking operation is to invoke a preset blocking policy for the MAC address of the abnormal user equipment at the target subinterface, the preset blocking policy invoked for the MAC address of the abnormal user equipment at the target subinterface may be deleted when deblocking is performed. In addition, after the deblocking operation is executed, a deblocking record can be generated according to the deblocking condition, and the deblocking record and the blocking record can be stored in the storage unit together. If the abnormal user equipment affects the network security again after deblocking, secondary blocking can be performed on the abnormal user equipment, and the blocking time can be prolonged according to actual conditions.
By the scheme provided by the application, the blocked abnormal user equipment can be unblocked. Because the plugging record comprises the related information of the abnormal plugging user equipment, the abnormal user equipment can be rapidly and efficiently unsealed according to the plugging information.
Based on the method provided in the foregoing embodiment, preferably, as shown in fig. 7, before the foregoing step S23, the method further includes:
s27: determining whether the abnormal user equipment is blocked or not according to the blocking record;
wherein, the step S23 includes:
s232: and when the abnormal user equipment is not blocked, blocking the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
In the practical application process, after the abnormal user equipment performs the action of endangering the network security, a period of time is often needed to be discovered. For example, the abnormal user device periodically attacks the website, and when a website worker finds that the website is attacked for the first time and successfully positions and blocks the abnormal user device, the website is attacked for three times by the user device. Then, as the abnormal user equipment is already blocked, the abnormal user blocking does not need to be executed again for the second and third attacks to the website.
In the scheme, before the abnormal user equipment is blocked, whether the abnormal user equipment is blocked or not is determined according to the blocking record. If the abnormal user equipment is not blocked, the MAC address of the abnormal user equipment may be blocked by the scheme provided in the above embodiment, and if it is known that the abnormal user equipment has been blocked according to the blocking record, the blocking does not need to be performed again.
By the scheme provided by the application, whether the abnormal user equipment is blocked or not can be determined before the blocking is executed, the blocking does not need to be executed again for the abnormal user equipment which is blocked, and the calculation amount is reduced.
In order to solve the problems in the prior art, as shown in fig. 8, the present application provides an electronic device 80, including:
the device comprises an acquisition unit 81 for acquiring network address translation information, wherein the network address translation information comprises a mapping relation between a public network address of user equipment and target gateway equipment to which the user equipment belongs, and the target gateway equipment is in communication connection with the user equipment;
a determining unit 82, configured to determine, by the target gateway device, a media access control address of an abnormal user device based on the network address translation information and a public network address of the abnormal user device;
and a blocking unit 83 configured to block, according to the mac address of the abnormal user equipment, the abnormal user equipment through the target gateway device.
Based on the electronic device provided in the foregoing embodiment, the determining unit 82 is configured to:
sending a session user query instruction to the target gateway equipment;
determining an internal network address corresponding to the public network address of the abnormal user equipment according to the session user information fed back by the target gateway equipment;
sending an intranet user information query instruction to the target gateway equipment;
and determining a media access control address corresponding to the intranet address of the abnormal user equipment according to intranet user information fed back by the target gateway equipment, wherein the intranet user information comprises a mapping relation between the intranet address of the user equipment in communication connection with the target gateway equipment and the media access control address.
Based on the electronic device provided in the foregoing embodiment, the intranet user information further includes sub-interface information of a gateway device in communication connection with the user device, and the determining unit 82, before plugging the abnormal user device through the target gateway device according to the media access control address of the abnormal user device, is further configured to:
determining target sub-interface information of communication connection between the abnormal user equipment and target gateway equipment according to the intranet user information;
the plugging unit 83 is further configured to:
and blocking the media access control address of the abnormal user equipment under the target sub-interface according to the target sub-interface information.
Based on the electronic device provided in the foregoing embodiment, as shown in fig. 9, the electronic device further includes a generating unit 84, and after the abnormal user device is blocked by the target gateway device according to the media access control address of the abnormal user device, the generating unit 84 is configured to:
generating a plugging record according to the abnormal user equipment for plugging, wherein the plugging record comprises at least one of the following items: the media access control address of the abnormal user equipment, the target gateway equipment to which the abnormal user equipment belongs, and the target sub-interface information of the communication connection between the abnormal user equipment and the target gateway equipment.
Based on the electronic device provided in the foregoing embodiment, after generating a plugging record according to the abnormal user device for plugging, the plugging unit 83 is further configured to:
and according to the blocking record, decapsulating the media access control address of the abnormal user equipment through a target sub-interface of the target gateway equipment.
Based on the electronic device provided in the foregoing embodiment, before the blocking, by the target gateway device, the abnormal user equipment according to the mac address of the abnormal user equipment, the blocking unit 83 is further configured to:
determining whether the abnormal user equipment is blocked or not according to the blocking record;
and when the abnormal user equipment is not blocked, blocking the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
Based on the electronic device provided in the above embodiment, the acquisition unit 81 is configured to:
and periodically collecting the network address conversion information by taking preset time as an interval.
The electronic device provided by the application can determine the media access control address of the abnormal user equipment through the acquired network address conversion information and the external network address of the abnormal user equipment, and further block the media access control address of the abnormal user equipment. The scheme provided by the application can automatically position the abnormal user equipment, efficiently plug the abnormal user equipment, avoid the abnormal user equipment from being reconnected to a network after the disconnection, and has the advantages of high accuracy, low cost and long plugging effectiveness.
In addition to the units mentioned in the above embodiments, the electronic device provided in the present application may further include a synchronization unit, which may be configured to complete information synchronization with the NAT address pool on the BNG device after collecting the information. In addition, the device can also comprise a storage unit which can be used for storing the acquired acquisition information, the synchronization information of the synchronization unit and the plugging information. In addition, the device can further comprise an input unit, which can be used for inputting a command for completing the blocking and the deblocking, including inputting the MAC address and the port information of the abnormal user equipment. In addition, a positioning unit can be further included for completing the home positioning of the gateway device according to the information input by the input unit and finally positioning to the MAC address information of the user. In addition, the system can further comprise a plugging unit, which is used for finishing instruction interaction with the BNG gateway device, and calling a plugging strategy or a deblocking strategy to perform plugging and deblocking operations on a specified home-wide user. In addition, the electronic device provided by the embodiment of the application may further include an output unit, which may be used to output log information about whether the blocking and the deblocking are successful or not, so as to prepare for post-check audit.
The scheme realizes target IP positioning through an automatic means, comprises positioning analysis of intranet information before NAT conversion, can automatically realize by depending on a system device if the final MAC address of a user and the information of a sub-interface are acquired, does not need manual participation, does not need technical personnel to have high technical level, does not need to cross professional processing problems, only needs to interact with information of BNG equipment, can realize automatic high-efficiency plugging or deblocking of the user through adding or deleting strategies under the sub-interface, and realizes cost reduction and efficiency improvement through an IT automatic supporting means.
Preferably, an embodiment of the present invention further provides an electronic device, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, where the computer program, when executed by the processor, implements each process of the above method for blocking an abnormal user equipment, and can achieve the same technical effect, and in order to avoid repetition, details are not described here again.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when executed by a processor, the computer program implements each process of the above method for blocking an abnormal user equipment, and can achieve the same technical effect, and is not described herein again to avoid repetition. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (10)
1. A method of blocking an abnormal user device, comprising:
acquiring network address translation information, wherein the network address translation information comprises a mapping relation between a public network address of user equipment and target gateway equipment to which the user equipment belongs, and the target gateway equipment is in communication connection with the user equipment;
obtaining target gateway equipment corresponding to the public network address of the abnormal user equipment based on the network address conversion information and the public network address of the abnormal user equipment, and determining the media access control address of the abnormal user equipment through the target gateway equipment;
and plugging the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
2. The method of claim 1, wherein the determining, by the target gateway device, the mac address of the anomalous user device based on the network address translation information and the public network address of the anomalous user device comprises:
sending a session user query instruction to the target gateway equipment;
determining an internal network address corresponding to the public network address of the abnormal user equipment according to the session user information fed back by the target gateway equipment;
sending an intranet user information query instruction to the target gateway equipment;
and determining a media access control address corresponding to the intranet address of the abnormal user equipment according to intranet user information fed back by the target gateway equipment, wherein the intranet user information comprises a mapping relation between the intranet address of the user equipment in communication connection with the target gateway equipment and the media access control address.
3. The method according to claim 2, wherein the intranet user information further includes sub-interface information of a gateway device in communication connection with a user device, wherein before the abnormal user device is plugged by the target gateway device according to a media access control address of the abnormal user device, the method further comprises:
determining target sub-interface information of communication connection between the abnormal user equipment and target gateway equipment according to the intranet user information;
the blocking the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment comprises:
and blocking the media access control address of the abnormal user equipment under the target sub-interface according to the target sub-interface information.
4. The method of any one of claims 1 to 3, wherein after the abnormal user equipment is blocked by the target gateway device according to the MAC address of the abnormal user equipment, the method further comprises:
generating a plugging record according to the abnormal user equipment for plugging, wherein the plugging record comprises at least one of the following items: the media access control address of the abnormal user equipment, the target gateway equipment to which the abnormal user equipment belongs, and the target sub-interface information of the communication connection between the abnormal user equipment and the target gateway equipment.
5. The method of claim 4, wherein after generating a blockage record from the anomalous user device that is blocked, the method further comprises:
and according to the blocking record, the media access control address of the abnormal user equipment is unpacked through a target sub-interface of the target gateway equipment.
6. The method of claim 4, wherein prior to blocking the anomalous user device by the target gateway device based on a media access control address of the anomalous user device, the method further comprises:
determining whether the abnormal user equipment is blocked or not according to the blocking record;
wherein the blocking the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment comprises:
and when the abnormal user equipment is not blocked, blocking the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
7. The method of any of claims 1 to 3, wherein the collecting network address translation information comprises:
and periodically collecting the network address conversion information by taking preset time as an interval.
8. An electronic device, comprising:
the system comprises a collecting unit, a processing unit and a processing unit, wherein the collecting unit is used for collecting network address conversion information, the network address conversion information comprises a mapping relation between a public network address of user equipment and target gateway equipment to which the user equipment belongs, and the target gateway equipment is in communication connection with the user equipment;
the determining unit is used for obtaining a target gateway device corresponding to the public network address of the abnormal user equipment based on the network address conversion information and the public network address of the abnormal user equipment, and determining the media access control address of the abnormal user equipment through the target gateway device;
and the plugging unit is used for plugging the abnormal user equipment through the target gateway equipment according to the media access control address of the abnormal user equipment.
9. An electronic device, comprising: memory, processor and computer program stored on the memory and executable on the processor, which computer program, when executed by the processor, carries out the steps of the method according to any one of claims 1 to 7.
10. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910912586.1A CN112565159B (en) | 2019-09-25 | 2019-09-25 | Method for plugging abnormal user equipment and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910912586.1A CN112565159B (en) | 2019-09-25 | 2019-09-25 | Method for plugging abnormal user equipment and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112565159A CN112565159A (en) | 2021-03-26 |
| CN112565159B true CN112565159B (en) | 2022-09-13 |
Family
ID=75029345
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910912586.1A Active CN112565159B (en) | 2019-09-25 | 2019-09-25 | Method for plugging abnormal user equipment and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112565159B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101068242A (en) * | 2007-05-31 | 2007-11-07 | 武汉虹旭信息技术有限责任公司 | Method for obtaining internal and external network address mapping relation in safety auditing system |
| CN101465889A (en) * | 2008-12-03 | 2009-06-24 | 北京星网锐捷网络技术有限公司 | Network address translation equipment and request method of response address analysis protocol |
| CN105991785A (en) * | 2015-02-09 | 2016-10-05 | 中兴通讯股份有限公司 | Tracking method and apparatus for network accessed user |
| CN106211217A (en) * | 2015-04-30 | 2016-12-07 | 深圳市商机无限网络科技有限公司 | A kind of WIFI network method for auditing safely, platform |
| CN107169805A (en) * | 2017-06-23 | 2017-09-15 | 上海斐讯数据通信技术有限公司 | A kind of advertisement placement method, apparatus and system |
| CN110061993A (en) * | 2019-04-23 | 2019-07-26 | 新华三技术有限公司 | A kind of log generation method, device and access device comprising public network exit address |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107872364A (en) * | 2017-10-12 | 2018-04-03 | 上海斐讯数据通信技术有限公司 | A kind of monitoring method of router state, apparatus and system |
-
2019
- 2019-09-25 CN CN201910912586.1A patent/CN112565159B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101068242A (en) * | 2007-05-31 | 2007-11-07 | 武汉虹旭信息技术有限责任公司 | Method for obtaining internal and external network address mapping relation in safety auditing system |
| CN101465889A (en) * | 2008-12-03 | 2009-06-24 | 北京星网锐捷网络技术有限公司 | Network address translation equipment and request method of response address analysis protocol |
| CN105991785A (en) * | 2015-02-09 | 2016-10-05 | 中兴通讯股份有限公司 | Tracking method and apparatus for network accessed user |
| CN106211217A (en) * | 2015-04-30 | 2016-12-07 | 深圳市商机无限网络科技有限公司 | A kind of WIFI network method for auditing safely, platform |
| CN107169805A (en) * | 2017-06-23 | 2017-09-15 | 上海斐讯数据通信技术有限公司 | A kind of advertisement placement method, apparatus and system |
| CN110061993A (en) * | 2019-04-23 | 2019-07-26 | 新华三技术有限公司 | A kind of log generation method, device and access device comprising public network exit address |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112565159A (en) | 2021-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103220182B (en) | The system and method for intelligent terminal managing family gateway | |
| KR101425002B1 (en) | Remote activation of home devices | |
| US7991861B2 (en) | Method, device and system for configuring device parameters in digital subscriber line access network | |
| CN109474508B (en) | VPN networking method, VPN networking system, VPN master node equipment and VPN master node medium | |
| CN112217771B (en) | Data forwarding method and data forwarding device based on tenant information | |
| CN101515927A (en) | Isolation mode supportive internet access control method, system and equipment | |
| CN101754221A (en) | Data transmission method between heterogeneous systems and data transmission system | |
| CN110661670A (en) | Network equipment configuration management method and device | |
| CN101483543A (en) | Network management method and system, terminal and automatic configuration server | |
| CN113271299B (en) | Login method and server | |
| CN105162769B (en) | A kind of method and device of gateway permission transfer | |
| CN101415002B (en) | Method for preventing message aggression, data communication equipment and communication system | |
| CN108093097A (en) | The connection method of camera and home gateway and home gateway | |
| CN109660887B (en) | Method for adapting ONU to different OLTs | |
| CN108011870B (en) | A kind of remote software online upgrading information automatic identification management method | |
| JP5105942B2 (en) | ONU automatic registration method | |
| CN112565159B (en) | Method for plugging abnormal user equipment and electronic equipment | |
| CN105337766A (en) | Network element automatic discovery method and system based on DHCP | |
| CN108040031A (en) | One kind is based on portal protocol realization AC black and white lists control methods | |
| CN100413248C (en) | Improved method and system for carrying out charging based on flow | |
| CN101815240A (en) | Service opening method, communication system and relevant equipment | |
| CN113364820A (en) | Equipment control method and device of Internet of things service system | |
| CN104396216A (en) | Methods for identifying network traffic characteristics to correlate and manage one or more subsequent flows and devices thereof | |
| CN105827637A (en) | Method and system for configuring IMS (IP Multimedia Subsystem) fixed phone number | |
| US20230037602A1 (en) | Information processing method and apparatus, node device, server and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |