CN112565167A - 一种访问控制列表acl的检测方法及网络设备 - Google Patents
一种访问控制列表acl的检测方法及网络设备 Download PDFInfo
- Publication number
- CN112565167A CN112565167A CN201910920032.6A CN201910920032A CN112565167A CN 112565167 A CN112565167 A CN 112565167A CN 201910920032 A CN201910920032 A CN 201910920032A CN 112565167 A CN112565167 A CN 112565167A
- Authority
- CN
- China
- Prior art keywords
- bdd
- acl
- sub
- parameter information
- bdds
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2521—Translation architectures other than single NAT servers
- H04L61/2535—Multiple local networks, e.g. resolving potential IP address conflicts
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5046—Resolving address allocation conflicts; Testing of addresses
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (15)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910920032.6A CN112565167A (zh) | 2019-09-26 | 2019-09-26 | 一种访问控制列表acl的检测方法及网络设备 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910920032.6A CN112565167A (zh) | 2019-09-26 | 2019-09-26 | 一种访问控制列表acl的检测方法及网络设备 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112565167A true CN112565167A (zh) | 2021-03-26 |
Family
ID=75030118
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910920032.6A Pending CN112565167A (zh) | 2019-09-26 | 2019-09-26 | 一种访问控制列表acl的检测方法及网络设备 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112565167A (zh) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6651096B1 (en) * | 1999-04-20 | 2003-11-18 | Cisco Technology, Inc. | Method and apparatus for organizing, storing and evaluating access control lists |
US6658458B1 (en) * | 2000-06-22 | 2003-12-02 | Cisco Technology, Inc. | Cascading associative memory arrangement |
US20100199344A1 (en) * | 2009-02-02 | 2010-08-05 | Telcordia Technologies, Inc. | Redundancy detection and resolution and partial order dependency quantification in access control lists |
CN102932328A (zh) * | 2012-09-26 | 2013-02-13 | 上海交通大学 | 一种基于二进制序列集合的访问控制策略合成方法 |
CN105790929A (zh) * | 2016-04-19 | 2016-07-20 | 清华大学 | 一种基于规则冗余消除的加密环境中高效访问控制方法 |
CN106034054A (zh) * | 2015-03-17 | 2016-10-19 | 阿里巴巴集团控股有限公司 | 冗余访问控制列表acl规则文件检测方法和装置 |
CN108512782A (zh) * | 2017-02-24 | 2018-09-07 | 华为数字技术(苏州)有限公司 | 访问控制列表分组调整方法、网络设备和系统 |
CN108540427A (zh) * | 2017-03-02 | 2018-09-14 | 株式会社理光 | 冲突检测方法和检测设备、访问控制方法和访问控制装置 |
-
2019
- 2019-09-26 CN CN201910920032.6A patent/CN112565167A/zh active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6651096B1 (en) * | 1999-04-20 | 2003-11-18 | Cisco Technology, Inc. | Method and apparatus for organizing, storing and evaluating access control lists |
US6658458B1 (en) * | 2000-06-22 | 2003-12-02 | Cisco Technology, Inc. | Cascading associative memory arrangement |
US20100199344A1 (en) * | 2009-02-02 | 2010-08-05 | Telcordia Technologies, Inc. | Redundancy detection and resolution and partial order dependency quantification in access control lists |
CN102932328A (zh) * | 2012-09-26 | 2013-02-13 | 上海交通大学 | 一种基于二进制序列集合的访问控制策略合成方法 |
CN106034054A (zh) * | 2015-03-17 | 2016-10-19 | 阿里巴巴集团控股有限公司 | 冗余访问控制列表acl规则文件检测方法和装置 |
CN105790929A (zh) * | 2016-04-19 | 2016-07-20 | 清华大学 | 一种基于规则冗余消除的加密环境中高效访问控制方法 |
CN108512782A (zh) * | 2017-02-24 | 2018-09-07 | 华为数字技术(苏州)有限公司 | 访问控制列表分组调整方法、网络设备和系统 |
CN108540427A (zh) * | 2017-03-02 | 2018-09-14 | 株式会社理光 | 冲突检测方法和检测设备、访问控制方法和访问控制装置 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9245626B2 (en) | System and method for packet classification and internet protocol lookup in a network environment | |
US10257084B2 (en) | Implementing a software defined network based on event records | |
US9270704B2 (en) | Modeling network devices for behavior analysis | |
US8750106B2 (en) | Interface control system and interface control method | |
CN101345759B (zh) | 关联存储器中的因特网协议安全性匹配值 | |
US10397116B1 (en) | Access control based on range-matching | |
WO2018082592A1 (zh) | 一种报文处理方法以及网络设备 | |
US20180367431A1 (en) | Heavy network flow detection method and software-defined networking switch | |
KR20120106640A (ko) | 시스템 온 칩 기반의 패킷 필터링을 제공할 수 있는 디바이스 및 패킷 필터링 방법 | |
US9264257B2 (en) | Dynamic ternary content-addressable memory carving | |
CN109921995A (zh) | 一种配置地址表的方法、fpga和应用该fpga的网络设备 | |
US7177313B2 (en) | Method and system for converting ranges into overlapping prefixes for a longest prefix match | |
CN109408517B (zh) | 规则的多维度搜索方法、装置、设备及可读存储介质 | |
CN107529352B (zh) | 用于软件定义的数据中心网络的协议独立的可编程交换机(pips) | |
US9330760B2 (en) | Method and apparatus for setting TCAM entry | |
CN112565167A (zh) | 一种访问控制列表acl的检测方法及网络设备 | |
US9590897B1 (en) | Methods and systems for network devices and associated network transmissions | |
CN112217780A (zh) | 用于在计算机网络中识别攻击的设备和方法 | |
US20180198704A1 (en) | Pre-processing of data packets with network switch application -specific integrated circuit | |
CN109347734A (zh) | 一种报文发送方法、装置、网络设备和计算机可读介质 | |
CN114244555B (zh) | 一种安全策略的调整方法 | |
CN114915592A (zh) | 用于聚合组的端口绑定的方法、系统、存储介质及设备 | |
CN115867898A (zh) | 使用基于熵的bdd压缩进行网络模型检查的方法、系统和介质 | |
CN114363273A (zh) | 处理报文的方法和芯片 | |
CN113872784A (zh) | 网络配置的验证方法和装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20211222 Address after: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Applicant after: HUAWEI TECHNOLOGIES Co.,Ltd. Address before: 215123 Building A3, Creative Industry Park, 328 Xinghu Street, Suzhou Industrial Park, Jiangsu Province Applicant before: Huawei digital technology (Suzhou) Co.,Ltd. Effective date of registration: 20211222 Address after: 450046 Floor 9, building 1, Zhengshang Boya Plaza, Longzihu wisdom Island, Zhengdong New Area, Zhengzhou City, Henan Province Applicant after: Super fusion Digital Technology Co.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Applicant before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |