CN113206865B - Remote packet capturing method and cloud management system - Google Patents
Remote packet capturing method and cloud management system Download PDFInfo
- Publication number
- CN113206865B CN113206865B CN202110343495.8A CN202110343495A CN113206865B CN 113206865 B CN113206865 B CN 113206865B CN 202110343495 A CN202110343495 A CN 202110343495A CN 113206865 B CN113206865 B CN 113206865B
- Authority
- CN
- China
- Prior art keywords
- packet
- packet capturing
- file
- module
- capturing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Abstract
The application provides a remote packet capturing method and a cloud management system. In the method, a cloud management system receives a packet capturing success state and a packet capturing file generated by packet capturing equipment through established long connection; storing the packet capturing file and generating an access address of the packet capturing file; storing a packet capturing success state and an access address; and providing a viewing Web page for showing the successful packet capturing state and the access address to the remote user so that the remote user downloads the packet capturing file through the access address.
Description
Technical Field
The application relates to the communication technology, in particular to a remote packet capturing method and a cloud management system.
Background
Packet capture (packet capture) is an operation of capturing, retransmitting, editing, unloading and the like data packets transmitted and received by a network. In order to locate the problem of the network device, the network operation and maintenance personnel need to issue a command to the network device or configure the command to access the network device, and perform packet capturing operation on the network device.
With the development of cloud computing and network communication technical services, network equipment is connected to a cloud end, and a user remotely communicates with the network equipment through a management interface of a cloud platform. In order to realize remote packet capturing operation, a user network deploys a public server for installing a packet capturing plug-in unit and transmits a packet capturing instruction to network equipment. And after receiving the packet capturing command from the server, the network equipment completes the packet capturing task and uploads the packet capturing file to the public server. And the user acquires the packet capturing file through the public server and analyzes the packet capturing file. The server is installed in a user environment, and after the user authorizes operation and maintenance personnel to access the public server, the operation and maintenance personnel can upgrade the plug-in of the public server, so that the user environment introduces network potential safety hazards. When the operation and maintenance personnel maintain and manage different network devices in the user network, for example, network devices of different security level departments in the same company network, these network devices that are captured and packaged need to be isolated, and servers are respectively deployed and different plug-ins are installed, thereby increasing the operation and maintenance cost.
Disclosure of Invention
The application aims to provide a remote packet capturing method and a cloud management system, and the remote packet capturing of network equipment is controlled at a cloud.
In order to achieve the above object, the present application provides a remote packet capturing method, in which a cloud management system receives a packet capturing success status and a packet capturing file generated by a packet capturing device through an established long connection; storing the packet capturing file and generating an access address of the packet capturing file; storing a packet capturing success state and an access address; and providing a viewing Web page for showing the successful package capture state and the access address to the remote user, so that the remote user can download the package capture file through the access address.
In order to achieve the above object, the present application further provides a cloud management system, including: the system comprises a user interface module, a service processing module, a device communication module, a file system module and a database module; the equipment communication module is used for receiving the packet capturing success state and the packet capturing file through the established long connection and sending the packet capturing success state and the packet capturing file to the service processing module; the service processing module stores the packet capturing file in the file system module, stores the packet capturing success state and the access address of the packet capturing file in the database module, provides the packet capturing file through the user interface module to check a Web page, and displays the packet capturing success state and the access address to a remote user; the file system module is used for storing the packet capturing file and providing an access address for downloading the packet capturing file; and the database module is used for storing the packet capturing success state and the access address. And the database module is used for storing the packet capturing success state and the access address.
The method and the device have the advantages that a special server with the plug-in is not required to be deployed, so that a user is not required to provide a special public server and install and upgrade the plug-in.
Drawings
Fig. 1 is a flowchart of a remote packet capturing method of a cloud management system according to the present application;
fig. 2 is an application scenario of the cloud management system provided in the present application;
fig. 3 is another application scenario of the cloud management system provided in the present application.
Detailed Description
A detailed description will be given of a number of examples shown in a number of figures. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present application. Well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the examples.
The term "including" as that term is used is meant to include, but is not limited to; the term "comprising" means including but not limited to; the terms "above," "within," and "below" are inclusive of the instant numbers; the terms "greater than" and "less than" mean that the number is not included. The term "based on" means based on at least a portion thereof.
Fig. 1 shows a remote packet capturing method applied to a cloud platform management system according to the present application, where the method includes the following steps:
102, storing the packet capturing file and generating an access address of the packet capturing file;
and step 104, providing a viewing Web page for displaying the packet capturing success state and the access address to the remote user.
The method of fig. 1 has the beneficial effects that a special server with plug-ins is not required to be deployed, so that a user is not required to provide a special public server, install the plug-ins and upgrade the plug-ins, and the user can remotely obtain the package capture files through the access address.
The application provides a cloud platform management system, this system includes: a user interface (Web UI) module, a service processing module, a device communication module, a file system module and a database (Data Base) module. The cloud platform management system does not need a user to provide a server, and does not need the user to install and upgrade related plug-ins. By deploying at the cloud, centralized management, maintenance and updating are carried out on the equipment which needs to be subjected to packet capturing processing.
In the application embodiment of the cloud platform management system shown in fig. 2, the device communication module 213 of the cloud platform management system 210 establishes a Web Socket connection with the network device 230 that needs to perform packet capture.
Various devices of the User 200 (such as various network terminals shown in fig. 2) may provide an operation Interface UI (User Interface) through the User Interface module 211, input a packet capture request message, and initiate a packet capture process.
The service processing module 212 receives the packet capturing request information from the user through the user interface module 211 to generate a packet capturing instruction; the packet capturing instruction parameters comprise message filtering rule information, maximum length of packet capturing messages, packet capturing processing time and other information. The packet capturing instruction can be realized by the person in the art according to the existing mode, and the packet capturing instruction is not limited in the application.
The device communication module 213 sends a packet capture instruction to the network device 230 as a packet capture device through the Web Socket connection. The network device 230 receives the packet capturing command, analyzes the command, obtains the parameters of the packet capturing, and starts the packet capturing task. After receiving the packet capturing instruction, the network device 230 may immediately start the packet capturing task, or start the packet capturing task according to the start time parameter of the packet capturing instruction, which is not limited in this application.
The process of the network device 230 executing the packet capture is an instruction execution process, and the network device 230 periodically sends the packet capture execution state to the device communication module 213 through the Web Socket connection. The device communication module 213 transmits the received packet capture execution state to the service processing module 212.
The service processing module 212 records the packet capturing execution state in the database module 214, provides the packet capturing execution state through the user interface module 211 to view the Web page, and displays the execution state of the packet capturing instruction to the user 200. The user 200 can display the packet capturing state through various devices to check the Web page, know the packet capturing execution process and further determine whether to reinitiate the packet capturing.
When the network device 230 finishes packet grabbing, the "packet grabbing success status" and its locally stored packet grabbing file are sent to the device communication module 213 through the Web Socket connection. The device communication module 213 sends the received "packet capture success status" to the service processing module 212 as a "packet capture file".
The transaction module 212 stores the bale of capture files in the file system module 215. The file system module 215 stores the bale file and provides a URL (uniform resource locator) for accessing and downloading the bale file.
The service processing module 212 stores the "package capture success status" and the access address URL of the package capture file in the database module 214, provides the package capture file through the user interface module 211 to view the Web page, and displays the package capture success status and the access address URL of the package capture file to the user 200.
The user 200 views the Web page by displaying the package capture file through various devices thereof, knows that the package capture is completed, and downloads the package capture file from the file system module 215 through the access address URL of the package capture file.
In the present embodiment, if the network device 230 fails to grab the packet, a packet-grabbing failure status is sent to the device communication module 213 through the Web Socket. The device communication module 213 sends the received packet capture failure status to the service processing module 212.
The service processing module 212 records the status of the bale plucking failure in the database module 214 and provides a bale plucking failure notification Web page through the user interface module 211. The user 200 notifies the Web page of the packet capturing failure displayed by various devices thereof, acquires the failure of the initiated packet forwarding process, and can reinitiate the packet capturing process through the packet capturing page provided by the user interface module 211.
In another cloud platform management system application embodiment shown in figure 3,
the device communication module 313 of the cloud platform management system 310 establishes a Web Socket connection as a long connection with the upstream device 330.
Various devices of the User 300 (such as various network terminals shown in fig. 3) may provide an operation Interface UI (User Interface) through the User Interface module 311, input the packet capture request information, and initiate the packet capture process.
The service processing module 312 receives the packet capturing request information from the user through the user interface module 311, generates an FTP start instruction, and sends the FTP start instruction to the device communication module 313.
The device communication module 313 sends the FTP start instruction to the upstream device 330 through the Web Socket connection. The uplink device 330 receives the FTP opening instruction, and opens an FTP (File Transfer Protocol) connection.
The upstream device 330 sends the downstream IP address for the FTP connection to the device communication module 313 through the Web Socket. The device communication module 313 sends the received IP address of the uplink device 330 establishing the FTP connection to the service processing module.
The service processing module 312 generates a packet capturing instruction according to the user packet capturing request information and the downlink IP address, and sends the generated packet sending instruction to the device communication module 313. The device communication module 313 sends a packet capture instruction to the upstream device 330 through the Web Socket.
The uplink device 330 receives the packet capturing instruction, and may forward the packet capturing instruction to the network device serving as the packet capturing device through a CAPWAP protocol packet (UDP protocol).
And the network equipment 340 side receives the packet capturing instruction, analyzes the instruction, acquires the parameters of the packet capturing and starts the packet capturing task. The network device 340 periodically establishes the FTP connection, and transmits a packet capturing execution state to the upstream device 330 through the FTP connection.
The uplink device 330 receives the packet capture state through the FTP connection, and sends the packet capture state to the device communication module 313 through the Web Socket connection. The device communication module 313 transmits the received packet capture execution status to the service processing module 312.
The service processing module 312 records the packet capturing execution state in the database module 314, provides the packet capturing execution state through the user interface module 311 to view a Web page, and displays the execution state of the packet capturing instruction to the user 300. The user 300 can check the Web page by displaying the packet capturing state through various devices, know the execution state of the packet capturing process in time, and further determine whether to reinitiate the packet capturing.
When the network device 340 finishes packet capturing, the FTP connection with the uplink device 330 is established according to the IP address carried by the packet capturing instruction, and the "packet capturing success status" and the packet capturing file stored locally are sent to the uplink device 330 through the FTP connection. The upstream device 330 forwards the "packet capture success status" and its locally stored packet capture file to the device communication module 313 via the Web Socket connection.
The device communication module 313 sends the received "packet capture success status" to the service processing module 312 as a "packet capture file". The transaction module 312 stores the capture file in the file system module 315. The file system module 315 stores the capture file and provides an access address URL for accessing and downloading the capture file.
The traffic handling module 312 stores the "bale plucking success status" and the access address URL of the bale plucking file in the database module 314.
The service processing module 312 stores the "package capture success status" and the access address URL of the package capture file in the database module 314, provides the package capture file through the user interface module 311 to view the Web page, and displays the package capture success status and the access address URL of the package capture file to the user 300.
The user 300 checks the Web page by displaying the package capture file through various devices, knows that the package capture is completed according to the 'package capture success state', and downloads the package capture file from the file system module 315 through the access address URL of the package capture file.
In this embodiment, if the network device 340 fails to capture the packet, the packet capture failure status is sent to the upstream device through the FTP connection.
The upstream device 340 sends a packet capture failure state to the device communication module 313 through a Web Socket. The device communication module 313 sends the received packet capture failure status to the service processing module 312. The service processing module 312 records the status of the package capture failure in the database module 314 and provides a package capture failure notification Web page through the user interface module 311. The user 300 notifies the Web page of the packet capturing failure displayed by various devices, acquires the packet capturing failure, and initiates the packet capturing process again through the packet capturing page provided by the user interface module 311.
The above description is only a preferred embodiment of the present application and should not be taken as limiting the present application, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present application should be included in the protection scope of the present application.
Claims (16)
1. A cloud management system, the cloud management system comprising: the system comprises a user interface module, a business processing module, a device communication module, a file system module and a database module;
the equipment communication module is used for receiving a packet capturing success state and a packet capturing file through the established long connection and sending the packet capturing success state and the packet capturing file to the service processing module;
the service processing module stores the packet capturing file in the file system module, stores the packet capturing success state and the access address of the packet capturing file in the database module, provides the packet capturing file through the user interface module to view a Web page, and displays the packet capturing success state and the access address to a remote user;
the file system module is used for storing the packet capturing file and providing the access address for downloading the packet capturing file;
and the database module is used for storing the packet capturing success state and the access address.
2. The system of claim 1, wherein the device communication module is further configured to send the received packet capture execution status and the received packet capture failure status to the service processing module by receiving the packet capture execution status and the packet capture failure status via the long connection;
the service processing module stores the packet capturing execution state and the packet capturing failure state in the file system module, provides a packet capturing state to view a Web page based on the packet capturing execution state stored in the database module through the user interface module, and provides a packet capturing failure notification Web page based on the packet capturing failure state stored in the database module through the user interface module.
3. The system of claim 2,
the user interface module is also used for providing a Web operation interface user interface for inputting the packet capturing request information for the remote user.
4. The system of claim 3,
the long connection established by the equipment communication module is used for connecting the packet capturing equipment;
the service processing module generates a packet capturing instruction based on the packet capturing request information and sends the packet capturing instruction to the equipment communication module;
the device communication module is further configured to send the packet capturing instruction through the long connection connected to the packet capturing device.
5. The system according to claim 4, wherein the device communication module is configured to receive the packet capture success status and the packet capture file, the packet capture execution status, and the packet capture failure status from the packet capture device via the long connection.
6. The system according to claim 3, wherein the long connection established by the equipment communication module is used for connecting the upstream equipment of the packet capturing equipment;
the service processing module is also used for generating an FTP starting instruction and sending the FTP starting instruction to the equipment communication module;
the communication module is further configured to send the FTP opening instruction through the long connection connected to the uplink device, receive a downlink IP address of the FTP connection established by the uplink device through the long connection, and send the downlink IP address to the service processing module.
7. The system according to claim 6, wherein the service processing module generates a packet capturing instruction according to the packet capturing request information and the downlink IP address, and sends the packet capturing instruction to the device communication module;
the device communication module is further configured to send the packet capturing instruction to the uplink device through the long connection, so that the uplink device forwards the packet capturing instruction to the packet capturing device.
8. The system according to claim 7, wherein the device communication module is configured to receive the packet grabbing success status and the packet grabbing file, the packet grabbing execution status, and the packet grabbing failure status from the packet grabbing device through the long connection from the upstream device.
9. A remote packet capturing method is applied to a cloud management system and is characterized by comprising the following steps:
receiving a packet capturing success state and a packet capturing file generated by packet capturing equipment through the established long connection;
storing the packet capturing file and generating an access address of the packet capturing file;
storing the packet grabbing success state and the access address;
and providing a viewing Web page for showing the package capture success state and the access address to a remote user, so that the remote user downloads the package capture file through the access address.
10. The method of claim 9, further comprising:
receiving a packet grabbing execution state and a packet grabbing failure state through the long connection;
storing the packet capturing execution state, and providing a packet capturing state to view a Web page based on the stored packet capturing execution state;
and storing the packet capturing failure state, and providing a packet capturing failure notification Web page based on the stored packet capturing failure state.
11. The method of claim 10, wherein prior to receiving the bale plucking success status generated by the bale plucking device and the bale plucking file over the established long connection, the method further comprises:
and providing a Web operation interface user interface to receive the packet capturing request information input by the remote user.
12. A method according to claim 11, characterized in that the established long connection is used to connect the bale plucking device; the method further comprises the following steps:
generating a packet capturing instruction based on the packet capturing request information;
and sending the packet grabbing command through the long connection connected with the packet grabbing equipment.
13. The method of claim 12, further comprising:
the packet capture success status, the packet capture file, the packet capture execution status, and the packet capture failure status are received via the long connection to the packet capture device.
14. The method according to claim 13, wherein the established long connection is used to connect an upstream device of a packet grabbing device; the method further comprises the following steps:
generating an FTP starting instruction, sending the FTP starting instruction through the long connection connected with the uplink equipment, and receiving a downlink IP address of the FTP connection established by the uplink equipment through the long connection connected with the uplink equipment.
15. The method of claim 14, further comprising:
generating a packet capturing instruction according to the packet capturing request information and the downlink IP address;
and sending the packet capturing instruction to the uplink equipment through the long connection connected with the uplink equipment so that the uplink equipment forwards the packet capturing instruction to the packet capturing equipment.
16. The method of claim 15, wherein the packet capture success status and the packet capture file, the packet capture execution status, and the packet capture failure status are received by a long connection connecting the upstream device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110343495.8A CN113206865B (en) | 2021-03-30 | 2021-03-30 | Remote packet capturing method and cloud management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110343495.8A CN113206865B (en) | 2021-03-30 | 2021-03-30 | Remote packet capturing method and cloud management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113206865A CN113206865A (en) | 2021-08-03 |
| CN113206865B true CN113206865B (en) | 2023-03-31 |
Family
ID=77025895
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110343495.8A Active CN113206865B (en) | 2021-03-30 | 2021-03-30 | Remote packet capturing method and cloud management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113206865B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114285764A (en) * | 2021-12-30 | 2022-04-05 | 北京天融信网络安全技术有限公司 | Packet capturing method and device and storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107566218A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | A kind of flux auditing method suitable for cloud environment |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102137092A (en) * | 2010-12-10 | 2011-07-27 | 华为技术有限公司 | Method and system for supporting conference system media packet capturing in multimedia subsystem |
| CN102412999B (en) * | 2011-12-23 | 2014-12-03 | 华为技术有限公司 | Packet capturing based remote fault location method, system and device |
| US9043439B2 (en) * | 2013-03-14 | 2015-05-26 | Cisco Technology, Inc. | Method for streaming packet captures from network access devices to a cloud server over HTTP |
-
2021
- 2021-03-30 CN CN202110343495.8A patent/CN113206865B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107566218A (en) * | 2017-09-20 | 2018-01-09 | 杭州安恒信息技术有限公司 | A kind of flux auditing method suitable for cloud environment |
Non-Patent Citations (2)
| Title |
|---|
| Generating Block IO Trace Data from a Cloud Site Using Packet Capture and Analyzing the IO Trace Data;Kazutaka Ogihara;《2019 Seventh International Symposium on Computing and Networking Workshops (CANDARW)》;20191129;全文 * |
| 云存储环境下的网络安全防御系统设计;邹雀平;《数字通信世界》;20190901;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113206865A (en) | 2021-08-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1182819B1 (en) | Home network controlling via e-mails | |
| CN101194233A (en) | System and method of testing wireless component applications | |
| CN101815106B (en) | Method and equipment for establishing dynamic GRE (Generic Routing Encapsulation) tunnel | |
| CN101138219A (en) | Application of communication method between client computer | |
| CN109548022B (en) | Method for mobile terminal user to remotely access local network | |
| CN107239308B (en) | Method and system for realizing calling function of browser | |
| CN113206865B (en) | Remote packet capturing method and cloud management system | |
| CN106255155A (en) | A kind of data transmission method based on mobile Internet and system | |
| CN106909826B (en) | Password substitution device and system | |
| US20060264241A1 (en) | Base station log collection device, method for collecting logs of base station and computer program product | |
| WO2013189398A2 (en) | Application data push method, device, and system | |
| CN101022364A (en) | Trap message reporting method and system warning information resource/warning agent service device | |
| CN109286665B (en) | Real-time mobile game long link processing method and device | |
| CN109166205B (en) | Parking lot access control system, adaptation method and Internet of things gateway | |
| EP3313039A1 (en) | Home gateway, communication management method and communication system thereof | |
| CN101159763B (en) | Method and apparatus for downloading mobile information equipment characteristic application program | |
| JP4855441B2 (en) | COMMUNICATION DEVICE, TELECOMMUNICATION ANALYSIS SYSTEM, AND COMMUNICATION METHOD | |
| CN107566476B (en) | Access method, SDN controller, forwarding equipment and user access system | |
| CN106302605A (en) | Real-time messages repeater system based on OpenFire server and implementation method | |
| JP2001154964A (en) | Method for distributing data resources | |
| US8612751B1 (en) | Method and apparatus for entitled data transfer over the public internet | |
| KR100546510B1 (en) | Apparatus and Method for Monitoring Important System Messages in CDMA System | |
| CN105808418B (en) | Test machine register method, apparatus and system | |
| CN112738032B (en) | Communication system for preventing IP deception | |
| CN100375464C (en) | Method for data communication of every terminal when network interconnecting |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |