CN114401243B

CN114401243B - Data packet sending method, device, equipment and medium

Info

Publication number: CN114401243B
Application number: CN202210285031.0A
Authority: CN
Inventors: 成少波; 王伟
Original assignee: Beijing Zhizhangyi Technology Co ltd
Current assignee: Beijing Zhizhangyi Technology Co ltd
Priority date: 2022-03-23
Filing date: 2022-03-23
Publication date: 2022-06-28
Anticipated expiration: 2042-03-23
Also published as: CN114401243A

Abstract

The invention discloses a data packet sending method, a device, equipment, a medium and a product. The method comprises the following steps: acquiring data packet analysis data of a target application through an address conversion module, updating target address information in the data packet analysis data into proxy address information, and sending the proxy address information to a system application; packaging the updated data packet analysis data according to system protocol information through the system application to form a target data packet, and sending the target data packet to the agent module; and updating the proxy address information in the target data packet into the target address information through the proxy module, and sending the updated target data packet. The embodiment of the invention reduces the implementation cost of data packet analysis processing and improves the stability of data packet transmission.

Description

Data packet sending method, device, equipment and medium

Technical Field

The present invention relates to the field of computer data processing technologies, and in particular, to a method, an apparatus, a device, and a medium for sending a data packet.

Background

With the rapid development of mobile intelligent terminals, more and more iphones based on the IOS system are used. Inside the IOS intelligent terminal, the existence of malicious applications can cause the confidential information of a user to be stolen; outside the IOS intelligent terminal, a malicious network site may cause economic and physical harm to the user.

At present, two schemes are generally adopted for realizing the firewall function on the IOS system: scheme 1: firstly, root is performed on the IOS system (to obtain a high-level authority to modify the IOS system), and after the root is completed, a system private API (Application Programming Interface) is called to realize a firewall function, for example: firewall IP (Firewall internet protocol address). Scheme 2: and guiding the Network flow of the IOS equipment to a VPN service end by using a VPN (Virtual Private Network) implementation mode, wherein the service end realizes the interception and the release of the specified address according to a configuration rule.

Among them, the scheme 1 has a large risk to the root of the operating system, and may cause other security problems. In the scheme 2, an independent VPN server must be deployed and maintained, and the actual use is complex; and in an application scenario of a system with a large number of devices, high concurrency requests may have concurrency problems resulting in delayed responses.

Disclosure of Invention

The invention provides a data packet sending method, a data packet sending device, data packet sending equipment and a data packet sending medium, which are used for reducing the implementation cost of data packet analysis processing and improving the stability of data packet transmission.

According to an aspect of the present invention, there is provided a packet transmission method, including:

Acquiring data packet analysis data of a target application through an address conversion module, updating target address information in the data packet analysis data into proxy address information, and sending the proxy address information to a system application;

through the system application, packaging the updated data packet analysis data according to system protocol information to form a target data packet, and sending the target data packet to the agent module;

and updating the proxy address information in the target data packet into the target address information through the proxy module, and sending the updated target data packet.

According to another aspect of the present invention, there is provided a packet transmission apparatus, comprising:

the address conversion module is used for acquiring data packet analysis data of a target application, updating target address information in the data packet analysis data into proxy address information and sending the proxy address information to the system application;

the system application is used for encapsulating the updated data packet analysis data according to system protocol information to form a target data packet and sending the target data packet to the agent module;

and the proxy module is used for updating the proxy address information in the target data packet into the target address information and sending the updated target data packet.

According to another aspect of the present invention, there is provided an electronic apparatus including:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the method of transmitting data packets according to any of the embodiments of the present invention.

According to another aspect of the present invention, there is provided a computer-readable storage medium storing computer instructions for causing a processor to implement the method for transmitting data packets according to any of the embodiments of the present invention when the computer instructions are executed.

According to another aspect of the present invention, a computer program product is provided, which is characterized in that the computer program product comprises a computer program, which when executed by a processor implements the method for transmitting a data packet according to any of the embodiments of the present invention.

The technical scheme of the embodiment of the invention obtains the data packet analysis data, updates the target address information into the proxy address information, adopts the native system application to carry out native protocol encapsulation to obtain the target data packet, sends the target data packet to the proxy module pointed by the proxy address information, updates the proxy address information of the target data packet into the target address information through the proxy module, forwards the target data packet outwards, realizes that the target data packet can be accurately encapsulated and forwarded to a sender pointed by the target address information after being analyzed and processed, improves the transmission accuracy of the target data packet, solves the problems of high implementation cost and low safety caused by the fact that a deployment server and a root operating system carry out screening processing on the target data packet, does not need to deploy an additional server, can reduce the implementation cost of sending the data packet after being analyzed and processed, and simultaneously adopts the native system application to carry out data packet encapsulation, the stability and the safety of data packet transmission can be improved.

It should be understood that the statements in this section are not intended to identify key or critical features of the embodiments of the present invention, nor are they intended to limit the scope of the invention. Other features of the present invention will become apparent from the following description.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings required to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the description below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.

Fig. 1 is a flowchart of a method for sending a data packet according to an embodiment of the present invention;

fig. 2 is a flowchart of a data packet sending method according to a second embodiment of the present invention;

fig. 3 is a flowchart of a method for sending a data packet according to a third embodiment of the present invention;

fig. 4a is a schematic diagram of a packet sending method according to a fourth embodiment of the present invention;

fig. 4b is a diagram of a scenario of a data packet sending method according to a fourth embodiment of the present invention;

fig. 4c is a schematic diagram of an application scenario according to the fourth embodiment of the present invention;

Fig. 5 is a schematic structural diagram of a data packet sending apparatus according to a fifth embodiment of the present invention;

fig. 6 is a schematic structural diagram of an electronic device implementing the packet sending method according to the embodiment of the present invention.

Detailed Description

In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, shall fall within the protection scope of the present invention.

It should be noted that the term "comprises/comprising" and any variations thereof in the description and claims of this invention and the above-described drawings is intended to cover non-exclusive inclusions, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

Example one

Fig. 1 is a flowchart of a packet sending method according to an embodiment of the present invention, where the embodiment is applicable to a case of track packet sending, and the method may be executed by a packet sending apparatus, where the packet sending apparatus may be implemented in a form of hardware and/or software, and the packet sending apparatus may be configured in an electronic device. As shown in fig. 1, the method includes:

s110, acquiring data packet analysis data of the target application through an address conversion module, updating target address information in the data packet analysis data into proxy address information, and sending the proxy address information to the system application.

The address translation module is used for translating the address into other addresses. Specifically, the address translation module is configured to translate destination address information in the packet parsing data into proxy address information. The Address Translation module may be a Network Address Translation (NAT) application. The target application is used for communicating with the server, sending the target data packet to the server and receiving a response data packet fed back by the server aiming at the target data packet. The packet parsing data may refer to data obtained by parsing a target packet. Specifically, the data packet is a Protocol-encapsulated data packet, for example, a TCP (Transmission Control Protocol) Protocol-encapsulated data packet, and also a UDP (User Datagram Protocol) Protocol-encapsulated data packet, where the data packet parsing data is IP (Internet Protocol Address) data, the system application is used for parsing the data packet and for encapsulating the data packet parsing data according to a Protocol, the functions of packet parsing and encapsulation of the system application are native functions of the IOS system and not functions developed by a third party, the target Address information is used for pointing to a sender to which the data packet parsing data needs to be sent, the proxy Address information is used for pointing to the current device, the target Address information is updated to proxy Address information used for changing the data packet parsing data sent to the sender to be sent to the current device, the data packet analysis module may specifically send the data packet analysis data to a module in the current device for processing, and exemplarily send the data packet analysis data to the proxy module.

And S120, encapsulating the updated data packet analysis data according to system protocol information through the system application to form a target data packet, and sending the target data packet to the agent module.

The system protocol information is used for encapsulating the data packet analysis data, and may refer to information of a native protocol. Native protocol refers to the protocol of native encapsulation functions that native device systems can implement. And encapsulating the data packet analysis data according to system protocol information, wherein the process is the same as the encapsulation process involved in the process of sending the data packet to the server by the target application. The target data packet is a data packet which needs to be sent to the sender. And the data packet analysis data is encapsulated by a protocol to form a target data packet.

S130, updating the proxy address information in the target data packet into the target address information through the proxy module, and sending the updated target data packet.

The proxy module is used for modifying the sending address of the target data packet and forwarding the target data packet. Actually, the destination address information of the packet analysis data forming the destination packet is updated to the proxy address information, and the destination packet is sent to the initial sender, and the proxy address information needs to be readjusted to the destination address information, so that the destination packet is sent according to the destination address information, and it is ensured that the destination packet can be accurately sent to the initial sender.

In the prior art, a target application program provides data packet data, and sends the data packet to a system application for encapsulation, so as to obtain a target data packet, and sends the target data packet to a sender, namely a server. If the target data packet is to be processed before being sent, a VPN server needs to be deployed, or root processing needs to be carried out on an IOS system. In the present application, after the analysis data of the target data packet is obtained, the analysis data of the target data packet needs to be processed. Wherein, the processed object is the data packet analysis data. The processing may be to screen the target data packet to be transmitted, to encrypt the target data packet, to add, delete, modify, check, etc. the target data packet may be a packet of a data packet. The target data packet can be analyzed by adopting the system application to obtain data packet analysis data of the target data packet, and after the data packet analysis data is processed, the target address information of the data packet analysis data is updated into proxy address information through the address conversion module, so that the data packet analysis data is sent to the system application for encapsulation to form the target data packet. And at the moment, the sending address of the target data packet is proxy address information and points to the proxy module, the target data packet is sent to the proxy module, the proxy module updates the proxy address information into the target address information, so that the sending address of the target data packet is the target address information, the sender initially sent by the target application is recovered, the updated target data packet is sent outwards, and the target data packet is accurately sent to the sender pointed by the target address information.

Example two

Fig. 2 is a flowchart of a data packet sending method according to a second embodiment of the present invention, which details the above embodiment and sends the data packet to an agent module, specifically: sending, by the system application, the target data packet to an internal proxy module based on the internal connection, the proxy module including an internal proxy module and an external proxy module; establishing a corresponding relation between the internal connection and the source address information of the target data packet through the internal agent module, and sending the target data packet to the external agent module; updating the proxy address information in the target data packet to the target address information through the proxy module, and sending the updated target data packet, which is embodied as follows: updating the proxy address information in the target data packet to the target address information through the external proxy module; and sending the updated target data packet to a server pointed by the target address information through the external agent module based on external connection. As shown in fig. 2, the method includes:

S210, acquiring data packet analysis data of the target application through an address conversion module, updating target address information in the data packet analysis data into proxy address information, and sending the proxy address information to the system application.

S220, encapsulating the updated data packet analysis data according to system protocol information through the system application to form a target data packet, and sending the target data packet to an internal agent module based on internal connection, wherein the agent module comprises an internal agent module and an external agent module.

The internal connection is used for the system application to communicate with the internal proxy module. Specifically, the internal connection refers to an internal socket connection. The agent module comprises an internal agent module and an external agent module, wherein the internal agent module is used for internal communication, specifically, internal connection establishment, target data packet sending by the system application is received through the internal connection, and data is sent to the system application, and the external agent module is used for external communication, specifically, external connection establishment, data sending by an external server is received through the external connection, and data is sent to the external server.

S230, the target data packet is sent to the external agent module through the internal agent module.

The internal agent module is in communication connection with the external agent module, and the internal agent module can send the target data packet to the external agent module.

S240, updating the proxy address information in the target data packet to the target address information through the external proxy module.

Target address information before data packet analysis data of the target data packet is updated to proxy address information, so that the target address information needs to be recovered before the target data packet is sent, and therefore the target data packet can be accurately sent to a server to which the target address information points.

Optionally, the address translation module caches the target address information while updating the target address information to the proxy address information, and the external proxy module reads the cached target address information from the address translation module and updates the proxy address information to the target address information. The cached data may specifically include establishing a correspondence between destination address information and source address information, and exemplarily, establishing correspondence management between the source port and the destination port, for example, establishing a key value pair by using the source port as a key and using the destination port as a value. In addition, the corresponding relation between the destination port and the destination IP address can be increased, so that the external agent module can determine the destination port and the destination IP address according to the source port, serve as destination address information and update the agent address information. In addition, the destination IP address can be determined without requiring a correspondence between the destination port and the destination IP address. For example, the address translation module updates the proxy address information to the destination address information by exchanging the destination address information and the source address information, that is, the destination address information is new source address information, and the source address information is new destination address information. The source address information points to the target application, namely the local device, so that the source IP address is the local IP address, and the address translation module updates the source port in the source address information to the monitoring port of the proxy module, thereby realizing that the new target address information points to the internal proxy module. In fact, at this point, the destination IP address and the source IP address are interchanged. When the external agent module needs to update the agent address information into the target address information, the new target IP address and the new source IP address can be exchanged again to be restored into the target IP address and the source IP address of the original target data packet.

And S250, sending the updated target data packet to a server pointed by the target address information through the external agent module based on external connection.

The external connection is used for the external agent module to communicate with the server. Specifically, the external connection refers to an external socket connection.

In a specific example, the updating the destination address information in the packet parsing data to the proxy address information includes: the first source IP address and the first destination IP address are exchanged through the address translation module, the first destination port is modified into a monitoring port of the proxy module, and the corresponding relation between the first source port and the first destination port is established and cached. At this time, the address information of the formed destination packet is: a second source IP address, a second source port, a second destination IP address, and a second destination port. The second source IP address is a first destination IP address, the second source port is a first source port, the second destination IP address is a first source IP address, and the second destination port is a monitoring port of the proxy module. For example, the address information of the packet parsing data is: source IP address: y.y.y, source port: 54321. destination IP address: x.x.x.x and destination port: 4444. after the target address information is updated to the proxy address information, the data packet analysis data is: source IP address: x.x.x, source port: 54321. destination IP address: y.y.y.y and destination port: 33333 (snoop port of proxy module).

The system application analyzes the data of the updated data packet, encapsulates the data to form a target data packet, and sends the target data packet according to new target address information, namely proxy address information, the internal proxy module monitors that data transmission exists, receives the target data packet through the internal connection, and establishes and caches the corresponding relation between the internal connection and the source port. The internal agent module forwards the destination packet to the external agent module. The external agent module receives a target data packet sent by the internal agent module, acquires the corresponding relation between the first source port and the first destination port from the address translation module, and determines the first destination port according to the first source port in the target data packet. In addition, the foreign agent module may obtain the first destination IP address from the address translation module, or may determine the first destination IP address as the second destination IP address according to the second source IP address of the destination data packet. And the external agent module generates an updated target data packet according to the acquired target data packet, the first target port and the first target IP address. For example, the second source IP address and the second destination IP address in the destination data packet are interchanged, or the second source IP address is updated to the first source IP address and the second destination IP address is updated to the first destination IP address. And updating a second destination port in the target data packet to be a first destination port, updating a second source port to be a port generated randomly, establishing a corresponding relation with the external socket connection, caching, avoiding exposing the source port to the outside, and protecting the safety of the source port. At this time, the updated address information of the destination packet is: a third source IP address, a third source port, a third destination IP address, and a third destination port. The third source IP address is the first source IP address, the third source port is a port randomly generated by the operating system, the third destination IP address is the first destination address, and the third destination port is the first destination port. For example, the address information of the target packet before updating is: source IP address: x.x.x, source port: 54321. destination IP address: y.y.y.y and destination port: 33333. the updated target address information of the target data packet is as follows: source IP address: y.y.y, source port: 66666. destination IP address: x.x.x.x and destination port: 4444.

Optionally, after sending the updated target data packet, the method further includes: receiving, by the proxy module, a response packet associated with the target packet, updating target address information of the response packet to application address information of the target application, and sending the response packet to the system application; analyzing the updated response data packet according to the system protocol information through the system application to obtain response packet analysis data, and sending the response packet analysis data to the address conversion module; and acquiring the response packet analysis data through the address conversion module, updating the source address information of the response data packet into service address information, and sending the updated response packet analysis data.

After the target data packet is sent, the server responds to the target data packet, and the server sends a response data packet to the local device. The proxy module receives a response data packet sent by the server, and the target address information of the response data packet fed back by the server is used for pointing to the proxy module due to the communication between the server and the proxy module. In practice, the response packet is sent to the target application, and the target address information of the response packet should be directed to the target application. The application address information may refer to a port pointing to a target application. And updating the target address information into application address information so as to accurately send the response packet analysis data to the target application. And the proxy module sends the updated response data packet to the system application, analyzes the response packet through the native data packet analysis function to obtain response packet analysis data, and sends the response packet analysis data to the address conversion module. The service address information is used to point to the server feeding back the response packet, and the service address information may refer to a port pointing to the service. The address translation module is further used for updating the source address information in the response packet parsing data into the service address information, so that the response packet parsing data is accurately described as a data packet sent from the server. The second time updated response packet parsing data is sent, the response packet parsing data may be sent to the target application, and the target application may be caused to determine that the response packet parsing data is a data packet sent from the server.

In the process of sending the data packet, the agent module establishes the corresponding relation between the internal connection and the port in advance. Therefore, when the response data packet is sent, the corresponding port is determined according to the internal connection needing to be transmitted, the corresponding port is determined as the application address information, and the target address information of the response data packet is updated. In the process of sending the data packet, the address translation module establishes a corresponding relation between a first source port and a first destination port in data packet analysis data of a sent target data packet in advance. Accordingly, the destination address information of the response packet parsing data should be the source address information of the packet parsing data, and the source address information of the response packet parsing data should be the destination address information of the packet parsing data. The proxy module updates the target address information into application address information, and the application address information is the same as the source address information of the data packet analysis data, so that the address conversion module only needs to update the source address information into the target address information of the data packet analysis data, wherein the target address information of the data packet analysis data is the same as the service address information. Therefore, according to the pre-established corresponding relation, the address conversion module can query the first destination port in the data packet analysis data according to the destination port of the response packet analysis data, namely the first source port in the data packet analysis data, determine the first destination port as the service address information, and update the source address information of the response packet analysis data, specifically update the source port of the response packet analysis data.

The target address information is updated into application address information through the agent module to point to the target application, response packet analysis data is sent to the system application for analysis, source address information in the response packet analysis data is updated into service address information through the address conversion module to point to the server, response packet analysis data fed back by the server is accurately sent to the target application, and response accuracy is improved.

Optionally, the sending the updated response packet analysis data includes: the updated response packet analysis data is sent to the system application through the address conversion module; and encapsulating the updated response packet analysis data through the system application, and sending the encapsulated response packet analysis data to the target application.

The system application is also used for encapsulating the updated response packet analysis data and forming a response data packet which aims at the target application. And sending the response data packet to the target application, where the target application may process the response data packet, for example, the target application is a browser, and the browser may parse the response data packet, generate display content, and display the display content in the browser.

The response packet analysis data are sent to the system application for packaging to form a response data packet, the response packet analysis data can be packaged by adopting a native data packet packaging function, the packaging accuracy of the response data packet is improved, and therefore the response data packet is stably and accurately transmitted in local equipment.

In one particular example, the agent modules include an internal agent module and an external agent module. Receiving, by the agent module, a response packet associated with the target packet, and sending the response packet to the system application, including: receiving a response data packet fed back by the server based on external connection through the external agent module, and sending the response data packet to the internal agent module; and updating the target address information of the response data packet into application address information of the target application based on the internal connection through an internal proxy module, and forwarding the updated response data packet to the system application. Based on the external connection, the external agent module updates the fourth destination port in the response packet to the destination port corresponding to the external connection (i.e., transmits the response packet) according to the corresponding relationship between the external connection and the port. Wherein the corresponding relationship is based on the corresponding relationship between the source port of the target data packet transmitted by the external connection and the external connection. And the fourth destination port in the response data packet is a randomly generated port and is the same as the third source port of the target data packet. The address information of the response packet includes: a fourth source IP address, a fourth source port, a fourth destination IP address, and a fourth destination port. The source address information of the response data packet before updating is the same as the target address information of the target data packet after updating, and the target address information of the response data packet before updating is the same as the source address information of the target data packet after updating. Specifically, the address information of the response packet includes: the fourth source IP address is a third destination IP address, the fourth source port is a third destination port, the fourth destination IP address is a third source IP address, and the fourth destination port is a third source port. The source address information of the updated response data packet is the same as the target address information of the target data packet before updating, and the target address information of the updated response data packet is the same as the source address information of the target data packet before updating. As in the previous example, the address information of the response packet before updating is: source IP address: x.x.x, source port: 4444. destination IP address: y.y.y.y and destination port: 66666. the updated address information of the response packet is: source IP address: x.x.x, source port: 4444. destination IP address: y.y.y.y and destination port: 33333.

And the external agent module sends the updated response data packet to the internal agent module. Updating the target address information of the response data packet into application address information of a target application based on internal connection through an internal proxy module, and forwarding the updated information to a system application, wherein the updating comprises the following steps: and the internal proxy module is used for updating the destination IP address, the source IP address and the source port of the response data packet transmitted based on the internal connection, updating the destination port of the response data packet transmitted based on the internal connection into application address information of the target application, and forwarding the response data packet after secondary updating to the system application. Wherein, the updating of the destination port of the response packet transmitted based on the internal connection to the application address information of the target application comprises: and updating the destination port of the response data packet to the destination port corresponding to the internal connection through the internal proxy module according to the corresponding relation between the internal connection and the port, wherein the destination port corresponding to the internal connection is the same as the application address information. Wherein the corresponding relationship is based on the corresponding relationship between the source port of the destination packet transmitted by the internal connection and the internal connection. The source port of the destination packet transmitted based on the internal connection is the application address information. Further, the source address information of the destination packet transferred based on the internal connection is the same as the destination address information of the response packet transferred based on the internal connection, and the destination address information of the destination packet transferred based on the internal connection is the same as the source address information of the response packet transferred based on the internal connection, and in addition to updating the destination port of the response packet, it is necessary to modify the destination IP address, the source IP address, and the source port of the response packet based on the internal connection. Specifically, based on the internal connection, the corresponding destination IP address, source IP address, and source port are determined, and the destination IP address, source IP address, and source port of the response packet are updated. Illustratively, the address information of the destination packet transmitted based on the internal connection is: a second source IP address, a second source port, a second destination IP address, and a second destination port. The address information of the response data packet after the second update includes: a fifth source IP address, a fifth source port, a fifth destination IP address, and a fifth destination port. Correspondingly, the fifth source IP address is the second destination IP address, the fifth source port is the second destination port, the fifth destination IP address is the second source IP address, and the fifth destination port is the second source port. The fifth destination port is the second source port, that is, the first source port, that is, the application port in the application address information. As in the previous example, the address information of the response packet after the second update is: source IP address: y.y.y, source port: 33333, destination IP address: x.x.x.x and destination port: 54321.

The system application analyzes the response data packet transmitted based on the internal connection to obtain response packet analysis data, and sends the response packet analysis data to the address conversion module. The address conversion module updates the source address information in the response packet analysis data into the service address information, and the method comprises the following steps: the address translation module determines service address information corresponding to a destination port of the response packet analysis data based on a pre-cached correspondence between the first source port and the first destination port, updates the source address information in the response packet analysis data to the service address information, and exchanges the fifth source IP address with the fifth destination IP address. The corresponding relation between the first source port and the first destination port is based on the corresponding relation between the first source port and the first destination port of the target data packet which is transmitted in the internal connection. A first source port of a destination packet transmitted based on internal connection is application address information, a first destination port is service address information, and a correspondence between the first source port and the first destination port is actually a correspondence between the application address information and the service address information. Therefore, based on the corresponding relationship between the first source port and the first destination port, the service address information can be queried according to the destination address information (namely, the application address information) of the response packet analysis data, and the source address information of the response packet analysis data can be updated, specifically, the service address information can be queried according to the destination port (namely, the application address information) of the response packet analysis data, and the source port of the response packet analysis data can be updated. The updated address information of the response packet parsing data includes: a sixth source IP address, a sixth source port, a sixth destination IP address, and a sixth destination port. The sixth source IP address is a fifth destination IP address, the sixth source port is a service port in the service address information, the sixth destination IP address is the fifth source IP address, and the sixth destination port is the fifth destination port. As in the previous example, the address information of the updated response packet parsing data is: source IP address: x.x.x, source port: 4444, destination IP address: y.y.y.y and destination port: 54321.

The address conversion module sends the updated response packet analysis data to the system application, the system application encapsulates the updated response packet analysis data to form a new response data packet, the system application sends the new response data packet, and the target address information of the new response data packet points to the target application, so that the new response data packet is sent to the target application for processing.

According to the technical scheme of the embodiment of the invention, the configuration agent module comprises the internal agent module and the external agent module, the internal connection is established through the internal agent module to be communicated with the system application, the external connection is established through the external agent module to be communicated with the server, the system application can be used for encapsulating the data packet, a channel for sending the data packet outwards is established, the stable and accurate transmission of the data packet can be realized, meanwhile, the agent address information of the encapsulated target data packet is updated into the target address information through the external agent module and is accurately sent to the server pointed by the target address information, the accurate transmission of the data packet is realized, and the transmission accuracy of the data packet is improved.

EXAMPLE III

Fig. 3 is a flowchart of a data packet sending method according to a third embodiment of the present invention, where the above embodiment is optimized, and before the address translation module obtains data packet analysis data of a target application, the optimization is as follows: receiving data packet analysis data of a target application sent by a virtual network card through an interception detection module, and carrying out interception detection on the data packet analysis data; and sending the data packet analysis data to the address conversion module through an interception detection module under the condition that the interception detection result of the data packet analysis data is determined to be a release result. As shown in fig. 3, the method includes:

S310, receiving data packet analysis data of the target application sent by the virtual network card through the interception detection module, and carrying out interception detection on the data packet analysis data.

The virtual network card is used for guiding the target data packet and forwarding the target data packet to the interception detection module so that the interception detection module can perform interception detection on the target data packet. The interception detection module is used for carrying out interception detection on the target data packet. The interception detection is carried out on the data packet analysis data, which is the same as the interception detection on the target data packet, because the content of the target data packet is the same as the data packet analysis data of the target data packet. The interception detection test actually filters data packets entering and exiting the local device, and the function performed by the interception detection module is the function of a firewall, so that the data security of the local device is improved, and data leakage, tampering attack and the like of the local device are avoided.

S320, sending the data packet analysis data to the address conversion module through the interception detection module under the condition that the interception detection result of the data packet analysis data is determined to be a release result.

The interception detection result is a release result which indicates that the data packet analysis data is non-risk data and can be sent to an external server. In addition, the interception detection result is that the interception result indicates that the data packet analysis data is risk data, and the data packet analysis data cannot be sent to an external server and can be discarded, or the interception result is marked and stored, so that subsequent recovery and abnormal positioning are facilitated. The interception detection may be to detect whether a first destination IP address and a first destination port of the packet analysis data are preset risk address information. A set of risk address information can be preset, wherein risk IP addresses and risk destination ports are prestored, whether a first destination IP address exists in the set of risk address information or not and whether the first destination IP address exists or not and whether the first destination port exists in the set of risk address information are inquired, and if yes, the interception detection result is determined as the interception detection result; and in the absence of the interception detection result, determining the interception detection result as a release result.

S330, acquiring data packet analysis data of the target application through an address conversion module, updating target address information in the data packet analysis data into proxy address information, and sending the proxy address information to the system application.

S340, encapsulating the updated data packet analysis data according to the system protocol information through the system application to form a target data packet, and sending the target data packet to the agent module.

S350, updating the proxy address information in the target data packet into the target address information through the proxy module, and sending the updated target data packet.

Optionally, the system application includes an IOS system application, and the address translation module and the proxy module are network extension plug-ins based on the IOS system.

The data packet sending method provided by the embodiment of the invention is applied to an application scene of an IOS system. The address translation module and the proxy module are network expansion plug-ins based on the IOS system. Illustratively, based on Network Extension of the IOS system, the address translation module and the proxy module are deployed in the IOS system, which can save the cost of deploying an independently running server outside the device, reduce the implementation cost of the packet Extension processing of the IOS system, and improve the efficiency of the Extension processing.

According to the technical scheme of the embodiment of the invention, the implementation cost of sending the data packet after the interception detection can be reduced by applying the method to the application scene of the interception detection of the data packet, and meanwhile, the stability and the safety of data packet transmission can be improved by adopting the native system application to package the data packet, so that the efficiency and the safety of the interception detection can be considered.

Example four

Fig. 4a to fig. 4c are scene diagrams of a data packet sending method according to a fourth embodiment of the present invention. As shown in fig. 4 a-4 b, the method includes:

s401, configuring the flow guiding information through a network expansion plug-in based on the IOS system, and indicating the network data to flow to the virtual network card.

The data packet sending method is applied to an electronic device of an IOS (operation operating system), the IOS comprises an application layer and a plug-in layer, and firewall applications, specifically, an interception detection configuration information acquisition module 421 and a plug-in control module 422 are configured on the application layer. The interception detection configuration information obtaining module 421 is configured to configure the interception detection configuration information, for example, obtain an interception rule input by a user, generate interception detection information, and store the interception detection information. The plug-in control module 422 is used to manage and control the plug-ins. And at the plug-in layer, a firewall plug-in is configured, and specifically, the plug-in is generated based on a network extension plug-in. Among other things, the firewall plug-in includes a plug-in configuration module 423, an address translation module 424, an intercept detection module 425, and an agent module 426. The plug-in configuration module 423 is used to configure the plug-ins, for example, to configure configuration information of each plug-in. The address translation module 424 is used for address translation. The interception detection module 425 is configured to perform interception detection on the packet analysis data based on the interception detection configuration information. The proxy module 426 is used for internal and external transport of data packets.

S402, configuration interception detection configuration information is configured.

Such as configuring a risk IP address and a risk port.

S403, starting an interception detection module, an address translation module and an agent module, wherein the agent module comprises an internal agent module and an external agent module.

The proxy module is a proxy module of a TCP or UDP protocol. The monitoring IP address of the agent module can be Y.Y.Y.Y.Y, and the monitoring ports are divided into a TCP monitoring port and a UDP monitoring port. The TCP listening port is 22222, and the UDP listening port is 33333.

S404, according to the drainage information, a target data packet sent by the target application is drained to the virtual network card, and the virtual network card sends the target data packet to the system application.

And the user inputs the access operation of the server through the target application, and the target application generates a target data packet of the target application according to the access operation. At this time, the source address information of the target data packet is: 54321, and the target address information is: X.X.X.X.X 4444. Presetting the address information of a target data packet as follows: a first source IP address, a first source port, a first destination IP address, and a first destination port. At this time, the first source IP address and the first source port of the destination packet are application address information of the destination application, and the first destination IP address and the first destination port of the destination packet are service address information of the server.

And S405, the system analyzes the application to obtain data packet analysis data and sends the data packet analysis data to the interception detection module.

S406, the interception detection module receives the data packet analysis data of the target data packet and carries out interception detection according to the interception detection configuration information.

S407, detecting whether the interception detection result is a release result, and if so, executing S408; otherwise, S409 is performed.

S408, the interception detection module sends the data packet analysis data to the address conversion module, and S410 is executed.

S409, discard the packet analysis data of the target packet.

S410, the address conversion module obtains data packet analysis data of the target application, updates target address information in the data packet analysis data into proxy address information, and sends the proxy address information to the virtual network card, and the virtual network card sends the proxy address information to the system application.

The address conversion module exchanges the first source IP address and the first destination IP address, and the destination address information is updated to the proxy address information, specifically, the first destination port is modified to the monitoring port of the proxy module. Meanwhile, a corresponding relation between the first source port and the first destination port, namely a corresponding relation between the cache service address information and the application address information, is established and cached. The address information of the data packet analysis data before updating is the same as the address information of the target data packet, and the address information of the data packet analysis data after updating is a second source IP address, a second source port, a second destination IP address and a second destination port. The second source IP address is a first destination IP address, the second source port is a first source port, the second destination IP address is a first source IP address, and the second destination port is a monitoring port of the proxy module. As in the previous example, the snoop port is a UDP snoop port, and the updated packet analysis data includes source address information: x.x.x: 54321. destination address information: y.y.y: 33333.

S411, the system application encapsulates the data packet analysis data according to the system protocol information to form a new target data packet, and sends the new target data packet to the internal proxy module based on the internal connection.

S412, the internal agent module sends the new target data packet to the external agent module.

The internal proxy module establishes a corresponding relationship between the internal connection and the address information of the updated data packet analysis data, specifically including a corresponding relationship between the internal connection and a second source IP address, a second source port, a second destination IP address and a second destination port.

S413, the external agent module updates the agent address information in the new destination packet to the destination address information.

The external agent module obtains a pre-stored corresponding relationship between the first source port and the first destination port through the address translation module, queries a port corresponding to the second source port, and updates the second destination port, that is, updates the agent address information to the target address information, specifically, a port corresponding to the second source port. Meanwhile, the external agent module exchanges the second source IP address with the second destination IP address to form an updated target data packet. As before, the source address information of the updated destination packet is: y.y.y: 54321. destination address information: x.x.x: 4444. and the updated address information of the target data packet is the same as that of the target data packet sent by the target application. That is, after a series of operations, the address information of the destination packet is restored to the original state.

And S414, the external agent module sends the updated target data packet to the server pointed by the target address information based on external connection.

The external proxy module further randomly updates the source port of the updated target packet when sending the updated target packet through the external connection. The external agent module caches the relationship between the external connection and the port. The address information of the target data packet after the second update is as follows: a third source IP address, a third source port, a third destination IP address, and a third destination port. The third source IP address is the first source IP address, the third source port is a port randomly generated by the operating system, the third destination IP address is the first destination address, and the third destination port is the first destination port. As before, the destination address information of the destination data packet after the second update is: source address information: y.y.y: 66666. destination address information: x.x.x: 4444.

and after the updated target data packet is sent, the server receives and processes the target data packet, generates a response data packet related to the target data packet and sends the response data packet to the external agent module.

The address information of the response packet is: a fourth source IP address, a fourth source port, a fourth destination IP address, and a fourth destination port. The fourth source IP address is a first destination IP address, the fourth source port is a first destination port, the fourth destination IP address is a first source IP address, and the fourth destination port is a port randomly generated by the operating system. As before, the address information of the response packet is: source IP address information: x.x.x: 4444. destination address information: y.y.y: 66666.

The external agent module receives a response data packet associated with the target data packet and forwards the response data packet to the internal agent module.

Based on the external connection, the external agent module updates the fourth destination port in the response packet to the destination port corresponding to the external connection, that is, the second destination port, that is, the monitoring port of the agent module, according to the corresponding relationship between the external connection and the port. As in the previous example, the updated address information of the response packet is: source IP address information: x.x.x: 4444. destination address information: y.y.y: 33333.

and the internal agent module updates the target address information of the response data packet into the application address information of the target application and sends the application address information to the system application.

Based on the internal connection, the internal proxy module updates the destination IP address, the source IP address and the source port of the response data packet transmitted based on the internal connection, updates the destination port of the response data packet transmitted based on the internal connection into the application address information of the target application, and forwards the response data packet after secondary updating to the system application. The address information of the response data packet after the second update includes: a fifth source IP address, a fifth source port, a fifth destination IP address, and a fifth destination port. Correspondingly, the fifth source IP address is the second destination IP address, the fifth source port is the second destination port, the fifth destination IP address is the second source IP address, and the fifth destination port is the second source port. The fifth destination port is the second source port, that is, the first source port, that is, the application port in the application address information. As in the previous example, the address information of the response packet after the second update is: source IP address information: y.y.y: 33333, destination address information: x.x.x: 54321.

The system application analyzes the response data packet according to the system protocol information to obtain response packet analysis data, and sends the response packet analysis data to the address conversion module.

The address conversion module acquires the response packet analysis data, updates the source address information of the response data packet into service address information, and sends the updated response packet analysis data to the virtual network card.

The address translation module determines service address information corresponding to a destination port of the response packet analysis data based on a pre-cached corresponding relationship between the first source port and the first destination port, and updates the source address information in the response packet analysis data into the service address information. The correspondence between the first source port and the first destination port is actually a correspondence between application address information and service address information. Therefore, based on the corresponding relationship between the first source port and the first destination port, the service address information may be queried according to the destination address information (i.e., the application address information) of the response packet analysis data, and the source address information of the response packet analysis data may be updated, specifically, the service address information may be queried according to the destination port (i.e., the application address information) of the response packet analysis data, and the source port of the response packet analysis data may be updated. The address information of the response packet analysis data before updating is the same as the address information of the response packet after the second updating. The updated address information of the response packet parsing data includes: a sixth source IP address, a sixth source port, a sixth destination IP address, and a sixth destination port. The sixth source IP address is a fifth destination IP address, the sixth source port is a service port in the service address information, the sixth destination IP address is the fifth source IP address, and the sixth destination port is the fifth destination port. As in the previous example, the address information of the updated response packet parsing data is: source IP address information: x.x.x: 4444, destination address information: y.y.y: 54321.

And forwarding the virtual network card to the system application, and packaging the updated response packet analysis data by the system application and sending the response packet analysis data to the target application. The target application receives the response packet and processes it, for example, displays the content associated with the response packet in a browser.

The embodiment of the invention is based on a network extension framework provided by an IOS system, the data packet transmitted by a network is guided to an interception detection module, interception detection can be carried out without root, and the data packet of the IOS system can be guided and intercepted.

EXAMPLE five

Fig. 5 is a schematic structural diagram of a data packet sending apparatus according to a fifth embodiment of the present invention. As shown in fig. 5, the apparatus includes: an address translation module 501, a system application 502, and a proxy module 503.

The address conversion module 501 is configured to obtain packet analysis data of a target application, update target address information in the packet analysis data to proxy address information, and send the proxy address information to a system application;

the system application 502 is configured to encapsulate the updated data packet analysis data according to system protocol information to form a target data packet, and send the target data packet to the proxy module;

the proxy module 503 is configured to update the proxy address information in the target data packet to the target address information, and send the updated target data packet.

Further, the agent module 503 includes an internal agent module and an external agent module, and the system application 502 is configured to send the target data packet to the internal agent module based on the internal connection; the internal agent module is used for sending the target data packet to the external agent module; the external agent module is used for updating the agent address information in the target data packet into target address information; and the external agent module is used for sending the updated target data packet to the server pointed by the target address information based on external connection.

Further, the packet transmission apparatus further includes: the interception detection module is used for receiving the data packet analysis data of the target application sent by the virtual network card and carrying out interception detection on the data packet analysis data before the data packet analysis data of the target application is acquired through the address conversion module; and under the condition that the interception detection result of the data packet analysis data is determined to be a release result, sending the data packet analysis data to the address conversion module.

Further, the agent module 503 is configured to receive a response packet associated with the target packet after sending the updated target packet, update the target address information of the response packet to the application address information of the target application, and send the updated application address information to the system application; the system application 502 is configured to analyze the updated response packet according to the system protocol information to obtain response packet analysis data, and send the response packet analysis data to the address translation module; the address conversion module 501 is configured to obtain response packet analysis data, update the source address information of the response packet to service address information, and send the updated response packet analysis data.

Further, the address translation module 501 is configured to parse data in the updated response packet, and send the parsed data to the system application; and the system application 502 is configured to encapsulate the updated response packet analysis data and send the encapsulated response packet analysis data to the target application.

Furthermore, the system application comprises an IOS system application, and the address translation module and the proxy module are network extension plug-ins based on the IOS system.

The data packet sending device provided by the embodiment of the invention can execute the data packet sending method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.

EXAMPLE six

FIG. 6 illustrates a schematic structural diagram of an electronic device 10 that may be used to implement an embodiment of the present invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.

As shown in fig. 6, the electronic device 10 includes at least one processor 11, and a memory communicatively connected to the at least one processor 11, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 11 can perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from a storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data necessary for the operation of the electronic apparatus 10 may also be stored. The processor 11, the ROM 12, and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to the bus 14.

A number of components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, or the like; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.

The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. The processor 11 performs the various methods and processes described above, such as the packet transmission method.

In some embodiments, the packet transmission method may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into the RAM 13 and executed by the processor 11, one or more steps of the above described data packet transmission method may be performed. Alternatively, in other embodiments, the processor 11 may be configured to perform the packet sending method by any other suitable means (e.g. by means of firmware).

Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.

Computer programs for implementing the methods of the present invention can be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.

In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), blockchain networks, and the Internet.

The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.

It should be understood that various forms of the flows shown above, reordering, adding or deleting steps, may be used. For example, the steps described in the present invention may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the desired result of the technical solution of the present invention can be achieved.

The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims

1. A method for transmitting a data packet, comprising:

receiving data packet analysis data of a target application sent by a system application through an interception detection module, and performing interception detection on the data packet analysis data, wherein the data packet analysis data is obtained by analyzing a target data packet of the target application sent by the system application to a virtual network card;

the method comprises the steps that through an interception detection module, under the condition that the interception detection result of data packet analysis data is determined to be a release result, the data packet analysis data are sent to an address conversion module;

Acquiring data packet analysis data of a target application through an address conversion module, updating target address information in the data packet analysis data into proxy address information, sending the proxy address information to the virtual network card, and forwarding the proxy address information to the system application;

packaging the updated data packet analysis data according to system protocol information through the system application to form a target data packet, and sending the target data packet to the agent module;

2. The method of claim 1, wherein sending to the agent module comprises:

sending, by the system application, the target data packet to an internal proxy module based on the internal connection, the proxy module including an internal proxy module and an external proxy module;

sending the target data packet to the external agent module through the internal agent module;

the updating, by the proxy module, the proxy address information in the target data packet to the target address information, and sending the updated target data packet includes:

Updating the proxy address information in the target data packet to the target address information through the external proxy module;

and sending the updated target data packet to a server pointed by the target address information through the external agent module based on external connection.

3. The method of claim 1, further comprising, after sending the updated target packet:

receiving, by the proxy module, a response packet associated with the target packet, updating target address information of the response packet to application address information of the target application, and sending the response packet to the system application;

analyzing the updated response data packet according to the system protocol information through the system application to obtain response packet analysis data, and sending the response packet analysis data to the address conversion module;

and acquiring the response packet analysis data through the address conversion module, updating the source address information of the response data packet into service address information, and sending the updated response packet analysis data.

4. The method of claim 1, wherein sending updated response packet parsing data comprises:

The updated response packet analysis data is sent to the system application through the address conversion module;

and encapsulating the updated response packet analysis data through the system application, and sending the encapsulated response packet analysis data to the target application.

5. The method of claim 1, wherein the system application comprises an IOS system application, and wherein the address translation module and the proxy module are IOS system-based network extension plug-ins.

6. A packet transmission apparatus, comprising:

the system comprises an interception detection module, a virtual network card and a virtual network card, wherein the interception detection module is used for receiving data packet analysis data of a target application sent by a system application and carrying out interception detection on the data packet analysis data, and the data packet analysis data is obtained by analyzing the target data packet of the target application sent by the system application to the virtual network card; under the condition that the interception detection result of the data packet analysis data is determined to be a release result, sending the data packet analysis data to an address conversion module;

the address conversion module is used for acquiring data packet analysis data of a target application, updating target address information in the data packet analysis data into proxy address information, sending the proxy address information to the virtual network card and forwarding the proxy address information to the system application;

7. An electronic device, characterized in that the electronic device comprises:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein, the first and the second end of the pipe are connected with each other,

the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the method of transmitting data packets according to any of claims 1-5.

8. A computer-readable storage medium storing computer instructions for causing a processor to implement the method of any one of claims 1-5 when executed.