CN114422239B - Communication method and device based on dynamic port technology - Google Patents
Communication method and device based on dynamic port technology Download PDFInfo
- Publication number
- CN114422239B CN114422239B CN202210056908.9A CN202210056908A CN114422239B CN 114422239 B CN114422239 B CN 114422239B CN 202210056908 A CN202210056908 A CN 202210056908A CN 114422239 B CN114422239 B CN 114422239B
- Authority
- CN
- China
- Prior art keywords
- dynamic port
- session
- opc
- dynamic
- session request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000004891 communication Methods 0.000 title claims abstract description 40
- 238000005516 engineering process Methods 0.000 title claims abstract description 22
- 230000006870 function Effects 0.000 claims description 34
- 238000004590 computer program Methods 0.000 claims description 11
- 230000000977 initiatory effect Effects 0.000 claims description 4
- 239000003999 initiator Substances 0.000 claims description 2
- 230000002035 prolonged effect Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 8
- 230000003287 optical effect Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000006378 damage Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000000149 penetrating effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the application provides a communication method and device based on a dynamic port technology. Judging whether a session request received by a TCP-135 port comprises OPC dynamic port information or not; if yes, acquiring OPC dynamic port information in the session request; creating a dynamic port session according to the OPC dynamic port information; binding a preset delay function to the dynamic port session, and determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function. In this way, the firewall can perform port-level access control on the OPC protocol, and can also determine the idle delay time of the dynamic port session according to the destination IP address of the session request and the operation content of the session request, and when the operation content of the session request is special, the idle delay time of the dynamic port session can be prolonged, so that the reliability of the OPC protocol in passing through the firewall communication is improved.
Description
Technical Field
The present application relates to the field of computer technology, and more particularly, to a communication method and apparatus based on a dynamic port technology.
Background
Industrial firewalls are increasingly introduced in industrial systems to ensure industrial network security. Firewalls are typically required to configure port-level access control policies to secure basic communications. The OPC industry protocol adopts a dynamic port, negotiates the communication interface of the subsequent service through the TCP135 port, and the negotiated communication interface is random, so the firewall cannot realize access control to the OPC protocol through a simple configuration port policy, and the communication of the OPC protocol must be realized by using a dynamic port technology.
Most industrial firewalls are state-based firewalls at present, the state firewall can maintain a session state for each communication connection, each session state has a preset idle time, after the session is idle (no data interaction between two parties) for a certain time, the state firewall can automatically destroy the session, and the subsequent network messages belonging to the session cannot pass through the firewall. For the OPC protocol, for example, a write operation may be idle for a long time after a write operation, and after the idle time exceeds a preset idle time, the state firewall destroys the session, so that the subsequent write operation cannot be performed, thereby affecting the normal service.
Disclosure of Invention
According to an embodiment of the application, a communication scheme based on a dynamic port technology is provided.
In a first aspect of the present application, a communication method based on a dynamic port technique is provided. The method comprises the following steps:
Judging whether the session request received by the TCP-135 port comprises OPC dynamic port information or not;
if yes, acquiring OPC dynamic port information in the session request;
Creating a dynamic port session according to the OPC dynamic port information;
Binding a preset delay function to the dynamic port session, and determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function.
In one possible implementation, the dynamic port information includes a destination IP address and a destination TCP port number of the session request.
In one possible implementation manner, the determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function includes:
And determining the idle delay time length of the dynamic port session according to the IP address of the session request initiating terminal and a preset hash table.
In one possible implementation manner, after determining the idle delay time of the dynamic port session according to the IP address of the session request initiator and a preset hash table, the method further includes:
Creating ctnl _timeout structure, binding the ctnl _timeout structure and the dynamic port session, wherein the ctnl _timeout structure is used for setting idle delay time.
In one possible implementation, before the determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function, the method further includes:
Extracting a data message in the session request;
judging whether the data message is a writing operation or not;
if yes, determining the idle delay time length of the dynamic port session according to the OPC dynamic port information and the delay function.
In one possible implementation manner, after determining whether the data packet is a write operation, the method further includes:
and if not, releasing the session request.
In one possible implementation manner, after the determining whether the session request received by the TCP-135 port includes OPC dynamic port information, the method further includes:
and if not, releasing the session request.
In a second aspect of the present application, a communication device based on dynamic port technology is provided. The device comprises:
The first judging unit is used for judging whether the session request received by the TCP-135 port comprises OPC dynamic port information or not;
The acquisition unit is used for acquiring the OPC dynamic port information in the session request when the session request comprises the OPC dynamic port information;
the creation unit is used for creating a dynamic port session according to the OPC dynamic port information;
The binding unit is used for binding a preset delay function to the dynamic port session, and determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function.
In a third aspect of the application, an electronic device is provided. The electronic device includes: a memory and a processor, the memory having stored thereon a computer program, the processor implementing the method as described above when executing the program.
In a fourth aspect of the application, there is provided a computer readable storage medium having stored thereon a computer program which when executed by a processor implements a method as according to the first aspect of the application.
According to the communication method based on the dynamic port technology, after the session request of the TCP-135 port is received, the dynamic port information can be analyzed according to the OPC protocol, and the dynamic port session is created, so that the firewall can perform port-level access control on the OPC protocol, the idle delay time of the dynamic port session can be determined according to the destination IP address of the session request and the operation content of the session request, when the operation content of the session request is special operation, such as writing operation, the idle delay time of the dynamic port session can be prolonged, the dynamic port session can not be automatically destroyed when the interval time of the two writing operations is long, and the communication reliability of the OPC protocol penetrating through the firewall is improved.
It should be understood that the description in this summary is not intended to limit the critical or essential features of the embodiments of the application, nor is it intended to limit the scope of the application. Other features of the present application will become apparent from the description that follows.
Drawings
The above and other features, advantages and aspects of embodiments of the present application will become more apparent by reference to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, wherein like or similar reference numerals denote like or similar elements, in which:
FIG. 1 illustrates a flow chart of a method of communication based on dynamic port technology, in accordance with an embodiment of the present application;
FIG. 2 illustrates a block diagram of a communication device based on dynamic port technology, in accordance with an embodiment of the present application;
fig. 3 shows a schematic diagram of a structure of a terminal device or server suitable for implementing an embodiment of the application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
All terms (including technical or scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs, unless specifically defined otherwise. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
Techniques, methods, and apparatus known to one of ordinary skill in the relevant art may not be discussed in detail, but are intended to be part of the specification where appropriate.
Industrial firewalls are increasingly introduced in industrial systems to ensure industrial network security. Firewalls are typically required to configure port-level access control policies to secure basic communications. The OPC industry protocol adopts a dynamic port, negotiates the communication interface of the subsequent service through the TCP135 port, and the negotiated communication interface is random, so the firewall cannot realize access control to the OPC protocol through a simple configuration port policy, and the communication of the OPC protocol must be realized by using a dynamic port technology.
Most industrial firewalls are state-based firewalls at present, the state firewall can maintain a session state for each communication connection, each session state has a preset idle time, after the session is idle (no data interaction between two parties) for a certain time, the state firewall can automatically destroy the session, and the subsequent network messages belonging to the session cannot pass through the firewall. For the OPC protocol, for example, a write operation may be idle for a long time after a write operation, and after the idle time exceeds a preset idle time, the state firewall destroys the session, so that the subsequent write operation cannot be performed, thereby affecting the normal service.
The application discloses a communication method based on dynamic port technology, which comprises the steps of judging whether a session request received by a TCP-135 port comprises OPC dynamic port information or not; if yes, acquiring OPC dynamic port information in the session request, wherein the OPC dynamic information comprises a destination IP address and a destination TCP port number of the session request; and then creating a dynamic port session according to the OPC dynamic port information, binding a preset delay function to the dynamic port session, and determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function. The application can determine the idle delay time of the dynamic port session according to the destination IP address of the session request and the operation content of the session request, and can prolong the idle delay time of the dynamic port session when the operation content of the session request is special operation, such as writing operation, so that the dynamic port session can not be automatically destroyed when the interval time of the two writing operations is longer, and the reliability of the OPC protocol passing through the firewall communication is improved.
Fig. 1 shows a flow chart of a communication method based on a dynamic port technique according to an embodiment of the application. The method may be performed by an electronic device, the method comprising:
Step S100, judging whether the session request received by the TCP-135 port comprises OPC dynamic port information.
The application can be based on a linux kernel netfilter framework, and can realize the functions of an OPC dynamic port and a delay function in a kernel module mode. The OPC dynamic port kernel module is bound to the TCP-135 port through a netfilter dynamic port registration mechanism.
After the system is started, an OPC dynamic port kernel module is automatically loaded, and the OPC dynamic port kernel module and a TCP-135 port are bound. And then configuring a release strategy of the firewall, wherein the release strategy can be that only a TCP-135 port is configured to release, and the rest ports are blocked.
After the TCP-135 port receives the session request, the OPC protocol may be first determined, then it is determined whether the session request includes OPC dynamic port information, and if not, the session request is released. If yes, go to step S200.
Step 200, acquiring OPC dynamic port information in the session request.
Step S300, creating a dynamic port session according to the OPC dynamic port information;
step 400, binding a preset delay function to the dynamic port session, and determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function.
In the embodiment of the present application, the OPC dynamic port information includes a destination IP address and a destination TCP port number of a session request, and the manner of creating a dynamic port session according to the OPC dynamic port information may be through an OPC dynamic port kernel module API: the nf_ct_expect_alloc creates a kernel data structure nf_conntrack_expect of the dynamic port session, and then assigns a delay function to a helper field in nf_conntrack_expect to realize dynamic binding of the delay function and the dynamic port session. Finally, through an OPC dynamic port kernel module API: nf_ct_expect_related registers the dynamic port session data nf_conntrack_expect to the OPC dynamic port kernel module.
After the time delay function and the dynamic port session are bound, extracting a data message in the session request, determining an OPC service operation contained in the data message, matching the OPC service operation with the OPC service operation in a database, and releasing the session request if the matching fails; if the matching is successful, the destination IP address of the session request is used as a key, the idle delay time matched with the IP address is inquired in a hash table, and the idle delay time is bound with the current dynamic port session. Specifically, a ctnl _timeout structure may be created, and the ctnl _timeout structure and the current dynamic port session are bound, where the ctnl _timeout structure can set an idle delay time, and of course, the idle delay time needs to be set according to a result queried from the hash table.
The hash table may be an OPC host-idle delay time length comparison table, and the correspondence between the OPC host and the idle delay time length may be set by a person skilled in the art according to experience, or may be calculated according to big data, which is not limited herein. The idle time delay time is longer than the idle time of a general dynamic port so as to meet the stable communication of some special OPC service operations.
According to the communication method based on the dynamic port technology, the port level access control can be carried out on the OPC protocol by analyzing the OPC port information and creating the dynamic port session, and meanwhile, the idle time delay setting is carried out on specific OPC service operation, so that the condition that the specific OPC service operation is influenced due to the automatic destruction of the dynamic port session is reduced, and the reliability of the OPC protocol in firewall crossing communication is improved.
It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present application is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are alternative embodiments, and that the acts and modules referred to are not necessarily required for the present application.
The above description of the method embodiments further describes the solution of the present application by means of device embodiments.
Fig. 2 shows a block diagram of a communication device based on dynamic port technology according to an embodiment of the application. The device comprises:
A first judging unit 201, configured to judge whether a session request received by a TCP-135 port includes OPC dynamic port information;
An obtaining unit 202, configured to obtain OPC dynamic port information in the session request when the session request includes OPC dynamic port information;
A creating unit 203, configured to create a dynamic port session according to the OPC dynamic port information;
And a binding unit 204, configured to bind a preset delay function to the dynamic port session, and determine an idle delay duration of the dynamic port session according to the OPC dynamic port information and the delay function.
In one possible implementation, the dynamic port information includes a destination IP address and a destination TCP port number of the session request.
In one possible implementation, determining the idle delay duration of the dynamic port session according to the OPC dynamic port information and the delay function includes:
And determining the idle delay time length of the dynamic port session according to the IP address of the session request initiating terminal and a preset hash table.
In one possible implementation, the method further includes a setting unit:
The setting unit is used for creating ctnl _timeout structure and binding the ctnl _timeout structure and the dynamic port session, and the ctnl _timeout structure is used for setting idle delay time.
In one possible implementation, the method further includes:
The extracting unit is used for extracting the data message in the session request before the idle delay time length of the dynamic port session is determined according to the OPC dynamic port information and the delay function;
The second judging unit is used for judging whether the data message is a writing operation or not;
And the binding unit is used for determining the idle delay time length of the dynamic port session according to the OPC dynamic port information and the delay function when the data message is judged to be the writing operation.
In a possible implementation manner, the method further includes a releasing unit, configured to release the session request after the data packet is a non-write operation.
And the method is also used for releasing the session request when the session request received by the TCP-135 port does not comprise OPC dynamic port information.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the described modules may refer to corresponding procedures in the foregoing method embodiments, which are not described herein again.
Fig. 3 shows a schematic diagram of an electronic device suitable for implementing an embodiment of the application.
As shown in fig. 3, the electronic device includes a Central Processing Unit (CPU) 301 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 302 or a program loaded from a storage section 308 into a Random Access Memory (RAM) 303. In the RAM 303, various programs and data required for the operation of the system 300 are also stored. The CPU 301, ROM 302, and RAM 303 are connected to each other through a bus 304. An input/output (I/O) interface 305 is also connected to bus 304.
The following components are connected to the I/O interface 305: an input section 306 including a keyboard, a mouse, and the like; an output portion 307 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, a speaker, and the like; a storage section 308 including a hard disk or the like; and a communication section 309 including a network interface card such as a LAN card, a modem, or the like. The communication section 309 performs communication processing via a network such as the internet. The drive 310 is also connected to the I/O interface 305 as needed. A removable medium 311 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed on the drive 310 as needed, so that a computer program read therefrom is installed into the storage section 308 as needed.
In particular, the process described above with reference to flowchart fig. 1 may be implemented as a computer software program according to an embodiment of the application. For example, embodiments of the application include a computer program product comprising a computer program embodied on a machine-readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 309, and/or installed from the removable medium 311. The above-described functions defined in the system of the present application are performed when the computer program is executed by a Central Processing Unit (CPU) 301.
The computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present application, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules involved in the embodiments of the present application may be implemented in software or in hardware. The described units or modules may also be provided in a processor, for example, as: a processor includes an acquisition unit, a creation unit, and a binding unit. The names of these units or modules do not in some way limit the unit or module itself, for example, the obtaining unit may also be described as "a unit for obtaining OPC dynamic port information in the session request when the session request includes OPC dynamic port information".
As another aspect, the present application also provides a computer-readable storage medium that may be contained in the electronic device described in the above embodiment; or may be present alone without being incorporated into the electronic device. The computer-readable storage medium stores one or more programs that when executed by one or more processors perform a dynamic port technology-based communication method described in the present application.
The above description is only illustrative of the preferred embodiments of the present application and of the principles of the technology employed. It will be appreciated by persons skilled in the art that the scope of the application is not limited to the specific combinations of the features described above, but also covers other embodiments which may be formed by any combination of the features described above or their equivalents without departing from the spirit of the application. Such as the above-mentioned features and the technical features having similar functions (but not limited to) applied for in the present application are replaced with each other.
Claims (9)
1. A communication method based on dynamic port technology, comprising:
Judging whether the session request received by the TCP-135 port comprises OPC dynamic port information or not;
if yes, acquiring OPC dynamic port information in the session request;
Creating a dynamic port session according to the OPC dynamic port information;
Binding a preset delay function to the dynamic port session, determining the idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function,
The determining the idle delay time length of the dynamic port session according to the OPC dynamic port information and the delay function comprises:
And determining the idle delay time length of the dynamic port session according to the IP address of the session request initiating terminal and a preset hash table.
2. The communication method based on dynamic port technology according to claim 1, wherein the dynamic port information includes a destination IP address and a destination TCP port number of the session request.
3. The communication method based on the dynamic port technology according to claim 1, further comprising, after determining the idle delay time of the dynamic port session according to the IP address of the session request initiator and a preset hash table:
Creating ctnl _timeout structure, binding the ctnl _timeout structure and the dynamic port session, wherein the ctnl _timeout structure is used for setting idle delay time.
4. The method of claim 1, further comprising, prior to said determining an idle delay time for said dynamic port session based on said OPC dynamic port information and said delay function:
Extracting a data message in the session request;
judging whether the data message is a writing operation or not;
if yes, determining the idle delay time length of the dynamic port session according to the OPC dynamic port information and the delay function.
5. The communication method based on the dynamic port technology according to claim 4, further comprising, after determining whether the data packet is a write operation:
and if not, releasing the session request.
6. The communication method according to claim 1, further comprising, after said determining whether the session request received by the TCP-135 port includes OPC dynamic port information:
and if not, releasing the session request.
7. A communications apparatus based on dynamic port technology, comprising:
A first judging unit (201) for judging whether the session request received by the TCP-135 port includes OPC dynamic port information;
An obtaining unit (202) configured to obtain OPC dynamic port information in the session request when the session request includes OPC dynamic port information;
A creating unit (203) configured to create a dynamic port session according to the OPC dynamic port information;
a binding unit (204) for binding a preset delay function to the dynamic port session, determining an idle delay time of the dynamic port session according to the OPC dynamic port information and the delay function,
The determining the idle delay time length of the dynamic port session according to the OPC dynamic port information and the delay function comprises:
And determining the idle delay time length of the dynamic port session according to the IP address of the session request initiating terminal and a preset hash table.
8. An electronic device comprising a memory and a processor, the memory having stored thereon a computer program, wherein the processor, when executing the program, implements the method of any of claims 1-6.
9. A computer readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210056908.9A CN114422239B (en) | 2022-01-18 | 2022-01-18 | Communication method and device based on dynamic port technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210056908.9A CN114422239B (en) | 2022-01-18 | 2022-01-18 | Communication method and device based on dynamic port technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114422239A CN114422239A (en) | 2022-04-29 |
| CN114422239B true CN114422239B (en) | 2024-08-27 |
Family
ID=81272892
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210056908.9A Active CN114422239B (en) | 2022-01-18 | 2022-01-18 | Communication method and device based on dynamic port technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114422239B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115242897B (en) * | 2022-09-23 | 2023-01-06 | 北京六方云信息技术有限公司 | Device communication method, device, terminal device and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109639701A (en) * | 2018-12-25 | 2019-04-16 | 杭州迪普科技股份有限公司 | Access control method, device, equipment and storage medium based on OPC agreement |
| CN113468168A (en) * | 2021-05-27 | 2021-10-01 | 中国特种设备检测研究院 | Hoisting machinery multi-source heterogeneous data high-speed acquisition and processing soft control method |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050010925A1 (en) * | 2003-07-10 | 2005-01-13 | Charbel Khawand | Interprocessor communication protocol with smart streaming port |
-
2022
- 2022-01-18 CN CN202210056908.9A patent/CN114422239B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109639701A (en) * | 2018-12-25 | 2019-04-16 | 杭州迪普科技股份有限公司 | Access control method, device, equipment and storage medium based on OPC agreement |
| CN113468168A (en) * | 2021-05-27 | 2021-10-01 | 中国特种设备检测研究院 | Hoisting machinery multi-source heterogeneous data high-speed acquisition and processing soft control method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114422239A (en) | 2022-04-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7743160B2 (en) | System and method of delaying connection acceptance to support connection request processing at layer-7 | |
| US11115481B2 (en) | Transmission control of protocol state exchange for dynamic stateful service insertion | |
| US7974286B2 (en) | Reduced redundant security screening | |
| CN110580244A (en) | file processing method and device, server and storage medium | |
| US7640346B2 (en) | Dispatching network connections in user-mode | |
| KR20010030638A (en) | Method and system for the identification and the suppression of executable objects | |
| CN114422239B (en) | Communication method and device based on dynamic port technology | |
| US7248563B2 (en) | Method, system, and computer program product for restricting access to a network using a network communications device | |
| CN114124929A (en) | Cross-network data processing method and device | |
| US8416754B2 (en) | Network location based processing of data communication connection requests | |
| US20080222292A1 (en) | Method for Allowing Multiple Authorized Applicants to Share the Same Port | |
| CN110933171A (en) | Server asynchronous communication method, device, equipment and computer storage medium | |
| US11088974B2 (en) | Cross-platform messaging system | |
| CN114938288B (en) | Data access method, device, equipment and storage medium | |
| CN111478888B (en) | Bypass blocking method, device and storage medium | |
| CN115297164A (en) | Network proxy method, device, electronic equipment and computer readable storage medium | |
| US7788724B2 (en) | System and method for detecting malicious applications | |
| CN113691458A (en) | Network packet processing method and device, electronic equipment and storage medium | |
| US7930742B2 (en) | Multiple-level data processing system | |
| US11070615B2 (en) | Method, device and computer program product for transaction negotiation | |
| CN110134419B (en) | System upgrading method, device, equipment and storage medium for double-sided cabinet | |
| CN114745185B (en) | Cluster access method and device | |
| CN113946376B (en) | Load adjustment method and device, electronic equipment and storage medium | |
| CN112181930B (en) | File management method and device for virtual switching matrix | |
| US7856573B2 (en) | WPAR halted attack introspection stack execution detection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |