CN1545254A - A method of fast data packet filtering - Google Patents
A method of fast data packet filtering Download PDFInfo
- Publication number
- CN1545254A CN1545254A CNA2003101136015A CN200310113601A CN1545254A CN 1545254 A CN1545254 A CN 1545254A CN A2003101136015 A CNA2003101136015 A CN A2003101136015A CN 200310113601 A CN200310113601 A CN 200310113601A CN 1545254 A CN1545254 A CN 1545254A
- Authority
- CN
- China
- Prior art keywords
- rule
- information
- field
- eqid
- interval
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a fast data package filtering method, including the processing courses: preprocessing all the filtering rules and generating the index tables at all stages; according to a determined recurrence table-look-up route, making operations of inquiry and aggregation on the index tables at all stages to obtain the final data processing mode information, completing classifying data packages. It can meet the filter processing requirement of line speed packages on high-speed routers. When the number of filtering rules increases, it is obviously prior to a linear table-look-up mode, the larger the number is, the more obvious the advantage is; the filter matching time is constant when transmitting packages, and the delay time is short without stability and reliability of the network. It can be applied to firewall, network access server, four-layer exchanger, and other applications in need of fast filtering packages.
Description
Technical field
The present invention relates to a kind of Fast IP packet filter method that adapts to big regular collection, multiword section, the computer communication and the high-speed Internet that relate in particular to communication field are used.
Background technology
Current internet provides a kind of " doing one's best " and transmits service, and internet in the future will provide various value-added services for the user.These business comprise Differentiated Services, accurate QoS service, QoS route, tactful route, VPN, distributed fire wall, IP security gateway, the charging based on flow, NAT, four layers of exchange etc.One of key technology that all these value-added services realize is Fast Packet Classification/filtration---determine that based on one or more fields in the IP packet header which stream bag belongs to and take Different Strategies to handle.Usually comprise many filtering rules in the filter, the header field that can be used for packet filtering comprises source/purpose IP address, protocol type, source/three, four layers of information of destination slogan grade in an imperial examination, even can also utilize application layer message.Along with transmission link bandwidth is advanced by leaps and bounds, network bottleneck focuses on the backbone network processing node---on the line-speed router, to realize not only on high speed router that thus the linear speed route querying also will realize the linear speed packet filtering.Relatively the linear speed routing forwarding only need be checked field in purpose IP address in the IP packet header, remains a difficult problem at present based on the fast package filter algorithm in a plurality of territories in theory and practice, and mainly there are following shortcoming in existing implementation method and device:
1, the algorithm performance realized of pure software is difficult to satisfy the core router high speed ply-yarn drill speed bag forwarding demand of reaching the standard grade, and the scheme cost height that adopts specialized hardware such as TCAM or ASIC to realize is realized complicated;
2, poor expandability is to increase in the filter filtering rule bar number or increase the field of using in the rule all to cause memory consumption sharply to increase or the time of searching increases;
3, filtering rule is non-constant match time, and the possibility performance is very low under worst condition, and is bigger to the stable and QoS influence of network.
In September, 1999 the 147th page to the 160th page in Sigcomm proceedings be entitled as " based on the bag classification of a plurality of fields " (Pankaj Gupta and Nick McKeown, Packet Classification on Multiple Fields, Proc.Sigcomm, Computer Communication Review, vol.29, no.4, pp 147-60, the recursive-flow category RFC that article September1999) provides (Recursive Flow Classification) method is a kind of software kit sorting algorithm best on the present time efficiency.The RFC method is seen multiword section classification problem the mapping problems (T=logN of packets headers control field value space (S) to class sign (Class ID) space (T) as, N is regular number, and T is usually much smaller than S), because the S space is generally very big, it is too big directly once to shine upon the internal memory that needs, adopt Recursive Implementation stage by stage, finally obtain wrapping the sign that classification results is a class.This method obtains the linear speed processing that packet filtering is transmitted with pretreated time of filtering rule and space complexity.Yet the algorithm of this article introduction has only provided the basic conception that recurrence is handled, and is not presented in the specific implementation process in the practicality such as line-speed router.
Summary of the invention
The objective of the invention is to allow filtering rule bar number few in order to overcome in the existing bag sorting technique, shortcoming such as limited and classification processing time of the territory number that rule is used is non-constant is in the fast package filter method based on the thought of RFC algorithm.Thereby on performance, flexibility and cost, satisfy the demand of commercial line-speed router.
Rapid data packet filter method of the present invention comprises following processing procedure:
Step 1 is carried out preliminary treatment to all filtering rules, and generates each phase index table;
1), determines first field Chunk, exponent number and the route of recurrence classification according to the field of packet classification use and the width of field;
2) all filtering rules in the filter are carried out redundancy check, reject the redundancy rule item, and add the default process rule;
Can adopt the bubble sort algorithm that rule is done in twos and check, reject the redundancy rule item;
3) generation of phase I concordance list, to the information of carrying in the original filtering rule, by equaling, prefix, three kinds of expression modes of scope are converted to interval expression on the number axis, strictly all rules is done projection successively on each first field, mark starting point respectively, obtain non-overlapping interval number, serial number is carried out in the interval, the point that drops on the interval marks interval number, there is not rule to show that the point of mark distributes a default interval number, each reasonable value of each first field all be endowed an expression under it interval of classification number be equivalence class sign eqID, wherein each equivalence class identifies the also corresponding bit map CBM of eqID, show which rule is related with this equivalence class sign eqID in the regular collection, generated the concordance list of phase I; Described bit map length is regular bar number in the filter, and the bit in the bitmap is corresponding one by one with filter rules, is 1 to show that this rule satisfies, otherwise is 0;
4) generation of interstage concordance list, utilize upper level equivalence class sign eqID and corresponding bit message bit pattern, different bit map CBM is obtained new bit map CBM by displacement and step-by-step exclusive disjunction, if newly-generated bit map is to occur for the first time, distribute an equivalence class sign eqID, if occurred before the bit map CBM that obtains, insert the equivalence class sign eqID of original bit map correspondence, generate the concordance list in interstage by such searching loop;
5) unique in the generation of last stage key, the mode of processing and step 4) different what be that output information is deposited in the retrieval mark is not equivalence class sign eqID information, but according to priority first of order is hit rule number and alignment processing mode information;
6) with the internal memory start offset address and the table interior element significant bit figure place information write-in memory unit of each key, finish preliminary treatment;
Step 2, the recurrence of determining according to the step 1 route of tabling look-up obtains final data bag processing mode information with the field of the use of packet inquiry and the converging operation by the key in each stage, finishes the packet classification operation.
7) from the IP header that receives, take out the required field information of classifying rules;
8) read each key of phase I with each field information in the header for the index correspondence, successively read back results is done and moved to left and exclusive disjunction, obtain result after the polymerization thus as the index of next stage key, the rest may be inferred, after inquiring about last stage key, obtain the processing mode information of rule that packet hits number and this rule correspondence, finishing classification and handling.
From memory, once read phase I key information; If the significant bit figure place is 0, can skip this table;
Adopt the method for the invention, can satisfy linear speed packet filtering processing requirements on the high speed router.When the regular bar number of filtration increased, this scheme obviously was better than the linear mode of searching, and filtered the time overhead of coupling and the regular bar number increase in the filter within the specific limits and had nothing to do, and regular bar number is big more, and advantage is obvious more; Filter when bag is transmitted simultaneously match time constant, time-delay is little, does not influence the stable and reliability of network.Can also be applied to fire compartment wall, network access server, four layer switch etc. needs the application of fast package filter.
Description of drawings
Fig. 1 is that first field of using in the datagram header field and the embodiment of the invention constitutes schematic diagram.
Fig. 2 is the converging operation schematic diagram.
Fig. 3 is a filter method data flowchart of the present invention.;
Embodiment
Fast package filter method of the present invention mainly is made up of preprocessing process and classification and matching process two parts of filtering rule on principle.Being of basic thought multidimensional coupling is the one-dimensional PARALLEL MATCHING, a rule set space that obtains successively decreasing after the conjunction of rule set as a result of each dimension coupling is occured simultaneously.For ease of introducing technical scheme, define the several algorithms related notion earlier:
The field Chunk of unit, the Chunk of phase I is directly from the field that indicates in the filtering rule, and for saving internal memory, the width of general Chunk is no more than 16, promptly usually source/purpose IP address is split as high and low 16 two Chunk, Chunk is in addition formed by upper level Chunk merging.Other information relevant with the IP bag also can be used as Chunk and introduces, as the router physical port number, and the class of subscriber in the BAS Broadband Access Server, MPLS mark, VLAN label etc.;
Equivalence class sign eqID, usually modes such as mask, prefix, particular value are adopted in the appointment to a field in the filtering rule, hint obliquely at and all can be expressed as interval or point on the number axis, claim the equivalence class sign with the non-overlapping interval value that obtains of encoding by order from small to large.Its physical significance is pattern subspace in the corresponding header field value space;
Class bit map CBM, bitmap lengths is a regular bar number in the filter, the bit in the bitmap is corresponding one by one with filter rules, is 1 to show that this rule satisfies, otherwise is 0.A plurality of CBM values are carried out step-by-step and operation, can calculate the common factor of a plurality of rule sets;
Converging operation is searched the value that obtains with the above chunk table of two of upper levels and is merged and obtain this and search institute's index of reference, and this index has carried the full detail of tabling look-up and obtain in the front, is that 3 ChunkA, B, C are example with upper level, and computing formula is as follows:
Index=(a*sizeB+b) * sizeC+c, a, b, the result that c tables look-up and obtains for upper level Chunk, sizeB is a different coding number among the Chunk B, sizeC is a different coding number among the Chunk C, and when hardware was not easy to do multiplying, converging operation can be finished with displacement and step-by-step exclusive disjunction.Computing formula is as follows:
Index=((a<<bitsB) ^b)<<bitsC) ^c, a, b, the result that c tables look-up and obtains for upper level Chunk, bitsB is a coding significant bit number among the Chunk B, bitsC is a significant bit number among the Chunk C;
Regular preliminary treatment and actual filtration coupling realizes can sharing on the different processor among the present invention, goes the redundant dimension recompile that pursues to handle to all filtering rules earlier, obtains one group of form that carries original Rule Information; Classification engine does not just need as linear coupling original one by one rule to read to carry out matching operation then realize filtering when searching, only need read repeatedly by the flow process that designs to search list item information and finally obtain required result.Owing to only need simple rdma read and displacement, exclusive disjunction, and the access memory maximum times is determined value, thereby realized the fast package filter processing.
Below again by concrete Packet Filtering embodiment and be described with reference to the accompanying drawings the implementation procedure of filter method of the present invention:
Realize that according to the present invention the principle specific embodiment is divided into regular preliminary treatment and classification engine two parts.The filtering rule preliminary treatment is finished by universal cpu, and this part is less demanding to real-time, and the change frequency of filtering rule is not high usually, generally realizes with advanced language programming; According to performance requirements, classification engine both can realize also can realizing with software that a kind of mode of taking into account performance and flexibility was to adopt the high performance network processor to realize with hardware.Introduce the implementation step of each several part below in detail:
First: filtering rule preliminary treatment and concordance list generate.Concrete steps are as follows:
1, at first determine the field number and the field width that use in the algorithm according to application demand, this is to influence the most important factor of algorithm memory consumption; Secondly, determine recurrence exponent number and route, determined that so the required maximum access memory number of times of realization classification and matching computing promptly searches the time.The data flow diagram of Fig. 3 is an example with three rank Recursive Implementation of source/purpose IP address, source/purpose protocol port number, protocol type, physical port number;
2, all filtering rules in the filter are carried out redundancy check, adopt similar " bubble sort algorithm " to do rule and check in twos, reject the redundancy rule item, and add the default process rule;
3, the source in the rule/purpose IP address is split as high 16 and low 16 two independent field, add protocol type, source/purpose protocol port number, physical port number, every rule has comprised the description of 8 fields, except that protocol type and physical port number value space are 0 to 255, all the other field reasonable value spaces are 0 to 65535;
4, the generation of processing of algorithm phase I and look-up table.The input in this stage mainly from the information of carrying in the original filtering rule, equals, prefix, three kinds of expression modes of scope all can be exchanged into interval expression on the number axis.Strictly all rules is done projection successively on this field, mark starting point respectively, obtain non-overlapping interval number, the interval is numbered from small to large in proper order, the point that drops on the interval marks interval number, do not have the point of regular explicit mark distribute one default ID number, each reasonable value of this field all has been endowed expression ID number of classification under its like this, each ID number also corresponding bit map shows which rule is related with this ID in the regular collection simultaneously.So obtain all look-up tables of phase I by the dimension circular treatment;
5, the generation of recurrence processing of algorithm interstage and look-up table.The generation of interstage look-up table has utilized upper level ID number and the corresponding bit message bit pattern.Searching loop participates in the upper level chunk of combination, different bit map step-by-steps and computing are obtained new bit map, if newly-generated bit map is to occur for the first time, distribute one ID number, set up related (add Hash table be convenient to preliminary treatment) with bit map new ID number, fill in corresponding look-up table, if the bit map that obtains occurred, corresponding look-up table is filled out the ID of original bit map correspondence, can generate the look-up table in interstage by such searching loop;
6, the processing of the last stage special processing and look-up table.Last single order special processing is that what to be deposited in the look-up table is not the classification id information, but according to priority first of order is hit rule number and alignment processing mode information, is convenient to classification engine and directly obtains information needed;
7, with the internal memory start offset address and the table interior element significant bit figure place information write-in memory unit of each look-up table, preliminary treatment finishes thus;
Second portion: classification engine implementation.It is simple relatively that matching process is realized, only needs to table look-up repeatedly and do converging operation and can obtain final result according to the recurrence of the design route of tabling look-up.Concrete steps are as follows:
1, from the IP header that receives, takes out information such as source IP address, purpose IP address, protocol type, source protocol port numbers, purpose protocol port number;
2, from memory, once read the essential information of 8 tables of the first order,,, can skip this table if the significant bit figure place is 0 as the start offset address of table interior element significant bit figure place and table;
3, with high 16 meter readings 0 that index of source IP address, source IP address hangs down 16 meter readings 1 that index, the protocol type meter reading 4 that indexes, the meter reading 6 that indexes of source protocol port numbers, successively read back results is done and moved to left and exclusive disjunction, the figure place that moves to left equals the significant bit figure place of next table element, obtains result after the polymerization thus as tabling look-up 8 index;
4, same, high 16 meter readings 2 that index with purpose IP address, 16 meter readings 3 that index are hanged down in purpose IP address, the meter reading 5 that number indexes of purpose protocol port, the physical port number meter reading 7 that indexes, successively read back results is done moving to left and exclusive disjunction, the figure place that moves to left equals the significant bit figure place of next table element, obtains result after the polymerization thus as tabling look-up 9 index;
5, the result that table 8 and table 9 are read back does equally and moves to left and the exclusive disjunction 10 used index that obtain tabling look-up;
6, preserve the processing mode information of the rule of hitting number and this rule correspondence among the result that meter reading 10 obtains;
Analyze from above-mentioned filtration matching process, finish and once filter matching operation and have nothing to do with regular bar number, Fig. 3 mates flow process access memory number of times and is 11 times to the maximum, if judge that the significant bit figure place of certain table element is 0, the number of times of tabling look-up also can reduce.
Use fast package filter method of the present invention to have following advantage as can be seen:
1, the speed of matched and searched is fast, is fit to realize on the high speed router ply-yarn drill packet filtering of multiword section;
2, the field of filter rules use expands flexibly and easily, satisfies the application demand that other needs are classified to the IP bag;
3, when regular bar number increases in the filter, just the time of algorithm preprocessing part structure look-up table increases, and the number of times of tabling look-up when filtering coupling is constant, does not influence the surface speed forwarding performance of bag, adapts to the situation that regular bar number reaches thousands of especially;
4, can use universal network processor and normal memory to reach the high performance parallel packet filtering and handle, ASIC or FPGA realize that the construction cycle is short relatively, and cost is low.
Claims (5)
1. a rapid data packet filter method is characterized in that, described method comprises following processing procedure:
Step 1 is carried out preliminary treatment to all filtering rules, and generates each phase index table;
1), determines first field Chunk, exponent number and the route of recurrence classification according to the field of packet classification use and the width of field;
2) all filtering rules in the filter are carried out redundancy check, reject the redundancy rule item, and add the default process rule;
3) generation of phase I concordance list, to the information of carrying in the original filtering rule, by equaling, prefix, three kinds of expression modes of scope are converted to interval expression on the number axis, strictly all rules is done projection successively on each first field, mark starting point respectively, obtain non-overlapping interval number, serial number is carried out in the interval, the point that drops on the interval marks interval number, there is not rule to show that the point of mark distributes a default interval number, each reasonable value of each first field all be endowed an expression under it interval of classification number be equivalence class sign eqID, wherein each equivalence class identifies the also corresponding bit map CBM of eqID, show which rule is related with this equivalence class sign eqID in the regular collection, generated the concordance list of phase I;
4) generation of interstage concordance list, utilize upper level equivalence class sign eqID and corresponding bit message bit pattern, different bit map CBM is obtained new bit map CBM by displacement and step-by-step exclusive disjunction, if newly-generated bit map is to occur for the first time, distribute an equivalence class sign eqID, if occurred before the bit map CBM that obtains, insert the equivalence class sign eqID of original bit map correspondence, generate the concordance list in interstage by such searching loop;
5) unique in the generation of last stage key, the mode of processing and step 4) different what be that output information is deposited in the retrieval mark is not equivalence class sign eqID information, but according to priority first of order is hit rule number and alignment processing mode information;
6) with the internal memory start offset address and the table interior element significant bit figure place information write-in memory unit of each key, finish preliminary treatment;
Step 2, the recurrence of determining according to the step 1 route of tabling look-up obtains final data bag processing mode information with the field of the use of packet inquiry and the converging operation by the key in each stage, finishes the packet classification operation.
2. rapid data packet filter method according to claim 1 is characterized in that, described step 2 specifically comprises following processing procedure:
7) from the IP header that receives, take out the required field information of classifying rules;
8) read each key of phase I with each field information in the header for the index correspondence, successively read back results is done and moved to left and exclusive disjunction, obtain result after the polymerization thus as the index of next stage key, the rest may be inferred, after inquiring about last stage key, obtain the processing mode information of rule that packet hits number and this rule correspondence, finishing classification and handling.
3. rapid data packet filter method according to claim 1 and 2 is characterized in that, once reads phase I key information in the described step 8) from memory; If the significant bit figure place is 0, can skip this table.
4. rapid data packet filter method according to claim 1 and 2 is characterized in that, described step 2) in can adopt the bubble sort algorithm that rule is done in twos to check, to reject the redundancy rule item.
5. rapid data packet filter method according to claim 1 and 2, it is characterized in that bit map length described in the described step 3) is regular bar number in the filter, the bit in the bitmap is corresponding one by one with filter rules, be 1 to show that this rule satisfies, otherwise be 0.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200310113601 CN1282332C (en) | 2003-11-13 | 2003-11-13 | A method of fast data packet filtering |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200310113601 CN1282332C (en) | 2003-11-13 | 2003-11-13 | A method of fast data packet filtering |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1545254A true CN1545254A (en) | 2004-11-10 |
| CN1282332C CN1282332C (en) | 2006-10-25 |
Family
ID=34336933
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200310113601 Expired - Fee Related CN1282332C (en) | 2003-11-13 | 2003-11-13 | A method of fast data packet filtering |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1282332C (en) |
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100440859C (en) * | 2005-06-06 | 2008-12-03 | 中兴通讯股份有限公司 | Bit-map aggregated recursive stream sorting method and its system |
| WO2009070994A1 (en) * | 2007-11-30 | 2009-06-11 | Hangzhou H3C Technologies Co., Ltd. | A method and device for matching message rule |
| WO2010069214A1 (en) * | 2008-12-19 | 2010-06-24 | 北京中创信测科技股份有限公司 | Method and equipment for field filtering |
| US7747553B2 (en) | 2005-01-31 | 2010-06-29 | International Business Machines Corporation | Rule set partitioning based packet classification method for internet |
| CN101257458B (en) * | 2008-04-01 | 2010-07-07 | 北京星网锐捷网络技术有限公司 | Method, apparatus and system for distributing and mounting filtering meter item |
| CN101146027B (en) * | 2006-09-14 | 2010-08-18 | 中兴通讯股份有限公司 | Method based on access control list category |
| CN101860531A (en) * | 2010-04-21 | 2010-10-13 | 北京星网锐捷网络技术有限公司 | Filtering rule matching method of data packet and device thereof |
| CN101431760B (en) * | 2007-11-07 | 2010-12-01 | 中兴通讯股份有限公司 | Method and system for implementing business report |
| CN101572676B (en) * | 2009-06-17 | 2011-06-29 | 杭州华三通信技术有限公司 | Load sharing method and equipment of double outlets at data center |
| CN101753369B (en) * | 2008-12-03 | 2012-03-28 | 北京天融信网络安全技术有限公司 | Method and device for detecting firewall rule conflict |
| CN102546378A (en) * | 2010-12-31 | 2012-07-04 | 重庆重邮信科通信技术有限公司 | Evolved packet system (EPS) transmission flow template (TFT) matching method |
| CN101753542B (en) * | 2008-12-03 | 2012-10-10 | 北京天融信网络安全技术有限公司 | Method and device for speeding up matching of filter rules of firewalls |
| CN101783786B (en) * | 2009-01-19 | 2013-01-16 | 中兴通讯股份有限公司 | Method and device for filtering data packets |
| US8385606B2 (en) | 2005-08-05 | 2013-02-26 | Sony Corporation | Image processing apparatus and method, and program |
| CN101848091B (en) * | 2009-03-25 | 2013-06-05 | 成都友道科技有限公司 | Method and system for processing data search |
| CN103338155A (en) * | 2013-07-01 | 2013-10-02 | 安徽中新软件有限公司 | High-efficiency filtering method for data packets |
| CN103618733A (en) * | 2013-12-06 | 2014-03-05 | 北京中创信测科技股份有限公司 | Data filtering system and method applied to mobile internet |
| CN103647708A (en) * | 2013-11-29 | 2014-03-19 | 曙光信息产业(北京)有限公司 | ATCA-based data message processing board |
| CN103647773A (en) * | 2013-12-11 | 2014-03-19 | 北京中创信测科技股份有限公司 | Fast encoding method of access control list (ACL) behavior set |
| CN104580202A (en) * | 2014-12-31 | 2015-04-29 | 曙光信息产业(北京)有限公司 | Message matching method and device |
| CN105939322A (en) * | 2015-12-08 | 2016-09-14 | 杭州迪普科技有限公司 | Message attack protection method and device |
| CN106790170A (en) * | 2016-12-29 | 2017-05-31 | 杭州迪普科技股份有限公司 | A kind of packet filtering method and device |
| CN108282454A (en) * | 2017-01-06 | 2018-07-13 | 瞻博网络公司 | For using inline mode matching to accelerate the devices, systems, and methods of safety inspection |
| CN111226208A (en) * | 2017-08-31 | 2020-06-02 | 美光科技公司 | Reducing probabilistic filter query latency |
| CN111628935A (en) * | 2020-05-26 | 2020-09-04 | 清华大学 | Data packet classification method and device suitable for software defined network |
| CN111899148A (en) * | 2020-07-03 | 2020-11-06 | Tcl华星光电技术有限公司 | Frame data processing method and system and storage medium |
| CN113691458A (en) * | 2021-08-19 | 2021-11-23 | 北京指掌易科技有限公司 | Network packet processing method and device, electronic equipment and storage medium |
-
2003
- 2003-11-13 CN CN 200310113601 patent/CN1282332C/en not_active Expired - Fee Related
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7747553B2 (en) | 2005-01-31 | 2010-06-29 | International Business Machines Corporation | Rule set partitioning based packet classification method for internet |
| CN100440859C (en) * | 2005-06-06 | 2008-12-03 | 中兴通讯股份有限公司 | Bit-map aggregated recursive stream sorting method and its system |
| US8385606B2 (en) | 2005-08-05 | 2013-02-26 | Sony Corporation | Image processing apparatus and method, and program |
| CN101146027B (en) * | 2006-09-14 | 2010-08-18 | 中兴通讯股份有限公司 | Method based on access control list category |
| CN101431760B (en) * | 2007-11-07 | 2010-12-01 | 中兴通讯股份有限公司 | Method and system for implementing business report |
| WO2009070994A1 (en) * | 2007-11-30 | 2009-06-11 | Hangzhou H3C Technologies Co., Ltd. | A method and device for matching message rule |
| CN101257458B (en) * | 2008-04-01 | 2010-07-07 | 北京星网锐捷网络技术有限公司 | Method, apparatus and system for distributing and mounting filtering meter item |
| CN101753369B (en) * | 2008-12-03 | 2012-03-28 | 北京天融信网络安全技术有限公司 | Method and device for detecting firewall rule conflict |
| CN101753542B (en) * | 2008-12-03 | 2012-10-10 | 北京天融信网络安全技术有限公司 | Method and device for speeding up matching of filter rules of firewalls |
| CN101442539B (en) * | 2008-12-19 | 2011-09-28 | 北京中创信测科技股份有限公司 | Method and apparatus for implementing field filtration |
| WO2010069214A1 (en) * | 2008-12-19 | 2010-06-24 | 北京中创信测科技股份有限公司 | Method and equipment for field filtering |
| CN101783786B (en) * | 2009-01-19 | 2013-01-16 | 中兴通讯股份有限公司 | Method and device for filtering data packets |
| CN101848091B (en) * | 2009-03-25 | 2013-06-05 | 成都友道科技有限公司 | Method and system for processing data search |
| CN101572676B (en) * | 2009-06-17 | 2011-06-29 | 杭州华三通信技术有限公司 | Load sharing method and equipment of double outlets at data center |
| CN101860531A (en) * | 2010-04-21 | 2010-10-13 | 北京星网锐捷网络技术有限公司 | Filtering rule matching method of data packet and device thereof |
| CN101860531B (en) * | 2010-04-21 | 2013-04-17 | 北京星网锐捷网络技术有限公司 | Filtering rule matching method of data packet and device thereof |
| CN102546378A (en) * | 2010-12-31 | 2012-07-04 | 重庆重邮信科通信技术有限公司 | Evolved packet system (EPS) transmission flow template (TFT) matching method |
| CN103338155B (en) * | 2013-07-01 | 2016-02-24 | 安徽中新软件有限公司 | A kind of high efficiency filter method of packet |
| CN103338155A (en) * | 2013-07-01 | 2013-10-02 | 安徽中新软件有限公司 | High-efficiency filtering method for data packets |
| CN103647708A (en) * | 2013-11-29 | 2014-03-19 | 曙光信息产业(北京)有限公司 | ATCA-based data message processing board |
| CN103618733A (en) * | 2013-12-06 | 2014-03-05 | 北京中创信测科技股份有限公司 | Data filtering system and method applied to mobile internet |
| CN103618733B (en) * | 2013-12-06 | 2017-06-27 | 北京中创腾锐技术有限公司 | A kind of data filtering system and method for being applied to mobile Internet |
| CN103647773A (en) * | 2013-12-11 | 2014-03-19 | 北京中创信测科技股份有限公司 | Fast encoding method of access control list (ACL) behavior set |
| CN104580202B (en) * | 2014-12-31 | 2018-09-07 | 曙光信息产业(北京)有限公司 | The matching process and device of message |
| CN104580202A (en) * | 2014-12-31 | 2015-04-29 | 曙光信息产业(北京)有限公司 | Message matching method and device |
| CN105939322A (en) * | 2015-12-08 | 2016-09-14 | 杭州迪普科技有限公司 | Message attack protection method and device |
| CN106790170A (en) * | 2016-12-29 | 2017-05-31 | 杭州迪普科技股份有限公司 | A kind of packet filtering method and device |
| CN106790170B (en) * | 2016-12-29 | 2020-05-12 | 杭州迪普科技股份有限公司 | Data packet filtering method and device |
| CN108282454A (en) * | 2017-01-06 | 2018-07-13 | 瞻博网络公司 | For using inline mode matching to accelerate the devices, systems, and methods of safety inspection |
| CN111226208A (en) * | 2017-08-31 | 2020-06-02 | 美光科技公司 | Reducing probabilistic filter query latency |
| US11409753B2 (en) | 2017-08-31 | 2022-08-09 | Micron Technology, Inc. | Reducing probabilistic filter query latency |
| CN111628935A (en) * | 2020-05-26 | 2020-09-04 | 清华大学 | Data packet classification method and device suitable for software defined network |
| CN111628935B (en) * | 2020-05-26 | 2021-02-12 | 清华大学 | Data packet classification method and device suitable for software defined network |
| CN111899148A (en) * | 2020-07-03 | 2020-11-06 | Tcl华星光电技术有限公司 | Frame data processing method and system and storage medium |
| CN111899148B (en) * | 2020-07-03 | 2023-11-28 | Tcl华星光电技术有限公司 | Frame data processing method and system and storage medium |
| CN113691458A (en) * | 2021-08-19 | 2021-11-23 | 北京指掌易科技有限公司 | Network packet processing method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1282332C (en) | 2006-10-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1282332C (en) | A method of fast data packet filtering | |
| US7054315B2 (en) | Efficiency masked matching | |
| Baboescu et al. | Scalable packet classification | |
| Waldvogel | Fast longest prefix matching: algorithms, analysis, and applications | |
| Huang et al. | A fast IP routing lookup scheme for gigabit switching routers | |
| WO2004015937A2 (en) | Logarithmic time range-based multifield-correlation packet classification | |
| CN1784678A (en) | System and method for efficiently searching a forwarding database that is split into a bounded number of sub-databases having a bounded size | |
| WO2003013077A1 (en) | Methods and systems for fast packet forwarding | |
| Nikitakis et al. | A memory-efficient FPGA-based classification engine | |
| CN1543150A (en) | Packet classification apparatus and method using field level tries | |
| Papaefstathiou et al. | Memory-efficient 5D packet classification at 40 Gbps | |
| Meiners et al. | Topological transformation approaches to optimizing TCAM-based packet classification systems | |
| CN1477494A (en) | Data packet recursive flow sorting method | |
| Erdem et al. | Hierarchical hybrid search structure for high performance packet classification | |
| Gong et al. | ERFC: an enhanced recursive flow classification algorithm | |
| Li et al. | Scalable packet classification using bit vector aggregating and folding | |
| CN1805435A (en) | IPv6 multi-domain classification processing method | |
| Wang et al. | Performance improvement of two-dimensional packet classification by filter rephrasing | |
| Erdem et al. | Clustered hierarchical search structure for large-scale packet classification on FPGA | |
| CN1138384C (en) | Inquiry device and method for network equipoment | |
| Huang et al. | Memory-efficient IP lookup using trie merging for scalable virtual routers | |
| CN104348729B (en) | A kind of Internet streaming sorting technique of software and hardware combining | |
| CN1852259A (en) | Method and apparatus for marking aggregation-type 2-D message classification and searching thereof | |
| Chang et al. | Grid of segment trees for packet classification | |
| Hanna et al. | Progressive hashing for packet processing using set associative memory |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20061025 Termination date: 20171113 |