Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Content filtering gateway realizing method based on network filter

A network filter and content filtering technology, applied in the field of communication, can solve the problems of spam threat, negative influence of teenagers, slow speed, etc., to achieve the effect of easy maintenance, reducing data copying and space switching

Inactive Publication Date: 2009-11-04
BEIJING UNIV OF TECH
View PDF2 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are various kinds of information on the Internet, most of which have not been strictly checked and screened. Although they can meet the needs of some education, information and leisure, there are also a large number of obscene, pornographic, Violent terror, anti-government and racial discrimination websites
[0004] The second category of security concerns is the threat of virus infection and spam
The application layer agent can understand various application protocols and can conveniently filter content, but it is opaque to users, and different agent programs must be written for each application
And slower speed, greater impact on network performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Content filtering gateway realizing method based on network filter
  • Content filtering gateway realizing method based on network filter
  • Content filtering gateway realizing method based on network filter

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0047] The present invention relates to a content filtering gateway based on a network filter framework, aiming at realizing real-time content filtering at the network border and filtering application layer information at the network layer. The core of the present invention is as figure 1 , the complained gateway (2), install dual network cards, both network cards are set to promiscuous mode, use brctl to configure the two network cards as network bridges. One network card of the gateway is connected to the router (1), which is the only exit from the network to the Internet; the other network card is connected to the switch (3), so that the system can be filtered through the network in a transparent manner. In this way, the network structure and devices on the network can be connected to the network without any modification; when the content filtering system...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The method for implementing a content filtering gateway based on a network filter belongs to the technical field of network communication security, and is characterized in that network content analysis and real-time monitoring are realized based on a Linux system platform. The purpose of filtering application layer information at the network layer is achieved, and the network filter Netfilter framework is used to collect and filter data packets in the kernel state, optimize the network path of data packets, and improve the efficiency of data collection. Perform session restoration on the TCP connection, and use the shared memory technology between the user space and the kernel space to transfer the session content from the kernel state to the content filtering module in the user state. The overhead brought by the system call is avoided, and the number of data copies is reduced. Forward the legal data packets after judgment, and block them illegally. The gateway works in a transparent manner, and the gateway does the necessary processing without losing transparency due to caching data. The gateway can effectively complete network content analysis and real-time monitoring.

Description

technical field [0001] The invention belongs to the technical field of communication, and specifically designs collection and filtering of data packets in a kernel state, session restoration, communication between a user state and a kernel state, realization of a transparent mode, and the like. Filtering can be performed based on the complete content of the session to prevent illegal data packets from passing. Background technique [0002] The Internet satisfies the supreme realm of "fast" and "unrestricted" that people have been pursuing for thousands of years, breaks through time and space, and realizes people's dream of freedom. It fits the original nature of people, and the degree of "freedom" achieved exceeds people's imagination. The openness of the Internet has allowed people to enjoy the freedom of unfettered access to various information, release of speech, but at the same time, it has also brought many information security problems. [0003] Statistics show that ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/66H04L12/56H04L49/9015
Inventor 张建标孙鸿斌艾蓉张正国
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products