Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for simultaneously realizing remote access control and isolation area application on terminal device

A technology for remote access and terminal equipment, applied in transmission systems, electrical components, store-and-forward switching systems, etc., can solve the problems of inability to guarantee the normal operation of the RA function and low priority, and achieve low overhead, low performance impact, and simple implementation. handy effect

Inactive Publication Date: 2012-09-05
安海娟
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, in the prior art, in general, the priority of DMZ application is the lowest, and the DMZ application cannot be guaranteed to work properly under the premise that the RA function takes effect; on the other hand, when the user manually cancels the DMZ setting, the RA function cannot be guaranteed. still working

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for simultaneously realizing remote access control and isolation area application on terminal device
  • Method for simultaneously realizing remote access control and isolation area application on terminal device
  • Method for simultaneously realizing remote access control and isolation area application on terminal device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The preferred embodiments of the present invention will be described in more detail below in conjunction with the accompanying drawings.

[0050] The present invention realizes remote access control and isolated area application method on the terminal equipment at the same time, utilizes the Netfilter packet screening mechanism of Linux, and distinguishes the rules required for the realization of the remote access control RA function and the rules required for the realization of the DMZ function in the form of an iptables self-defined chain .

[0051] First of all, during the initialization process of the iptables module, set the rules of loading and jumping RA custom chains preferentially in the predefined chains that may conflict, so as to meet the requirement that the priority of RA is higher than that of DMZ.

[0052] In addition, because the priority of RA is higher than that of DMZ, it is necessary to ensure that both take effect at the same time. The port number ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for simultaneously realizing remote access control and isolation area application on a terminal device, which comprises the following steps: by utilizing a Netfilter packet filtering system of Linux, loading a rule for jumping a remote access control user defined chain in possibly conflicting predefined chains in priority in the process of initializing an iptablesmodule; and increasing judgment that whether an isolation area is enabled during the realization of the remote access control, and simultaneously ensuring to process the remote access control rule chain during the realization of the isolation area. The method introduces a concept of a user defined chain, and contracts the priority relationship between two kinds of application of RA and DMZ in a mode of the user defined chain, so that the aim that both simultaneously take effect is achieved, and the normal operation of one cannot be influenced by effective and invalid functions of the other; and the method is simple and convenient to realize, and has small overhead and little influence on system performance.

Description

technical field [0001] The present invention relates to an access control method on a broadband access terminal device, in particular to a Netfilter mechanism utilizing the Linux kernel, through configuring iptables rules, to realize remote access control function and DMZ (Demilitarized Zone, isolated area) application at the same time method. Background technique [0002] In the prior art, the remote access control (Remote Access Control, hereinafter referred to as RA) function refers to the realization on the managed device of controlling the administrator's behavior of accessing the device through remote operation and reading and writing device information. Specifically, the administrator may remotely access the device through various methods, such as HTTP, TELNET, SNMP, and TFTP, and the network ports used for each method can be flexibly configured. Thus, the managed device provides enabling and disabling setting options for each mode of access, and allows users to set ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/54H04L29/08
Inventor 任捷
Owner 安海娟