Method for service matching of messages by means of access control list (ACL)

A packet and service technology, applied in the field of using ACL to match packets to services, can solve the problem of slowing down the packet processing speed, and achieve the effect of speeding up the processing speed

Inactive Publication Date: 2013-07-24
OPZOON TECH
View PDF6 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a method for using ACL to perform business matching on messages, so as to solve the problem that the existing firewall needs to perform ACL matching through each business processing module in turn when performing business matching on received messages, thereby Issues that slow down packet processing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for service matching of messages by means of access control list (ACL)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0017] Such as figure 1 As shown, the method of utilizing ACL to carry out business matching to the message that the present invention proposes comprises the following steps:

[0018] S1. The firewall classifies the IP addresses of all packets to obtain N types of IP addresses, and configures ACLs for the N types of IP addresses respectively, thereby obtaining N ACLs, wherein N is a positive integer, and the N ACLs are respectively Record the types of services that need to be executed for the packets corresponding to each type of IP address;

[0019] S2. When the firewall receives the message, according to the IP address of the message, find the corresponding ACL in the N ACLs for matching, so as to obtain the service type to be executed by the message;

[0020] S3. The firewall sends the packet to a co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a firewall technique, and particularly discloses a method for service matching of messages by means of an access control list (ACL). The method includes that a firewall classifies all IP addresses of the messages, the IP addresses of N types are obtained, the ACL is respectively distributed for the IP addresses of N types, N ACLs are obtained, and the N ACLs respectively record service types which need to be executed by the messages corresponding to the IP address of each type. When receiving the messages, the firewall finds the corresponding ACL in the N ACLs for matching according to the IP addresses of the messages, and therefore the service types which need to be executed by the messages are obtained. The firewall sends the messages to a corresponding service processing module for processing according to the service types which need to be executed by the messages. By means of the technical scheme, when the firewall processes the messages, the ACL needs to be matched only once, and therefore people can know what services the messages need to carry out. By means of the method, the speed of processing the messages is greatly increased.

Description

technical field [0001] The invention relates to the technical field of firewalls, in particular to a method for using ACL to perform service matching on messages. Background technique [0002] On firewall devices, the most basic and frequently used function is the ACL function. The full name of ACL is Access Control List, which is the access control list. The ACL function can configure the five-tuple of the packet, including source IP address, destination IP address, protocol number, source port number, and destination port number. The ACL function is combined with other functions to form a specific way to perform actions on packets. For example, IPSec tunnels use the ACL function to determine which packets need to be encrypted, which packets need to be discarded, and which packets need to be released; NAT conversion uses the ACL function to determine which packets need to be translated by which IP addresses; Layer 3 security control Use ACL to determine which packets can ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
Inventor 陈海滨
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap