Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Session table entry processing method and device

A technology of session entry and processing method, applied in the communication field, can solve the problems of occupying the memory of the firewall device 200 and affecting the service processing efficiency of the firewall device 200, etc.

Active Publication Date: 2018-01-05
NEW H3C SECURITY TECH CO LTD
View PDF5 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Based on this principle, when the network is subjected to a Flood attack (such as a SYN Flood attack, that is, a synchronous flood attack), the firewall device 200 will receive a large number of SYN packets and / or ACK packets, and establish a large number of session entries corresponding to illegal connections , the session entries corresponding to these illegal connections will occupy a large amount of memory of the firewall device 200, affecting the processing efficiency of the firewall device 200 for business

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Session table entry processing method and device
  • Session table entry processing method and device
  • Session table entry processing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0031] The words appearing in the embodiments of the present application are explained below.

[0032] Session table entry: used to guide the forwarding of the message. The session table item includes: source IP address, source port, destination IP address, destination port, number of processed messages, etc., used to guide the forwarding information of the message; The source IP address included in the session entry in the firewall device is the source IP address of the forward mes...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the application provides a session table entry processing method and device, applied to firewall equipment. The method comprises the following steps: detecting whether a first session table entry of which the absolute value of a time difference value exceeds a first threshold exists in a session table entry every first duration, wherein the time difference value is a time difference value between the current time and the receiving time of the last message that is matched with the session table entry; if the first session table entry exists, determining whether the connectioncorresponding to the first session table entry is an illegal connection; if the connection is the illegal connection, detecting whether the number of positive messages that are matched with the firstsession table entry is greater than a second threshold; and if the number is not greater than the second threshold, deleting the first session table entry. By adopting the embodiment of the application, the memory occupied by the session table entry corresponding to the illegal connection can be rapidly released, and the impact on the efficiency of service processing can be reduced.

Description

technical field [0001] The present application relates to the field of communication technologies, and in particular to a method and device for processing session entries. Background technique [0002] Flood attack is a kind of using TCP (Transmission Control Protocol, Transmission Control Protocol) defect, sending a large number of forged TCP connection requests (such as SYN (Synchronize, synchronization) message, ACK (Acknowledgment, confirmation) message), making the attacked party A resource exhaustion attack. [0003] Such as figure 1 The network shown includes a client 100 , a firewall device 200 , and a server 300 ; the client 100 needs to establish a connection with the server 300 before communicating with the server 300 . Specifically: 1. The client 100 sends a SYN message to the server 300 through the firewall device 200 based on TCP; 2. After the server 300 receives the SYN message, it sends a SYN / ACK message to the client 100 through the firewall device 200; 3....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 易勇平
Owner NEW H3C SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products