Implementation method of software-defined firewall system
An implementation method and software-defined technology, applied in the field of computer networks, can solve the problems of packet filtering, increasing the burden on SDN controllers and OpenFlow switches, and increasing the complexity of data packet processing by the data layer, so as to reduce the amount of calculation and achieve high versatility. sexual effect
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment
[0042] The present invention will be further described below in conjunction with specific examples. like image 3 As shown, two hosts h1 and h2 are connected through an OpenFlow switch. The IP addresses of the two hosts are 10.0.0.1 / 24 and 10.0.0.2 / 24 respectively, and the MAC addresses are 00:00:00:00:00:01 and 00:00:00:00:00:02, the OpenFlow switch is connected to the SDN controller.
[0043] 1. Implementation of stateful firewall for TCP packets
[0044] The network administrator adds the firewall rules shown in Table 1 through the firewall (the firewall allows h1 to actively access h2, and denies h2 to actively access h1)
[0045] Table 1 Firewall rules
[0046] priority source IP address Destination IP address agreement type action 2 10.0.0.1 10.0.0.2 TCP Allow 1 10.0.0.2 10.0.0.1 TCP Deny
[0047] When h1 initiates a TCP connection to h2, h1 first sends a SYN request packet, which matches the initial flow entry when passing t...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com