Unlock instant, AI-driven research and patent intelligence for your innovation.

NAT rule matching method and device, electronic equipment and storage medium

A rule and address matching technology, applied in the field of computer networks, can solve problems such as poor NAT rule matching efficiency

Active Publication Date: 2020-05-05
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF7 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the purpose of the embodiments of the present application is to provide a NAT rule matching method, device, electronic equipment and storage medium, so as to improve the problem of poor NAT rule matching efficiency in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • NAT rule matching method and device, electronic equipment and storage medium
  • NAT rule matching method and device, electronic equipment and storage medium
  • NAT rule matching method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.

[0045] The applicant has found that the reason for the low NAT rule matching efficiency is that when there are large-scale NAT rules, the number of NAT rules to be matched is too large, resulting in low efficiency.

[0046] Specifically, the function of NAT is to translate the source address and destination address (such as source IP address and destination IP address) in the packet when the packet is communicated between the internal network and the external network, and NAT rule matching is to convert the packet Match with the NAT rule parameters to determine whether the address in the packet needs to be translated.

[0047] In order to solve the above problem, an embodiment of the present application provides a NAT rule matching method. Before using the matching method in the NAT ru...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an NAT rule matching method and device, electronic equipment and a storage medium, and relates to the technical field of computer networks. The method comprises the steps that based on a longest prefix matching rule, matching nodes matched with addresses of messages in a rule prefix tree are determined, and the rule prefix tree is a Patricia prefix tree which takes prefix values in a rule prefix table entry as leaf nodes and is constructed in a binary form according to the sequence from high to low; taking the rule prefix table entry mounted under the matching node and the rule prefix table entry mounted under the ancestor node of the matching node as matching table entries; and determining a target table entry in the matching table entry based on the matching parameter of the NAT rule corresponding to the matching table entry, and returning the NAT rule corresponding to the target table entry. According to the method, the NAT rule matching is performed through the rule prefix tree, so that the NAT rule matching efficiency is improved.

Description

technical field [0001] The present application relates to the technical field of computer networks, and in particular, to a NAT rule matching method, apparatus, electronic device, and storage medium. Background technique [0002] With the development of network technology, there are more and more network attacks, and a large number of network security devices have been developed and applied to the actual environment. When some hosts in the private network have been assigned local IP addresses (that is, private addresses only used in this private network), but now they want to communicate with hosts on the Internet, NAT (NetworkAddress Translation, network address) can be used. Conversion method) rules, which are widely deployed in the network as common rules, NAT rules are mainly used to solve the problem of insufficient IPv4 addresses, and provide a function of hiding private network IP addresses. Therefore, the number of deployments on network communications and security ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/12
CPCH04L61/2557
Inventor 丁传玉
Owner BEIJING TOPSEC NETWORK SECURITY TECH