Unlock instant, AI-driven research and patent intelligence for your innovation.

NAT rule matching method, device, electronic device and storage medium

A rule and address matching technology, applied in the field of computer networks, can solve problems such as poor NAT rule matching efficiency

Active Publication Date: 2022-07-12
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the purpose of the embodiments of the present application is to provide a NAT rule matching method, device, electronic equipment and storage medium, so as to improve the problem of poor NAT rule matching efficiency in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • NAT rule matching method, device, electronic device and storage medium
  • NAT rule matching method, device, electronic device and storage medium
  • NAT rule matching method, device, electronic device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.

[0045] The applicant's research found that the reason for the low NAT rule matching efficiency is that when there are large-scale NAT rules, the number of NAT rules to be matched is too large, resulting in low efficiency.

[0046] Specifically, the function of NAT is to translate the source address and destination address (such as source IP address and destination IP address) in the packet when the packet is communicated between the internal network and the external network, and NAT rule matching is to convert the packet Match with the NAT rule parameters to determine whether the address in the packet needs to be translated.

[0047] In order to solve the above problem, an embodiment of the present application provides a NAT rule matching method. Before using the matching method in the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application provides a NAT rule matching method, device, electronic device and storage medium, and relates to the technical field of computer networks. The method includes: based on the longest prefix matching rule, determining the matching node in the rule prefix tree that matches the address of the message, the rule prefix tree is the prefix value in the rule prefix table entry as the leaf node, in binary form according to A Patricia prefix tree constructed from high order to low order; the rule prefix table entry mounted under the matching node and the rule prefix table entry mounted under the ancestor node of the matching node are used as matching table entries; based on the matching The matching parameter of the NAT rule corresponding to the entry determines the target entry in the matching entry, and returns the NAT rule corresponding to the target entry. The method performs NAT rule matching through the rule prefix tree, which improves the efficiency of NAT rule matching.

Description

technical field [0001] The present application relates to the technical field of computer networks, and in particular, to a NAT rule matching method, apparatus, electronic device, and storage medium. Background technique [0002] With the development of network technology, there are more and more network attacks, and a large number of network security devices have been developed and applied to the actual environment. When some hosts in the private network have been assigned local IP addresses (that is, private addresses only used in this private network), but now they want to communicate with hosts on the Internet, NAT (NetworkAddress Translation, network address) can be used. Conversion method) rules, which are widely deployed in the network as common rules, NAT rules are mainly used to solve the problem of insufficient IPv4 addresses, and provide a function of hiding private network IP addresses. Therefore, the number of deployments on network communications and security ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L61/2557
CPCH04L61/2557
Inventor 丁传玉
Owner BEIJING TOPSEC NETWORK SECURITY TECH