Firewall system of user mode pipeline architecture

A firewall and user-mode technology, applied in the field of digital information transmission, can solve problems such as low firewall packet processing efficiency, save CPU interruption time, improve performance, and solve low processing efficiency.

Active Publication Date: 2020-09-01
江苏深网科技有限公司
View PDF7 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Aiming at the problem that the Linux kernel calling in the existing pure software firewall solutions above leads to low packet processing efficiency of the firewall, objectively, it is necessary to design a set of firewall software architecture system that meets the actual needs in order to make full use of multiple Core CPU resources to improve device processing capabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall system of user mode pipeline architecture

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention is described in further detail now in conjunction with accompanying drawing.

[0031] figure 1It is a system schematic diagram of an embodiment of the user mode pipeline architecture firewall system proposed by the present invention. The system is divided into two parts: control plane and data plane. The control plane (that is, the control plane in the figure) is responsible for the management and control functions of the system, and validates the configuration management information sent from the management port into the system through management commands. Among them, the MessageBus (message bus) module plays the role of a message bus, and sends messages to different functional modules according to different configuration command types, such as filtering rule configuration messages, which can be sent to the message queue of the packet filtering module, and the packet filtering module passes The timer (timer) regularly reads the messages in the m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a firewall system of a user mode pipeline architecture. A control plane is responsible for management and control functions of the system and redirects a message sent from a management port to a kernel protocol stack; a data plane is responsible for main service functions, works in a user mode and can bypass a complex Linux kernel protocol stack to directly obtain messagesfrom a network card. The data plane decomposes firewall function software into a plurality of function modules, each function module is bound to an independent CPU core, one CPU core serves as a maincore and is responsible for receiving messages, data packet receiving and sending are achieved in a polling mode, and an assembly line framework is formed. The firewall system belongs to a software architecture which bypasses a system kernel and is suitable for a firewall function, a network card driver is usually realized in the kernel, the firewall system is realized again in a user mode, the system directly acquires a message from the network card, and the problem of low processing efficiency caused by a traditional firewall Linux kernel is effectively solved.

Description

technical field [0001] The invention belongs to the technical field of digital information transmission, and in particular relates to a firewall system with a user mode pipeline architecture. Background technique [0002] With the development of Internet communication technology and the increasing popularity of Internet applications, the Internet has become the main platform for data transmission and information exchange. As a basic network security product, firewall technology is an important means to achieve network information security, so the application scenarios of firewalls are very wide. [0003] At present, almost all network security vendors with a relatively large scale have launched their own firewall products. In addition to the necessary functions, the performance of firewalls is also the focus of publicity by various security vendors. For example, many firewall products use hardware acceleration such as FPGA, ASIC, and NP. processing technology. However, due...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F13/32G06F9/50G06F9/54
CPCH04L63/0209H04L63/0227G06F13/32G06F9/5027G06F9/544Y02D30/50
Inventor 王传林
Owner 江苏深网科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap