A Firewall System with User Mode Pipeline Architecture

A firewall and pipeline technology, applied in the field of digital information transmission, can solve the problems of low firewall message processing efficiency, etc., achieve the effect of saving CPU interruption time, solving low processing efficiency, and improving processing performance

Active Publication Date: 2022-06-03
江苏深网科技有限公司
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Aiming at the problem that the Linux kernel calling in the existing pure software firewall solutions above leads to low packet processing efficiency of the firewall, objectively, it is necessary to design a set of firewall software architecture system that meets the actual needs in order to make full use of multiple Core CPU resources to improve device processing capabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Firewall System with User Mode Pipeline Architecture

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will now be described in further detail in conjunction with the accompanying drawings.

[0031] FIG. 1 is a system schematic diagram of an embodiment of a user-mode pipeline architecture firewall system proposed by the present invention. Tie

[0032] The working principle of the firewall system is described in detail below.

[0043] 8. The IP fragmentation module performs IP fragmentation processing according to the size of the MTU and the actual message.

[0045] To sum up, the technical solution of the present invention proposes a software architecture that bypasses the kernel and is suitable for the firewall function. all

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a firewall system with a user-mode assembly line architecture. The control plane is responsible for the management and control functions of the system, and redirects the messages sent from the management port to the kernel protocol stack; the data plane is responsible for the main business functions, and the data plane works in the In user mode, it can bypass the complex Linux kernel protocol stack and directly obtain packets from the network card. The data plane decomposes the firewall function software into multiple functional modules, and each functional module is bound to an independent CPU core, using one of the CPU cores as the main core, responsible for receiving messages, and implementing data packet sending and receiving in a polling manner , forming a pipeline architecture. The firewall system of the present invention belongs to a software architecture suitable for firewall functions that bypasses the system kernel. The network card driver is usually implemented in the kernel. In the present invention, it is re-implemented in the user mode, and the system directly obtains the message from the network card, effectively solving the problem of traditional firewall Linux. Kernels cause processing inefficiencies.

Description

A User Mode Pipeline Architecture Firewall System technical field The invention belongs to the technical field of digital information transmission, be specifically related to a kind of user state pipeline architecture firewall system system. Background technique With the development of Internet communication technology and the increasing popularity of Internet applications, the network has become the main data transmission system. and information exchange platform. As a basic network security product, firewall technology is a kind of network information security. important means, so the application scenarios of firewalls are very wide. [0003] At present, almost all large-scale network security manufacturers have launched their own firewall products, except that they must have The function of the firewall, the performance of the firewall is also the focus of the promotion of various security manufacturers. For example, many firewall products use FPGA, ASIC, NP an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40G06F13/32G06F9/50G06F9/54
CPCH04L63/0209H04L63/0227G06F13/32G06F9/5027G06F9/544Y02D30/50
Inventor 王传林
Owner 江苏深网科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap