A Firewall System with User Mode Pipeline Architecture
A firewall and pipeline technology, applied in the field of digital information transmission, can solve the problems of low firewall message processing efficiency, etc., achieve the effect of saving CPU interruption time, solving low processing efficiency, and improving processing performance
Active Publication Date: 2022-06-03
江苏深网科技有限公司
View PDF7 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0007] Aiming at the problem that the Linux kernel calling in the existing pure software firewall solutions above leads to low packet processing efficiency of the firewall, objectively, it is necessary to design a set of firewall software architecture system that meets the actual needs in order to make full use of multiple Core CPU resources to improve device processing capabilities
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0030] The present invention will now be described in further detail in conjunction with the accompanying drawings.
[0031] FIG. 1 is a system schematic diagram of an embodiment of a user-mode pipeline architecture firewall system proposed by the present invention. Tie
[0032] The working principle of the firewall system is described in detail below.
[0043] 8. The IP fragmentation module performs IP fragmentation processing according to the size of the MTU and the actual message.
[0045] To sum up, the technical solution of the present invention proposes a software architecture that bypasses the kernel and is suitable for the firewall function. all
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a firewall system with a user-mode assembly line architecture. The control plane is responsible for the management and control functions of the system, and redirects the messages sent from the management port to the kernel protocol stack; the data plane is responsible for the main business functions, and the data plane works in the In user mode, it can bypass the complex Linux kernel protocol stack and directly obtain packets from the network card. The data plane decomposes the firewall function software into multiple functional modules, and each functional module is bound to an independent CPU core, using one of the CPU cores as the main core, responsible for receiving messages, and implementing data packet sending and receiving in a polling manner , forming a pipeline architecture. The firewall system of the present invention belongs to a software architecture suitable for firewall functions that bypasses the system kernel. The network card driver is usually implemented in the kernel. In the present invention, it is re-implemented in the user mode, and the system directly obtains the message from the network card, effectively solving the problem of traditional firewall Linux. Kernels cause processing inefficiencies.
Description
A User Mode Pipeline Architecture Firewall System technical field The invention belongs to the technical field of digital information transmission, be specifically related to a kind of user state pipeline architecture firewall system system. Background technique With the development of Internet communication technology and the increasing popularity of Internet applications, the network has become the main data transmission system. and information exchange platform. As a basic network security product, firewall technology is a kind of network information security. important means, so the application scenarios of firewalls are very wide. [0003] At present, almost all large-scale network security manufacturers have launched their own firewall products, except that they must have The function of the firewall, the performance of the firewall is also the focus of the promotion of various security manufacturers. For example, many firewall products use FPGA, ASIC, NP an...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40G06F13/32G06F9/50G06F9/54
CPCH04L63/0209H04L63/0227G06F13/32G06F9/5027G06F9/544Y02D30/50
Inventor 王传林
Owner 江苏深网科技有限公司
PatSnap Eureka turns technology decisions into work you can execute. Powered by our Innovation Knowledge Graph, it runs expert workflows across engineering, life sciences, materials and intellectual property. Get your review-ready output in minutes.
