Unlock instant, AI-driven research and patent intelligence for your innovation.

A kind of parsing method and system for l2tp protocol

A parsing method and protocol technology, which are applied in the field of parsing methods and systems for L2TP protocols, and can solve the problems of inability to complete auditing, inability to obtain accurate audit results of L2TP packets, etc.

Active Publication Date: 2022-03-08
武汉思普崚技术有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Usually, the application engine will only analyze and audit the load of the outermost IP packet; however, for the data transmitted in the L2TP tunnel, the application engine only sees the L2TP packet, and the original packet is encapsulated inside the L2TP packet , the audit cannot be completed, so that the accurate audit results of the L2TP packets cannot be obtained

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A kind of parsing method and system for l2tp protocol
  • A kind of parsing method and system for l2tp protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] The embodiment of the present invention provides a method for parsing the L2TP protocol, and its flowchart is as follows: figure 1 As shown, the analysis method for the L2TP protocol includes the following steps:

[0032] Step S1, obtain the L2TP message, judge whether the L2TP message is a control message or a data message, if it is a control message, then perform step S5, if it is a data message, then perform step S2;

[0033] Step S2, judging whether the PPP packet header load of the L2TP message is an IP packet, if so, then judging whether the IP packet is legal, if the load of the PPP packet header is an IP packet and the IP packet is legal, then in When the session has been established and there is no blocking flag or the session is not established, extract the inner layer message from the L2TP message to form a new message, and perform step S3. If the PPP message header load is not an IP message or an IP The message (the PPP message header load is an IP message)...

Embodiment 2

[0049] The embodiment of the present invention also provides a method for parsing the L2TP protocol, including the following steps:

[0050] Step S01, check whether the message is an L2TP message (a UDP message whose source / destination port is 1701), if not, perform step S14;

[0051] Step S02, if the checked message is an L2TP message, then analyze the L2TP message header, check whether the L2TP message is a control message, if so, perform step S14, and the L2TP message is a data message;

[0052] Step S03, shifting the pointer originally pointing to the L2TP packet header to the PPP packet header, parsing the PPP packet header, checking whether the PPP packet header load is an IP packet, if the PPP packet header load is not an IP packet , then execute step S14, otherwise, execute step S04;

[0053] Step S04, shifting the pointer to the IP packet header, and then performing a legality check on the IP packet (inner layer), if the legality check is successful, execute step S05...

Embodiment 3

[0068] The embodiment of the present invention provides an analysis system for the L2TP protocol, including an L2TP message type discrimination module, a new message module, a new message association module, a new message processing module, a packet sending module and a blocking marking module.

[0069] The L2TP message type discrimination module is used to obtain the L2TP message and determine whether the L2TP message is a control message or a data message;

[0070] The new message module is used to judge whether the PPP message header load of the L2TP message is an IP message, and if so, judge whether the IP message is legal. If the load of the PPP message header is an IP message and the IP If the message is legal, if the session has been established and there is no blocking flag or the session is not established, the inner layer message is extracted from the L2TP message to form a new message;

[0071] The new message association module is used to associate the new message ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an analysis method and system for the L2TP protocol, belongs to the technical field of message auditing, and solves the problem that the accurate auditing result of the L2TP message cannot be obtained in the prior art. An auditing method for the L2TP protocol, comprising the following steps: obtaining the L2TP message, when the L2TP message is a data message, and when the load of the PPP message header is an IP message and the IP message is legal, Then, when the session has been established and there is no blocking mark or the session is not established, a new message is formed; the new message is associated with the session, and user identification, complete parsing, classification, marking, and application are performed on the new message. Policy matching, updating traffic statistics, and then deleting new packets; when the L2TP packet is a control packet, the payload of the PPP packet header is not an IP packet, the IP packet is illegal, or the policy action is not blocking , perform source NAT on the L2TP packet, and then send the packet. Accurate audit results of L2TP packets can be obtained.

Description

technical field [0001] The invention relates to the technical field of message auditing, in particular to an analysis method and system for the L2TP protocol. Background technique [0002] L2TP establishes a tunnel between the branch office and the headquarters through the dial-up network (PSTN / ISDN) based on the PPP protocol, or directly establishes a tunnel between the user terminal and the headquarters through the L2TP client. Finally, branch offices and remote users can access the headquarters network; [0003] Usually, the application engine will only analyze and audit the load of the outermost IP packet; however, for the data transmitted in the L2TP tunnel, the application engine only sees the L2TP packet, and the original packet is encapsulated inside the L2TP packet , the audit cannot be completed, so that the accurate audit result of the L2TP packet cannot be obtained. Contents of the invention [0004] The purpose of the present invention is to overcome at leas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L69/22H04L9/40H04L67/141H04L67/143H04L61/2521
CPCH04L69/22H04L63/12H04L67/141H04L67/143H04L61/2525
Inventor 龙光武
Owner 武汉思普崚技术有限公司