Message forwarding method and device for state firewall

A stateful firewall and message forwarding technology, applied in the computer field, can solve problems such as poor stability of stateful firewalls

Active Publication Date: 2020-09-01
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF11 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiment of the present application is to provide a message forwarding method and device for a stateful firewall to solve the problem of poor stability of the stateful firewall existing in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Message forwarding method and device for state firewall
  • Message forwarding method and device for state firewall
  • Message forwarding method and device for state firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.

[0032]It should be noted that like numerals and letters denote similar items in the following figures, therefore, once an item is defined in one figure, it does not require further definition and explanation in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second" and the like are only used to distinguish descriptions, and cannot be understood as indicating or implying relative importance.

[0033] Among the Internet Protocol (Internet Protocol, IP), the largest traffic is TCP, UDP and Internet Control Message Protocol (Internet Control Message Protocol, ICMP). For the TCP protocol and the UDP protocol, even the ICMP protocol can define the so-called connection, and a quintuple can uniquely represent a connection. Wherein, the five-tuple includes ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a message forwarding method and device for a state firewall. The message forwarding method comprises the following steps: acquiring a first packet message; matching the first packet message with a connection table in a state firewall for the second time to obtain a connection table item corresponding to the first packet message, the connection table item comprising a connection table item, the connection table item being associated with forwarding necessary information corresponding to the first packet message, and the connection table item being established when the first matching of the first packet message fails; searching and forwarding necessary information according to the connection table entry; and forwarding the first packet message according to the forwarding necessary information. By means of the technical scheme, verification of the connection table can be achieved, it is ensured that subsequent non-first-packet messages can inquirecorresponding necessary forwarding information according to the connection table, and then the problem that the stability of the state firewall is poor is solved.

Description

technical field [0001] The present application relates to the field of computers, in particular to a message forwarding method and device for a stateful firewall. Background technique [0002] A stateful firewall (Stateful firewall) is a firewall that can provide stateful packet inspection or state viewing functions, and can continuously track various network connections (for example, Transmission Control Protocol (Transmission Control Protocol, TCP) connections and user connections passing through the firewall. Datagram Protocol (User DatagramProtocol, UDP) connection) state. This kind of firewall is designed to distinguish legitimate packets under different connection types. Only the packets matching the active connection can be allowed to pass through the firewall, and other packets will be rejected. At present, after the first packet is searched through the rules of the stateful firewall, a corresponding connection entry can be established in the connection table in the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/741H04L45/74
CPCH04L63/0254H04L61/103H04L45/745H04L63/0236
Inventor 张国兴范雪俭于星杰陈强孙峰
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap