A message detection method, device, electronic device and storage medium

A technology of message detection and detection method, which is applied in the direction of safety communication devices, electrical components, digital transmission systems, etc., can solve problems such as link disconnection of established link applications, increased CPU usage, long time, etc., and achieve accurate matching in the processing process , ensuring stability and reducing complexity

Active Publication Date: 2022-07-05
北京指掌易科技有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] . When a large number of matching rules are configured in iptables, the packet processing will go through too many tables and links, resulting in a significant decrease in the throughput and response speed of the firewall, and a significant increase in CPU usage;
[0006] . When iptables rules are updated, all rules need to be recreated. Under the premise of a large number of matching rules, it will take longer to update and add rules. In severe cases, the established link application will be disconnected.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A message detection method, device, electronic device and storage medium
  • A message detection method, device, electronic device and storage medium
  • A message detection method, device, electronic device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] figure 2 This is a flow chart of a method for detecting a packet provided in Embodiment 1 of the present invention. This embodiment can be applied to the situation where packets are detected and filtered on the iptables / netfilter framework. The method can be executed by a packet detection device. The apparatus may be implemented in software and / or hardware. The device can be configured in an electronic device, and the method specifically includes:

[0035] S210. Acquire the first packet initiated by the first user at the current moment.

[0036] The first user may be a natural person. For example, the natural person accesses the Internet on any computer through the account he has, and the message carries the logo data matching the account of the natural person. The first user may also be a computer, etc. Any host device that can deploy an iptables firewall, and the packet carries flag data matching the host device.

[0037] In fact, iptables is not a real firewall. ...

Embodiment 2

[0054] image 3 This is a flowchart of a method for detecting a packet according to Embodiment 2 of the present invention. This embodiment is an optional solution proposed on the basis of the foregoing embodiment. The technical solution in this embodiment may be different from one or more of the above The various alternatives in each embodiment are combined. see image 3 , the packet detection method provided by this embodiment includes:

[0055] S310. Acquire the first packet initiated by the first user at the current moment.

[0056] S320. Determine the current source IP of the current packet. For example, the packet header of the first packet is parsed, and the source IP of the first packet is obtained as the current source IP of the current packet.

[0057] S330. Use the packet detection rule list associated with the legitimate source IP as the first packet detection rule list associated with the first user.

[0058] The legal source IP may be the source IP of a legal...

Embodiment 3

[0076] Image 6 It is a schematic structural diagram of an apparatus for detecting a message according to Embodiment 3 of the present invention. The apparatus 600 specifically includes: a first message acquisition module 610 , an auxiliary message detection module 620 and a first rule detection module 630 . in,

[0077] The first message obtaining module is configured to obtain the first message initiated by the first user at the current moment;

[0078] The auxiliary message detection module is configured to use the auxiliary message list of the current time period to detect the first message, and obtain a first detection result of the first message; wherein, the auxiliary message list in the auxiliary message list. The auxiliary message is selected from the second message initiated in the current time period according to the matching condition of the detection rule;

[0079] The first rule detection module is configured to determine the first packet detection rule list ass...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a message detection method, device, electronic device and storage medium. The method includes: acquiring a first packet initiated by a first user at a current moment; using an auxiliary packet list in a current time period to detect the first packet, and obtaining a first detection result of the first packet; wherein, The auxiliary message in the auxiliary message list is selected from the second message initiated in the current time period according to the matching situation of the detection rule; if the first detection result is that the detection fails, it is determined that the first user is associated with The first packet detection rule list is used, and the first packet detection rule list is used to detect the first packet to obtain a second detection result of the first packet. The invention introduces new user-centered management matching rules on the traditional Linux netfilter framework, and the message processing process is precisely matched, which reduces the complexity of message matching; in addition, when updating, adding and deleting rule entries, it does not affect other data.

Description

technical field [0001] Embodiments of the present invention relate to the technical field of firewalls, and in particular, to a packet detection method, device, electronic terminal, and storage medium. Background technique [0002] iptables / netfilter (hereinafter referred to as iptables) constitutes a packet filtering firewall under the Linux platform. Like most Linux software, this packet filtering firewall is free. It can replace expensive commercial firewall solutions and meet the needs of most scenarios. Complete functions such as packet filtering, packet redirection, and network address translation (NAT). [0003] The iptables firewall places multiple detection points at several positions in the entire network process, and adds sub-chains and rules to the detection points to process the data flow through the network kernel and protect the internal network from the intrusion of illegal users. However, in the existing data flow processing method based on iptables firewal...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/0236
Inventor 侍校徽王伟
Owner 北京指掌易科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap