SIP crossing supported firewall implementing method

A technology for a session initiation protocol and an implementation method, which is applied to digital transmission systems, electrical components, transmission systems, etc., can solve problems such as difficulty in expansion, firewall VoIP communication traversing obstacles, and inability to receive B voice, achieving clear levels and easy implementation. Effect

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
A technology for a session initiation protocol and an implementation method, which is applied to digital transmission systems, electrical components, transmission systems, etc., can solve problems such as difficulty in expansion, firewall VoIP communication traversing obstacles, and inability to receive B voice, achieving clear levels and easy implementation. Effect

CN1604589AInactive Publication Date: 2005-04-06无锡三通科技有限公司

1 Cites 24 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.

Viewing Examples

Smart Image

Examples

Experimental program

Comparison scheme

Effect test

Embodiment Construction

[0044] Such as figure 1 As shown, the working process of the SIP protocol is as follows:

[0045] The calling party A sends an INVITE message to the UDP port 5060 of the called party B, and the message carries an SDP message, which is used to describe the encoding method supported by the calling party A and the UDP port number for receiving and sending voice data.

[0046] After the called party B receives the INVITE message, it sends a prompt tone (such as ringing) to the called user to notify the called party that there is an incoming call. At the same time, a ringback message code-named 180 is returned to the calling party A's UDP5060 port.

[0047] After receiving the ring back message, calling party A sends a ring back prompt tone to the calling user to notify the calling party that the called party has answered.

[0048] The called user is willing to accept the call and goes off-hook, so that B sends a "200 Ok" message to A, which carries an SDP. The SDP message descri...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

PUM

Login to View More

Abstract

It is a firewall implementation method that supports the session startup protocol crossover in the field of network security technique. The content is: the firewall analyses the IP division that enters the system. After the IP division enters the system through network interface, the firewall analyses the IP heading information, judges whether the data load is SIP signal information or voice division; the SIP ALG processes the SIP message, SIP ALG analyses SIP message heading to make sure this message belongs to which calling connection. The SIP ALG uses one calling connection state table to track all the calling connection state and modify the content of SIP message heading and / or SDP message according to the information of state table; the firewall processes the down-transferred SIP message from SIP ALG, or performs the instruction issued by SIP ALG, and returns the result to the SIP ALG; according to the result of instruction performing by firewall, the SIP ALG sets or modifies the calling connection table, and sends the SIP message to the firewall, or performs the clearing of calling connection table.

Description

technical field [0001] The invention relates to a method for implementing a firewall, in particular to a method for implementing a firewall that supports session initiation protocol traversal. Used in the field of network security technology. Background technique [0002] In order to solve the problem of network security and lack of IP address resources, many enterprise networks adopt the private addresses stipulated in RFC1918, and access the public network through firewalls with NAT (Network Address Translation) functions. Unless otherwise specified, the firewalls mentioned below refer to firewalls with NAT functions. [0003] Ordinary firewalls do not have application layer protocol knowledge and the ability to analyze and modify data payloads. For applications using fixed TCP / UDP ports such as HTTP, the firewall only needs to modify the address and port content of the IP / TCP / UDP header to achieve firewall penetration. But for VoIP (Voice over IP) applications based on...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

Application Information

Patent Timeline

06 Apr 2005

Publication

CN1604589A

IPC: H04L12/24; H04L29/06

Inventors: 焦圣品; 夏心杰