A network push message management method and routing device

By establishing internal and guest networks in Wi-Fi routing devices and using whitelists to identify user devices and perform hierarchical authentication, the problem of duplicate device authentication in existing technologies is solved, achieving secure and efficient network access and reducing maintenance costs.

CN122340480APending Publication Date: 2026-07-03LANTO ELECTRONIC LIMITED

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
LANTO ELECTRONIC LIMITED
Filing Date
2026-04-09
Publication Date
2026-07-03

AI Technical Summary

Technical Problem

Existing commercial Wi-Fi routers lack accurate identity recognition and permission allocation mechanisms, which leads to repeated authentication for commonly used internal devices, reducing network access efficiency and increasing maintenance burden. They cannot meet the dual needs of convenient access for internal authorized devices and management of external visitors.

Method used

By establishing internal and guest networks, user devices are identified using a pre-stored whitelist. If a match is successful, the device automatically accesses the internal network. If a match fails, the external network status is checked, and the central information processing unit or a local server is selected to initiate the network access process, thereby achieving hierarchical authentication and automatic access.

Benefits of technology

It improves the security and efficiency of network access, reduces the burden of operation and maintenance, ensures seamless access for internal devices and reduces redundant authentication operations, and balances network security and marketing push needs.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122340480A_ABST
    Figure CN122340480A_ABST
Patent Text Reader

Abstract

This invention discloses a network push message management method and routing device. By establishing multiple wireless networks, including at least an internal network and a guest network, a connection request sent by a user device is received. The connection request includes the user device's identification identifier. The identification identifier is matched against a pre-stored whitelist. If a match is successful, the user device is connected to the internal network. If a match fails, the connection status of the external network is detected. Based on the connection status, a central information processing unit and a local server are selected to perform the network access procedure for the user device, thereby connecting the user device to the guest network. Thus, by identifying user devices through a pre-stored whitelist, user devices can be automatically allowed to access the corresponding network, improving network access security and efficiency while reducing maintenance burden.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of network management, and more particularly to a network push message management method and routing device. Background Technology

[0002] Currently, most mainstream commercial Wi-Fi (Wireless Fidelity, mobile hotspot) routers and gateways on the market are deployed and operated using a centralized cloud management architecture. These devices rely on hardware such as a main router chip, wireless communication module, network processing unit, and firewall. When a user terminal first connects to the network, an authentication interface pops up to verify identity and display advertising information. After a user device connects to the commercial Wi-Fi, the router redirects the access request to a remote cloud server, which loads and returns the authentication page or advertising page via the internet. After the user completes the verification process, the cloud server returns authorization information to the router, thereby granting the terminal network access. Promotional content is also centrally scheduled and pushed for display by the cloud backend. However, most current commercial Wi-Fi routers do not accurately classify user devices and lack effective identity recognition and permission allocation mechanisms. They cannot automatically grant access to authorized devices, causing frequently used devices to repeatedly complete the authentication process. This not only reduces network access efficiency but also increases the maintenance burden on administrators. Meanwhile, most devices rely on a single authentication mode and cannot flexibly adjust access policies according to user type. This makes it difficult to meet the dual needs of convenient access for internal authorized devices and standardized management of external visitors, which affects network access security and increases operation and maintenance costs. Summary of the Invention

[0003] In view of this, embodiments of the present invention provide a network push message management method and a routing device, which identify user devices through a pre-stored whitelist, and can automatically allow user devices to the corresponding network, thereby improving the security and efficiency of network access and reducing maintenance burden.

[0004] In a first aspect, embodiments of the present invention provide a method for managing network push messages, the method comprising: Establish multiple wireless networks, which include at least an internal network and a guest network; Receive a connection request sent by a user equipment, the connection request including the identification identifier of the user equipment; The identification identifier is matched with a pre-stored whitelist; In response to a successful match, the user equipment is connected to the internal network; In response to a matching failure, the connection status of the external network is detected, and based on the connection status, a central information processing unit and a local server are selected to perform the network access procedure for the user equipment, so as to connect the user equipment to the guest network.

[0005] In some embodiments, selecting one of the central information processing unit and the local server based on the connection status to perform the network access procedure for the user equipment, so as to connect the user equipment to the guest network, includes: In response to the connection being interrupted, the user device is authenticated through the authentication page of the local server.

[0006] In some embodiments, selecting one of the central information processing unit and the local server based on the connection status to perform the network access procedure for the user equipment, so as to connect the user equipment to the guest network, includes: In response to the connection status being normal, the user equipment is authenticated through the central information processing unit.

[0007] In some embodiments, the method further includes: Obtain the authorization request sent by the user equipment, wherein the authorization request includes the identification identifier of the user equipment; Send the authorization request to the management device; Obtain authorization feedback sent by the management device, and modify the whitelist based on the authorization feedback.

[0008] In some embodiments, the step of selecting one of the central information processing unit and the local server based on the connection status to perform the network access procedure for the user equipment, so as to connect the user equipment to the guest network, further includes: In response to the connection status being interrupted, first recommended content is read from the local database and displayed to the user device; In response to the connection status being normal, second recommended content is obtained from the central information processing unit and displayed to the user equipment.

[0009] In some embodiments, detecting the connection status of the external network includes: Detect the transmission signal of the router's physical interface, and determine the connection status of the external network based on the transmission signal; Send a protocol request to a preset public network server, and determine the connection status of the external network based on the first feedback information returned by the public network server; The external domain name resolution failure rate is statistically analyzed, and the connection status of the external network is determined based on a preset threshold and the external domain name resolution failure rate.

[0010] In some embodiments, the method includes: In response to the connection status being interrupted, a request is sent to the public network server according to a preset period. Obtain feedback information from the public network server; Based on the feedback information, detect whether the network status of the external network is normal; In response to the external network being in a normal state, data synchronization is performed with the central information processing unit.

[0011] In some embodiments, the method further includes: When the external network is in normal condition, data synchronization is performed with the central information processing unit according to predetermined rules.

[0012] In some embodiments, the data synchronization with the central information processing unit includes: Upload user device behavior data from the local server to the central information processing unit; and / or The updated recommended content and whitelist are downloaded from the central information processing unit and stored in the local server.

[0013] In a second aspect, embodiments of the present invention provide a routing device, including a memory and a processor, wherein the processor executes program instructions in the memory to implement the method described in the first aspect.

[0014] The technical solution of this invention establishes multiple wireless networks, including at least an internal network and a guest network. It receives connection requests from user equipment (UEs), each request including an identification identifier of the UE. The UE is then matched against a pre-stored whitelist. Upon successful matching, the UE is connected to the internal network. Upon failure to match, the connection status of the external network is detected. Based on the connection status, a central information processing unit and a local server are selected to perform the network access procedure for the UE, thus connecting it to the guest network. Therefore, by identifying UEs using a pre-stored whitelist, UEs can be automatically allowed to access the corresponding network, improving network access security and efficiency while reducing maintenance burden. Attached Figure Description

[0015] The above and other objects, features and advantages of the present invention will become clearer from the following description of embodiments of the invention with reference to the accompanying drawings, in which: Figure 1 This is a schematic diagram of the network push message management system according to an embodiment of the present invention; Figure 2This is a schematic diagram of a routing device according to an embodiment of the present invention; Figure 3 This is a flowchart of a network push message management method according to an embodiment of the present invention; Figure 4 This is a flowchart illustrating the detection of wireless network status according to an embodiment of the present invention; Figure 5 This is a schematic diagram of a data synchronization system according to an embodiment of the present invention; Figure 6 This is a flowchart of network interruption recovery detection according to an embodiment of the present invention; Figure 7 This is a schematic diagram of a network push message management device according to an embodiment of the present invention; Figure 8 This is a schematic diagram of an electronic device according to an embodiment of the present invention. Detailed Implementation

[0016] The present application is described below based on embodiments, but it is not limited to these embodiments. In the detailed description of the present application below, certain specific details are described in detail. Those skilled in the art can fully understand the present application without these details. To avoid obscuring the substance of the present application, well-known methods, processes, flows, elements, and circuits are not described in detail.

[0017] Furthermore, those skilled in the art should understand that the accompanying drawings provided herein are for illustrative purposes only and are not necessarily drawn to scale.

[0018] Furthermore, it should be understood that in the following description, "circuit" refers to a conductive loop consisting of at least one element or sub-circuit connected by electrical or electromagnetic connections. When an element or circuit is said to be "connected" to another element or "connected" between two nodes, it can be directly coupled or connected to another element, or there may be intermediate elements. The connection between elements can be physical, logical, or a combination thereof. Conversely, when an element is said to be "directly coupled to" or "directly connected" to another element, it means that there are no intermediate elements between them.

[0019] Unless the context explicitly requires it, words such as "including" or "contains" throughout the application should be interpreted as including rather than exclusive or exhaustive; that is, meaning "including but not limited to".

[0020] In the description of this application, it should be understood that the terms "first," "second," etc., are used for descriptive purposes only and should not be construed as indicating or implying relative importance. Furthermore, in the description of this application, unless otherwise stated, "a plurality of" means two or more.

[0021] The solutions described in this specification and embodiments, if involving the processing of personal information, will be processed only on the premise of having a legal basis (such as obtaining the consent of the personal information subject, or being necessary for the performance of a contract), and will only be processed within the scope stipulated or agreed upon. A user's refusal to process personal information beyond what is necessary for basic functions will not affect the user's use of basic functions.

[0022] Figure 1 This is a schematic diagram of the network push message management system according to an embodiment of the present invention. Figure 1 In the illustrated embodiment, the network push message management system includes a user device 1, a routing device 2, a management device 3, and a central information processing unit 4. The user device 1 can be a terminal device capable of accessing a wireless network, such as a mobile phone, computer, or tablet.

[0023] User device 1 sends a network connection request to router 2. Router 2 extracts the device identification identifier from the request and matches it against a preset whitelist. If the match is successful, router 2 directly assigns an internal network IP address to user device 1, granting it access to internal network resources. If the match fails, router 2 checks the external network status. If the network is interrupted, it pushes a local authentication page; if the network is normal, it redirects to the authentication page of the Central Information Processing Unit (CITU) 4. After completing authentication, user device 1 accesses the guest network. Router 2 pushes recommended content to user device 1, and its browsing and clicking behavior data is recorded and temporarily stored. Simultaneously, user device 1 can submit a whitelist authorization request after authentication. Router 2 receives the authorization request and provides the final authorization result back to user device 1.

[0024] Router 2 forwards the whitelist authorization request to management device 3. If the external network is normal, it forwards the request immediately and sends an approval reminder. If the external network is interrupted, the request is temporarily stored in the local database and retransmitted after the network is restored. After receiving the whitelist authorization request, the administrator sends an authorization feedback to router 2 after the management device 3 completes the approval. Router 2 updates its local whitelist based on the feedback and synchronizes the update result to the central information processing unit 4.

[0025] When the external network returns to normal, router 2 redirects the user device's connection request to central information processing unit 4, which then pushes an authentication page. Router 2 uploads the temporarily stored user behavior data and whitelist authorization requests to central information processing unit 4. Central information processing unit 4 sends the updated whitelist and recommended content to router 2, which then updates its local database to ensure consistency between local and cloud data.

[0026] Simultaneously, the authorization approval results of management device 3 are synchronized to central information processing unit 4 via routing device 2, updating the whitelist data in the cloud. Whitelist change records of central information processing unit 4 can be synchronized to management device 3 via routing device 2 for viewing and control by administrators.

[0027] The network push message management system of this invention comprises user equipment, routing equipment, management equipment, and a central information processing unit. User equipment initiates connection and authorization requests; the routing equipment performs whitelist matching, network status detection, adaptive authentication, and content push; the management equipment reviews whitelist authorization requests; and the central information processing unit stores global data, provides online authentication, and synchronizes data bidirectionally with the routing equipment. The system achieves hierarchical authentication, offline business continuity, and dynamic whitelist management, balancing network security and marketing push requirements.

[0028] Figure 2 This is a schematic diagram of a routing device according to an embodiment of the present invention. Figure 2 In the embodiment shown, the routing device includes a main control module 11, a wireless communication module 12, a MAC management module 13, a network status detection module 14, a local information processing unit 15, a network isolation module 16, a content management module 17, and a multi-device synchronization module 18.

[0029] The main control module 11, as the core control center of the routing device, serves as the crucial link for the collaborative work of all modules. Specifically, the main control module 11 receives user equipment connection requests transmitted by the wireless communication module 12, instructs the MAC management module 13 to perform whitelist matching operations, and issues network access permission instructions based on the matching results. It also receives external network connection status feedback from the network status detection module 14 to determine whether the network access process uses central information processing unit authentication or local server authentication. Simultaneously, it issues control instructions for content push and data synchronization to the content management module 17 and the multi-device synchronization module 18, comprehensively realizing the overall network access process, content push, and data synchronization, ensuring orderly linkage and smooth functional connection among modules, and avoiding inter-module coordination disorder.

[0030] The wireless communication module 12 acts as a communication bridge between the user equipment and the routing device, and is primarily responsible for establishing, maintaining, and receiving and parsing connection requests for the wireless network. Specifically, the wireless communication module 12 establishes and broadcasts at least two differentiated wireless networks: an internal network for internal personnel and a visitor network for external visitors. These two networks are independent and do not interfere with each other. Simultaneously, it detects wireless connection requests sent by user equipment. Upon receiving a connection request, it quickly parses the user equipment identification identifier contained in the request and synchronously forwards the identifier and connection request to the main control module 11. Furthermore, the wireless communication module 12 is responsible for maintaining stable wireless network transmission, ensuring uninterrupted communication between the user equipment and the routing device, preventing connection failures due to signal interruptions, and providing a stable wireless communication foundation for subsequent identity matching, authentication, and content delivery.

[0031] The MAC management module 13 is responsible for user device identification and access permission control. It stores and maintains a preset whitelist, which includes authorized user device identifiers and corresponding access permissions. After receiving a user device identifier forwarded by the main control module 11, the MAC management module 13 performs a matching operation, comparing the identifier with the data in the whitelist to determine whether the user device has internal network access permissions. The matching result is fed back to the main control module 11, providing a basis for the main control module 11 to issue access permission commands. Simultaneously, it responds to authorization feedback sent by the management device, updating the whitelist content based on the authorization feedback, including adding authorized devices and deleting expired authorized devices, ensuring the timeliness of the whitelist, achieving automated management of authorized devices, and avoiding cumbersome operations caused by repeated authentication.

[0032] The network status detection module 14 is responsible for detecting and judging the connection status of the external network, providing a basis for selecting the network access process. Specifically, the network status detection module 14 is used to detect the transmission signals of the router's physical interface. By detecting the presence and / or strength changes of the signals, it judges the physical layer connection status of the external network and troubleshoots physical layer connection faults. Simultaneously, the network status detection module 14 sends protocol requests to a preset public network server and judges the logical connection status of the external network based on the server's response information. The network status detection module 14 is used to calculate the failure rate of external domain name resolution and, combined with a preset failure rate threshold, judges the service availability of the external network. Furthermore, during external network outages, the network status detection module 14 maintains a low-frequency probe rhythm to detect network recovery. Once network recovery is detected, it immediately feeds back the recovery signal to the main control module 11, ensuring that the network access process can switch to the corresponding mode in a timely manner, guaranteeing a good user experience.

[0033] The Local Information Processing Unit 15 includes a local server and a local database, designed to handle external network outages and enable offline network authentication and content delivery. When the external network is interrupted, the Local Information Processing Unit 15 initiates a local authentication mode, providing an authentication channel for user devices not on the whitelist based on the local authentication page on the local server. After verification, the user gains network access. Simultaneously, the Local Information Processing Unit 15 retrieves recommended content from the local database and pushes appropriate promotions, notifications, and other information to the user device, ensuring that authentication services and content display remain operational even during network outages. The Local Information Processing Unit 15 is responsible for temporarily storing user device interaction data during offline periods, including authentication operations and content browsing history. Once the network is restored, it works with the multi-device synchronization module 18 to upload the data, ensuring no loss of user behavior data. When the external network is functioning normally, it collaborates with the central information processing unit to complete auxiliary authentication, assisting the main control module 11 in implementing the network access process.

[0034] The network isolation module 16 is responsible for network security management and access permission allocation, ensuring the security and independence of the internal network. The network isolation module 16 executes the isolation policies issued by the main control module 11, clearly defining the access boundaries between the internal network and the guest network, prohibiting guest network devices from accessing internal network resources, and preventing internal data leakage. When the external network is interrupted, in response to the instructions of the main control module 11, the network isolation module 16 enables local redirection rules, intercepting and forwarding user device access requests to the local information processing unit 15, ensuring normal authentication and content push in offline mode. After the external network returns to normal, the network isolation module 16 cancels the local redirection rules, restores normal routing and forwarding functions, guides user device access requests to the central information processing unit, and continuously maintains the isolation state between the internal network and the guest network, balancing network security and ease of use.

[0035] The content management module 17 is responsible for the storage, updating, pushing, and control of recommended content. When the external network is interrupted, the content management module 17 reads pre-cached first recommended content from the local database of the local information processing unit 15. The first recommended content includes promotional activities, merchant notifications, and coupons synchronized before the network outage. Based on the user's device type and access time, it pushes appropriate content formats, including mobile text and images and PC web pages. When the external network is functioning normally, the content management module 17 retrieves the latest second recommended content from the central information processing unit. The second recommended content includes promotional activities, new product recommendations, and industry news updated in real-time on the cloud, and pushes it to the user's device to ensure the timeliness and relevance of the recommended content. Simultaneously, when the external network is interrupted, the content management module 17 also records the user's device's content browsing data, including click counts, dwell time, and coupon redemption status. The content browsing data is synchronized to the local information processing unit for temporary storage. After the external network is restored to normal, it is uploaded to the central information processing unit by the multi-device synchronization module 18, providing data support for merchants to optimize recommended content and adjust marketing strategies.

[0036] The multi-device synchronization module 18 is used to synchronize data between the routing device and the central information processing unit. Specifically, the multi-device synchronization module 18 is used to organize user interaction data and device access records temporarily stored in the local information processing unit 15 according to a unified format and upload them to the central information processing unit, ensuring that the cloud can completely statistically analyze user behavior and device access status. Simultaneously, the multi-device synchronization module 18 is used to obtain the latest recommended content and whitelist data from the central information processing unit and synchronously update them to the local storage module, ensuring that local content is consistent with the cloud. The timing of data synchronization can be divided into two types: one is immediate synchronization when the external network returns to normal, ensuring rapid retransmission of offline data and rapid updates of local content; the other is periodic synchronization performed according to a preset cycle, avoiding data inconsistencies caused by missed immediate synchronization. Furthermore, the multi-device synchronization module 18 can also be used to verify the synchronized data, preventing data loss or synchronization errors and ensuring the consistency and accuracy of local and cloud data.

[0037] This invention establishes multiple wireless networks, including at least an internal network and a guest network. It receives connection requests from user equipment (UEs), each request including the UE's identifier. The identifier is matched against a pre-stored whitelist. If a match is successful, the UE is connected to the internal network. If a match fails, the connection status of the external network is detected. Based on the connection status, a central information processing unit and a local server are selected to perform the network access procedure for the UE, thus connecting it to the guest network. Therefore, by identifying UEs using a pre-stored whitelist, UEs can be automatically allowed to access the corresponding network, improving network access security and efficiency while reducing maintenance burden.

[0038] Figure 3 This is a flowchart of a network push message management method according to an embodiment of the present invention. Figure 3 The network push message management method shown includes the following steps: Step S110: Establish multiple wireless networks, including at least an internal network and a guest network.

[0039] Specifically, after the routing device powers on, it initializes each module. The main control module sends a wireless network establishment command to the wireless communication module, which then establishes and broadcasts at least two independent and logically isolated wireless networks. One network is the internal network, used for authorized devices to access. The other is the guest network, used for temporary access by external user devices. Simultaneously, the main control module can also send a command to the network isolation module to activate VLAN (Virtual Local Area Network) isolation technology and configure the corresponding access control list. This access control list defines the access permissions for different networks. Internal network devices can access all internal network resources and the external network, while guest network devices can only access the external network and cannot access internal network resources. The access control list clearly defines the access boundaries between the internal and guest networks, prohibiting guest network devices from accessing internal network resources to prevent data leakage, while also restricting data flow interaction between the internal and guest networks to ensure the security of the internal network.

[0040] Step S120: Receive a connection request sent by the user equipment, wherein the connection request includes the identification identifier of the user equipment.

[0041] Specifically, when a user device enters the wireless network coverage area of ​​the router, it automatically searches for and displays the internal and guest networks broadcast by the router. The user selects the appropriate wireless network based on their needs and initiates a connection request. At this time, the router's wireless communication module detects nearby connection requests. Upon receiving a connection request from a user device, it parses the request and extracts the user device identification identifier. This identifier can be the user device's MAC (Media Access Control) address, as it is unique and can accurately distinguish different user devices. Alternatively, depending on the application scenario, other information that identifies the user device, such as the device serial number, International Mobile Equipment Identity (IMEI), or IP (Internet Protocol Address), can be used. After extracting the identification identifier, the wireless communication module forwards the identifier and other connection request information, such as connection time, device type, and signal strength, to the main control module.

[0042] Step S130: Match the identification identifier with a preset whitelist.

[0043] Specifically, after receiving the user equipment identification identifier forwarded by the wireless communication module, the main control module sends a matching command to the MAC management module. The MAC management module, responsible for identification and whitelist management, pre-stores whitelist data authorized by administrators. This whitelist data includes the identification identifiers of all user equipment allowed to directly access the internal network. The whitelist data can also be updated, added to, or deleted in real time through the management device.

[0044] After receiving the matching command from the main control module, the MAC management module compares the user device's identification identifier with each entry in the whitelist. During the comparison, it excludes anomalies such as expired authorizations and duplicate identifiers to ensure the accuracy of the matching results. The entire matching process is kept within a preset time to avoid impacting the user's access experience due to excessive matching time. After the comparison is complete, the MAC management module generates a matching result, which is either a successful match or a failed match. The MAC management module then feeds back the matching result to the main control module 11. If the matching result is a successful match, step S140 is executed. If the matching result is a failed match, step S150 is executed.

[0045] Step S140: The user equipment connects to the internal network.

[0046] Specifically, if the MAC management module reports a successful match, the main control module determines that the user device is an authorized internal device. Without requiring additional authentication, it directly issues an access authorization command to the wireless communication module and the network isolation module. Upon receiving the authorization command, the wireless communication module assigns an internal network IP address to the user device, establishing a stable communication link between the user device and the internal network. Upon receiving the authorization command, the network isolation module grants the user device access to internal network resources, allowing it to access internal network resources such as office servers, POS systems, and local printers. Simultaneously, it grants external network access, ensuring that the internal device can browse the internet and use cloud-based office software. This process enables seamless access and automatic release for authorized internal devices, avoiding the cumbersome authentication process required for frequently used internal devices each time they access the network. This significantly improves the network access efficiency of internal devices and reduces the manual authorization workload for administrators, effectively lowering the maintenance burden. Furthermore, since internal devices only need to match a whitelist to access the internal network without complex authentication processes, network access latency is reduced, improving the user experience.

[0047] Step S150: Detect the connection status of the external network.

[0048] Specifically, if the MAC management module reports a matching failure, the main control module determines that the user device is an unauthorized external guest device. In this case, it does not directly grant any network access permissions but instead sends a network status detection command to the network status detection module. The network status detection module then performs multi-level, multi-dimensional detection of the external network connection status to determine if the external network is properly connected. Based on the external network connection status reported by the network status detection module 14, the main control module 11 adaptively selects either the central information processing unit or the local server to perform the network access process for the guest device. If the detection result indicates a normal external network connection, the main control module selects the central information processing unit to perform the network access process. If the detection result indicates an external network interruption or abnormality, the main control module switches to local operating mode and selects the local information processing unit built into the routing device to perform the network access process through the local server. Meanwhile, after the user device completes the network access process through the local server, the local information processing unit temporarily stores the visitor device's interaction data. Once the network status detection module detects that the external network has returned to normal, the main control module instructs the multi-device synchronization module to upload the temporarily stored offline data to the central information processing unit. Simultaneously, it downloads updated recommended content and whitelists from the central information processing unit and synchronizes them to the content management module and MAC management module, ensuring consistency between local and cloud data. If the external network connection is interrupted, step S160 is executed. If the external network connection is normal, step S170 is executed.

[0049] To improve the accuracy and reliability of external network connectivity status detection and avoid the problems of single detection methods being susceptible to environmental interference and resulting errors, a multi-level and multi-dimensional joint detection mechanism can be adopted to accurately determine the external network status. The specific detection process is as follows: Figure 4 As shown.

[0050] Figure 4 This is a flowchart of detecting the status of a wireless network according to an embodiment of the present invention. Figure 4 The method for detecting the status of a wireless network, as shown, specifically includes the following steps: Step S151: Detect the transmission signal of the router's physical interface, and determine the network status of the wireless network based on the transmission signal.

[0051] Specifically, after the router is powered on, the network status detection module initiates the physical interface detection function to continuously collect and detect the transmission signals of the router's WAN (Wide Area Network) physical interface. The collected transmission signal parameters include signal strength, level value, signal stability, and data transmission rate. The WAN physical interface is a port connecting to an external network, such as an RJ45 network cable interface or a fiber optic interface.

[0052] The network status detection module has preset normal threshold ranges for transmission signals, such as signal strength not lower than a preset strength threshold, voltage level stable within a preset range, and data transmission rate not lower than a preset speed threshold. If the collected transmission signal parameters are all within the preset normal threshold range, the router's physical interface is considered to be transmitting normally, and the external wireless network connection status is preliminarily determined to be normal. If the collected transmission signal parameters exceed the normal threshold range, such as signal strength lower than the preset strength threshold, voltage level fluctuations being too large, no data transmission rate, or no signal input detected at the physical interface, the router's physical interface is considered to be transmitting abnormally, and the external wireless network connection status is preliminarily determined to be interrupted. At the same time, the specific parameters of the physical interface abnormality are recorded, and the preliminary detection results are fed back to the main control module.

[0053] Step S152: Send a protocol request to a preset public network server, and determine the network status of the wireless network based on the second feedback information fed back by the public network server.

[0054] Specifically, the default public network server is a public server with high stability and fast response speed. The IP address of the public network server is pre-stored in the memory before the routing device leaves the factory, and can be modified by the management device to adapt to different scenarios.

[0055] The protocol request sent by the network status detection module can use ICMP (Internet Control Message Protocol) or HTTP (Hypertext Transfer Protocol) as needed. The second feedback information is the response information returned by the public network server in response to the protocol request, including parameters such as the response code, response duration, and response content. If the network status detection module receives a valid response from the public network server within the timeout threshold, and the response duration does not exceed the preset threshold, the logical layer connection is determined to be normal, further confirming the external wireless network connection status as normal. If the network status detection module fails to receive a response from the public network server beyond the timeout threshold, or receives an erroneous response, the logical layer connection is determined to be abnormal. After a preset number of consecutive abnormal tests, the external wireless network connection status is confirmed to be interrupted. Simultaneously, the specific abnormal situation of the second feedback information is recorded, and the secondary detection results are fed back to the main control module.

[0056] Step S153: Calculate the external domain name resolution failure rate and determine the network status of the wireless network based on the preset threshold and the external domain name resolution failure rate.

[0057] Specifically, the network status detection module presets a time window, within which it counts the total number of external domain name resolutions received by the routing device and the number of resolution failures, and calculates the external domain name resolution failure rate within the current time window.

[0058] The routing device's memory stores a preset threshold for the external domain name resolution failure rate. This preset threshold can be adjusted by the management device according to actual commercial scenarios. The network status detection module compares the calculated external domain name resolution failure rate with the preset threshold. If the resolution failure rate is lower than the preset threshold, and resolution anomalies in a single user device are excluded, the external domain name resolution is determined to be normal, and the external wireless network connection status is confirmed to be normal. If the resolution failure rate is higher than the preset threshold, the external domain name resolution is determined to be abnormal, indicating that although the external network is physically connected and logically reachable, it cannot provide normal domain name resolution services, and user devices cannot access the Internet normally. At this time, the external wireless network connection status is determined to be interrupted, and information such as the resolution failure rate value and the type of domain name that failed to resolve is recorded. The final detection result is fed back to the main control module.

[0059] It should be noted that, depending on the needs of the actual application scenario, all three detection steps can be selected to perform a comprehensive network status judgment, or any detection step can be selectively enabled to achieve a dynamic balance between detection efficiency and detection accuracy, effectively avoiding the limitations of a single detection method and ensuring the accuracy and flexibility of external wireless network connection status judgment.

[0060] Step S160: Verify the user device through the authentication page of the local server.

[0061] Specifically, if the network status detection module reports an interrupted external network connection, the main control module switches to local operating mode and selects the local server in the local information processing unit built into the router to perform the authentication process for the user device, ensuring that the user device can still complete authentication normally even when the network is down. The main control module instructs the network isolation module to enable local redirection rules. That is, when the router detects an external network interruption, the network isolation module calls the iptables (a firewall management tool) configuration policy based on the Linux kernel to intercept and forward connection requests from guest user devices. Specifically, by configuring the iptables network address translation rules, HTTP port 80 and HTTPS port 443 connection requests initiated by the user device are forcibly redirected at the routing level to the local address and corresponding service port of the local information processing unit inside the router device. This prevents the user device from directly accessing the external network before authentication is completed, and allows access to the local authentication page. The local authentication page supports click functionality to meet the needs of quick authentication for guests. The local authentication page is pushed to the user device via the wireless communication module. The user device receives and opens the authentication page and completes the authentication operation according to the on-screen prompts.

[0062] Simultaneously, the local information processing unit can also verify the authentication result. If the verification passes, it sends a verification pass signal to the main control module. If the verification fails, it returns an authentication failure message and allows the user device to retry authentication, ensuring the rationality of the authentication process. After successful verification, the main control module instructs the wireless communication module to assign a dynamic IP address for the guest network to the user device, granting external network access permissions, and simultaneously triggering the subsequent first recommended content display step.

[0063] Step S170: The user equipment is authenticated by the central information processing unit.

[0064] Specifically, if the network status detection module reports a normal external network connection status, the main control module instructs the network isolation module to activate normal routing and forwarding functions, cancel local redirection rules, and redirect the visitor device's access request to the preset central information processing unit. Upon receiving the request, the central information processing unit generates a standardized authentication page according to a preset authentication policy and pushes the page to the user device. The user device completes the authentication process as prompted on the page. After verification, the visitor device sends a verification completion signal to the central information processing unit. The central information processing unit verifies the verification result. If the verification passes, it issues an authorization command to the main control module and simultaneously pushes the latest recommended content information. If the verification fails, it returns an authentication failure message, allowing the visitor to retry authentication. Upon receiving the authorization command from the central information processing unit, the main control module instructs the wireless communication module to assign a dynamic IP address to the visitor device, granting external network access permissions, completing the cloud authentication process for the visitor device, and triggering subsequent recommended content display steps.

[0065] Simultaneously, the central information processing unit can verify the verification result. If the verification passes, it issues an authorization command to the main control module and simultaneously pushes the latest information related to the second recommended content. If the verification fails, it returns an authentication failure message, allowing the visitor to retry authentication. After receiving the authorization command from the central information processing unit, the main control module instructs the wireless communication module to assign a dynamic IP address to the visitor device, granting external network access permissions, completing the cloud authentication process for the visitor device, and triggering the subsequent display of the second recommended content.

[0066] Step S180: Display recommended sales content to the user's device.

[0067] Specifically, after the user device completes authentication and successfully connects to the external network, the main control module instructs the content management module to display corresponding recommended content to the user device. If the external network is interrupted, the content management module reads the pre-cached first recommended content from the local database of the local information processing unit and pushes an appropriate content format based on the user device type and access time. If the external network is functioning normally, the content management module retrieves the latest second recommended content from the central information processing unit. Simultaneously, when the external network is interrupted, the content management module also records the user device's content browsing data and synchronizes this data to the local information processing unit for temporary storage. Once the external network is restored, the multi-device synchronization module uploads this data to the central information processing unit, enabling merchants to optimize recommended content and adjust marketing strategies.

[0068] This invention establishes multiple wireless networks, including at least an internal network and a guest network. It receives connection requests from user equipment (UEs), each request including the UE's identifier. The identifier is matched against a pre-stored whitelist. If a match is successful, the UE is connected to the internal network. If a match fails, the connection status of the external network is detected. Based on the connection status, a central information processing unit and a local server are selected to perform the network access procedure for the UE, thus connecting it to the guest network. Therefore, by identifying UEs using a pre-stored whitelist, UEs can be automatically allowed to access the corresponding network, improving network access security and efficiency while reducing maintenance burden.

[0069] In some embodiments, for user devices connected to a guest network, users can proactively apply to be added to a whitelist, thereby upgrading their device from a guest to an authorized internal user. Specifically, after the user device completes authentication and successfully accesses the external network, the routing device sends a prompt to the user device via an authentication page or pop-up window, asking if the user wants to submit a whitelist authorization request. Once whitelisted, the device can directly access the internal network without repeated authentication. The user device can choose to submit an authorization request or not, and the selection result is fed back to the routing device's main control module.

[0070] If the user device user chooses to submit a whitelist authorization request, an authorization request is generated according to the prompts. This authorization request includes the user device's identification identifier and relevant information filled in by the user, such as name, contact information, and authorization purpose. The authorization request is then sent to the routing device. Upon receiving the authorization request, the routing device's wireless communication module parses the request content, extracts the user device identification identifier and authorization-related information, and forwards it synchronously to the main control module. The main control module performs a preliminary review of the received authorization request. After confirming that the request format is compliant and the information is complete, it proceeds to the subsequent authorization request forwarding steps.

[0071] After the main control module completes the initial review of the authorization request, it issues a forwarding instruction to the multi-device synchronization module. The multi-device synchronization module then forwards the authorization request to the preset management device, ensuring that administrators can receive and review the authorization request in a timely manner, thus achieving standardized management of whitelist authorization. The management device can be an administrator's computer, mobile management terminal, etc. Simultaneously, if the external network is functioning normally, the multi-device synchronization module directly forwards the authorization request to the management device and simultaneously sends a notification to the management device, informing the administrator that a new whitelist authorization request is pending review. If the external network is interrupted, the multi-device synchronization module temporarily stores the authorization request in the local database of the local information processing unit. Once the network status detection module detects that the external network has returned to normal, it immediately forwards the temporarily stored authorization request to the management device, ensuring that the authorization request is not lost. After receiving the authorization request, the management device sends a signal to the routing device indicating that the request has been received. The multi-device synchronization module then forwards the request to the main control module, which records the request forwarding status for subsequent traceability management.

[0072] Administrators view detailed information about authorization requests through the management device. This information includes the user device identification identifier, the purpose of authorization, and user information. Based on actual commercial needs, an authorization approval or denial decision is made, generating authorization feedback. This feedback includes the approval result, approval comments, and approval time, and is sent to the routing device. The multi-device synchronization module receives the authorization feedback from the management device and forwards it to the main control module. The main control module parses the authorization feedback and extracts the approval result. If the approval result is approved, a whitelist update command is issued to the MAC management module, instructing it to add the user device's identification identifier to the whitelist and configure the corresponding access permissions, completing the whitelist update. If the denial result is denied, the main control module instructs the wireless communication module to send an authorization denial notification to the guest device, explaining the reason for the denial. After modifying the whitelist, the MAC management module synchronizes the updated whitelist to the local storage unit, while the multi-device synchronization module uploads the updated whitelist to the central information processing unit, ensuring consistency between local and cloud-based whitelist data.

[0073] Meanwhile, once a user device is successfully added to the whitelist after verification and upgraded from a visitor to an employee, when the user device re-enters the wireless network coverage area, the routing device can directly match the whitelist through the device identification identifier, directly access the internal network and obtain full access permissions, achieving fast and secure internal network access, and greatly improving the ease of use for internal personnel and the efficiency of system management.

[0074] In some embodiments, to meet the actual needs of multi-node distributed deployment, unified global business management and control and data consistency assurance in commercial scenarios, multiple routing devices are set up to work in collaboration with the central information processing unit to build a data synchronization system. Figure 5 This is a schematic diagram of a data synchronization system according to an embodiment of the present invention. Figure 5 As shown, the data synchronization system includes a central information processing unit 4 and slave devices N1, N2, ..., Nn. Each slave device is a routing device. Each slave device has a built-in independent network status detection module. When a slave device detects an external network interruption, it only triggers its local authentication mode, without affecting the cloud authentication process of other slave devices, thus achieving distributed fault isolation and preventing single-point network anomalies from impacting global services. When a slave device detects a normal external network connection, it performs bidirectional synchronization with the central information processing unit according to preset rules. It uploads local user behavior data and authorization requests to the central information processing unit and downloads the latest whitelist and recommended content from the central information processing unit, ensuring consistency in core configuration and data versions across multiple slave devices and achieving unified global management. When a slave device detects an external network interruption, it suspends communication with the central information processing unit and switches to independent local operation, temporarily storing user authentication records, content browsing data, and whitelist authorization requests from the offline period. Once the network status detection module confirms that the external network has recovered, it automatically triggers a breakpoint-resume synchronization mechanism, uploading temporary data in batches to the central information processing unit and downloading the latest cloud configuration to complete data completion and version alignment, ensuring eventual consistency across multiple slave devices. When a slave device receives a user's whitelist authorization request, it temporarily stores the request and synchronizes it to the central information processing unit. After the management device approves the request, the central information processing unit pushes the updated whitelist to all slave devices. Each slave device then synchronously updates its local whitelist, enabling authorized devices to seamlessly access the internal network from any slave device's coverage area, ensuring a consistent service experience across multiple nodes.

[0075] In some embodiments, to ensure timely detection of network recovery status after an external network outage, guarantee seamless service switching and data integrity, and avoid issues such as loss of user behavior data and inconsistencies between local and cloud configurations during network outages, a network recovery detection and synchronization process is continuously executed while the network is in an outage state. Figure 6 As shown. Figure 6 This is a flowchart of network interruption recovery detection according to an embodiment of the present invention. Figure 6 The network outage recovery detection method shown includes the following steps: Step S210: In response to the connection status being interrupted, a request is sent to the public network server according to a preset period.

[0076] Specifically, when the network status detection module determines that the external network connection is interrupted, the main control module instructs the network status detection module to initiate a periodic probing mechanism to avoid continuous high-frequency probing consuming system resources, while ensuring timely detection of network recovery. The preset period is a configurable parameter, and the network status detection module continuously sends requests to the public network server according to the preset period. This probing process is only performed when the external network is interrupted; if the network is subsequently detected to have recovered, the periodic probing immediately stops, and the system switches to normal network operation mode.

[0077] Step S220: Obtain feedback information from the public network server.

[0078] Specifically, the network status detection module presets a request timeout threshold. If a valid response is received from the public server within the timeout threshold, and no response is received from the public server after the timeout threshold, or an erroneous response is received, the feedback information is recorded as invalid feedback. Simultaneously, the network status detection module continuously stores detailed feedback from multiple probes to avoid misjudgments caused by accidental packet loss or momentary network fluctuations, providing reliable data support for subsequent network status assessments.

[0079] Step S230: Detect whether the network status of the external network is normal based on the feedback information.

[0080] Specifically, the router's network status detection module determines the external network recovery status based on feedback information from the public network server. It uses a single successful reception of valid feedback as the criterion to ensure timely identification of network recovery status, adapting to the needs of rapid switchback to cloud services in commercial scenarios. Specifically, if the network status sensing module successfully obtains valid feedback information from the public network server within a certain detection period, it determines that public network heartbeat communication has returned to normal, immediately marks the external network status as restored, and sends this network status result to the router's main control module in real time. The main control module then triggers subsequent data synchronization and service switching processes. If invalid feedback information is obtained, the external network interruption status is maintained, and the detection request continues to be executed according to a preset period until valid feedback information is obtained.

[0081] Step S240: In response to the network status of the external network being normal, perform data synchronization with the central information processing unit.

[0082] Specifically, when the router's main control module receives the external network recovery status information from the network status detection module, it instructs the multi-device synchronization module to initiate a full bidirectional data synchronization process with the central information processing unit. The router automatically cancels the local firewall redirection rules enabled during the external network interruption, restoring normal routing and forwarding functions. It redirects user device requests from their local IP addresses back to the central information processing unit. Subsequent user device authentication and content access requests are directly forwarded to the cloud portal page, completing a smooth transition from local to cloud mode. The multi-device synchronization module uploads user behavior data temporarily stored in the router's local database during the external network interruption to the central information processing unit. This data includes all offline marketing-related data such as user device ad clicks, coupon redemptions, and content browsing duration, ensuring no loss of user behavior data during the network outage and providing complete data support for the central information processing unit's marketing strategy optimization. The multi-device synchronization module initiates a content and configuration version verification request to the central information processing unit, automatically checking for updated promotional templates, advertising materials, and MAC address whitelists. If an updated version is detected in the cloud, the latest content and configuration data will be downloaded to the router's content management module and MAC management module to complete the local data update and overwrite, ensuring that the content and configuration of the local database are consistent with the central information processing unit in real time, and preparing for offline support in the event of a possible network outage in the future.

[0083] Figure 7 This is a schematic diagram of a network push message management device according to an embodiment of the present invention. Figure 7 As shown, the network push message management device of this embodiment includes a network establishment module 71 for establishing multiple wireless networks, the multiple wireless networks including at least an internal network and a guest network; a connection request module 72 for receiving connection requests sent by user equipment, the connection request including the identification identifier of the user equipment; a list matching module 73 for matching the identification identifier with a pre-stored whitelist; a matching success module 74 for connecting the user equipment to the internal network in response to a successful match; and a matching failure module 75 for detecting the connection status of an external network in response to a matching failure, and selecting one of the central information processing unit and the local server to perform the network access process for the user equipment to connect the user equipment to the external network based on the connection status.

[0084] This invention establishes multiple wireless networks, including at least an internal network and a guest network. It receives connection requests from user equipment (UEs), each request including the UE's identifier. The identifier is matched against a pre-stored whitelist. If a match is successful, the UE is connected to the internal network. If a match fails, the connection status of the external network is detected. Based on the connection status, a central information processing unit and a local server are selected to perform the network access procedure for the UE, thus connecting it to the guest network. Therefore, by identifying UEs using a pre-stored whitelist, UEs can be automatically allowed to access the corresponding network, improving network access security and efficiency while reducing maintenance burden.

[0085] Figure 8 This is a schematic diagram of an electronic device according to an embodiment of the present invention. (For example...) Figure 8 As shown, Figure 8 The illustrated electronic device is a network device, comprising a general computer hardware architecture, including at least a processor 91 and a memory 92. The processor 91 and memory 92 are connected via a bus 93. The memory 92 is adapted to store instructions or programs executable by the processor 91. The processor 91 can be a standalone microprocessor or a collection of one or more microprocessors. Thus, the processor 91 executes the instructions stored in the memory 92, thereby performing the method flow of the embodiments of the present invention as described above to process data and control other devices. The bus 93 connects the aforementioned components together, and also connects these components to a display controller 94, a display device, and an input / output (I / O) device 95. The input / output (I / O) device 95 can be a mouse, keyboard, modem, network interface, touch input device, motion-sensing input device, printer, and other devices known in the art. Typically, the input / output device 95 is connected to the system via an input / output (I / O) controller 96.

[0086] Those skilled in the art will understand that embodiments of this application can be provided as methods, apparatus (devices), or computer program products. Therefore, this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, this application can take the form of a computer program product embodied on one or more computer-readable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0087] This application is described with reference to flowchart illustrations of methods, apparatus (devices), and computer program products according to embodiments of this application. It should be understood that each step in the flowchart can be implemented by computer program instructions.

[0088] These computer program instructions may be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including an instruction means, the implementation process of which is described in the instruction means. Figure 1 The function specified in one or more processes.

[0089] These computer program instructions may also be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing device to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing device, produce instructions for implementing processes. Figure 1 A device for a function specified in one or more processes.

[0090] Another embodiment of the present invention relates to a non-volatile storage medium for storing a computer-readable program for use by a computer to execute some or all of the above-described method embodiments.

[0091] That is, those skilled in the art will understand that all or part of the steps in the methods of the above embodiments can be implemented by a program specifying the relevant hardware. This program is stored in a storage medium and includes several instructions to cause a device (which may be a microcontroller, chip, etc.) or processor to execute all or part of the steps of the methods described in the embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as a USB flash drive, a portable hard drive, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk.

[0092] The above description is merely a preferred embodiment of this application and is not intended to limit this application. Various modifications and variations can be made to this application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this application should be included within the protection scope of this application.

Claims

1. A method for managing network push messages, characterized in that, The method includes: Establish multiple wireless networks, which include at least an internal network and a guest network; Receive a connection request sent by a user equipment, the connection request including the identification identifier of the user equipment; The identification identifier is matched with a pre-stored whitelist; In response to a successful match, the user equipment is connected to the internal network; In response to a matching failure, the connection status of the external network is detected, and based on the connection status, a central information processing unit and a local server are selected to perform the network access procedure for the user equipment, so as to connect the user equipment to the guest network.

2. The method according to claim 1, characterized in that, Based on the connection status, selecting one of the central information processing unit and the local server to perform the network access procedure for the user equipment, in order to connect the user equipment to the guest network, includes: In response to the connection being interrupted, the user device is authenticated through the authentication page of the local server.

3. The method according to claim 1, characterized in that, Based on the connection status, selecting one of the central information processing unit and the local server to perform the network access procedure for the user equipment, in order to connect the user equipment to the guest network, includes: In response to the connection status being normal, the user equipment is authenticated through the central information processing unit.

4. The method according to claim 1, characterized in that, The method further includes: Obtain the authorization request sent by the user equipment, wherein the authorization request includes the identification identifier of the user equipment; Send the authorization request to the management device; Obtain authorization feedback sent by the management device, and modify the whitelist based on the authorization feedback.

5. The method according to claim 1, characterized in that, The step of selecting one of the central information processing unit and the local server based on the connection status to perform the network access process for the user equipment, so as to connect the user equipment to the guest network, further includes: In response to the connection status being interrupted, first recommended content is read from the local database and displayed to the user device; In response to the connection status being normal, second recommended content is obtained from the central information processing unit and displayed to the user equipment.

6. The method according to claim 1, characterized in that, The detection of the connection status of the external network includes: Detect the transmission signal of the router's physical interface, and determine the connection status of the external network based on the transmission signal; Send a protocol request to a preset public network server, and determine the connection status of the external network based on the first feedback information returned by the public network server; The external domain name resolution failure rate is statistically analyzed, and the connection status of the external network is determined based on a preset threshold and the external domain name resolution failure rate.

7. The method according to claim 6, characterized in that, The method includes: In response to the connection status being interrupted, a request is sent to the public network server according to a preset period. Obtain feedback information from the public network server; Based on the feedback information, detect whether the network status of the external network is normal; In response to the external network being in a normal state, data synchronization is performed with the central information processing unit.

8. The method according to claim 1, characterized in that, The method further includes: When the external network is in normal condition, data synchronization is performed with the central information processing unit according to predetermined rules.

9. The method according to claim 7 or 8, characterized in that, The data synchronization with the central information processing unit includes: Upload user device behavior data from the local server to the central information processing unit; and / or The updated recommended content and whitelist are downloaded from the central information processing unit and stored in the local server.

10. A routing device, characterized in that, It includes a memory and a processor, the processor executing program instructions in the memory for implementing the method of any one of claims 1-9.