 技術摘要: |
一種封包檢測裝置及方法,係應用於擷取封包之網路設備中,其透過延遲處理模組於TCP層交握時,對所接收之封包進行儲存、比對以及篩選。首先,由延遲處理模組之雜湊函數(Hashing Function)單元將封包的標頭資訊轉換為雜湊函數値,接著,與延遲處理模組之記憶體單元中的資料進行雜湊函數値比對,若記憶體單元中所儲存之資料與該雜湊函數單元所轉換之雜湊函數値不相同,則將該雜湊函數値存入該記憶體單元以建立一對話連線,若該記憶體單元所儲存之資料與該雜湊函數單元所轉換之雜湊函數値相同,則進行封包狀態比對與封包篩選,再經由對話處理模組依據該延遲處理模組所篩選之封包建立傳輸連線。據此,可快速檢測封包狀態、減少佔用記憶體空間以及降低成本。
A packet inspection device and method for use with a packet-retrievable network apparatus are provided. The packet inspection method includes: converting header information of a packet received into a hashing function value in presence of handshaking underway at the Transmission Control Protocol (TCP) layer and comparing the hashing function value by a hashing function unit of the pending processing module, storing the hashing function value in a memory unit, and performing packet state comparison and packet screening and then creating by the session processing module a transmission connection according to the packet screened and selected by the pending processing module upon determination that data stored in the memory unit match the hashing function value resulting from conversion by the hashing function unit, thereby expediting packet inspection, reducing occupied memory space, and cutting costs.
|
聯繫方式 |
| 聯絡人:
研發處產學合作總中心 |
電話:
(02)3366-9949 |
|
| 地 址:
10617臺北市大安區羅斯福路四段1號 禮賢樓六樓608室 |
|
|
| |
|
專利行銷平台