CN106027459A - 一种访问控制列表的查询方法及装置 - Google Patents
一种访问控制列表的查询方法及装置 Download PDFInfo
- Publication number
- CN106027459A CN106027459A CN201510998606.3A CN201510998606A CN106027459A CN 106027459 A CN106027459 A CN 106027459A CN 201510998606 A CN201510998606 A CN 201510998606A CN 106027459 A CN106027459 A CN 106027459A
- Authority
- CN
- China
- Prior art keywords
- rule
- address
- acl
- space
- hash
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 230000001360 synchronised effect Effects 0.000 claims abstract description 7
- 230000008878 coupling Effects 0.000 claims description 18
- 238000010168 coupling process Methods 0.000 claims description 18
- 238000005859 coupling reaction Methods 0.000 claims description 18
- 230000009471 action Effects 0.000 claims description 14
- 238000005192 partition Methods 0.000 claims description 8
- 238000000151 deposition Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 abstract 1
- 230000006870 function Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000013011 mating Effects 0.000 description 1
- 230000004899 motility Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510998606.3A CN106027459B (zh) | 2015-12-28 | 2015-12-28 | 一种访问控制列表的查询方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510998606.3A CN106027459B (zh) | 2015-12-28 | 2015-12-28 | 一种访问控制列表的查询方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106027459A true CN106027459A (zh) | 2016-10-12 |
CN106027459B CN106027459B (zh) | 2019-04-30 |
Family
ID=57082593
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510998606.3A Active CN106027459B (zh) | 2015-12-28 | 2015-12-28 | 一种访问控制列表的查询方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106027459B (zh) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109547502A (zh) * | 2019-01-22 | 2019-03-29 | 成都亚信网络安全产业技术研究院有限公司 | 防火墙acl管理方法及装置 |
CN110022281A (zh) * | 2018-01-08 | 2019-07-16 | ***通信有限公司研究院 | 访问控制列表容量的测试方法、设备和计算机存储介质 |
CN112311595A (zh) * | 2020-10-15 | 2021-02-02 | 烽火通信科技股份有限公司 | 一种高效访问控制链表及其实现方法 |
CN112383479A (zh) * | 2020-10-15 | 2021-02-19 | 国家计算机网络与信息安全管理中心 | 规则查询方法、装置、计算机设备和存储介质 |
CN112667526A (zh) * | 2021-03-22 | 2021-04-16 | 芯启源(南京)半导体科技有限公司 | 一种访问控制列表电路实现方法及其电路 |
CN113779320A (zh) * | 2021-08-18 | 2021-12-10 | 北京计算机技术及应用研究所 | 一种表项存储地址冲突的解决方法 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040254934A1 (en) * | 2003-06-11 | 2004-12-16 | International Business Machines Corporation | High run-time performance method and system for setting ACL rule for content management security |
CN101345694A (zh) * | 2007-07-11 | 2009-01-14 | 上海未来宽带技术及应用工程研究中心有限公司 | 一种快速查找定位和匹配访问控制列表的方法 |
CN103188231A (zh) * | 2011-12-30 | 2013-07-03 | 北京锐安科技有限公司 | 一种多核板卡acl规则匹配方法 |
CN104954200A (zh) * | 2015-06-17 | 2015-09-30 | 国家计算机网络与信息安全管理中心 | 一种网络数据包的多类型规则高速匹配方法及装置 |
-
2015
- 2015-12-28 CN CN201510998606.3A patent/CN106027459B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040254934A1 (en) * | 2003-06-11 | 2004-12-16 | International Business Machines Corporation | High run-time performance method and system for setting ACL rule for content management security |
CN101345694A (zh) * | 2007-07-11 | 2009-01-14 | 上海未来宽带技术及应用工程研究中心有限公司 | 一种快速查找定位和匹配访问控制列表的方法 |
CN103188231A (zh) * | 2011-12-30 | 2013-07-03 | 北京锐安科技有限公司 | 一种多核板卡acl规则匹配方法 |
CN104954200A (zh) * | 2015-06-17 | 2015-09-30 | 国家计算机网络与信息安全管理中心 | 一种网络数据包的多类型规则高速匹配方法及装置 |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110022281A (zh) * | 2018-01-08 | 2019-07-16 | ***通信有限公司研究院 | 访问控制列表容量的测试方法、设备和计算机存储介质 |
CN109547502A (zh) * | 2019-01-22 | 2019-03-29 | 成都亚信网络安全产业技术研究院有限公司 | 防火墙acl管理方法及装置 |
CN112311595A (zh) * | 2020-10-15 | 2021-02-02 | 烽火通信科技股份有限公司 | 一种高效访问控制链表及其实现方法 |
CN112383479A (zh) * | 2020-10-15 | 2021-02-19 | 国家计算机网络与信息安全管理中心 | 规则查询方法、装置、计算机设备和存储介质 |
CN112383479B (zh) * | 2020-10-15 | 2022-03-22 | 国家计算机网络与信息安全管理中心 | 规则查询方法、装置、计算机设备和存储介质 |
CN112311595B (zh) * | 2020-10-15 | 2022-09-09 | 烽火通信科技股份有限公司 | 一种高效访问控制链表及其实现方法 |
CN112667526A (zh) * | 2021-03-22 | 2021-04-16 | 芯启源(南京)半导体科技有限公司 | 一种访问控制列表电路实现方法及其电路 |
CN112667526B (zh) * | 2021-03-22 | 2021-06-29 | 芯启源(南京)半导体科技有限公司 | 一种访问控制列表电路实现方法及其电路 |
CN113779320A (zh) * | 2021-08-18 | 2021-12-10 | 北京计算机技术及应用研究所 | 一种表项存储地址冲突的解决方法 |
CN113779320B (zh) * | 2021-08-18 | 2024-02-27 | 北京计算机技术及应用研究所 | 一种表项存储地址冲突的解决方法 |
Also Published As
Publication number | Publication date |
---|---|
CN106027459B (zh) | 2019-04-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106027459A (zh) | 一种访问控制列表的查询方法及装置 | |
CN101860531B (zh) | 数据包过滤规则匹配方法及装置 | |
CN105122745A (zh) | 用于网络设备的高效最长前缀匹配技术 | |
CN104579940B (zh) | 查找访问控制列表的方法及装置 | |
US10333845B2 (en) | Forwarding data packets | |
CN107547391B (zh) | 一种报文传输方法和装置 | |
TWI661698B (zh) | 轉發乙太網路封包的方法和裝置 | |
CN101217528B (zh) | 一种链路聚合方法和装置 | |
CN103812765B (zh) | 具有过滤功能的can转以太网网关及基于该网关的数据传输方法 | |
CN101753542A (zh) | 一种加速防火墙过滤规则匹配的方法及装置 | |
CN103188231A (zh) | 一种多核板卡acl规则匹配方法 | |
CN111181857B (zh) | 一种报文处理方法及装置、存储介质、光网络终端 | |
CN103078798A (zh) | 一种建立路由表的方法和设备 | |
CN101242362A (zh) | 查找键值生成装置及方法 | |
CN108345643A (zh) | 一种数据处理方法及装置 | |
CN104580008B (zh) | 基于硬件提高多队列随机丢弃报文精度的方法及装置 | |
CN101645851A (zh) | 一种ip分片报文的重组方法和装置 | |
CN106533973A (zh) | 分发业务消息的方法、设备和*** | |
CN101710864A (zh) | 一种多网口Linux服务器的配置方法及装置 | |
CN106878185B (zh) | 一种报文ip地址匹配电路及方法 | |
CN107493245B (zh) | 交换机的板卡以及数据流转发方法 | |
CN105933235A (zh) | 数据通信方法及装置 | |
CN102752208B (zh) | 防止半连接攻击的方法及*** | |
CN103905324A (zh) | 一种基于报文五元组的调度分流方法和*** | |
CN110995609A (zh) | 报文发送方法、装置、电子设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A query method and device of access control list Effective date of registration: 20200826 Granted publication date: 20190430 Pledgee: Bank of Beijing Limited by Share Ltd. Shenzhen branch Pledgor: Shenzhen Hengyang Data Co.,Ltd. Registration number: Y2020980005382 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20210803 Granted publication date: 20190430 Pledgee: Bank of Beijing Limited by Share Ltd. Shenzhen branch Pledgor: Shenzhen Hengyang Data Co.,Ltd. Registration number: Y2020980005382 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A query method and device for access control list Effective date of registration: 20210816 Granted publication date: 20190430 Pledgee: Bank of Beijing Limited by Share Ltd. Shenzhen branch Pledgor: Shenzhen Hengyang Data Co.,Ltd. Registration number: Y2021440020082 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Granted publication date: 20190430 Pledgee: Bank of Beijing Limited by Share Ltd. Shenzhen branch Pledgor: Shenzhen Hengyang Data Co.,Ltd. Registration number: Y2021440020082 |