CN113992426A - Message distribution method and device, storage medium and electronic equipment - Google Patents
Message distribution method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN113992426A CN113992426A CN202111350108.XA CN202111350108A CN113992426A CN 113992426 A CN113992426 A CN 113992426A CN 202111350108 A CN202111350108 A CN 202111350108A CN 113992426 A CN113992426 A CN 113992426A
- Authority
- CN
- China
- Prior art keywords
- message
- message data
- type
- program
- original
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 238000012544 monitoring process Methods 0.000 claims abstract description 17
- 238000012545 processing Methods 0.000 claims description 12
- 230000004044 response Effects 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 14
- 230000006870 function Effects 0.000 description 8
- 238000004891 communication Methods 0.000 description 5
- 238000012806 monitoring device Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/029—Firewall traversal, e.g. tunnelling or, creating pinholes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a message distribution method, a message distribution device, a storage medium and electronic equipment, wherein first message data is acquired by monitoring an external network address of a target network card; the target network card is a network card connected with the universal port, and the first message data is message data with a destination address being an external network address; judging whether the message type of the first message data is an original type; if not, pushing the first message data to a target logic program; the target logic program is a program which is associated with an external network address and does not monitor a universal port. By monitoring the external network address, the external network flow data can be distributed to different services, so that one universal port can support a plurality of services, a firewall can be bypassed, and hidden access services can be realized.
Description
Technical Field
The present application relates to the field of internet, and in particular, to a method, an apparatus, a storage medium, and an electronic device for distributing a packet.
Background
In the modern internet construction, from the security perspective, a firewall is built under an organization network environment to protect the safety of assets and limit accessible resources, for example, the firewall is configured with 80 ports only allowing an external network to access a certain service, and when an additional port needs to be accessed, the firewall intercepts the service. In addition, covert access services are also an important capability; under a traditional access mode, a network Intrusion Detection (IDS) device can record or alarm and inform illegal ports according to ports of network messages.
Therefore, how to support multiple services by using one port when the externally open port is limited, and at the same time, the firewall can be bypassed, and the hidden access service can be realized becomes a difficult problem to be solved by those skilled in the art.
Disclosure of Invention
An object of the present application is to provide a message distribution method, apparatus, storage medium and electronic device, so as to at least partially improve the above problems.
In order to achieve the above purpose, the embodiments of the present application employ the following technical solutions:
in a first aspect, an embodiment of the present application provides a message distribution method, where the method includes:
monitoring an external network address of a target network card to acquire first message data;
the target network card is a network card connected with a universal port, and the first message data is message data with a destination address of the external network address;
judging whether the message type of the first message data is an original type;
if not, pushing the first message data to a target logic program;
wherein the target logic program is a program which is associated with the external network address and does not monitor the universal port.
In a second aspect, an embodiment of the present application provides a packet distribution apparatus, where the apparatus includes:
the monitoring program unit is used for monitoring the external network address of the target network card to acquire first message data;
the target network card is a network card connected with a universal port, and the first message data is message data with a destination address of the external network address;
the processing unit is used for judging whether the message type of the first message data is an original type; if not, pushing the first message data to a target logic program; wherein the target logic program is a program which is associated with the external network address and does not monitor the universal port.
In a third aspect, the present application provides a storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the method described above.
In a fourth aspect, an embodiment of the present application provides an electronic device, including: a processor and memory for storing one or more programs; the one or more programs, when executed by the processor, implement the methods described above.
Compared with the prior art, the message distribution method, the message distribution device, the storage medium and the electronic device provided by the embodiment of the application acquire first message data by monitoring the external network address of the target network card; the target network card is a network card connected with the universal port, and the first message data is message data with a destination address being an external network address; judging whether the message type of the first message data is an original type; if not, pushing the first message data to a target logic program; the target logic program is a program which is associated with an external network address and does not monitor a universal port. By monitoring the external network address, the external network flow data can be distributed to different services, so that one universal port can support a plurality of services, a firewall can be bypassed, and hidden access services can be realized.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and it will be apparent to those skilled in the art that other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of a message distribution method according to an embodiment of the present application;
fig. 3 is a schematic diagram of a universal port listening according to an embodiment of the present application;
fig. 4 is a schematic diagram of monitoring an external network address according to an embodiment of the present application;
fig. 5 is a schematic diagram illustrating the substeps of S102 according to an embodiment of the present disclosure;
fig. 6 is one of the sub-steps of S102 provided in the embodiments of the present application;
fig. 7 is one of the sub-steps of S102 provided in the embodiments of the present application;
fig. 8 is a schematic flowchart of a message distribution method according to an embodiment of the present application;
fig. 9 is a schematic unit diagram of a message distribution apparatus according to an embodiment of the present application.
In the figure: 10-a processor; 11-a memory; 12-a bus; 13-a communication interface; 201-a listener unit; 202-processing unit.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
In the description of the present application, it should be noted that the terms "upper", "lower", "inner", "outer", and the like indicate orientations or positional relationships based on orientations or positional relationships shown in the drawings or orientations or positional relationships conventionally found in use of products of the application, and are used only for convenience in describing the present application and for simplification of description, but do not indicate or imply that the referred devices or elements must have a specific orientation, be constructed in a specific orientation, and be operated, and thus should not be construed as limiting the present application.
In the description of the present application, it is also to be noted that, unless otherwise explicitly specified or limited, the terms "disposed" and "connected" are to be interpreted broadly, e.g., as being either fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meaning of the above terms in the present application can be understood in a specific case by those of ordinary skill in the art.
Some embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments described below and the features of the embodiments can be combined with each other without conflict.
At present, a port multiplexing method based on a Linux platform is provided, a sys-read function address is found in a Linux kernel layer through a system calltable, and a sys-read function is replaced by a new function; and realizing the check and distribution of the network messages in the self-defined sys-read function, searching binary data meeting the specification from the network messages, and distributing the binary data to corresponding services. However, the method can only be applied to a Linux platform, and other systems cannot be universal due to different bottom layer implementation; secondly, the specific implementation needs to be carried out in a Linux kernel layer, and root authority is needed.
Therefore, the embodiment of the present application provides a message distribution method based on port multiplexing, which works in a transport layer in a TCP/IP protocol stack, and all operating system platforms can be used in common. The monitoring device provided by the embodiment of the application is started to monitor the external network address of the host target port and take over all external network traffic, and when the monitoring device receives the external network traffic, the monitoring device is as follows according to message characteristics: and distributing the message to an original application program according to rules, recording the communication link, returning a subsequent response message according to the path, wherein the message which does not conform to the rules belongs to the message of the target logic program, and directly calling the target logic program by the monitoring device to execute the logic.
The embodiment of the application provides an electronic device which can be a server device or a computer device. Please refer to fig. 1, a schematic structural diagram of an electronic device. The electronic device comprises a processor 10, a memory 11, a bus 12. The processor 10 and the memory 11 are connected by a bus 12, and the processor 10 is configured to execute an executable module, such as a computer program, stored in the memory 11.
The processor 10 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the message distribution method may be implemented by integrated logic circuits of hardware or instructions in the form of software in the processor 10. The Processor 10 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component.
The Memory 11 may comprise a high-speed Random Access Memory (RAM) and may further comprise a non-volatile Memory (non-volatile Memory), such as at least one disk Memory.
The bus 12 may be an ISA (Industry Standard architecture) bus, a PCI (peripheral Component interconnect) bus, an EISA (extended Industry Standard architecture) bus, or the like. Only one bi-directional arrow is shown in fig. 1, but this does not indicate only one bus 12 or one type of bus 12.
The memory 11 is used for storing programs, for example, programs corresponding to the message distribution apparatus. The message distribution means comprises at least one software functional module which may be stored in the memory 11 in the form of software or firmware or may be fixed in an Operating System (OS) of the electronic device. The processor 10, upon receiving the execution instruction, executes the program to implement the message distribution method.
Possibly, the electronic device provided by the embodiment of the present application further includes a communication interface 13. The communication interface 13 is connected to the processor 10 via a bus. The communication interface 13 may be a general-purpose interface, and cooperates with a network card to perform data transmission and reception.
It should be understood that the structure shown in fig. 1 is merely a structural schematic diagram of a portion of an electronic device, which may also include more or fewer components than shown in fig. 1, or have a different configuration than shown in fig. 1. The components shown in fig. 1 may be implemented in hardware, software, or a combination thereof.
The message distribution method provided in the embodiment of the present application may be applied to, but is not limited to, the electronic device shown in fig. 1, and please refer to fig. 2, where the message distribution method includes: s101, S102, S103, and S104.
S101, monitoring an external network address of a target network card to acquire first message data.
The target network card is a network card connected with the universal port, and the first message data is message data with a destination address being an external network address.
Referring to fig. 3 and fig. 4, fig. 3 is a schematic diagram of universal port snooping according to an embodiment of the present application, and fig. 4 is a schematic diagram of external network address snooping according to the embodiment of the present application.
In the figure, service represents an original service program, App represents a target logic program or a target logic program logic, proxy represents a monitoring program, the external network address of a target network card is 192.168.0.1:80, a universal port is 0.0.0:80, host represents a host (electronic equipment), and Internet represents an external network.
In the case shown in FIG. 3, the original service listens to all addresses, e.g., "0.0.0: 80", and the original service can normally receive and respond to the message data of the port.
Under the condition shown in fig. 3, the monitor can directly monitor the network card extranet address such as 192.168.0.1:80, and the extranet message is delivered to the monitor in the program first according to the accurate priority principle of the operating system; of course, the original service program may also directly monitor the external network address, and the monitored address of the original service program may be modified and the service may be restarted.
S102, judging whether the message type of the first message data is the original type. If yes, executing S104; if not, S103 is executed.
Optionally, the original type is a type corresponding to the original service program, and represents a service type corresponding to a currently opened universal port of the host. The original service program is a program for monitoring the universal port.
If the message type of the first message data is the original type, the message data needs to be pushed to an original service program, and S104 is executed; otherwise, the data is pushed to the target logic program, and S103 is executed.
S103, pushing the first message data to a target logic program.
The target logic program is a program which is associated with an external network address and does not monitor a universal port.
S104, when the message type of the first message data is the original type, pushing the first message data to the original service program.
It is understood that the number of target logic programs may be preset, and the target logic programs may be App programs created by workers in advance, unlike original service programs for listening to universal ports. Different target logic programs correspond to different services.
By monitoring the external network address, the external network flow data can be distributed to different services, so that one universal port can support a plurality of services, a firewall can be bypassed, and hidden access services can be realized.
To sum up, the embodiment of the present application provides a message distribution method, which obtains first message data by monitoring an external network address of a target network card; the target network card is a network card connected with the universal port, and the first message data is message data with a destination address being an external network address; judging whether the message type of the first message data is an original type; if not, pushing the first message data to a target logic program; the target logic program is a program which is associated with an external network address and does not monitor a universal port. By monitoring the external network address, the external network flow data can be distributed to different services, so that one universal port can support a plurality of services, a firewall can be bypassed, and hidden access services can be realized.
On the basis of fig. 2, as for the content in S102, the embodiment of the present application further provides a possible implementation manner, please refer to fig. 5, where S102 includes: s102-1, S102-2, S102-7, and S102-8.
S102-1, extracting the characteristic character string in the first message data.
Optionally, the characteristic character string is a byte with a preset length in the first message data.
And S102-2, judging whether the characteristic character string is matched with the target character string. If yes, executing S102-8; if not, S102-7 is executed.
Optionally, the target character string is a character string corresponding to the original service program.
S102-7, determining that the message type of the first message data is not an original type.
S102-8, the message type of the first message data is determined to be an original type.
Optionally, after S102-7, S103 is performed. After S102-8, S104 is performed.
It can be understood that the HTTP protocol works in the application layer, and the first few bytes in the request message data are fixed request methods, and the target character string is, for example: when the target logic program is designed, the messages of the GET and POST avoid using similar characteristic character strings; when the monitoring program receives the messages beginning with 'GET' and 'POST', TCP connection is established with the original service, the messages are sent to the original service again, and other messages are all sent to the target logic program for processing.
On the basis of fig. 2, as for the content in S102, the embodiment of the present application further provides a possible implementation manner, please refer to fig. 6, where S102 includes: s102-3, S102-4, S102-7, and S102-8.
S102-3, the source IP address in the first message data is obtained.
S102-4, judging whether the source IP address is the target address. If so, executing S102-7, otherwise, executing S102-8.
Optionally, a source IP address may also be used to distribute the message, that is, a request message sent by a specific source IP (destination address) is uniformly distributed to a destination logic program, and the other is distributed to the original service.
When the source IP address is not the target address, the first message data is required to be pushed to the original server program, and S102-8 is executed; otherwise, S102-7 is performed.
On the basis of fig. 2, as for the content in S102, the embodiment of the present application further provides a possible implementation manner, please refer to fig. 7, where S102 includes: s102-5, S102-6, S102-7, and S102-8.
S102-5, obtaining the message length of the first message data.
S102-6, judging whether the message length meets the length threshold range. If so, executing S102-7, otherwise, executing S102-8.
Optionally, a specific message length, that is, a length threshold range, may also be set, and if the message length satisfies the length threshold range, the message is distributed to the target logic program, and S102-7 is executed; it is only necessary to distinguish whether the message belongs to the original service program. Otherwise, S102-8 is performed.
On the basis of fig. 2, regarding how to reply to the response packet, the embodiment of the present application further provides a possible implementation manner, please refer to fig. 8, and the packet distribution method further includes S105.
And S105, feeding back the response message generated by the original service program or the target logic program through the target network card.
Optionally, after the monitoring program establishes a connection with the original service program and distributes a message, the monitoring program needs to record a corresponding relationship between 'extranet-monitoring program' and 'monitoring program-original service' for processing a response message of the original service, after the original service sends the response message to the agent module, the agent module queries the corresponding relationship and sends the response message, and the response message corresponding to the target logic program is treated in the same way.
In a possible implementation manner, the original service program or the target logic program generates a destination address written in the response message, and the listener performs feedback according to the destination address.
The target logic program in the message distribution method provided by the embodiment of the application can be built in the monitoring program, and can also monitor the local port as other services, and the message distribution logic is unchanged; and the original service program can be single or multiple, and it is only necessary to set up a proper message distribution rule.
The embodiment of the application provides a message distribution method based on agent universal port multiplexing, which works in a transport vehicle in TCP/IP (transmission control protocol/Internet protocol), and the method is not limited by an operating system and does not need the authority of a system administrator during operation; the method can realize that one port supports a plurality of services to work normally at the same time, can bypass the limitation of the firewall to the opening of the port according to the working characteristics of the method, and can realize hidden access to the target service because the port of the normal service can be used and the flow of the port is mixed in the flow of the normal service.
Referring to fig. 9, fig. 9 is a diagram of a message distribution apparatus according to an embodiment of the present application, where optionally, the message distribution apparatus is applied to the electronic device described above.
The message distribution device comprises: a listener unit 201 and a processing unit 202.
The monitor unit 201 is configured to monitor an external network address of the target network card to obtain first message data.
The target network card is a network card connected with the universal port, and the first message data is message data with a destination address being an external network address.
A processing unit 202, configured to determine whether a packet type of the first packet data is an original type; if not, pushing the first message data to a target logic program; the target logic program is a program which is associated with an external network address and does not monitor a universal port.
Optionally, the processing unit 202 is further configured to, when the packet type of the first packet data is an original type, push the first packet data to an original service program; the original service program is a program for monitoring a universal port.
Alternatively, the listener unit 201 may execute the above-described S101 and S105, and the processing unit 202 may execute the above-described S102 to S104.
It should be noted that, the message distribution apparatus provided in this embodiment may execute the method flows shown in the above method flow embodiments, so as to achieve the corresponding technical effects. For the sake of brevity, the corresponding contents in the above embodiments may be referred to where not mentioned in this embodiment.
The embodiment of the present application further provides a storage medium, where the storage medium stores a computer instruction and a program, and the computer instruction and the program, when read and executed, execute the message distribution method according to the embodiment. The storage medium may include memory, flash memory, registers, or a combination thereof, etc.
The following provides an electronic device, which may be a server or a computer, and as shown in fig. 1, the electronic device may implement the message distribution method described above; specifically, the electronic device includes: processor 10, memory 11, bus 12. The processor 10 may be a CPU. The memory 11 is used for storing one or more programs, and when the one or more programs are executed by the processor 10, the message distribution method of the above-described embodiment is performed.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Claims (10)
1. A method for distributing messages, the method comprising:
monitoring an external network address of a target network card to acquire first message data;
the target network card is a network card connected with a universal port, and the first message data is message data with a destination address of the external network address;
judging whether the message type of the first message data is an original type;
if not, pushing the first message data to a target logic program;
wherein the target logic program is a program which is associated with the external network address and does not monitor the universal port.
2. The message distribution method according to claim 1, wherein the step of determining whether the message type of the first message data is an original type comprises:
extracting a characteristic character string in the first message data;
judging whether the characteristic character string is matched with a target character string;
if the first message data is matched with the second message data, the message type of the first message data is determined to be an original type;
and if not, determining that the message type of the first message data is not the original type.
3. The message distribution method according to claim 1, wherein the step of determining whether the message type of the first message data is an original type comprises:
acquiring a source IP address in the first message data;
judging whether the source IP address is a target address;
if not, determining the message type of the first message data as an original type;
and if so, determining that the message type of the first message data is not the original type.
4. The message distribution method according to claim 1, wherein the step of determining whether the message type of the first message data is an original type comprises:
acquiring the message length of the first message data;
judging whether the message length meets a length threshold range;
if not, determining the message type of the first message data as an original type;
and if so, determining that the message type of the first message data is not the original type.
5. The message distribution method according to claim 1, wherein the method further comprises:
when the message type of the first message data is an original type, pushing the first message data to an original service program;
wherein, the original service program is a program for monitoring the universal port.
6. The message distribution method according to claim 5, wherein the method further comprises:
and feeding back a response message generated by the original service program or the target logic program through the target network card.
7. A message distribution apparatus, the apparatus comprising:
the monitoring program unit is used for monitoring the external network address of the target network card to acquire first message data;
the target network card is a network card connected with a universal port, and the first message data is message data with a destination address of the external network address;
the processing unit is used for judging whether the message type of the first message data is an original type; if not, pushing the first message data to a target logic program; wherein the target logic program is a program which is associated with the external network address and does not monitor the universal port.
8. The message distribution apparatus according to claim 7, wherein the processing unit is further configured to push the first message data to an original service program when the message type of the first message data is an original type; wherein, the original service program is a program for monitoring the universal port.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-6.
10. An electronic device, comprising: a processor and memory for storing one or more programs; the one or more programs, when executed by the processor, implement the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111350108.XA CN113992426B (en) | 2021-11-15 | Message distribution method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111350108.XA CN113992426B (en) | 2021-11-15 | Message distribution method and device, storage medium and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113992426A true CN113992426A (en) | 2022-01-28 |
| CN113992426B CN113992426B (en) | 2024-08-02 |
Family
ID=
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115022217A (en) * | 2022-06-14 | 2022-09-06 | 深信服科技股份有限公司 | Network card detection method and device, electronic equipment and storage medium |
| CN116302851A (en) * | 2023-05-24 | 2023-06-23 | 北京中科网威信息技术有限公司 | FPGA logic abnormality monitoring and recovering method, device, equipment and medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017128953A1 (en) * | 2016-01-26 | 2017-08-03 | 中兴通讯股份有限公司 | Server virtualization network sharing apparatus and method |
| CN110677432A (en) * | 2019-10-14 | 2020-01-10 | 广州江南科友科技股份有限公司 | Network protocol internal proxy forwarding method, device, medium and terminal equipment |
| CN111565199A (en) * | 2020-07-14 | 2020-08-21 | 腾讯科技(深圳)有限公司 | Network attack information processing method and device, electronic equipment and storage medium |
| WO2020244439A1 (en) * | 2019-06-06 | 2020-12-10 | 中兴通讯股份有限公司 | Method and apparatus for realizing message mirroring, and storage medium |
| CN113194102A (en) * | 2021-05-19 | 2021-07-30 | 苏州瑞立思科技有限公司 | ICMP loopback message transmission method based on port |
| CN113271255A (en) * | 2021-06-23 | 2021-08-17 | 浪潮思科网络科技有限公司 | Method and device for converting network address to loopback |
| CN113507465A (en) * | 2021-07-07 | 2021-10-15 | 赞同科技股份有限公司 | socket and http shared port and message processing method and device thereof |
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017128953A1 (en) * | 2016-01-26 | 2017-08-03 | 中兴通讯股份有限公司 | Server virtualization network sharing apparatus and method |
| WO2020244439A1 (en) * | 2019-06-06 | 2020-12-10 | 中兴通讯股份有限公司 | Method and apparatus for realizing message mirroring, and storage medium |
| CN110677432A (en) * | 2019-10-14 | 2020-01-10 | 广州江南科友科技股份有限公司 | Network protocol internal proxy forwarding method, device, medium and terminal equipment |
| CN111565199A (en) * | 2020-07-14 | 2020-08-21 | 腾讯科技(深圳)有限公司 | Network attack information processing method and device, electronic equipment and storage medium |
| CN113194102A (en) * | 2021-05-19 | 2021-07-30 | 苏州瑞立思科技有限公司 | ICMP loopback message transmission method based on port |
| CN113271255A (en) * | 2021-06-23 | 2021-08-17 | 浪潮思科网络科技有限公司 | Method and device for converting network address to loopback |
| CN113507465A (en) * | 2021-07-07 | 2021-10-15 | 赞同科技股份有限公司 | socket and http shared port and message processing method and device thereof |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115022217A (en) * | 2022-06-14 | 2022-09-06 | 深信服科技股份有限公司 | Network card detection method and device, electronic equipment and storage medium |
| CN116302851A (en) * | 2023-05-24 | 2023-06-23 | 北京中科网威信息技术有限公司 | FPGA logic abnormality monitoring and recovering method, device, equipment and medium |
| CN116302851B (en) * | 2023-05-24 | 2023-08-22 | 北京中科网威信息技术有限公司 | FPGA logic abnormality monitoring and recovering method, device, equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11218445B2 (en) | System and method for implementing a web application firewall as a customized service | |
| US10554691B2 (en) | Security policy based on risk | |
| US20210165887A1 (en) | Techniques for securing execution environments by quarantining software containers | |
| US10469512B1 (en) | Optimized resource allocation for virtual machines within a malware content detection system | |
| US9563749B2 (en) | Comparing applications and assessing differences | |
| JP4856970B2 (en) | System and method for masking identified vulnerabilities | |
| WO2021077987A1 (en) | Security vulnerability defense method and device | |
| US20170223038A1 (en) | Recursive Multi-Layer Examination for Computer Network Security Remediation | |
| US20180054458A1 (en) | System and method for mitigating distributed denial of service attacks in a cloud environment | |
| US8528092B2 (en) | System, method, and computer program product for identifying unwanted activity utilizing a honeypot device accessible via VLAN trunking | |
| CN108881211A (en) | A kind of illegal external connection detection method and device | |
| CN111131221B (en) | Interface checking device, method and storage medium | |
| CN112019516B (en) | Access control method, device, equipment and storage medium for shared file | |
| US20220217164A1 (en) | Inline malware detection | |
| US11568053B2 (en) | Automated malware monitoring and data extraction | |
| CN109151075B (en) | Log processing method and device and electronic equipment | |
| CN114208114B (en) | Multi-view security context per participant | |
| US7640590B1 (en) | Presentation of network source and executable characteristics | |
| CN110768865B (en) | Deep packet inspection engine activation method and device and electronic equipment | |
| CN112272192A (en) | Domain name blasting method and device, storage medium and electronic equipment | |
| CN113992426A (en) | Message distribution method and device, storage medium and electronic equipment | |
| CN113992426B (en) | Message distribution method and device, storage medium and electronic equipment | |
| CN110809004A (en) | Safety protection method and device, electronic equipment and storage medium | |
| CN114244555B (en) | Security policy adjusting method | |
| CN114567678B (en) | Resource calling method and device for cloud security service and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |