CN115484084B - Unidirectional data transmission method and related equipment - Google Patents
Unidirectional data transmission method and related equipment Download PDFInfo
- Publication number
- CN115484084B CN115484084B CN202211080906.XA CN202211080906A CN115484084B CN 115484084 B CN115484084 B CN 115484084B CN 202211080906 A CN202211080906 A CN 202211080906A CN 115484084 B CN115484084 B CN 115484084B
- Authority
- CN
- China
- Prior art keywords
- data
- rule
- result
- template file
- check
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 207
- 238000000034 method Methods 0.000 title claims abstract description 53
- 238000012795 verification Methods 0.000 claims abstract description 195
- 238000002955 isolation Methods 0.000 claims abstract description 55
- 238000012545 processing Methods 0.000 claims abstract description 20
- 230000004044 response Effects 0.000 claims description 42
- 125000004122 cyclic group Chemical group 0.000 claims description 26
- 230000008569 process Effects 0.000 claims description 4
- 238000004590 computer program Methods 0.000 claims description 3
- 238000010200 validation analysis Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 description 16
- 238000005516 engineering process Methods 0.000 description 14
- 238000010586 diagram Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000012937 correction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000011084 recovery Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000008054 signal transmission Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0061—Error detection codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/22—Arrangements for detecting or preventing errors in the information received using redundant apparatus to increase reliability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/163—In-band adaptation of TCP data exchange; In-band control procedures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a one-way data transmission method and related equipment. The method comprises the following steps: the input board is used for verifying the data sent by the user side in the low-density area after receiving the data, so that the safe transmission between the low-density area and the input board is ensured, then the data is subjected to redundancy processing according to a verification result and is sent to the isolation board, so that the reliability and integrity of the transmitted data in the unidirectional transmission of the data are ensured, meanwhile, the timeliness of the data transmission is ensured, then the template file subjected to redundancy removal is subjected to dictionary verification and fixed format verification through the isolation board, the stability and integrity of the data transmission are further ensured, and finally, the template file is analyzed through the output board and is sent to the user side in the high-density area.
Description
Technical Field
The present application relates to the field of data transmission technologies, and in particular, to a unidirectional data transmission method and related devices.
Background
With the rapid development of internet communication technology, the application of communication technology also generates two sides, and nowadays, security becomes a key problem of data communication. When some mechanisms with high requirements on security are used for data transmission from a low-density region to a high-density region, it must be considered that information in the high-density region is not leaked to the low-density region, and in order to prevent information leakage and consider the integrity of data transmission, safe and reliable unidirectional transmission is required.
Based on the above situation, the unidirectional transmission device in the prior art adopts a unidirectional optical signal transmission mode, that is, the input board, the isolation board and the output board perform unidirectional optical signal transmission, and transmit the data in the low-density area to the high-density area. However, the method only performs physical isolation, and has the problems of incomplete transmission data, unreliable transmission mode, untimely transmission time efficiency and the like.
Disclosure of Invention
In view of the foregoing, an objective of the present invention is to provide a unidirectional data transmission method and related apparatus, so as to solve or partially solve the above technical problems.
In view of the above, a first aspect of the present application provides a unidirectional data transmission method applied to a unidirectional data transmission system, where the unidirectional data transmission system includes an input board connected to a low-density-area user terminal, a separation board, and an output board connected to a high-density-area user terminal, and the method includes:
receiving data sent by the low-density area user side by using the input board, checking the data to obtain a check result, performing redundancy processing on the data according to the check result to obtain redundancy transmission data, and sending the redundancy transmission data to the isolation board;
receiving redundant transmission data sent by the input board through the isolation board, and performing redundancy removal on the redundant transmission data to obtain a template file;
carrying out template verification on the template file according to a preset template file rule to obtain a template verification result;
performing dictionary check on the template file through a preset dictionary check rule based on the template check result to obtain a dictionary check result, performing fixed format check on the template file according to a preset fixed format check rule to obtain a fixed format check result, performing redundancy processing on the template file according to the dictionary check result and the fixed format check result to obtain a redundancy transmission template file, and sending the redundancy transmission template file to the output board;
receiving the redundant transmission template file sent by the isolation board through the output board, and analyzing and removing the redundant transmission template file to obtain check analysis data;
and performing keep-alive packet judgment on the verification analysis data to obtain a keep-alive packet judgment result, and sending the template file to the high-density region user side according to the keep-alive packet judgment result.
Optionally, the verifying the data to obtain a verification result includes:
the method for checking the transmission protocol message header in the data comprises at least one of the following steps:
checking a magic number, a cyclic redundancy check and a SEQ serial number;
the verifying the data to obtain a verification result includes:
respectively carrying out magic number check, cyclic redundancy check and SEQ serial number check on a transmission protocol message header in the data to obtain a first check result, a second check result and a third check result;
responding to the first verification result that the magic number in the transmission protocol message header is not consistent with the preset magic number, wherein the first verification result is verification failure;
responding to the second check result that the cyclic redundancy check data obtained by analyzing the transmission protocol message header is inconsistent with the cyclic redundancy check data calculated by the received data packet, wherein the second check result is check failure;
and in response to determining that the third check result is that the difference between the sequence of the SEQ sequence numbers obtained by analyzing the transmission protocol message header and the sequence of the SEQ sequence numbers received last time is inconsistent with a preset difference, the third check result is a check failure.
Optionally, the performing redundant transmission on the data according to the verified result to obtain redundant transmission data, and sending the redundant transmission data to the isolation board includes:
in response to determining that the first check result and/or the second check result and/or the third check result are/is a check failure, generating an error code based on the check result, discarding the data, counting the number of times of discarding, and sending the error code to the low-density user side;
and in response to the first check result, the second check result and the third check result are determined to be successful, judging the keep-alive packets of the data, performing redundant coding on the data with the non-keep-alive packets to obtain redundant transmission data, sending the redundant transmission data to the isolation board, feeding back data information with the keep-alive packets to the low-density-area user side, and counting the data with the keep-alive packets.
Optionally, the template file rule at least includes one of the following:
element rules, element attribute rules, file integrity rules and KEY value rules of the template file;
the template checking is carried out on the template file according to a preset template file rule to obtain a template checking result, and the method comprises the following steps:
respectively verifying the template file according to the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file to obtain a template verification result;
in response to determining that the template file does not conform to any one of the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, the template verification result is verification failure, the template file is discarded, and the number of discarding times is counted;
and responding to the fact that the template file conforms to the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, wherein the template verification result is successful.
Optionally, the dictionary checking rule at least includes one of the following:
the system comprises a blacklist rule and a white list rule, wherein the blacklist rule comprises a blacklist, and the white list rule comprises a white list;
the performing dictionary verification on the template file through a preset dictionary verification rule based on the template verification result to obtain a dictionary verification result, including:
in response to the fact that the template verification result is determined to be successful, searching the name of the template file according to the blacklist rule to obtain a first search result;
or,
searching the name of the template file according to the white list rule to obtain a second searching result;
responding to the first searching result that the name of the template file is determined to be stored in the blacklist, wherein the dictionary checking result is checking failure;
and responding to the fact that the second searching result is that the name of the template file exists in the white list, and the dictionary verification result is successful.
Optionally, the fixed format check rule at least includes one of the following:
IP address rule, specified network segment rule, port rule, number rule and telephone number format rule;
the fixed format verification is performed on the template file according to a preset fixed format verification rule to obtain a fixed format verification result, and the method comprises the following steps:
verifying the template file according to the IP address rule, the specified network segment rule, the port rule, the digital rule and the telephone number format rule respectively to obtain a fixed format verification result;
in response to determining that the template files all satisfy the IP address rule, the specified network segment rule, the port rule, the number rule and the telephone number format rule, the fixed format verification result is successful;
and responding to the condition that the template file does not meet any rule of the IP address rule, the specified network segment rule, the port rule, the digital rule and the telephone number format rule, wherein the fixed format verification result is verification failure.
Optionally, the performing redundant transmission on the template file according to the dictionary verification result and the fixed format verification result to obtain a redundant transmission template file, and sending the redundant transmission template file to the output board includes:
in response to determining that the dictionary verification result and/or the fixed format verification result is verification failure, discarding the template file, and counting the times of discarding;
and in response to the fact that the dictionary verification result and the fixed format verification result are both verified successfully, performing redundant coding on the template file to obtain a redundant transmission template file, and sending the redundant transmission template file to the output board.
Optionally, the keep-alive packet determination result includes a keep-alive packet and a non-keep-alive packet;
the sending the template file to the high-density region user side according to the keep-alive packet judgment result comprises the following steps:
in response to the fact that the judgment result of the keep-alive packet is the keep-alive packet, discarding the template file, and counting the discarding times;
and in response to the fact that the judgment result of the keep-alive package is determined to be a non-keep-alive package, analyzing and recombining the template file to obtain analyzed and recombined data, and sending the analyzed and recombined data to the high-density area user side.
Based on the same inventive concept, a second aspect of the present application provides a unidirectional data transmission system, which includes an input board connected to a low-density-area user terminal, an isolation board, and an output board connected to a high-density-area user terminal, including:
the input board is configured to receive data sent by the low-density area user side, check the data to obtain a check result, perform redundant transmission on the data according to the check result to obtain redundant transmission data, and send the redundant transmission data to the isolation board;
the isolation board is configured to receive redundant transmission data sent by the input board, perform redundancy removal on the redundant transmission data to obtain a template file, perform template verification on the template file according to a preset template file rule to obtain a template verification result, perform dictionary verification on the template file according to a preset dictionary verification rule based on the template verification result to obtain a dictionary verification result, perform fixed format verification on the template file according to a preset fixed format verification rule to obtain a fixed format verification result, perform redundant transmission on the template file according to the dictionary verification result and the fixed format verification result to obtain a redundant transmission template file, and send the redundant transmission template file to the output board;
the output board is configured to receive the redundant transmission template file sent by the isolation board, check and analyze the redundant transmission template file to obtain check and analysis data, perform keep-alive packet judgment on the check and analysis data to obtain a keep-alive packet judgment result, and send the template file to the high-density area user side according to the keep-alive packet judgment result.
Based on the same inventive concept, a third aspect of the present application provides an electronic device, comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of the first aspect when executing the program.
As can be seen from the above, according to the unidirectional data transmission method and the related device provided by the application, the input board is used for receiving the data sent by the low-density area user side and then checking the data, so as to ensure the safe transmission between the low-density area and the input board, then the data is subjected to the redundancy processing according to the checking result and sent to the isolation board, so as to ensure the reliability and integrity of the transmitted data in the real-time transmission or unidirectional transmission, and simultaneously ensure the timeliness of the data transmission, then the isolation board is used for performing the dictionary check and the fixed format check on the template file subjected to the redundancy removal, so as to further ensure the stability and integrity of the data transmission, and finally the output board is used for analyzing and sending the data to the high-density area user side.
Drawings
In order to more clearly illustrate the technical solutions in the present application or related technologies, the drawings required for the embodiments or related technologies in the following description are briefly introduced, and it is obvious that the drawings in the following description are only the embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a unidirectional data transmission method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a unidirectional data transmission system according to an embodiment of the present application;
fig. 3 is a schematic diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is further described in detail below with reference to the accompanying drawings in combination with specific embodiments.
It should be noted that technical terms or scientific terms used in the embodiments of the present application should have a general meaning as understood by those having ordinary skill in the art to which the present application belongs, unless otherwise defined. The use of "first," "second," and similar terms in the embodiments of the present application is not intended to indicate any order, quantity, or importance, but rather is used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that the element or item preceding the word comprises the element or item listed after the word and its equivalent, but does not exclude other elements or items. The terms "connected" or "coupled" and the like are not restricted to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", and the like are used merely to indicate relative positional relationships, and when the absolute position of the object being described is changed, the relative positional relationships may also be changed accordingly.
In the related art, when data transmission from a low-density area to a high-density area is performed, in order to prevent information leakage, a unidirectional transmission device is often adopted when the integrity of the data transmission is considered, and a traditional unidirectional transmission device adopts a mode of optical signal unidirectional transmission and performs unidirectional transmission in modes of an input board, an isolation board and an output board so as to send data in the low-density area to the high-density area.
The embodiment of the application provides a unidirectional data transmission method and related equipment, physical security isolation of data is ensured through an input board, an isolation board and an output board, when data of a low-density area user side is transmitted through the input board, the isolation board and the output board, various checks are carried out on the data, and reliability, integrity and timeliness of the transmitted data are ensured.
As shown in fig. 1, the method is applied to a unidirectional data transmission system, the unidirectional data transmission system comprises an input board connected with a low-density area user terminal, an isolation board and an output board connected with a high-density area user terminal, and the method comprises the following steps:
In specific implementation, the input board and the low-density area user side are connected by using a custom Protocol mode based on a Transmission Control Protocol (TCP), so that the reliability of data Transmission is ensured.
The input board is used for receiving data transmitted by a low-density area user side through TCP, the data is verified to obtain a verification result, the data is subjected to redundancy processing according to the verification result to obtain redundancy transmission data, the redundancy transmission data is sent to the isolation board, and the integrity of data transmission under complex transmission is guaranteed by means of redundancy transmission between the input board and the isolation board.
The redundancy processing is composed of a redundancy transmission tunnel sending end and a redundancy transmission tunnel receiving end. The redundant transmission tunnel sending end cuts the original data, codes in blocks, and sends out the message through the tunnel after encapsulating. The receiving end of the redundant transmission tunnel monitors the tunnel message, acquires the tunnel message, decrypts the tunnel message, caches the data, filters redundant original packets, decodes the redundant original packets, and restores the original data. Redundancy check is established between transmitted messages by adopting an erasure code-based forward error correction technology to obtain redundancy transmission data, so that a transmitted data packet group has certain packet loss recovery capability, for example, k original data packets are subjected to redundancy coding to obtain n data packets (comprising k original data packets and n-k redundant packets), and as long as a receiving end at least receives k data packets, the k original data packets can be recovered after redundancy decoding.
In the application scenario that the erasure code technology of the redundant transmission tunnel has a higher requirement on transmission delay or only has a one-way channel, the erasure code based technology becomes a feasible and effective method for realizing reliable communication. Namely, a control mechanism based on an ErasureCode (erasure code) algorithm is adopted, redundancy check is established among transmission messages, lost data packet redundancy is recovered, and integrity of data is guaranteed, so that the fault tolerance of unidirectional transmission is effectively improved.
ErasureCode (erasure code) technology is mainly used in storage and communication systems. The method is used for realizing high availability and high reliability of data, and in a communication system, erasure codes enable transmitted data to have better fault tolerance through an encoding technology, and great advantages are shown in the aspect of guaranteeing the reliability of the transmitted data in real-time transmission or unidirectional transmission.
And 102, receiving the redundant transmission data sent by the input board through the isolation board, and performing redundancy removal on the redundant transmission data to obtain a template file.
In specific implementation, redundancy removal is carried out on the redundancy transmission data, and a template file is generated in the cache.
And 103, performing template verification on the template file according to a preset template file rule to obtain a template verification result.
In specific implementation, the template file is subjected to template verification according to a preset template file rule so as to verify the format of the template file and obtain a template verification result.
And 104, performing dictionary check on the template file through a preset dictionary check rule based on the template check result to obtain a dictionary check result, performing fixed format check on the template file according to a preset fixed format check rule to obtain a fixed format check result, performing redundancy processing on the template file according to the dictionary check result and the fixed format check result to obtain a redundancy transmission template file, and sending the redundancy transmission template file to the output board.
When the method is implemented specifically, a dictionary check rule is preset under a specified directory to perform dictionary check on a template file to obtain a dictionary check result, meanwhile, fixed format check is performed on the template file according to the preset fixed format check rule to realize special field format check in the template file, a fixed format check result is obtained, the reliability of data transmission is guaranteed, redundancy processing is performed on the template file according to the dictionary check result and the fixed format check result, the redundancy transmission template file is sent to an output board, and the integrity of data transmission under complex transmission is guaranteed by means of redundancy transmission between an isolation board and the output board.
And 105, receiving the redundant transmission template file sent by the isolation board through the output board, and performing verification analysis on the redundant transmission template file to obtain verification analysis data.
When the redundant transmission template is implemented specifically, the output board receives the redundant transmission template sent by the isolation board, the magic number check is carried out on the redundant transmission template file, when the magic number in the redundant transmission template file is inconsistent with the preset magic number, the check fails, the data which is failed in the check is discarded, the discarded times are counted, when the magic number check succeeds, the redundant transmission template file is analyzed, the redundant data are filtered, the check analyzed data are obtained, then the length of the data packet in the redundant transmission template file which is filtered through the redundancy is read, whether the analyzed data length in the data packet is consistent or not is judged, if the data length is inconsistent, the inconsistent data are discarded, and the discarded times are counted until the consistent analyzed data are found.
And 106, performing keep-alive packet judgment on the analysis and verification data to obtain a keep-alive packet judgment result, and sending the template file to the high-density region user side according to the keep-alive packet judgment result.
In specific implementation, the keep-alive packet judgment is carried out on the analyzed and removed data, and the template file is sent to the user side in the dense area according to the keep-alive packet judgment result, so that the safe transmission of the data is guaranteed.
The output board can send the keep-alive packets to the high-density area user side at preset time intervals.
According to the scheme of the embodiment, the output board is connected with the high-density area user side in a self-defined protocol mode based on the TCP, so that the input board receives data sent by the low-density area user side, the reliability of data transmission is ensured, the received data is checked, then, the data is subjected to redundant transmission according to the checking result and is sent to the isolation board, the reliability and the integrity of the data transmission between the low-density area and the input board are ensured, meanwhile, the timeliness of the data transmission is ensured, the isolation board is used for performing dictionary checking and fixed format checking on the template file subjected to redundant removal, the stability and the integrity of the data transmission are further ensured, and finally, the output board is used for analyzing and sending the template file to the high-density area user side, and the safe transmission of the data is ensured.
The low-density area user side and the input board, the high-density area user side and the output board transmit data in real time, the input board and the isolation board, the isolation board and the output board are in one-way transmission, and the output board and the isolation board, the isolation board and the output board are in single-optical-fiber transmission, so that the one-way transmission of the data is ensured.
In some embodiments, in step 101, the checking the transport protocol message header in the data includes at least one of:
checking a magic number, a cyclic redundancy check and a SEQ serial number;
the verifying the data to obtain a verification result includes:
step A1, respectively carrying out magic number check, cyclic redundancy check and SEQ serial number check on a transmission protocol message header in the data to obtain a first check result, a second check result and a third check result.
And step A2, responding to the first checking result that the magic number in the transmission protocol message header is not consistent with the preset magic number, wherein the first checking result is checking failure.
And step A3, responding to the fact that the second check result is that the cyclic redundancy check data obtained by analyzing the transmission protocol message header is inconsistent with the cyclic redundancy check data calculated by the received data packet, wherein the second check result is check failure.
And step A4, responding to the fact that the third checking result is the difference value between the sequence of the SEQ serial numbers obtained by analyzing the transmission protocol message header and the SEQ serial numbers received last time and is inconsistent with the preset difference value, and the third checking result is checking failure.
During specific implementation, magic number Check is performed on a transmission protocol message in data to obtain a magic number Check result (namely, a first Check result), cyclic Redundancy Check (Cyclic Redundancy Check, CRC) is performed on a transmission protocol message header in the data to obtain a Cyclic Redundancy Check result (namely, a second Check result), SEQ serial number Check is performed on the transmission protocol message header in the data to obtain SEQ serial number Check (namely, a second Check result), when the magic number in the transmission protocol message header is inconsistent with a preset magic number, the magic number Check result is a Check failure, cyclic Redundancy Check data obtained through analysis in the transmission protocol message header is inconsistent with Cyclic Redundancy Check data calculated by a received data packet, the Cyclic Redundancy Check result is a Check failure, and when a difference value between a sequence of the SEQ serial number obtained through analysis in the transmission protocol message header and a SEQ serial number received last time is inconsistent with the preset difference value, the SEQ serial number Check result is a Check failure, so that reliability of data transmission is guaranteed.
In some embodiments, in step 101, the performing redundant transmission on the data according to the check result to obtain redundant transmission data, and sending the redundant transmission data to the isolation board includes:
and step B1, in response to determining that the first check result and/or the second check result and/or the third check result are/is a check failure, generating an error code based on the check result, discarding the data, counting the number of discarding processes, and sending the error code to the low-density-area user side.
And step B2, in response to the fact that the first check result, the second check result and the third check result are all checked successfully, conducting live keeping packet judgment on the data, conducting redundant coding on the data with the non-live keeping packets to obtain redundant transmission data, sending the redundant transmission data to the isolation board, feeding back data information with the live keeping packets to the low-density-area user side, and counting the data with the live keeping packets.
When any one of the first check result, the second check result and the third check result is failed to check, an error code is generated, the error code is returned to a low-density-area user side, data failed to check are discarded, the data discarded can also be counted, when the first check result and the second check result are both successful to check, redundant coding is performed on the data to obtain redundant transmission data, and the redundant transmission data is sent to a partition board, wherein the redundant transmission data is obtained by adopting a forward error correction technology based on erasure codes to establish redundant check between transmitted messages, so that a sent data packet group has a certain packet loss recovery capability, for example, k original data packets are obtained after redundant coding, n data packets (including k original data packets and n-k redundant packets) are obtained, and as long as a receiving end at least receives k data packets, the k original data packets can be recovered after redundant decoding, and the integrity and stability of data output are guaranteed.
In addition, after the redundant transmission data is sent to the isolation board, the total number of packets sent (rxpkts), the total number of bytes sent (rxbytes), the number of packets sent per second (rxpps), and the number of bytes sent per second (rxbps) can be counted, and the number of data sent, the number of bytes sent, the number of data sent per second, the number of bytes sent per second, and the discard count can be checked by inputting a specified website in a standard remote terminal protocol (telnet) or in a browser. The content of the count is not particularly limited.
In some embodiments, the template file rules include at least one of:
element rules, element attribute rules, file integrity rules and KEY value rules of the template file;
and step 1031, verifying the template file according to the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file respectively to obtain a template verification result.
Step 1032, in response to determining that the template file does not conform to any rule of the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, the template verification result is verification failure, the template file is discarded, and the number of discarding times is counted;
step 1033, in response to determining that the template file conforms to the element rule, the element attribute rule, the file integrity rule, and the KEY value rule of the template file, the template verification result is a verification success.
When the template file is not matched with the element rule, the element attribute rule, the file integrity rule (incomplete file) or the KEY value rule (no corresponding KEY value) of the template file, the template file is not matched with the requirement, the template verification result is verification failure, the template file which is failed in verification is discarded, and the discarded times are counted.
And when the template file meets the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, the template file meets the requirements, and the template verification result is successful.
The template file rule is a self-defined template file format, each template file is a use scene, the template files can be selected according to specific requirements, and transmitted data are filled in the position corresponding to the KEY value.
In some embodiments, the dictionary validation rules include at least one of:
the system comprises a blacklist rule and a white list rule, wherein the blacklist rule comprises a blacklist, and the white list rule comprises a white list;
in step 104, the performing dictionary verification on the template file through a preset dictionary verification rule based on the template verification result to obtain a dictionary verification result includes:
step C1, in response to the fact that the template verification result is determined to be successful, searching the name of the template file according to the blacklist rule to obtain a first search result;
or,
searching the name of the template file according to the white list rule to obtain a second searching result;
step C2, responding to the fact that the first searching result is that the name of the template file exists in the blacklist, and the dictionary checking result is checking failure;
and step C3, responding to the fact that the second searching result is that the name of the template file exists in the white list, and the dictionary verifying result is successful.
In specific implementation, when the template verification result is that the template verification is successful, the dictionary verification is carried out according to a preset dictionary verification rule. The dictionary verification rule comprises a blacklist rule and a white list rule, the white list rule and the blacklist rule are established under the specified directory, after the establishment rule is completed, names corresponding to the white list in the white list rule or the blacklist in the blacklist rule are filled in the corresponding KEY values, and when the fact that the names corresponding to the blacklist in the blacklist rule (namely, a first search result) are detected in the KEY values of the template file, the dictionary verification result is verification failure.
Meanwhile, when the fact that the name (namely the second search result) corresponding to the white list in the white list rule exists in the KEY value of the template file is detected, the dictionary verification result is successful.
In some embodiments, the fixed-format-check rule includes at least one of:
IP address rule, specified network segment rule, port rule, number rule and telephone number format rule;
in step 104, the performing fixed format verification on the template file according to a preset fixed format verification rule to obtain a fixed format verification result includes:
step D1, the template file is verified according to the IP address rule, the specified network segment rule, the port rule, the number rule and the telephone number format rule respectively to obtain a fixed format verification result;
step D2, responding to the fact that the template files meet the IP address rule, the specified network segment rule, the port rule, the number rule and the telephone number format rule, and the fixed format verification result is successful;
and D3, responding to the condition that the template file does not meet any rule of the IP address rule, the specified network segment rule, the port rule, the number rule and the telephone number format rule, wherein the fixed format verification result is verification failure.
When the template file does not meet any one of the IP address rule, the specified network segment rule, the port rule, the number rule and the telephone number format rule, the fixed format check result is a check failure.
In some embodiments, in step 104, the performing redundant transmission on the template file according to the dictionary verification result and the fixed format verification result to obtain a redundant transmission template file, and sending the redundant transmission template file to the output board includes:
e1, in response to the fact that the dictionary verification result and/or the fixed format verification result are determined to be verification failures, discarding the template file, and counting the times of discarding;
and E2, in response to the fact that the dictionary verification result and the fixed format verification result are verified successfully, carrying out redundant coding on the template file to obtain a redundant transmission template file, and sending the redundant transmission template file to the output board.
When the verification result of any one of the dictionary verification result and the fixed format verification result is verification failure, discarding the template file which is failed in verification, and counting the discarded times.
And when the dictionary verification result and the fixed format verification result are both successful in verification, performing redundant coding on the template file, obtaining a redundant transmission template file through redundant transmission, and sending the redundant transmission template file to an output board. The redundancy transmission template file is obtained by establishing redundancy check between transmitted messages by adopting an erasure code-based forward error correction technology, so that a transmitted data packet group has certain packet loss recovery capability, for example, k original data packets are subjected to redundancy coding to obtain n data packets (including k original data packets and n-k redundant packets), and as long as a receiving end at least receives k data packets, the k original data packets can be restored after redundancy decoding, thereby ensuring the integrity and stability of data output.
Further, after the redundant transmission template file is transmitted to the output board, the total number of packets transmitted (rxpkts), the number of packets transmitted per second (rxpps) may also be counted. The number of data of the template file transmitted, the number of data of the template file transmitted per second, and the discard count can be checked through a standard remote terminal protocol (telnet) or by entering a specified web address in a browser.
In some embodiments, the keep-alive packet determination result includes a keep-alive packet and a non-keep-alive packet;
in step 106, the sending the template file to the high-density area user side according to the keep-alive packet determination result includes:
step 1061, in response to determining that the alive-keeping packet determination result is the alive-keeping packet, discarding the template file, and counting the number of times of discarding.
Step 1062, in response to determining that the keep-alive package determination result is an inactive keep-alive package, analyzing and recombining the template file to obtain analyzed and recombined data, and sending the analyzed and recombined data to the high-density region user side.
In specific implementation, when the judgment result of the keep-alive packet is the keep-alive packet, the template file which is the keep-alive packet is discarded, the discarding times are counted, and when the judgment result of the keep-alive packet is the non-keep-alive packet, the template file which is the non-keep-alive packet is sent to the high-density area user side based on a self-defined protocol of TCP (transmission control protocol) so as to ensure the safe transmission of data.
The output board can send the keep-alive packets to the high-density area user side at preset time intervals.
In addition, after the template file is sent to the high-density area user side, the total number of packets sent (rxpkts), the total number of bytes sent (rxbytes), the number of packets sent per second (rxpps), and the number of bytes sent per second (rxbps) are counted, and the number of data sent for the template file, the number of bytes sent for the template file per second, and the discard count can be checked by a standard remote terminal protocol (telnet) or by entering a specified web address in a browser. The content of the count is not particularly limited herein.
It should be noted that the method of the embodiment of the present application may be executed by a single device, such as a computer or a server. The method of the embodiment can also be applied to a distributed scene and completed by the mutual cooperation of a plurality of devices. In such a distributed scenario, one of the multiple devices may only perform one or more steps of the method of the embodiment, and the multiple devices interact with each other to complete the method.
It should be noted that the above describes some embodiments of the present application. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments described above and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
Based on the same inventive concept, corresponding to the method of any embodiment, the application also provides a unidirectional data transmission system.
Referring to fig. 2, the unidirectional data transmission system includes an input board connected to a low-density region user terminal, an isolation board, and an output board connected to a high-density region user terminal, and includes:
the input board 201 is configured to receive data sent by the low-density area user side, check the data to obtain a check result, perform redundancy processing on the data according to the check result to obtain redundancy transmission data, and send the redundancy transmission data to the isolation board;
the isolation board 202 is configured to receive redundant transmission data sent by the input board, perform redundancy removal on the redundant transmission data to obtain a template file, perform template verification on the template file according to a preset template file rule to obtain a template verification result, perform dictionary verification on the template file according to a preset dictionary verification rule based on the template verification result to obtain a dictionary verification result, perform fixed format verification on the template file according to a preset fixed format verification rule to obtain a fixed format verification result, perform redundancy processing on the template file according to the dictionary verification result and the fixed format verification result to obtain a redundant transmission template file, and send the redundant transmission template file to the output board;
the output board 203 is configured to receive the redundant transmission template file sent by the isolation board, perform check analysis on the redundant transmission template file to obtain check analysis data, perform keep-alive packet judgment on the check analysis data to obtain a keep-alive packet judgment result, and send the template file to the high-density area user side according to the keep-alive packet judgment result.
In some embodiments, the input board 201 is specifically configured to:
the method for checking the transmission protocol message header in the data comprises at least one of the following steps:
a magic number check, a cyclic redundancy check and SEQ sequence number;
the verifying the data to obtain a verification result includes:
respectively carrying out magic number check, cyclic redundancy check and SEQ serial number check on a transmission protocol message header in the data to obtain a first check result, a second check result and a third check result;
correspondingly, determining that the first verification result is that the magic number in the transmission protocol message header is inconsistent with a preset magic number, wherein the first verification result is verification failure;
responding to the second check result that the cyclic redundancy check data obtained by analyzing the transmission protocol message header is inconsistent with the cyclic redundancy check data calculated by the received data packet, wherein the second check result is check failure;
and in response to determining that the third check result is that a difference between the sequence of the SEQ sequence numbers obtained by parsing in the transport protocol message header and the SEQ sequence number received last time is inconsistent with a preset difference, the third check result is a check failure.
In some embodiments, the input board 201 is further specifically configured to:
in response to determining that the first check result and/or the second check result and/or the third check result are/is a check failure, generating an error code based on the check result, discarding the data, counting the number of times of discarding, and sending the error code to the low-density user side;
and in response to the first check result, the second check result and the third check result are determined to be successful in check, judging the keep-alive packet of the data, performing redundant coding on the data with the non-keep-alive packet to obtain redundant transmission data, sending the redundant transmission data to the isolation board, feeding back data information with the keep-alive packet to the low-density-area user side, and counting the data with the keep-alive packet.
In some embodiments, the template file rules include at least one of:
element rules, element attribute rules, file integrity rules and KEY value rules of the template file;
the isolation plate 202 is specifically configured to:
respectively verifying the template file according to the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file to obtain a template verification result;
in response to determining that the template file does not conform to any rule of the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, the template verification result is verification failure, the template file is discarded, and the number of discarding times is counted;
and responding to the fact that the template file is determined to accord with the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, wherein the template verification result is successful verification.
In some embodiments, the dictionary validation rules include at least one of:
the system comprises a blacklist rule and a white list rule, wherein the blacklist rule comprises a blacklist, and the white list rule comprises a white list;
the isolation plate 202 is further specifically configured to:
in response to the fact that the template verification result is determined to be successful, searching the name of the template file according to the blacklist rule to obtain a first search result;
or,
the white list rule searches the name of the template file to obtain a second search result;
responding to the first searching result that the name of the template file is determined to be stored in the blacklist, wherein the dictionary checking result is checking failure;
and responding to the fact that the second searching result is that the name of the template file exists in the white list, and the dictionary verification result is successful.
In some embodiments, the fixed-format-check rule includes at least one of:
IP address rule, specified network segment rule, port rule, number rule and telephone number format rule;
the isolation plate 202 is further specifically configured to:
verifying the template file according to the IP address rule, the specified network segment rule, the port rule, the digital rule and the telephone number format rule respectively to obtain a fixed format verification result;
responding to the condition that the template files meet the IP address rule, the specified network segment rule, the port rule, the number rule and the telephone number format rule, and judging that the fixed format verification result is successful;
and responding to the condition that the template file does not meet any rule of the IP address rule, the specified network segment rule, the port rule, the digital rule and the telephone number format rule, wherein the fixed format verification result is verification failure.
In some embodiments, the isolation plate 202 is further specifically configured to:
in response to determining that the dictionary verification result and/or the fixed format verification result is verification failure, discarding the template file, and counting the times of discarding;
and in response to the fact that the dictionary verification result and the fixed format verification result are both verified successfully, performing redundant coding on the template file to obtain a redundant transmission template file, and sending the redundant transmission template file to the output board.
In some embodiments, the keep-alive packet determination result includes a keep-alive packet and a non-keep-alive packet;
the output board 203 is specifically configured to:
in response to the fact that the judgment result of the keep-alive packet is the keep-alive packet, discarding the template file, and counting the discarding times;
and in response to the fact that the judgment result of the keep-alive package is determined to be a non-keep-alive package, analyzing and recombining the template file to obtain analyzed and recombined data, and sending the analyzed and recombined data to the high-density area user side.
For convenience of description, the above devices are described as being divided into various modules by functions, which are described separately. Of course, the functionality of the various modules may be implemented in the same one or more software and/or hardware implementations as the present application.
The apparatus of the foregoing embodiment is used to implement the corresponding unidirectional data transmission method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which are not described herein again.
Based on the same inventive concept, corresponding to the method of any embodiment described above, the present application further provides an electronic device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the program, the unidirectional data transmission method described in any embodiment above is implemented.
Fig. 3 is a schematic diagram illustrating a more specific hardware structure of an electronic device according to this embodiment, where the device may include: a processor 301, a memory 302, an input/output interface 303, a communication interface 304, and a bus 305. Wherein the processor 301, the memory 302, the input/output interface 303 and the communication interface 304 are communicatively connected to each other within the device via a bus 305.
The processor 301 may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute related programs to implement the technical solutions provided in the embodiments of the present specification.
The Memory 302 may be implemented in the form of a ROM (Read Only Memory), a RAM (Random Access Memory), a static Memory device, a dynamic Memory device, or the like. The memory 302 may store an operating system and other application programs, and when the technical solution provided by the embodiments of the present specification is implemented by software or firmware, the relevant program codes are stored in the memory 302 and called to be executed by the processor 301.
The input/output interface 303 is used for connecting an input/output module to realize information input and output. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various sensors, etc., and the output devices may include a display, speaker, vibrator, indicator light, etc.
The communication interface 304 is used for connecting a communication module (not shown in the figure) to realize communication interaction between the device and other devices. The communication module can realize communication in a wired mode (such as USB, network cable and the like) and also can realize communication in a wireless mode (such as mobile network, WIFI, bluetooth and the like).
It should be noted that although the above-mentioned device only shows the processor 301, the memory 302, the input/output interface 303, the communication interface 304 and the bus 305, in a specific implementation, the device may also include other components necessary for normal operation. In addition, those skilled in the art will appreciate that the above-described apparatus may also include only the components necessary to implement the embodiments of the present disclosure, and need not include all of the components shown in the figures.
The electronic device of the foregoing embodiment is used to implement the corresponding unidirectional data transmission method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which are not described herein again.
Based on the same inventive concept, corresponding to any of the above-mentioned embodiment methods, the present application also provides a non-transitory computer-readable storage medium storing computer instructions for causing the computer to execute the unidirectional data transmission method according to any of the above-mentioned embodiments.
Computer-readable media, including both permanent and non-permanent, removable and non-removable media, for storing information may be implemented in any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device.
The computer instructions stored in the storage medium of the foregoing embodiment are used to enable the computer to execute the unidirectional data transmission method according to any one of the foregoing embodiments, and have the beneficial effects of the corresponding method embodiment, which are not described herein again.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, is limited to these examples; within the context of the present application, features from the above embodiments or from different embodiments may also be combined, steps may be implemented in any order, and there are many other variations of the different aspects of the embodiments of the present application as described above, which are not provided in detail for the sake of brevity.
In addition, well-known power/ground connections to Integrated Circuit (IC) chips and other components may or may not be shown within the provided figures for simplicity of illustration and discussion, and so as not to obscure the embodiments of the application. Further, devices may be shown in block diagram form in order to avoid obscuring embodiments of the application, and this also takes into account the fact that specifics with respect to implementation of such block diagram devices are highly dependent upon the platform within which the embodiments of the application are to be implemented (i.e., specifics should be well within purview of one skilled in the art). Where specific details (e.g., circuits) are set forth in order to describe example embodiments of the application, it should be apparent to one skilled in the art that the embodiments of the application can be practiced without, or with variation of, these specific details. Accordingly, the description is to be regarded as illustrative instead of restrictive.
While the present application has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of these embodiments will be apparent to those of ordinary skill in the art in light of the foregoing description. For example, other memory architectures, such as Dynamic RAM (DRAM), may use the discussed embodiments.
The present embodiments are intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present application are intended to be included within the scope of the present application.
Claims (7)
1. A unidirectional data transmission method applied to a unidirectional data transmission system, wherein the unidirectional data transmission system comprises an input board connected with a low-density region user terminal, an isolation board connected with the input board, and an output board connected with a high-density region user terminal, the method comprising:
the input board is used for receiving the data sent by the low-density area user side, the data is verified to obtain a verification result, and the mode for verifying the data comprises at least one of the following modes:
checking a magic number, a cyclic redundancy check and a SEQ serial number;
the verifying the data to obtain a verification result includes:
respectively carrying out magic number verification, cyclic redundancy verification and SEQ serial number verification on the data to obtain a first verification result, a second verification result and a third verification result;
responding to the first verification result that the magic number in the data is inconsistent with a preset magic number, wherein the first verification result is verification failure;
responding to the second check result that the cyclic redundancy check data obtained through analysis in the data is inconsistent with the cyclic redundancy check data calculated by the received data packet, wherein the second check result is check failure;
in response to determining that the third check result is that a difference value between the sequence of the SEQ serial numbers obtained by analysis in the data and the SEQ serial number received last time is inconsistent with a preset difference value, the third check result is a check failure, and the data is subjected to redundancy processing according to the check result to obtain redundancy transmission data, the redundancy transmission data is sent to the division board, the data is subjected to redundancy processing according to the check result to obtain redundancy transmission data, and the redundancy transmission data is sent to the division board, the method includes:
in response to determining that the first check result and/or the second check result and/or the third check result are/is a check failure, generating an error code based on the check result, discarding the data, counting the number of discarding processes, and sending the error code to the low-density-area user side;
in response to the first check result, the second check result and the third check result are determined to be successful in check, performing live-keeping packet judgment on the data, performing redundant coding on the data with the non-live-keeping packet to obtain redundant transmission data, sending the redundant transmission data to the isolation board, feeding back data information with the live-keeping packet to the low-density-area user side, and counting the data with the live-keeping packet;
receiving redundant transmission data sent by the input board through the isolation board, and performing redundancy removal on the redundant transmission data to obtain a template file;
carrying out template verification on the template file according to a preset template file rule to obtain a template verification result;
performing dictionary check on the template file through a preset dictionary check rule based on the template check result to obtain a dictionary check result, performing fixed format check on the template file according to a preset fixed format check rule to obtain a fixed format check result, performing redundancy processing on the template file according to the dictionary check result and the fixed format check result to obtain a redundancy transmission template file, and sending the redundancy transmission template file to the output board;
receiving the redundant transmission template file sent by the isolation board through the output board, and carrying out verification analysis on the redundant transmission template file to obtain verification analysis data;
performing keep-alive packet judgment on the verification analysis data to obtain a keep-alive packet judgment result, and sending the template file to the high-density region user side according to the keep-alive packet judgment result, wherein the keep-alive packet judgment result comprises a keep-alive packet and a non-keep-alive packet;
the sending the template file to the high-density region user side according to the alive-keeping packet judgment result comprises the following steps:
in response to the fact that the judgment result of the keep-alive packet is the keep-alive packet, discarding the template file, and counting the discarding times;
and in response to the condition that the judgment result of the keep-alive package is determined to be a non-keep-alive package, analyzing and recombining the template file to obtain analyzed and recombined data, and sending the analyzed and recombined data to the high-density region user side.
2. The method of claim 1, wherein the template file rules include at least one of:
element rules, element attribute rules, file integrity rules and KEY value rules of the template file;
the template checking is carried out on the template file according to a preset template file rule to obtain a template checking result, and the method comprises the following steps:
respectively verifying the template file according to the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file to obtain a template verification result;
in response to determining that the template file does not conform to any one of the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, the template verification result is verification failure, the template file is discarded, and the number of discarding times is counted;
and responding to the fact that the template file is determined to accord with the element rule, the element attribute rule, the file integrity rule and the KEY value rule of the template file, wherein the template verification result is successful verification.
3. The method of claim 2, wherein the dictionary validation rules comprise at least one of:
the system comprises a blacklist rule and a white list rule, wherein the blacklist rule comprises a blacklist, and the white list rule comprises a white list;
the performing dictionary check on the template file through a preset dictionary check rule based on the template check result to obtain a dictionary check result, including:
in response to the fact that the template verification result is determined to be successful, searching the name of the template file according to the blacklist rule to obtain a first search result;
or,
searching the name of the template file according to the white list rule to obtain a second searching result;
responding to the first searching result that the name of the template file is determined to be stored in the blacklist, wherein the dictionary checking result is checking failure;
and responding to the fact that the second searching result is that the name of the template file exists in the white list, and the dictionary verification result is successful.
4. The method of claim 3, wherein the fixed-format-check rule comprises at least one of:
IP address rule, specified network segment rule, port rule, number rule and telephone number format rule;
the fixed format verification is performed on the template file according to a preset fixed format verification rule to obtain a fixed format verification result, and the method comprises the following steps:
verifying the template file according to the IP address rule, the specified network segment rule, the port rule, the digital rule and the telephone number format rule respectively to obtain a fixed format verification result;
in response to determining that the template files all satisfy the IP address rule, the specified network segment rule, the port rule, the number rule and the telephone number format rule, the fixed format verification result is successful;
and responding to the condition that the template file does not meet any rule of the IP address rule, the specified network segment rule, the port rule, the digital rule and the telephone number format rule, wherein the fixed format verification result is verification failure.
5. The method according to claim 4, wherein the performing redundancy processing on the template file according to the dictionary verification result and the fixed format verification result to obtain a redundancy transmission template file, and sending the redundancy transmission template file to the output board comprises:
in response to determining that the dictionary verification result and/or the fixed format verification result is verification failure, discarding the template file, and counting the times of discarding;
and in response to the fact that the dictionary verification result and the fixed format verification result are both verified successfully, performing redundant coding on the template file to obtain a redundant transmission template file, and sending the redundant transmission template file to the output board.
6. A unidirectional data transmission system comprising an input board connected to a low density area user terminal, an isolation board connected to the input board, and an output board connected to a high density area user terminal, comprising:
the input board is configured to receive data sent by the low-density area user side, check the data to obtain a check result, and the data checking mode includes at least one of the following:
checking a magic number, a cyclic redundancy check and a SEQ serial number;
the verifying the data to obtain a verification result includes:
respectively carrying out magic number verification, cyclic redundancy verification and SEQ serial number verification on the data to obtain a first verification result, a second verification result and a third verification result;
responding to the first verification result that the magic number in the data is inconsistent with a preset magic number, wherein the first verification result is verification failure;
responding to the second check result that the cyclic redundancy check data obtained through analysis in the data is inconsistent with the cyclic redundancy check data calculated by the received data packet, wherein the second check result is check failure;
responding to the fact that the third verification result is different from a preset difference value when the third verification result is determined that the difference value between the sequence of the SEQ serial numbers obtained through analysis in the data and the last received SEQ serial number is inconsistent, the third verification result is verification failure, performing redundancy processing on the data according to the verification result to obtain redundancy transmission data, sending the redundancy transmission data to the isolation board, performing redundancy processing on the data according to the verification result to obtain redundancy transmission data, and sending the redundancy transmission data to the isolation board, wherein the method comprises the following steps:
in response to determining that the first check result and/or the second check result and/or the third check result are/is a check failure, generating an error code based on the check result, discarding the data, counting the number of discarding processes, and sending the error code to the low-density-area user side;
in response to the first check result, the second check result and the third check result are determined to be successful in check, performing live-keeping packet judgment on the data, performing redundant coding on the data with the non-live-keeping packet to obtain redundant transmission data, sending the redundant transmission data to the isolation board, feeding back data information with the live-keeping packet to the low-density-area user side, and counting the data with the live-keeping packet;
the isolation board is configured to receive redundant transmission data sent by the input board, perform redundancy removal on the redundant transmission data to obtain a template file, perform template verification on the template file according to a preset template file rule to obtain a template verification result, perform dictionary verification on the template file according to a preset dictionary verification rule based on the template verification result to obtain a dictionary verification result, perform fixed format verification on the template file according to a preset fixed format verification rule to obtain a fixed format verification result, perform redundancy processing on the template file according to the dictionary verification result and the fixed format verification result to obtain a redundant transmission template file, and send the redundant transmission template file to the output board;
the output board is configured to receive the redundant transmission template file sent by the isolation board, check and analyze the redundant transmission template file to obtain check analysis data, perform keep-alive packet judgment on the check analysis data to obtain a keep-alive packet judgment result, and send the template file to the high-density region user side according to the keep-alive packet judgment result, wherein the keep-alive packet judgment result comprises a keep-alive packet and a non-keep-alive packet;
the sending the template file to the high-density region user side according to the keep-alive packet judgment result comprises the following steps:
in response to the fact that the judgment result of the keep-alive packet is the keep-alive packet, discarding the template file, and counting the discarding times;
and in response to the condition that the judgment result of the keep-alive package is determined to be a non-keep-alive package, analyzing and recombining the template file to obtain analyzed and recombined data, and sending the analyzed and recombined data to the high-density region user side.
7. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 5 when executing the program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211080906.XA CN115484084B (en) | 2022-09-05 | 2022-09-05 | Unidirectional data transmission method and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211080906.XA CN115484084B (en) | 2022-09-05 | 2022-09-05 | Unidirectional data transmission method and related equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115484084A CN115484084A (en) | 2022-12-16 |
| CN115484084B true CN115484084B (en) | 2023-03-31 |
Family
ID=84392469
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211080906.XA Active CN115484084B (en) | 2022-09-05 | 2022-09-05 | Unidirectional data transmission method and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115484084B (en) |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101834700A (en) * | 2010-05-12 | 2010-09-15 | 北京邮电大学 | Unidirectional reliable transmission method and transceiving device based on data packets |
| CN104601703A (en) * | 2015-01-16 | 2015-05-06 | 网神信息技术(北京)股份有限公司 | File transmission method and device based on one-way safety isolation gap |
| CN104734999B (en) * | 2015-03-09 | 2018-12-14 | 国家计算机网络与信息安全管理中心 | Only support the OpenFlow interchanger of message one-way transmission |
| EP3881463A4 (en) * | 2018-11-14 | 2022-11-16 | Skywave Networks LLC | Low-latency, low-overhead data framing method for capacity-limited delay-sensitive long distance communication |
| CN114374470A (en) * | 2020-10-15 | 2022-04-19 | 华为技术有限公司 | Data transmission method, system and computer readable storage medium |
| CN112788030B (en) * | 2021-01-11 | 2022-04-05 | 北京鼎轩科技有限责任公司 | Data exchange method and system between high-density network and low-density network |
-
2022
- 2022-09-05 CN CN202211080906.XA patent/CN115484084B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN115484084A (en) | 2022-12-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110716895B (en) | Target data archiving method, device, computer equipment and medium | |
| US11191049B1 (en) | Systems and methods for improving wireless performance | |
| US11023412B2 (en) | RDMA data sending and receiving methods, electronic device, and readable storage medium | |
| CN108600124B (en) | Network unpacking and packing method based on safety protocol | |
| US11575469B2 (en) | Multi-bit feedback protocol systems and methods | |
| CN110289997B (en) | Log message checking method, device and system | |
| WO2022116088A1 (en) | Firmware data processing method and apparatus | |
| CN109450912B (en) | Data transmission method, device and equipment | |
| JP2012129751A (en) | Receiver and method for processing by receiver | |
| WO2013097812A1 (en) | Method and system for downloading font file | |
| KR102434958B1 (en) | Indications for Partial Segments | |
| CN105897689B (en) | Embedded system and method thereof | |
| CN113568785B (en) | Block chain-based data backup method, device, equipment and storage medium | |
| KR102446256B1 (en) | Indications for Partial Segments | |
| CN113612516B (en) | Compression test method, system and equipment for satellite communication data packet | |
| CN115484084B (en) | Unidirectional data transmission method and related equipment | |
| CN102523205A (en) | Determination method and device for content checksum | |
| CN110381050B (en) | Multi-protocol conversion and verification method and device for data packet | |
| CN111385062A (en) | Data transmission method, device, system and storage medium based on WDM | |
| WO2022068342A1 (en) | Data sending method, data receiving method, terminal, and computer storage medium | |
| CN113595685A (en) | Data transmission method and device, storage medium and terminal | |
| CN105491544A (en) | Short message compression communication method and short message compression communication system | |
| CN112564856A (en) | Message processing method and device and computer readable storage medium | |
| CN109981555B (en) | Method, device, equipment, terminal and storage medium for processing webpage data | |
| JP6813637B1 (en) | Transmission device and transmission method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |