A kind of method of forcing to release webpage
Technical field
Computing machine, the communications field of can be applicable to of the present invention is especially in relating to the communication system of TCP/IP protocol suite.The Website page that the present invention releases the WEB server of PORTAL for the pressure in the communication system provides a solution.
Background technology
Existing WEB technology is based on the user import correct URL after, at first carry out the IP address that URL parses the WEB server site by dns server; Carry out after three-way handshake sets up the connection that destination interface is 80 TCP the IP address of returning according to dns server and corresponding website then, the user sends the http protocol request package, the http protocol response packet is returned in the website, so just finish the transmission of user's request msg, after the user closes this browser window, at last also carry out three-way handshake and close the connection of having set up, discharge related resource.
If the user adopts the mode access network of WEB authentication in the existing broadband access system, just necessarily required before the user does not also have authentication success, must in URL block, import the URL of WEB_PORTAL server or webpage that the IP address enters the PORTAL server authentication and carry out the user name cipher authentication, if be that you do not have before the authentication success, do not allow user capture to remove other website of WEB_PORTAL server page.In this case, the user must import the URL of WEB_PORTAL server or the certification page that the WEB_PORTAL server just can be opened in the IP address.This authentication method is not easy to the user and uses.
Summary of the invention
In case the technical matters that the present invention solves is in order to overcome wide band access user in (the distributing IP address is before the authentication phase) behind the DHCP distributing IP address or after static ip address is set under the pattern of WEB authentication, just must import the URL of WEB_PORTAL server or the problem that the IP address can enter the certification page of WEB_PORTAL server.
The method of webpage is released in the pressure that the present invention proposes, and comprises following step:
1. client is connected to broadband access system, but does not also carry out the WEB_PORTAL authentication;
2. after the user imported URL in browser, client was to AC (Access Controller: insert control
The system device) the TCP connection request bag of transmission destination slogan 80, AC is this TCP connection request
Bag cuts down, and sets up TCP by AC with client and is connected;
3. confirm the TCP connection when client and set up, send http protocol request package, AC to AC
Described http protocol request package is intercepted and captured, sent HTTP to client with the identity of URL website
The protocol responses bag is the HTTP redirection bag;
4. receive that (the IP address of packet still is the URL net to AC with the name of URL website when client
The IP address of standing) behind the HTTP redirection bag that is sent, initiatively send close that TCP connects please
Ask, this moment, AC still should request as the proxy response of URL website, at both direction with TCP
Connection closed;
5. client is after receiving the HTTP redirection bag, from the DATA content of described HTTP redirection bag
Middle new URL, the i.e. URL of the WEB_PORTAL server of appointment of obtaining;
6. according to new URL, client obtains the IP address, sets up the TCP connection then and sends HTTP
The agreement request bag;
7. the browser window of client shows the WEB page of WEB_PORTAL server.
Described step 2) client comprises that also following treatment step: AC judges described http protocol request package at the IP layer in after AC sends the http protocol request package; If need to be directed to the Website page of the WEB_PORTAL server of appointment after judging, then this TCP connection request bag intercepted and captured and handled; If do not need to be redirected, then transmit.
Adopt pressure of the present invention to release the method for webpage, have the following advantages:
1. take this side that after the user imports URL arbitrarily, forces to release the page of a certain fixedly website
Method, WLAN user user when taking the WEB_PORTAL authentication mode imports URL arbitrarily
After can directly enter the webpage of WEB_PORTAL server.
2. utilize AC simple, be easy to realize as agency's method, inform client be redirected the back according to
Normal three-way handshake is closed TCP and is connected, and discharges all resources of this connection.
3. prior art adopts Dynamic Host Configuration Protocol server to distribute in the user's IP address respond packet IP with DNS
The address is made as the IP address of AC, like this in the dns resolution of all URL that are directed to client
Bag returns to client with the IP address of PORTAL server, thereby client is directed to
The webpage of PORTAL server.This method has some not enough:
● if the user directly imports the IP address in URL block, just do not have the dns resolution process,
Therefore also can't realize redirection function.
● if client belongs to static subscriber's type, also can't realize redirection function.
● because the IP address of the dns server that returns for the first time is false, so secondary DHCP is arranged
The process of distributing the address, the IP address of the dns server that returns for the second time are normal,
And secondary distribution is different to user's IP address, distributes at secondary DHCP simultaneously
Between the IP address for some time at interval, user's webpage that can't surf the web in during this period of time.
And the inventive method can effectively be avoided above-mentioned deficiency, satisfies and under any circumstance can both finish by force
System PORTAL page push function.
Description of drawings
Fig. 1 is the normal flow figure of client-access website in the prior art.
Fig. 2 is the redirected flow process figure of client-access website among the present invention.
Embodiment
Below in conjunction with accompanying drawing the specific embodiment of the present invention is further described:
Fig. 1 is the process of the normal access websites of wide band access user, does not take the pattern that is redirected.Can't make the user force the WEB page of WEB_PORTAL server once surfing the Net.
Fig. 2 enables AC to allow the flow process of client Redirect URL as website agency.As can be seen from the figure AC is fully as the agency of website, and client and do not know it is and the AC communication to think all the time to carry out communication (because issuing the IP address that the source IP address of the packet of client remains the website) with the website.But AC finish with client carry out HTTP link setup, transmit data and close the complete procedure that is connected, and the IP normal process flow process of this cover flow process and AC is what to be separated, can not have influence on the protocol stack normal operation of AC, guarantee the normal release of the connection PORT resource of client simultaneously yet.
In WLAN (WLAN (wireless local area network)) system is example, can take method of the present invention to finish the function of forcing the PORTAL page push.When WLAN user adopted the mode of WEB_PORTAL authentication, after being assigned to the IP address, before also not authenticating, system distributed overall control structure for this user, and this structure is corresponding one by one with subscription client, and a FLAG parameter is arranged in this structure, is initialized as 0.
After client was opened IE and imported arbitrarily URL, whether AC came to be redirected according to the FLAG in the user structure at the IP layer, as was 0 to need to be redirected, and 1 can normally transmit.As judge and need be redirected that AC is 80 TCP intercepting and capturing to the destination slogan:
1. client is to the TCP request package of AC transmission, and the SYN among the flag in TCP packet header is changed to 1.
2.AC the TCP request package in 1 is intercepted and captured, obtain source and destination IP address, port numbers, the TCP bag
The sequence number of head discharges this packet.Apply for new packet, IP packet header and TCP packet header are filled out
Go into correct content (noticing that source and destination IP address, port numbers are opposite with package location in 1), wrap
Draw together check bit, the sequence number for sending can produce immediately; And the ACK sequence number can basis
The sequence number of the bag in 1 produces); SYN among the flag in TCP packet header and ACK position must be put
Be 1.Being sent to client after this bag is filled gets final product.
3. after client was received 2 packet, the ACK that can beam back among the flag in a TCP packet header was 1
Bag, can discharge this packet after this moment, AC intercepted and captured.
4. client sends the http protocol request package (promptly to AC immediately after virtual TCP connects foundation
The DATA part of HTTP: GET.。。Form), PSH and the ACK among the flag in TCP packet header
Be changed to 1.
5.AC behind the bag of intercepting and capturing 3, obtain source and destination IP address, port numbers, the sequence in TCP packet header
Number, discharge this packet.Apply for new packet, after the identical step of finishing in 2, will
PSH and ACK among the flag in TCP packet header are changed to 1, in addition, the information that is redirected are write
Go in the DATA part of http protocol bag, handle being sent to client.
6. client is behind the packet of acquisition 5, and knowing needs to be redirected, and sends at once and closes connection request
Bag, FIN and ACK among the flag in the TCP packet header of this bag are changed to 1.
7.AC behind the packet of acquisition 6, obtain source and destination IP address, port numbers, TCP packet header
Sequence number discharges this packet.Apply for new packet, after the identical step of finishing in 2,
FIN among the flag in TCP packet header and ACK are changed to 1, handle being sent to client.
8. client sends the ACK bag of the packet in 7, the TCP of this bag behind the packet of acquisition 7
ACK among the flag in packet header is changed to 1.AC discharges immediately at this packet of intercepting and capturing.
9. so far the complete process of TCP connection of AC agency simulation website just is through with.Later client root
Come to set up new according to the URL that obtains the WEB_PORTAL server with the WEB_PORTAL server
TCP connect, finish the normal visit of WEB_PORTAL server page, so just finish
The repertoire that is redirected.