Communication device, communication system, and communication method
First Claim
Patent Images
1. A communication device comprising:
- a protocol information table configured to store a MAC address, an IP address, and expiration time of the IP address in corresponding relation to one another;
a whitelist storing memory configured to store a whitelist including a MAC address and an IP address; and
a processing unit,wherein the processing unit extracts a client MAC address, a client IP address, and client expiration time of the client IP address from a communication content for establishing or for connecting communications between a server and a client in accordance with a protocol to dynamically allocate an IP address,when searching the protocol information table for a MAC address based on the client MAC address to retrieve an entry, the processing unit updates an IP address and expiration time in the retrieved entry with the client IP address and the client expiration time, and when retrieving no entry, generates a new entry including the client MAC address, the client IP address, and the client expiration time, andthe processing unit searches the whitelist storing memory for a MAC address based on the client MAC address, and updates an IP address in a retrieved entry with the client IP address,wherein the whitelist includes a source IP address, a destination IP address, a source MAC address, a destination MAC address, a source valid/invalid bit to control transfer or discard of a packet, and a destination valid/invalid bit to control transfer or discard of a packet,wherein the processing unit searches the whitelist storing memory while using the client MAC address as a key, andwherein the processing unit modifies a source IP address of an entry having a source MAC address matched with the client MAC address to the client IP address to validate a source valid/invalid bit, and modifies a destination IP address of an entry having a destination MAC address matched with the client MAC address to the client IP address to validate a destination valid/invalid bit.
1 Assignment
0 Petitions
Accused Products
Abstract
A packet relay device automatically generates a whitelist including an authorized communication rule. The packet relay device snoops on communications between a DHCP server and a DHCP client in accordance with DHCP. When the IP address of a DHCP client is changed, the packet relay device also automatically changes IP address information included in a whitelist related to the DHCP client to IP address information newly allocated to the DHCP client.
-
Citations
8 Claims
-
1. A communication device comprising:
-
a protocol information table configured to store a MAC address, an IP address, and expiration time of the IP address in corresponding relation to one another; a whitelist storing memory configured to store a whitelist including a MAC address and an IP address; and a processing unit, wherein the processing unit extracts a client MAC address, a client IP address, and client expiration time of the client IP address from a communication content for establishing or for connecting communications between a server and a client in accordance with a protocol to dynamically allocate an IP address, when searching the protocol information table for a MAC address based on the client MAC address to retrieve an entry, the processing unit updates an IP address and expiration time in the retrieved entry with the client IP address and the client expiration time, and when retrieving no entry, generates a new entry including the client MAC address, the client IP address, and the client expiration time, and the processing unit searches the whitelist storing memory for a MAC address based on the client MAC address, and updates an IP address in a retrieved entry with the client IP address, wherein the whitelist includes a source IP address, a destination IP address, a source MAC address, a destination MAC address, a source valid/invalid bit to control transfer or discard of a packet, and a destination valid/invalid bit to control transfer or discard of a packet, wherein the processing unit searches the whitelist storing memory while using the client MAC address as a key, and wherein the processing unit modifies a source IP address of an entry having a source MAC address matched with the client MAC address to the client IP address to validate a source valid/invalid bit, and modifies a destination IP address of an entry having a destination MAC address matched with the client MAC address to the client IP address to validate a destination valid/invalid bit. - View Dependent Claims (2, 3, 4)
-
-
5. A communication device comprising:
-
a protocol information table configured to store a MAC address, an IP address, and expiration time of the IP address in corresponding relation to one another; a whitelist storing memory configured to store a whitelist including a MAC address and an IP address; and a processing unit, wherein the processing unit extracts a client MAC address, a client IP address, and client expiration time of the client IP address from a communication content for establishing or for connecting communications between a server and a client in accordance with a protocol to dynamically allocate an IP address, when searching the protocol information table for a MAC address based on the client MAC address to retrieve an entry, the processing unit updates an IP address and expiration time in the retrieved entry with the client IP address and the client expiration time, and when retrieving no entry, generates a new entry including the client MAC address, the client IP address, and the client expiration time, and the processing unit searches the whitelist storing memory for a MAC address based on the client MAC address, and updates an IP address in a retrieved entry with the client IP address, wherein whitelist includes a source IP address, a destination IP address, a source MAC address, a destination MAC address, a source valid/invalid bit to control transfer or discard of a packet, and a destination valid/invalid bit to control transfer or discard of a packet, wherein the processing unit extracts a client MAC address from a communication content for releasing or for disconnecting communications between the server and the client in accordance with the protocol to dynamically allocate an IP address, wherein the processing unit searches the protocol information table for a MAC address based on the client MAC address, and removes a retrieved entry, wherein the processing unit searches the whitelist storing memory while using the client MAC address as a key, and wherein the processing unit invalidates a source valid/invalid bit of an entry having a source MAC address marched with the client MAC address, and invalidates a destination valid/invalid bit of an entry having a destination MAC address matched with the client MAC address. - View Dependent Claims (6, 7)
-
-
8. A communication system comprising:
-
a communication device; and a server configured to dynamically allocate an IP address to a client, wherein communication device includes a protocol information table configured to store a MAC address, an IP address, and expiration time of the IP address in corresponding relation to one another, a whitelist storing memory configured to store a whitelist including a MAC address and an IP address, and a processing unit, the processing unit extracts a client MAC address, a client IP address, and client expiration time of the client IP address from a communication content for establishing or for connecting communications between a server and a client in accordance with a protocol to dynamically allocate an IP address, when searching the protocol information table for a MAC address based on the client MAC address to retrieve an entry, the processing unit updates an IP address and expiration time in the retrieved entry with the client IP address and the client expiration time, and when retrieving no entry, generates a new entry including the client MAC address, the client IP address, and the client expiration time, and the processing unit searches the whitelist storing memory for a MAC address based on the client MAC address, and updates an IP address in a retrieved entry with the client IP address, wherein whitelist includes a source IP address, a destination IP address, a source MAC address, a destination MAC address, a source valid/invalid bit to control transfer or discard of a packet, and a destination valid/invalid bit to control transfer or discard of a packet, wherein the processing unit extracts a client MAC address from a communication content for releasing or for disconnecting communications between the server and the client in accordance with the protocol to dynamically allocate an IP address, wherein the processing unit searches the protocol information table for a MAC address based on the client MAC address, and removes a retrieved entry, wherein the processing unit searches the whitelist storing memory while using the client MAC address as a key, and wherein the processing unit invalidates a source valid/invalid bit of an entry having a source MAC address marched with the client MAC address, and invalidates a destination valid/invalid bit of an entry having a destination MAC address matched with the client MAC address.
-
Specification