Hybrid hardware/software packet filter
First Claim
Patent Images
1. A hybrid hardware/software packet filter comprising:
- rule compiling means for assembling packet acceptance rules and creating a rule table, and outputting said rule table;
a configurable hardware circuit receiving said rule table and creating hardware circuits representing said rule table for applying said rule table to said packet and outputting a match bit vector indicating whether said packet matched a corresponding entry in said rule table;
linking means receiving said match bit vector for linking said match bit vector with said corresponding entry in said rule table and for directing said packet to a destination determined by said rule table.
2 Assignments
0 Petitions
Accused Products
Abstract
A hybrid software/hardware packet filter in which rule compiling means creates a rule table, assembles packet acceptance rules, and outputs the acceptance rules to a configurable hardware circuit to create hardware circuits representing the acceptance rules and applying the acceptance rules to the packet and outputting a single bit for each rule indicating whether the packet matched the rule. Linking means receives the match bit vector and links each bit in the match bit vector with the corresponding entry in the rule table and directs the packet to a destination determined by the rule table.
-
Citations
10 Claims
-
1. A hybrid hardware/software packet filter comprising:
rule compiling means for assembling packet acceptance rules and creating a rule table, and outputting said rule table;
a configurable hardware circuit receiving said rule table and creating hardware circuits representing said rule table for applying said rule table to said packet and outputting a match bit vector indicating whether said packet matched a corresponding entry in said rule table;
linking means receiving said match bit vector for linking said match bit vector with said corresponding entry in said rule table and for directing said packet to a destination determined by said rule table. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A method of filtering incoming packets comprising the steps of:
-
compiling a set of rules to be applied to incoming packets;
configuring hardware to create circuits representative of said set of rules;
comparing said incoming packets with said circuits representative of said set of rules;
outputting a single bit indicative of whether a packet is accepted or rejected;
linking said single bit with a rule table; and
directing said incoming packets to destinations determined by said rule table. - View Dependent Claims (8, 9, 10)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeRegents of the University of California (University of California)
-
Original AssigneeRegents of the University of California (University of California)
-
InventorsGokhale, Maya B.
-
Application NumberUS09/954,866Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current709/230CPC Class CodesH04L 45/742 Route cache; Operation thereofH04L 63/0209 Architectural arrangements,...H04L 63/0263 Rule management
