Reproxying an unproxied connection
First Claim
1. A method of reproxying a previously unproxied connection, the method comprising the computer-implemented steps of:
- creating, based on first TCP parameters, a first Transmission Control Protocol (TCP) endpoint of a TCP connection to a client;
storing, in a first connection block data structure, (a) one or more of the first TCP parameters, and (b) information that identifies the client;
creating, based on second TCP parameters, a second TCP endpoint of a TCP connection to a first server;
storing, in a second connection block data structure, (a) one or more of the second TCP parameters, and (b) information that identifies the first server;
dissolving the first and second TCP endpoints while maintaining the first and second connection block data structures;
receiving a first packet after the first and second TCP endpoints have been dissolved; and
in response to determining that information indicated in the first packet matches information that is stored in a connection block data structure, performing steps comprising;
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the first TCP parameters stored in the first connection block data structure, creating a third TCP endpoint of a TCP connection to the client; and
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the second TCP parameters stored in the second connection block data structure, creating a fourth TCP endpoint of a TCP connection to the first server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is disclosed for reproxying connections. According to one aspect, a first connection is established between a client and a proxy device. A second connection is established between the proxy device and a server. The first connection comprises a first endpoint at the client and a second endpoint at the proxy device. The second connection comprises a third endpoint at the proxy device and a fourth endpoint at the server. The first and second connections are unproxied by dissolving the second and third endpoints while maintaining the first and fourth endpoints. After the connections have been unproxied, a packet is received at the proxy device. In response, the first and second connections are reproxied by creating fifth and sixth endpoints at the proxy device, so that the first connection comprises the fifth endpoint and the second connection comprises the sixth endpoint.
96 Citations
25 Claims
-
1. A method of reproxying a previously unproxied connection, the method comprising the computer-implemented steps of:
-
creating, based on first TCP parameters, a first Transmission Control Protocol (TCP) endpoint of a TCP connection to a client;
storing, in a first connection block data structure, (a) one or more of the first TCP parameters, and (b) information that identifies the client;
creating, based on second TCP parameters, a second TCP endpoint of a TCP connection to a first server;
storing, in a second connection block data structure, (a) one or more of the second TCP parameters, and (b) information that identifies the first server;
dissolving the first and second TCP endpoints while maintaining the first and second connection block data structures;
receiving a first packet after the first and second TCP endpoints have been dissolved; and
in response to determining that information indicated in the first packet matches information that is stored in a connection block data structure, performing steps comprising;
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the first TCP parameters stored in the first connection block data structure, creating a third TCP endpoint of a TCP connection to the client; and
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the second TCP parameters stored in the second connection block data structure, creating a fourth TCP endpoint of a TCP connection to the first server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of reproxying a previously unproxied connection, the method comprising the computer-implemented steps of:
-
after a first TCP endpoint in a proxy device'"'"'s TCP connection to a client has been dissolved and a second TCP endpoint in the proxy device'"'"'s TCP connection to a server has been dissolved, receiving a packet;
based on (a) one or more TCP parameters indicated in the packet and (b) one or more first TCP parameters upon which the first TCP endpoint was based and that were negotiated and stored at the proxy device before the first TCP endpoint was dissolved, creating a third TCP endpoint of a TCP connection to the client; and
based on (a) one or more TCP parameters indicated in the packet and (b) one or more second TCP parameters upon which the second TCP endpoint was based and that were negotiated and stored at the proxy device before the second TCP endpoint was dissolved, creating a fourth TCP endpoint of a TCP connection to the server.
-
-
18. A method of reproxying a previously unproxied connection, the method comprising the computer-implemented steps of:
-
establishing a first connection between a client and a proxy device, wherein the first connection comprises a first endpoint at the client and a second endpoint at the proxy device;
establishing a second connection between a server and the proxy device, wherein the second connection comprises a third endpoint at the proxy device and a fourth endpoint at the server;
unproxying the first and second connections by dissolving the second and third endpoints while maintaining the first and fourth endpoints;
receiving a first packet after dissolving the second and third endpoints; and
in response to receiving the particular packet, reproxying the first and second connections by creating a fifth endpoint and a sixth endpoint at the proxy device, wherein after reproxying the first and second connections, the first connection comprises the fifth endpoint and the second connection comprises the sixth endpoint. - View Dependent Claims (19, 20, 21)
-
-
22. A computer-readable medium carrying one or more sequences of instructions for reproxying a previously unproxied connection, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
creating, based on first TCP parameters, a first Transmission Control Protocol (TCP) endpoint of a TCP connection to a client;
storing, in a first connection block data structure, (a) one or more of the first TCP parameters, and (b) information that identifies the client;
creating, based on second TCP parameters, a second TCP endpoint of a TCP connection to a first server;
storing, in a second connection block data structure, (a) one or more of the second TCP parameters, and (b) information that identifies the first server;
dissolving the first and second TCP endpoints while maintaining the first and second connection block data structures;
receiving a first packet after the first and second TCP endpoints have been dissolved; and
in response to determining that information indicated in the first packet matches information that is stored in a connection block data structure, performing steps comprising;
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the first TCP parameters stored in the first connection block data structure, creating a third TCP endpoint of a TCP connection to the client; and
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the second TCP parameters stored in the second connection block data structure, creating a fourth TCP endpoint of a TCP connection to the first server.
-
-
23. An apparatus for reproxying a previously unproxied connection, comprising:
-
means for creating, based on first TCP parameters, a first Transmission Control Protocol (TCP) endpoint of a TCP connection to a client;
means for storing, in a first connection block data structure, (a) one or more of the first TCP parameters, and (b) information that identifies the client;
means for creating, based on second TCP parameters, a second TCP endpoint of a TCP connection to a first server;
means for storing, in a second connection block data structure, (a) one or more of the second TCP parameters, and (b) information that identifies the first server;
means for dissolving the first and second TCP endpoints while maintaining the first and second connection block data structures;
means for receiving a first packet after the first and second TCP endpoints have been dissolved; and
means for creating a third TCP endpoint of a TCP connection to the client in response to determining that information indicated in the first packet matches information that is stored in a connection block data structure, wherein the third TCP endpoint is based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the first TCP parameters stored in the first connection block data structure; and
means for creating a fourth TCP endpoint of a TCP connection to the first server in response to determining that information indicated in the first packet matches information that is stored in a connection block data structure, wherein the fourth TCP endpoint is based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the second TCP parameters stored in the second connection block data structure.
-
-
24. An apparatus for reproxying a previously unproxied connection, comprising:
-
a network interface that is coupled to a data network for receiving one or more packet flows therefrom;
a processor;
one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of;
creating, based on first TCP parameters, a first Transmission Control Protocol (TCP) endpoint of a TCP connection to a client;
storing, in a first connection block data structure, (a) one or more of the first TCP parameters, and (b) information that identifies the client;
creating, based on second TCP parameters, a second TCP endpoint of a TCP connection to a first server;
storing, in a second connection block data structure, (a) one or more of the second TCP parameters, and (b) information that identifies the first server;
dissolving the first and second TCP endpoints while maintaining the first and second connection block data structures;
receiving a first packet after the first and second TCP endpoints have been dissolved; and
in response to determining that information indicated in the first packet matches information that is stored in a connection block data structure, performing steps comprising;
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the first TCP parameters stored in the first connection block data structure, creating a third TCP endpoint of a TCP connection to the client; and
based on (a) one or more TCP parameters indicated in the first packet and (b) the one or more of the second TCP parameters stored in the second connection block data structure, creating a fourth TCP endpoint of a TCP connection to the first server.
-
-
25. A system comprising:
-
a client that negotiates a first connection with a proxy device, wherein the first connection comprises a first endpoint at the client and a second endpoint at a proxy device;
a server that negotiates a second connection with a proxy device, wherein the second connection comprises a third endpoint at a proxy device and a fourth endpoint at the server; and
a proxy device that (a) unproxies the first and second connections by dissolving the second and third endpoints while maintaining the first and fourth endpoints, (b) receives a packet after a dissolution of the second and third endpoints, and (c) in response to receiving the packet, reproxies the first and second connections by creating a fifth endpoint and a sixth endpoint at a proxy device, wherein after a reproxying of the first and second connections, the first connection comprises the fifth endpoint and the second connection comprises the sixth endpoint.
-
Specification