METHOD AND SYSTEM FOR UNIDIRECTIONAL PACKET PROCESSING AT DATA LINK LAYER

US 20060165108A1
Filed: 01/21/2005
Published: 07/27/2006
Est. Priority Date: 01/21/2005
Status: Abandoned Application

First Claim

Patent Images

1. A system for unidirectionaly processing packets at data link layer, said system comprising:

two or more network ports, and two or more processes that can perform any combinations of promiscuous packet capturing, filtering, enqueuing, packet processing and forwarding functions on each direction of the traffic;

said system using shared memory to register MAC addresses of the network nodes at each said system ports;

said system using shared memory for signaling between processes.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for data link layer packet processing which unidirectionaly captures, filters, enqueues, processes and forwards packets between multiple network interfaces are introduced. Fast and intelligent data link layer network applications or equipment can implemented by programming the invention. Each direction of packet flow in this system is independently processed from others. This feature provides very flexible packet processing and very fast packet forwarding since each flow can be implemented in an isolated process, application or a device. As the system operates at OSI model'"'"'s data link layer (e.g. Ethernet), installing the system into a functional network does not require any change in the configuration of network applications or equipment. This system can be utilized for employing various networking functions such as network emulation, bridging, firewall, virus detection, bandwidth management, traffic monitoring and in-line intrusion detection, etc.

Citations

24 Claims

1. A system for unidirectionaly processing packets at data link layer, said system comprising:
- two or more network ports, and two or more processes that can perform any combinations of promiscuous packet capturing, filtering, enqueuing, packet processing and forwarding functions on each direction of the traffic;
  
  said system using shared memory to register MAC addresses of the network nodes at each said system ports;
  
  said system using shared memory for signaling between processes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 14, 15, 17, 18, 19, 20, 21, 22, 23, 24)
- - 2. A system as claimed in claim 1 wherein said unidirectionaly processing is receiving packets from one port, performing some functions on them, then sending them to another port.
  - 3. A system as claimed in claim 1 wherein said data link layer can comprises any combinations of Ethernet, ATM, Frame Relay, HDLC, X.25, Token Ring, AppleTalk, MPLS and VLAN protocols.
  - 4. A system as claimed in claim 1 wherein said processes are operating system processes or software applications residing in the same computing environment.
  - 5. A system as claimed in claim 1 wherein said filtering uses a filter set that comprises a single or multiple packet filters that can operate on any data communication protocols, said filters are combined in a filter set with logical AND, OR, NOT operations.
  - 6. A system as claimed in claim 1 wherein said packet processing is a combination of packet modification, packet delaying, packet dropping, packet duplication, and packet reordering functions.
  - 7. A system as claimed in claim 1 wherein said processes are handling one direction of the traffic independently from other directions, said processes communicate with each other through the shared memory to implement complex tasks.
  - 8. A system as claimed in claim 1 wherein said MAC addresses are registered in the shared memory in the form of MAC tables for each port, said MAC tables are used to decide whether a captured packet is from the network but not previously transmitted packet, said previously transmitted packet is dropped to eliminate disturbing traffic loops.
  - 9. A system as claimed in claim 1 can be programmed further to implement various networking functions such as firewall, bridging, proxy server, network emulation, traffic monitoring, bandwidth throttling, DNS server.
  - 11. A method as claimed in claim 1 wherein said unidirectionaly processing is receiving packets from one port, performing some functions on them, then sending them to another port.
  - 12. A method as claimed in claim 1 wherein said filtering uses a filter set that comprises a single or multiple packet filters that can operate on any data communication protocols, said filters are combined in a filter set with logical AND, OR, NOT operations.
  - 13. A method as claimed in claim 1 wherein said packet processing is a combination of packet modification, packet delaying, packet dropping, packet duplication, and packet reordering functions.
  - 14. A method as claimed in claim 1 wherein said processes are handling one direction of the traffic independently from other directions, said processes communicate with each other through the shared memory to implement complex tasks.
  - 15. A method as claimed in claim 1 wherein said MAC addresses are registered in the shared memory in the form of MAC tables for each port, said MAC tables are used to decide whether a captured packet is from the network but not previously transmitted packet, said previously transmitted packet is dropped to eliminate disturbing traffic loops.
  - 17. A computer program product as claimed in claim 1 wherein said unidirectionaly processing is receiving packets from one port, performing some functions on them, then sending them to another port.
  - 18. A computer program product as claimed in claim 1 wherein said data link layer comprises any combination of Ethernet, ATM, Frame Relay, HDLC, X.25, Token Ring, AppleTalk, MPLS and VLAN protocols.
  - 19. A computer program product as claimed in claim 1 wherein said processes are operating system processes or software applications residing in the same computing environment.
  - 20. A computer program product as claimed in claim 1 wherein said filtering uses a filter set that comprises a single or multiple packet filters that can operate on any data communication protocols, said filters are combined in a filter set with logical AND, OR, NOT operations.
  - 21. A computer program product as claimed in claim 1 wherein said packet processing is a combination of packet modification, packet delaying, packet dropping, packet duplication, and packet reordering functions.
  - 22. A computer program product as claimed in claim 1 wherein said processes are handling one direction of the traffic independently from other directions, said processes communicate with each other through the shared memory to implement complex tasks.
  - 23. A computer program product as claimed in claim 1 wherein said MAC addresses are registered in the shared memory in the form of MAC tables for each port, said MAC tables are used to decide whether a captured packet is from the network but not previously transmitted packet, said previously transmitted packet is dropped to eliminate disturbing traffic loops.
  - 24. A computer program product as claimed in claim 1 can be programmed further to implement various networking functions such as firewall, bridging, proxy server, network emulation, traffic monitoring, bandwidth throttling, DNS server.

10. A method for unidirectionaly processing packets at data link layer, said method comprising:
- two or more network interfaces, and two or more processes that can perform any combinations of promiscuous packet capturing, filtering, enqueuing, packet processing and forwarding functions on each direction of the traffic;
  
  said method using shared memory to register MAC addresses of the network nodes at each said method interfaces;
  
  said method using shared memory for signaling between processes.

16. A computer program product for unidirectionaly processing packets at data link layer, said computer program product comprising:
- two or more network ports, and two or more processes that can perform any combinations of promiscuous packet capturing, filtering, enqueuing, packet processing and forwarding functions on each direction of the traffic;
  
  said computer program product using shared memory to register MAC addresses of the network nodes at each said ports;
  
  said computer program product using shared memory for signaling between processes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sezen Uysal
Original Assignee
Sezen Uysal
Inventors
Uysal, Sezen

Application Number

US10/905,809
Publication Number

US 20060165108A1
Time in Patent Office

Days
Field of Search
US Class Current

370/412
CPC Class Codes

H04L 49/30   Peripheral units, e.g. inpu...

H04L 49/351   for local area network [LAN...

H04L 63/0227   Filtering policies mail mes...

METHOD AND SYSTEM FOR UNIDIRECTIONAL PACKET PROCESSING AT DATA LINK LAYER

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR UNIDIRECTIONAL PACKET PROCESSING AT DATA LINK LAYER

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links