FILTERING NETWORK DATA TRANSFERS
First Claim
1. A method comprising:
- receiving, by a computing system provisioned with a plurality of packet-filtering rules, a first packet and a second packet;
responsive to a determination by the computing system that the first packet comprises data corresponding to a transport layer security (TLS)-version value for which one or more packet-filtering rules of the plurality of packet-filtering rules indicate packets should be forwarded toward their respective destinations, forwarding, by the computing system, the first packet toward its destination; and
responsive to a determination by the computing system that the second packet comprises data corresponding to a TLS-version value for which the one or more packet-filtering rules indicate packets should be blocked from continuing toward their respective destinations, dropping, by the computing system, the second packet.
4 Assignments
0 Petitions
Accused Products
Abstract
Aspects of this disclosure relate to filtering network data transfers. In some variations, multiple packets may be received. A determination may be made that a portion of the packets have packet header field values corresponding to a packet filtering rule. Responsive to such a determination, an operator specified by the packet filtering rule may be applied to the portion of packets having the packet header field values corresponding to the packet filtering rule. A further determination may be made that one or more of the portion of the packets have one or more application header field values corresponding to one or more application header field criteria specified by the operator. Responsive to such a determination, at least one packet transformation function specified by the operator may be applied to the one or more of the portion of the packets.
66 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a computing system provisioned with a plurality of packet-filtering rules, a first packet and a second packet; responsive to a determination by the computing system that the first packet comprises data corresponding to a transport layer security (TLS)-version value for which one or more packet-filtering rules of the plurality of packet-filtering rules indicate packets should be forwarded toward their respective destinations, forwarding, by the computing system, the first packet toward its destination; and responsive to a determination by the computing system that the second packet comprises data corresponding to a TLS-version value for which the one or more packet-filtering rules indicate packets should be blocked from continuing toward their respective destinations, dropping, by the computing system, the second packet. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
at least one processor; and a memory storing instructions that when executed by the at least one processor cause the system to; receive data comprising a plurality of packet-filtering rules, a first packet, and a second packet; responsive to a determination that the first packet comprises data corresponding to a transport layer security (TLS)-version value for which one or more packet-filtering rules of the plurality of packet-filtering rules indicate packets should be forwarded toward their respective destinations, forward the first packet toward its destination; and responsive to a determination that the second packet comprises data corresponding to a TLS-version value for which the one or more packet-filtering rules indicate packets should be blocked from continuing toward their respective destinations, drop the second packet. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. One or more non-transitory computer-readable media comprising instructions that when executed by one or more computing devices cause the one or more computing devices to:
-
receive data comprising a plurality of packet-filtering rules, a first packet, and a second packet; responsive to a determination that the first packet comprises data corresponding to a transport layer security (TLS)-version value for which one or more packet-filtering rules of the plurality of packet-filtering rules indicate packets should be forwarded toward their respective destinations, forward the first packet toward its destination; and responsive to a determination that the second packet comprises data corresponding to a TLS-version value for which the one or more packet-filtering rules indicate packets should be blocked from continuing toward their respective destinations, drop the second packet. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification