×

System for packet filtering of data packets at a computer network interface

  • US 5,802,320 A
  • Filed: 05/18/1995
  • Issued: 09/01/1998
  • Est. Priority Date: 05/18/1995
  • Status: Expired due to Term
First Claim
Patent Images

1. A method for screening data packets arriving at a screening system connected between a first computer network and a second computer network and for executing actions in a proxy system connected to the screening system, including the steps of:

  • (1) receiving a first data packet directed from the first network to the second network as a current packet;

    (2) determining from contents of the current packet whether the current packet is of a predetermined type for being allowed to pass to the second network;

    (3) if the determination of step 2 is positive, then determining a destination address within the second network as specified by the current packet, and passing the current packet to an ersatz address substituting for said destination address, the ersatz address residing in the proxy system;

    (4) determining whether at least one action requested by the current packet is of a type predetermined to be allowed, and if not then rejecting the current packet and proceeding to step 6, and if so then proceeding to step 5;

    (5) taking the action specified by the current packet in at least one of the screening system and the proxy system; and

    (6) determining whether another data packet has arrived at the screening system, and if so then receiving that data packet as the current packet and proceeding to step 1, and if not then ending the method.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×