Method and apparatus for dynamic packet filter assignment

US 5,848,233 A
Filed: 12/09/1996
Issued: 12/08/1998
Est. Priority Date: 12/09/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method for filtering IP packets in a computer network that includes one or more client systems, the method comprising the steps, performed by one or more computer systems, of:

detecting an event associated with one of the client systems;

selecting one or more filtering rules based on the type of event detected; and

establishing a packet filter in the computer network, the packet filter using the selected rules to selectively discard packets originating at the client system associated with the detected event.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention includes a method and apparatus for filtering IP packets based on events within a computer network. More specifically, the present invention includes a services management system, or SMS. The SMS manages network connections between a series of client systems and a router. An access network control server (ANCS) manages the configuration of the router. The SMS monitors activities or events that occur within the network. In response to these events, the SMS dynamically downloads filtering profiles to the ANCS. The ANCS then uses the downloaded filtering profiles to reconfigure the router. The router then uses the filtering rules to selectively discard or forward IP packets received from the client systems.

299 Citations

25 Claims

1. A method for filtering IP packets in a computer network that includes one or more client systems, the method comprising the steps, performed by one or more computer systems, of:
- detecting an event associated with one of the client systems;
  
  selecting one or more filtering rules based on the type of event detected; and
  
  establishing a packet filter in the computer network, the packet filter using the selected rules to selectively discard packets originating at the client system associated with the detected event.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method as recited in claim 1 wherein the detected event is the assignment of an IP address to the client system.
  - 3. A method as recited in claim 1 wherein the detected event is the login of a user using the client system associated with the detected event.
  - 4. A method as recited in claim 1 wherein the computer network includes a router and wherein the step of establishing a packet filter includes the step of reconfiguring the router to selectively discard packets originating at the client system associated with the detected event.
  - 5. A method as recited in claim 1 wherein the client system associated with the detected event is connected to the network using a cable modem and wherein the step of establishing a packet filter includes the step of reconfiguring the cable modem to selectively discard packets originating at the client system associated with the detected event.
  - 6. A method as recited in claim 1 wherein the step of selecting one or more filtering rules further comprises the step of generating the filtering rules using a standardized template.
  - 7. A method as recited in claim 1 wherein the step of selecting one or more filtering rules further comprises the step of selecting the filtering rules from a database.

8. A computer program product comprising:
- a computer usable medium having computer readable code embodied therein for filtering IP packets in a computer network that includes one or more client systems, the computer program product comprising;
  
  first computer readable program code devices configured to cause a computer system to detect an event associated with one of the client systems;
  
  second computer readable program code devices configured to cause a computer system to provide one or more filtering rules based on the type of event detected; and
  
  third computer readable program code devices configured to cause a computer system to establish a packet filter in the computer network, the packet filter using the selected rules to selectively discard packets originating at the client system associated with the detected event.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. A computer program product as recited in claim 8 wherein the detected event is the assignment of an IP address.
  - 10. A computer program product as recited in claim 8 wherein the detected event is the login of a user using the client system associated with the detected event.
  - 11. A computer program product as recited in claim 8 wherein the computer network includes a router and wherein the third computer readable program code devices includes computer readable program code devices configured to cause a computer system to reconfigure the router to selectively discard packets originating at the client system associated with the detected event.
  - 12. A computer program product as recited in claim 8 wherein the client system associated with the detected event is connected to the network using a cable modem and wherein the third computer readable program code devices includes computer readable program code devices configured to cause a computer system to reconfigure the cable modem to selectively discard packets originating at the client system associated with the detected event.
  - 13. A computer program product as recited in claim 8 wherein the second computer readable program code devices includes computer readable program code devices configured to cause a computer system to generate the filtering rules using a standardized template.
  - 14. A computer program product as recited in claim 8 wherein the second computer readable program code devices includes computer readable program code devices configured to cause a computer system to select the filtering rules from a database.

15. An apparatus for filtering IP packets in a computer network that includes one or more client systems, the apparatus comprising:
- a first portion configured to cause a computer system to detect an event associated with one of the client systems;
  
  a second portion configured to cause a computer system to provide one or more filtering rules based on the type of event detected; and
  
  a third portion configured to cause a computer system to establish a packet filter in the computer network, the packet filter using the selected rules to selectively discard packets originating at the client system associated with the detected event.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 16. An apparatus as recited in claim 15 wherein the detected event is the assignment of an IP address.
  - 17. An apparatus as recited in claim 15 wherein the detected event is the login of a user using the client system associated with the detected event.
  - 18. An apparatus as recited in claim 15 wherein the computer network includes a router and wherein the third portion includes a fourth portion configured to cause a computer system to reconfigure the router to selectively discard packets originating at the client system associated with the detected event.
  - 19. An apparatus as recited in claim 15 wherein the client system associated with the detected event is connected to the network using a cable modem and wherein the third portion includes a fourth portion configured to cause a computer system to reconfigure the cable modem to selectively discard packets originating at the client system associated with the detected event.
  - 20. An apparatus as recited in claim 15 wherein the second portion includes a fourth portion configured to cause a computer system to generate the filtering rules using a standardized template.
  - 21. An apparatus as recited in claim 15 wherein the second portion includes a fourth portion configured to cause a computer system to select the filtering rules from a database.
  - 22. An apparatus as recited in claim 15 wherein each filtering rule includes a protocol type.
  - 23. An apparatus as recited in claim 15 wherein each filtering rule includes a destination address.
  - 24. An apparatus as recited in claim 15 wherein each filtering rule includes a destination mask.
  - 25. An apparatus as recited in claim 15 wherein each filtering rule includes a range of destination port numbers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Motorola, Inc. (Motorola Solutions, Inc.), Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Wong, Thomas K., Patrick, Michael W., Tsirigotis, Panagiotis, Radia, Sanjay R., Lim, Swee Boon, Goedman, Robert J.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Baderman, Scott T.

Application Number

US08/762,402
Time in Patent Office

729 Days
Field of Search

395/187.01, 395/188.01, 395/186, 395/200.33, 395/200.49, 395/200.51, 395/200.55, 395/200.68
US Class Current

726/13
CPC Class Codes

H04L 63/0227 Filtering policies mail mes...

H04L 63/102 Entity profiles

Method and apparatus for dynamic packet filter assignment

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

299 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for dynamic packet filter assignment

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

299 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others