Method for specifying TCP/IP packet classification parameters
First Claim
Patent Images
1. A method for classifying a packet comprising:
- grouping at least one source address in a source group, the at least one source address being extracted from a received packet;
grouping at least one destination address in a destination group, the at least one destination address being extracted from the received packet;
grouping at least one source port, one destination port, and one protocol in a protocol group, the at least one source port, the one destination port and the one protocol being extracted from the received packet;
identifying at least one rule according to results of the grouping of at least one of said source group, destination group, and protocol group; and
providing specific communication treatment associated with said rule to said packet.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and a system for classifying a packet are disclosed. In one embodiment, at least one source address is grouped in a source group and at least one destination address is grouped in a destination group. In addition, at least one source port, one destination port, and one protocol are grouped in a protocol group. After grouping process, at least one rule is fetched according to the source group, destination group, or protocol group. After identifying the rule, specific treatment for the packet during the network transmission is identified in response to the rule or rules.
-
Citations
28 Claims
-
1. A method for classifying a packet comprising:
-
grouping at least one source address in a source group, the at least one source address being extracted from a received packet;
grouping at least one destination address in a destination group, the at least one destination address being extracted from the received packet;
grouping at least one source port, one destination port, and one protocol in a protocol group, the at least one source port, the one destination port and the one protocol being extracted from the received packet;
identifying at least one rule according to results of the grouping of at least one of said source group, destination group, and protocol group; and
providing specific communication treatment associated with said rule to said packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
creating said source group;
creating said destination group; and
creating said protocol group.
-
-
3. The method of claim 1, further comprising allowing an entity to be added to said source group, destination group, and protocol group.
-
4. The method of claim 3, wherein said allowing an entity to be added further includes adding a system to said source group, destination group, and protocol group.
-
5. The method of claim 1, further comprising providing packet security requirements to said packet in response to said rule.
-
6. The method of claim 1, further comprising creating a working group for grouping predefined machines.
-
7. The method of claim 6, wherein said creating a working group further includes identifying at least one rule in response to said working group.
-
8. The method of claim 7, wherein said working group further includes:
-
allowing an entity to be added to said working group; and
permitting an entity to be deleted from said working group.
-
-
9. The method of claim 1 further comprising creating conditions in response to at least one of said source group, destination group, and protocol group.
-
10. The method of claim 1, wherein said packet includes creating a packet utilizing TCP/IP protocols.
-
11. The method of claim 1, wherein said rules include identifying a specific action to be performed for said packet.
-
12. A system comprising:
-
a processor;
a storage device, coupled to said processor, having stored therein a programming codes for classifying a packet, said programming codes, when executed by said processor, causes said processor to perform;
grouping at least one source address in a source group, the at least one source address being extracted from a received packet;
grouping at least one destination address in a destination group, the at least one destination address being extracted from the received packet;
grouping at least one source port, one destination port, and one protocol in a protocol group, the at least one source port, the one destination port and the one protocol being extracted from the received packet;
identifying at least one rule according to results of the grouping of at least one of said source group, destination group, and protocol group; and
providing specific communication treatment associated with said rule to said packet. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A system for classifying a packet comprising:
-
means for grouping at least one source address in a source group, the at least one source address being extracted from a received packet;
means for grouping at least one destination address in a destination group, the at least one destination address being extracted from the received packet;
means for grouping at least one source port, one destination port, and one protocol in a protocol group, the at least one source port, the one destination port and the one protocol being extracted from the received packet;
means for identifying at least one rule according to results of the grouping of at least one of said source group, destination group, and protocol group; and
means for providing specific communication treatment associated with said rule to said packet. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
means for creating said source group;
means for creating said destination group; and
means for creating said protocol group.
-
-
19. The system of claim 17, further comprising means for allowing an entity to be added to said source group, destination group, and protocol group.
-
20. The system of claim 19, wherein said means for allowing an entity to be added further includes means for adding a system to said source group, destination group, and protocol group.
-
21. The system of claim 17, further comprising means for providing security to said packet in response to said rule.
-
22. The system of claim 17, further comprising means for creating a working group for grouping predefined machines.
-
23. The system of claim 22, wherein said means for creating a working group further includes means for identifying at least one rule in response to said working group.
-
24. The system of claim 23, wherein said means for working group further includes:
-
means for allowing an entity to be added to said working group; and
means for permitting an entity to be deleted from said working group.
-
-
25. An article of manufacture for use in a digital processing system for network communication, the article of manufacture comprising a digital processing system usable medium having readable program code embodied in the medium, the program code comprising:
-
grouping at least one source address in a source group, the at least one source address being extracted from a received packet;
grouping at least one destination address in a destination group, the at least one destination address being extracted from the received packet;
grouping at least one source port, one destination port, and one protocol in a protocol group, the at least one source port, the one destination port and the one protocol being extracted from the received packet;
identifying at least one rule according to results of the grouping of at least one of said source group, destination group, and protocol group; and
providing specific communication treatment associated with said rule to said packet. - View Dependent Claims (26, 27, 28)
creating said source group;
creating said destination group; and
creating said protocol group.
-
-
27. The article of manufacture of claim 25, further comprising allowing an entity to be added to said source group, destination group, and protocol group.
-
28. The article of manufacture of claim 25, wherein said allowing an entity to be added further includes adding a system to said source group, destination group, and protocol group.
Specification