Screening of data packets in a gateway
First Claim
1. An arrangement including at least one gateway element and a database entity, said at least one gateway element comprisingmeans storing information for screening data packets andmeans processing data packets, said processing involving comparison of a data packet header to header information specified in said screening information,said database entity including means providing information for screening data packets,said at least one gateway element including means receiving at least part of said information for screening data packets from said database entity, and said processing means being configured to compare header information of a data packet to screening information comprising a first rule, which specifies first header information, and a subset of rules relating to said first rule, and configured to compare a data packet to said subset of rules only if the header information of the data packet matches the header information of the first rule, and wherein said screening information comprises a first part, which is modifiable by an entity authorized to configure said gateway element, and a second part, which is modifiable by an entity specifically authorized to modify said second part.
9 Assignments
0 Petitions
Accused Products
Abstract
A method for processing data packets in a gateway element comprises the steps of: comparing a data packet to screening information comprising a set of rules, and processing a data packet according to a rule belonging to the set of rules, the header information of said data packet matching the header information of said rule. The method is characterized in that said screening information is hierarchically structured so that it comprises a first rule, which specifies first header information, and a subset of rules relating to said first rule, and in that in said step of comparing a data packet, said data packet is compared to said subset of rules only if the header information of the data packet matches the header information of the first rule. A gateway element, an arrangement, and a data structure comprising screening information are also presented.
-
Citations
3 Claims
-
1. An arrangement including at least one gateway element and a database entity, said at least one gateway element comprising
means storing information for screening data packets and means processing data packets, said processing involving comparison of a data packet header to header information specified in said screening information, said database entity including means providing information for screening data packets, said at least one gateway element including means receiving at least part of said information for screening data packets from said database entity, and said processing means being configured to compare header information of a data packet to screening information comprising a first rule, which specifies first header information, and a subset of rules relating to said first rule, and configured to compare a data packet to said subset of rules only if the header information of the data packet matches the header information of the first rule, and wherein said screening information comprises a first part, which is modifiable by an entity authorized to configure said gateway element, and a second part, which is modifiable by an entity specifically authorized to modify said second part.
-
2. A computer readable storage medium comprising a computer executable program code which provides at least following functions of a gateway element:
-
storing information for screening data packets, processing data packets, said processing involving comparison of a data packet header to header information specified in said screening information, receiving at least part of said information for screening data packets from a database entity providing information for screening data packets, and said comparing involving comparing header information of a data packet to screening information comprising a first rule, which specifies first header information, and a subset of rules relating to said first rule, and configured to compare a data packet to said subset of rules only if the header information of the data packet matches the header information of the first rule, and wherein said screening information comprises a first part, which is modifiable by an entity authorized to configure said gateway element, and a second part, which is modifiable by an entity specifically authorized to modify said second part.
-
-
3. A computer-implemented method for processing data packets in a gateway element, said method comprising:
-
storing information for screening data packets and processing data packets, said processing involving comparison of a data packet header to header information specified in said screening information, receiving at least part of said information for screening data packets from a database entity providing information for screening data packets, and said comparing involving comparing header information of a data packet to screening information comprising a first rule, which specifies first header information, and a subset of rules relating to said first rule, and configured to compare a data packet to said subset of rules only if the header information of the data packet matches the header information of the first rule, and wherein said screening information comprises a first part, which is modifiable by an entity authorized to configure said gateway element, and a second part, which is modifiable by an entity specifically authorized to modify said second part.
-
Specification