Method and apparatus for filtering packet data in a network device
First Claim
Patent Images
1. A process of filtering packet data in a network device, said process comprising:
- applying at least one mask to a portion of an incoming packet;
extracting a field from the portion of the incoming packet;
searching a rules table for a matching value for the extracted field;
recording a search result as one of a hit and a miss depending on the matching value;
accessing a combination table of combination rules based on the at least one mask;
combining said one of the hit and the miss with another search result to obtain a combined search result; and
executing one of a hit action and a miss action from the combination table based on the combined search result.
4 Assignments
0 Petitions
Accused Products
Abstract
A process of filtering packet data in a network device is disclosed. At least one mask is applied to a portion of an incoming packet and a field is extracted from the portion of the incoming packet. A rules table is searched for a matching value for the extracted field and one of a hit and a miss is recorded depending on the matching value. A combination table is accessed based on the at least one mask and the one of the hit and the miss is combined with another search result to obtain a combined search result. One of a hit action and a miss action is executed from the combination table based on the combined search result.
89 Citations
20 Claims
-
1. A process of filtering packet data in a network device, said process comprising:
-
applying at least one mask to a portion of an incoming packet; extracting a field from the portion of the incoming packet; searching a rules table for a matching value for the extracted field; recording a search result as one of a hit and a miss depending on the matching value; accessing a combination table of combination rules based on the at least one mask; combining said one of the hit and the miss with another search result to obtain a combined search result; and executing one of a hit action and a miss action from the combination table based on the combined search result. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A filter for packet data in a network device, said filter comprising:
-
applying means for applying at least one mask to a portion of an incoming packet; extracting means for extracting a field from the portion of the incoming packet; searching means for searching a rules table for a matching value for the extracted field; recording means for recording a search result as one of a hit and a miss depending on the matching value; accessing means for accessing a combination table of combination rules based on the at least one mask; combining means for combining said one of the hit and the miss with another search result to obtain a combined search result; and executing means for executing one of a hit action and a miss action from the combination table based on the combined search result. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A network device having a packet filter, said network device comprising:
-
at least one port interface, having at least one port for receiving an incoming packet; a packet parser, in communication with said at least one port interface, where said parser obtains a portion of said incoming packet; a field extractor, in communication with said packet parser, where said extractor applies at least one mask to said portion of said incoming packet and extracts at least one field from the portion of the incoming packet; a rules table, in communication with the field extractor; and a combination table of combination rules, in communication with the field extractor; wherein said field extractor is configured to execute one of a hit action and a miss action obtained from the combination table based on a combined search result. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification