Fragment processing utilizing cross-linked tables
First Claim
Patent Images
1. A method for processing a fragmented packet with a firewalling device, comprising:
- receiving fragments of the packet prior to processing of firewall policies at the firewalling device;
sorting the fragments according to the packet and order of the fragments;
storing the fragments in association with the packet and in order in a connection table (CT) and a Network Address Translation table (NT);
cross linking the NT and CT by storing a hash of at least a portion of the fragments in one of the NT and CT tables;
collecting and assembling all the fragments in order to fully reconstitute the packet prior to applying firewall policies;
storing an Address Research Table (ART) for a first packet of a connection to the firewall device in association with one of the NT and the CT, and the hashing each of the subsequent packets to determine a table entry to forward the packet; and
transferring the packet to the firewalling device to apply the firewall policies to the entire packet at one time.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and apparatus for reassembling a packet from fragments. The fragments of the packet are obtained by a device, such as a firewalling device. The fragments are sorted according to the packet and order of the fragments. The fragments are stored in association with the packet and in order. Once all the fragments to reconstitute the packet have been collected, the fragments are assembled in order to reconstitute the packet.
-
Citations
23 Claims
-
1. A method for processing a fragmented packet with a firewalling device, comprising:
-
receiving fragments of the packet prior to processing of firewall policies at the firewalling device; sorting the fragments according to the packet and order of the fragments; storing the fragments in association with the packet and in order in a connection table (CT) and a Network Address Translation table (NT); cross linking the NT and CT by storing a hash of at least a portion of the fragments in one of the NT and CT tables; collecting and assembling all the fragments in order to fully reconstitute the packet prior to applying firewall policies; storing an Address Research Table (ART) for a first packet of a connection to the firewall device in association with one of the NT and the CT, and the hashing each of the subsequent packets to determine a table entry to forward the packet; and transferring the packet to the firewalling device to apply the firewall policies to the entire packet at one time. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer readable medium containing instructions that, when executed by a processor, cause the processor to process a fragmented packet with a firewalling device, by performing the steps of:
-
receiving fragments of the packet prior to processing of firewall policies at the firewalling device; sorting the fragments according to the packet and order of the fragments; storing the fragments in association with the packet and in order in a connection table (CT) and a Network Address Translation table (NT); cross linking the NT and CT by storing a hash of at least a portion of the fragments in one of the NT and CT tables; collecting and assembling all the fragments in order to fully reconstitute the packet prior to applying firewall policies; storing an Address Research Table (ART) for a first packet of a connection to the firewall device in association with one of the NT and the CT, and the hashing each of the subsequent packets to determine a table entry to forward the packet; and transferring the packet to the firewalling device to apply the firewall policies to the entire packet at one time. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification