×

Fragment processing utilizing cross-linked tables

  • US 7,359,983 B1
  • Filed: 06/24/2003
  • Issued: 04/15/2008
  • Est. Priority Date: 06/24/2003
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for processing a fragmented packet with a firewalling device, comprising:

  • receiving fragments of the packet prior to processing of firewall policies at the firewalling device;

    sorting the fragments according to the packet and order of the fragments;

    storing the fragments in association with the packet and in order in a connection table (CT) and a Network Address Translation table (NT);

    cross linking the NT and CT by storing a hash of at least a portion of the fragments in one of the NT and CT tables;

    collecting and assembling all the fragments in order to fully reconstitute the packet prior to applying firewall policies;

    storing an Address Research Table (ART) for a first packet of a connection to the firewall device in association with one of the NT and the CT, and the hashing each of the subsequent packets to determine a table entry to forward the packet; and

    transferring the packet to the firewalling device to apply the firewall policies to the entire packet at one time.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×