System and method for processing packets according to user specified rules governed by a syntax
First Claim
1. A system for processing a plurality of packets according to a first application defined by an entity, each of the plurality of packets being communicated via a network from a source to a destination intended by the source, each of the plurality of packets comprising a plurality of portions, the system comprising:
- a packet interceptor coupled with the network and operative to selectively capture a packet of the plurality of packets from the network;
a processor coupled with the packet interceptor and a first memory; and
first logic stored in the first memory, the first logic being executable by the processor to allow the entity to select and relate a first set of at least two of a plurality of packet processing operations to be performed by the processor with respect to the captured packet to implement the first application, the plurality of packet processing operations including at least one of a data gathering operation, decision making operation, action taking operation or combinations thereof, the performance of at least one of the at least two packet processing operations being based on at least a portion of a previously captured packet which was communicated via the network from the destination to the source; and
wherein the processor is further coupled with second logic, the second logic defining a plurality of sub-operations executable by the processor, each of the plurality of packet processing operations being associated with a sub-set of the plurality of sub-operations, the execution of which implements the associated packet processing operation, and further wherein the performance of a packet processing operation of the plurality of packet processing operations causes the processor to automatically execute the associated sub-set of the plurality of sub-operations to implement the packet processing operation transparently to the entity.
14 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for enhancing the infrastructure of a network such as the Internet is disclosed. A packet interceptor/processor apparatus is coupled with the network so as to be able to intercept and process packets flowing over the network. Further, the apparatus provides external connectivity to other devices that wish to intercept packets as well. The apparatus applies one or more rules to the intercepted packets which execute one or more functions on a dynamically specified portion of the packet and take one or more actions with the packets. The apparatus is capable of analyzing any portion of the packet including the header and payload. Actions include releasing the packet unmodified, deleting the packet, modifying the packet, logging/storing information about the packet or forwarding the packet to an external device for subsequent processing. Further, the rules may be dynamically modified by the external devices.
-
Citations
25 Claims
-
1. A system for processing a plurality of packets according to a first application defined by an entity, each of the plurality of packets being communicated via a network from a source to a destination intended by the source, each of the plurality of packets comprising a plurality of portions, the system comprising:
-
a packet interceptor coupled with the network and operative to selectively capture a packet of the plurality of packets from the network; a processor coupled with the packet interceptor and a first memory; and first logic stored in the first memory, the first logic being executable by the processor to allow the entity to select and relate a first set of at least two of a plurality of packet processing operations to be performed by the processor with respect to the captured packet to implement the first application, the plurality of packet processing operations including at least one of a data gathering operation, decision making operation, action taking operation or combinations thereof, the performance of at least one of the at least two packet processing operations being based on at least a portion of a previously captured packet which was communicated via the network from the destination to the source; and wherein the processor is further coupled with second logic, the second logic defining a plurality of sub-operations executable by the processor, each of the plurality of packet processing operations being associated with a sub-set of the plurality of sub-operations, the execution of which implements the associated packet processing operation, and further wherein the performance of a packet processing operation of the plurality of packet processing operations causes the processor to automatically execute the associated sub-set of the plurality of sub-operations to implement the packet processing operation transparently to the entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for processing a plurality of packets according to a first application defined by an entity, each of the plurality of packets being communicated via a network from a source to a destination intended by the source, each of the plurality of packets comprising a plurality of portions, the method comprising:
-
capturing, selectively, a packet of the plurality of packets from the network; allowing the entity to select and relate a first set of at least two of a plurality of packet processing operations to be performed by a processor with respect to the captured packet to implement the first application, the plurality of packet processing operations including at least one of a data gathering operation, decision making operation, action taking operation or combinations thereof, the performance of at least one of the at least two packet processing operations being based on at least a portion of a previously captured packet which was communicated via the network from the destination to the source; and defining a plurality of sub-operations executable by the processor, each of the plurality of packet processing operations being associated with a sub-set of the plurality of sub-operations, the execution of which implements the associated packet processing operation, and further wherein the performance of a packet processing operation of the plurality of packet processing operations causes the processor to automatically execute the associated sub-set of the plurality of sub-operations to implement the packet processing operation transparently to the entity. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A system for processing a plurality of packets according to a first application defined by an entity, each of the plurality of packets being communicated via a network from a source to a destination intended by the source, each of the plurality of packets comprising a plurality of portions, the method comprising:
-
means for capturing, selectively, a packet of the plurality of packets from the network; means for allowing the entity to select and relate a first set of at least two of a plurality of packet processing operations to be performed by a processor with respect to the captured packet to implement the first application, the plurality of packet processing operations including at least one of a data gathering operation, decision making operation, action taking operation or combinations thereof, the performance of at least one of the at least two packet processing operations being based on at least a portion of a previously captured packet which was communicated via the network from the destination to the source; and means for defining a plurality of sub-operations executable by the processor, each of the plurality of packet processing operations being associated with a sub-set of the plurality of sub-operations, the execution of which implements the associated packet processing operation, and further wherein the performance of a packet processing operation of the plurality of packet processing operations causes the processor to automatically execute the associated sub-set of the plurality of sub-operations to implement the packet processing operation transparently to the entity.
-
Specification