Edge adapter apparatus and method
First Claim
1. A method of processing a first data packet, transmitted over a network from a source to a first recipient, said first data packet comprising a header layer and an application data layer, and a second data packet transmitted over said network from the first recipient to the source, said method comprising:
- (a) capturing said first data packet from said network prior to its reception by said first recipient;
(b) analyzing said header layer of said first data packet according to a first rule;
(c) examining, selectively, a dynamically specified portion of said application data layer of said first data packet according to a second rule;
(d) determining a first action to be taken on said first data packet according to a third rule; and
(e) performing said first action on said first data packet,wherein said first action comprises at least storing information related to said first data packet;
(f) capturing said second data packet from said network prior to its reception by said source;
(g) analyzing a header layer of said second data packet according to a fourth rule;
(h) examining, selectively, a dynamically specified portion of said application data layer of said second data packet according to a fifth rule;
(i) determining a second action to be taken on said second data packet according to a sixth rule; and
(j) performing said second action on said second data packet; and
wherein at least one of said fourth rule, said fifth rule, said sixth rule or combinations thereof, is based on said stored information.
13 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for enhancing the infrastructure of a network such as the Internet is disclosed. A packet interceptor/processor apparatus is coupled with the network so as to be able to intercept and process packets flowing over the network. Further, the apparatus provides external connectivity to other devices that wish to intercept packets as well. The apparatus applies one or more rules to the intercepted packets which execute one or more functions on a dynamically specified portion of the packet and take one or more actions with the packets. The apparatus is capable of analyzing any portion of the packet including the header and payload. Actions include releasing the packet unmodified, deleting the packet, modifying the packet, logging/storing information about the packet or forwarding the packet to an external device for subsequent processing. Further, the rules may be dynamically modified by the external devices.
255 Citations
108 Claims
-
1. A method of processing a first data packet, transmitted over a network from a source to a first recipient, said first data packet comprising a header layer and an application data layer, and a second data packet transmitted over said network from the first recipient to the source, said method comprising:
-
(a) capturing said first data packet from said network prior to its reception by said first recipient; (b) analyzing said header layer of said first data packet according to a first rule; (c) examining, selectively, a dynamically specified portion of said application data layer of said first data packet according to a second rule; (d) determining a first action to be taken on said first data packet according to a third rule; and (e) performing said first action on said first data packet, wherein said first action comprises at least storing information related to said first data packet; (f) capturing said second data packet from said network prior to its reception by said source; (g) analyzing a header layer of said second data packet according to a fourth rule; (h) examining, selectively, a dynamically specified portion of said application data layer of said second data packet according to a fifth rule; (i) determining a second action to be taken on said second data packet according to a sixth rule; and (j) performing said second action on said second data packet; and wherein at least one of said fourth rule, said fifth rule, said sixth rule or combinations thereof, is based on said stored information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A method of processing a first data packet directed to a first recipient from a source over a network, said first data packet comprising header data and application data, said method comprising:
-
(a) intercepting said first data packet prior to receipt by said first recipient; (b) capturing said first data packet in a buffer; (c) analyzing, selectively, said header data according to a first rule; (d) analyzing, selectively, a dynamically specified portion of said application data according to a second rule; (e) copying, selectively, said first data packet and forwarding, selectively, said copied first data packet to a second recipient different from said first recipient according to a third rule; (f) releasing, selectively, said first data packet back to said network according to a fourth rule; (g) modifying, selectively, said first data packet and releasing, selectively, said modified first data packet back to said network according to a fifth rule; (h) deleting, selectively, said first data packet from said buffer according to a sixth rule; and (i) storing, selectively, information about said first data packet according to a seventh rule; and wherein at least one of said first rule, said second rule, said third rule, said fourth rule, said fifth rule, said sixth rule, said seventh rule, or combinations thereof, are based on a second packet previously transmitted over said network from said first recipient to said source. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. An apparatus for processing a first packet transmitted over a network from a source to a first destination, said first packet comprising a header layer and an application data layer, said apparatus comprising:
-
a network interface operative to receive said first packet from said source; a routing processor coupled with said network interface and operative to receive said first packet from said network interface and convey said first packet to said first destination; and a packet processor coupled with said network interface and said routing processor, said packet processor comprising; a memory operative to store information about a second packet previously transmitted from said first recipient to said source; a packet analyzer coupled with said memory and operative to analyze said header layer according to a first rule and selectively analyze a dynamically specified portion of said application data layer according to a second rule; and a packet redirector coupled with said memory, said packet analyzer and said routing processor and operative to selectively perform an action on said first packet according to a third rule prior to said conveyance by said routing processor; wherein at least one of said first rule, said second rule, said third rule, or combinations thereof, are based on said stored information. - View Dependent Claims (50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69)
-
-
70. An adapter for a router comprising:
-
a router interface operative to couple said adapter with said router; a packet processor coupled with said router interface and operative to intercept a first packet from a source to a destination, prior to receipt by said router, said packet processor further comprising; a memory operative to store information about a second packet previously transmitted from said destination to said source; a buffer operative to receive and store said first packet for processing; first logic coupled with said buffer and said memory, said first logic operative to apply a first function to a header layer of said first packet and produce a first result; second logic coupled with said buffer and said memory, said second logic operative to apply a second function to a dynamically specified portion of said application data layer of said first packet and produce a second result; and third logic coupled with said buffer, said memory and said first and second logic, said third logic operative to perform an operation on said first packet using a third function and said first and second results; wherein at least one of said first function, said second function, said third function, or combinations thereof, are based on said stored information. - View Dependent Claims (71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87)
-
-
88. A system for facilitating a non-invasive interface to a network comprising:
-
a router coupled with said network and operative to route a first packet from a first source to a first destination; and a packet processor coupled with said router and operative to receive said first packet from said first source and process said first packet prior to routing by said router, said packet processor including; a rule set comprising first, second and third rules; first logic operative to analyze a header layer of said first packet according to said first rule; second logic operative to analyze a dynamically specified portion of said application data layer of said first packet according to said second rule; third logic operative to perform a function on said first packet according to said third rule; and an external interface operative to transparently couple a first external device to said packet processor; wherein at least one of said first rule, said second rule, said third rule, said first logic, said second logic, said third logic, or combinations thereof, are based on a second racket previously transmitted over said network from said first destination to said first source. - View Dependent Claims (89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105)
-
-
106. An edge server coupled between a point-of-presence (“
- POP”
) and a network and operative to monitor a bidirectional network traffic stream passing between said POP and said network, said bidirectional network traffic stream comprising a first stream passing from said POP to said network and a second stream passing from said network to said POP, said edge server comprising;a traffic interceptor operative to at least one of selectively intercept said first stream based on at least a portion of said second stream prior to said first stream reaching its intended destination, selectively intercept said second stream based on at least a portion of said first stream prior to said second stream reaching its intended destination, or combinations thereof; and a traffic modifier operative to modify said selectively intercepted stream and reinsert said modified selectively intercepted stream into said network. - View Dependent Claims (107, 108)
- POP”
Specification