共查询到19条相似文献,搜索用时 125 毫秒
1.
网络设备是完成用户数据包在网络媒介上发送和接收的设备,它将上层协议传递下来的数据包以特定的媒介访问控制方式进行发送,并将接收到的数据传递给上层协议。提出了一种在Linux系统下编写虚拟网卡驱动程序,并在虚拟网卡驱动中提取出数据包,再根据事先约定好的规则对数据包做处理,最后通过Linux内核socket机制将数据包发送出去的技术。在工程项目中,采用此种技术,可以实现在虚拟网卡驱动中抓取出数据包,然后根据具体要求处理及转发数据包。 相似文献
2.
LI Na 《数字社区&智能家居》2008,(4)
本文主要讨论了在以太网(Ethernet)环境下的TCP/IP(其中IP协议的版本是IPv4)数据包的截获与分析技术。通过使用该技术,可以让一台主机能够接收流经该主机的所有数据包,而不理会数据包包头中目的地址的内容。这种技术在网络安全及网络管理领域有着举足轻重的地位。本系统利用套接字(Socket)对网卡的编程来实现对数据包的截获及分析。 相似文献
3.
移动IP协议提供主机在移动状态下接入IP网络并保持通信的能力,在基于IP骨干网的第三代无线通信系统中,移动IP协议被认为是支持移动性的一项重要协议。MPLS技术结合了三层转发的灵活和二层交换的高速,为骨干网络解决方案提供了高速的数据包转发能力和极大的可扩展性。 相似文献
4.
李娜 《数字社区&智能家居》2008,(2):621-627
本文主要讨论了在以太网(Ethernet)环境下的TCP/IP(其中IP协议的版本是IPv4)数据包的截获与分析技术。通过使用该技术,可以让一台主机能够接收流经该主机的所有数据包,而不理会数据包包头中目的地址的内容。这种技术在网络安全及网络管理领域有着举足轻重的地位。本系统利用套接字(Socket)对网卡的编程来实现对数据包的截获及分析。 相似文献
5.
该文提出了利用虚拟网卡对流经VPN网关的IP数据包进行转发的方案。此方案简单可靠,且将繁琐的VPN技术放到了应用层来实现,而虚拟网卡只负责转发来自内网和VPN隧道上的数据包,因此效率上也得到了保证。 相似文献
6.
基于TCP/IP的远程视频监控系统的设计 总被引:4,自引:0,他引:4
本文提出了一种基于TCP/IP网络进行远程视频监控系统的设计思路 ,该系统包括数码云台数据采集 ,TCP/IP数据包处理和主控端命令控制、图像显示三个部分。为了在TCP/IP环境下实现监控目的 ,系统从软件角度自定义了用户数据包来解决在TCP/IP环境下控制命令字和图像数据的交叉传输问题。 相似文献
7.
8.
9.
策略路由是目前硬件路由器支持的一种高级路由技术,路由器不仅可以根据目的IP地址进行路由选择外,而且还可以根据其他因素进行路由选择。在Linux下应用iptables和策略路由实现防火墙,在功能上更强大,使管理员更灵活方便的控制所需要的转发,不仅能够根据IP包的目的地址而且能够根据报文大小或IP源地址来选择数据包的转发路径,以更好的控制内外网数据包的转发和限制。 相似文献
10.
一般的网络安全应用软件,只对网络中的某类报文进行处理,基于通用的网卡采集网络数据,会收到大量的无用报文,降低系统效率。本文基于FPGA和零拷贝技术,设计并实现了一种智能网卡,将报文分类过滤工作下移到网卡硬件中实现,智能网卡完成了网络数据包报文捕获、报文分析、规则匹配等工作,可以过滤掉无用报文,只把应用关心的报文提交给到主机系统。与普通网卡相比,智能网卡可以有效提升网络数据采集的效率。 相似文献
11.
This paper evaluates and compares the performance of IP-packet forwarding of a Linux host equipped with multiple network interface cards (NICs), namely two receiving NICs and one transmitting NIC. We consider a Linux host with SMP (Symmetric Multiprocessing) or multicore multiprocessor (MCMP) architecture. We measure IP forwarding by subjecting an MCMP Linux host to different traffic load conditions of up to 1 Gbps. We used the IXIA hardware traffic generator to generate traffic with fixed- and variable-size packets. At the Linux host, generated packets are forwarded/routed from the two receiving NICs to the transmitting NIC. We consider two NIC affinity modes: (I) both receiving NICs are affinitized (or bound) to two cores of the same processor while the transmitting NIC is affinitized to a core on a separate processor, and (II) the transmitting NIC and one receiving NIC are affinitized to two cores of the same processor while the second receving NIC is affinitized to a core on a separate processor. For each affinity mode, we measure the performance for three packet reception mechanisms: NAPI (New API) with a default budget of 300, NAPI with a budget of 2, and Disable and Enable interrupt handling. The performance is measured and compared in terms of various key performance metrics which include throughput, packet loss, round-trip delay, interrupt rates, and CPU availability. 相似文献
12.
A More Practical Approach for Single-Packet IP Traceback using Packet Logging and Marking 总被引:1,自引:0,他引:1
《Parallel and Distributed Systems, IEEE Transactions on》2008,19(10):1310-1324
Tracing IP packets to their origins is an important step in defending Internet against denial-of-service attacks. Two kinds of IP traceback techniques have been proposed as packet marking and packet logging. In packet marking, routers probabilistically write their identification information into forwarded packets. This approach incurs little overhead but requires large flow of packets to collect the complete path information. In packet logging, routers record digests of the forwarded packets. This approach makes it possible to trace a single packet and is considered more powerful. At routers forwarding large volume of traffic, the high storage overhead and access time requirement for recording packet digests introduce practicality problems. In this paper, we present a novel scheme to improve the practicality of log-based IP traceback by reducing its overhead on routers. Our approach makes an intelligent use of packet marking to improve scalability of log-based IP traceback. We use mathematical analysis and simulations to evaluate our approach. Our evaluation results show that, compared to the state-of-the-art log-based approach called hash-based IP traceback, our approach maintains the ability to trace single IP packet while reducing the storage overhead by half and the access time overhead by a factor of the number of neighboring routers. 相似文献
13.
基于 NDIS中间层驱动的高速网络设备监测技术 * 总被引:2,自引:0,他引:2
传统的基于应用层的网卡监测方式已难以对高速网卡活动信息进行实时、准确监测。为此 ,分析基于 NDIS( network driver interface specification)中间层驱动和 Windows网络数据包过滤技术的特点 ,采用核心态 NDIS中间层驱动程序实现了与底层网络接口设备具体细节无关的高速网络设备监测技术 ,设计并实现了 Windows平台下基于 NDIS的网卡监测器。它分为应用层和驱动层两个模块 ,能够在保证高性能的情况下在数据链路层同时对多个网卡进行精确监测 ,其主要特点是对所 相似文献
14.
入侵检测技术是网络安全领域中的新技术,但它发展还不成熟,很多攻击方法利用它的缺陷进行攻击。其中小IP报文攻击利用Windows和Linux对有数据重叠的报文处理方式不一样进行攻击。论文提出了小IP报文攻击的入侵检测方法,并采用Snort工具进行实验,使得Snort和被保护主机对有数据重叠的报文的处理方式一致,从而使Snort发生误报、漏报的次数明显减少,为实现网络安全提供了有益的借鉴。 相似文献
15.
16.
17.
龙君芳 《电脑编程技巧与维护》2009,(12):62-63
被动数据捕捉技术在网络安全领域有着极其丰富的应用,但传统的采集方式在网络流量较大时,系统将出现大量丢包现象,己经不能适应千兆网络的要求?PF_RING机制是一种不必修改网卡驱动,面向PC、普通网卡的接口丰富的性能表现优异的软件解决方案。本文首先分析了传统的数据包采集技术,然后对PFRING机制进行详细的分析,在此基础上,基于Linux操作系统实现了基于PF_RING的IPv6数据包采集,最后在实验平台上进行测试并对测试结果进行分析: 相似文献
18.
Ruay-Shiung Chang Chin-Dong Wang 《Multimedia, IEEE Transactions on》1999,1(3):278-290
Transmission control protocol/Internet protocol (TCP/IP) is the de facto standard of the networking world. It dynamically adjusts routing of packets to accommodate failures in channels and allows construction of very large networks with little central management. But IP packets are based on the datagram model and are not really suited to real-time traffic. In order to overcome the drawbacks, a new network technology, ATM, is proposed. ATM provides quality of service (QOS) guarantees for various classes of applications and in-order delivery of packets via connection oriented virtual circuits. Unfortunately, when ATM is to be internetworked with the existing network infrastructure, some special signaling, addressing and routing protocols are needed. IP over ATM is one of the methods proposed by IETF. It allows existing TCP/IP applications to run on ATM end-stations and ATM networks to interconnect with legacy LAN/WAN technologies. But the performance of TCP/IP over ATM leaves something to be desired. Partial packet discard (PPD) and early packet discard (EPD) are two schemes to improve its performance. This paper proposes a “selective packet retransmission” scheme for improving HTTP/TCP performance when transmitting through ATM networks. In selective packet retransmission, we take advantage of the property of humans' perception tolerance for errors to determine whether to retransmit a corrupted TCP segment or not. For lossable data, such as images, when an error occurs because of cell losses, it will not be retransmitted. The simulations show that, for the same buffer size and traffic load, selective packet retransmission performs better than PPD, EPD, and plain TCP over ATM 相似文献
19.
可信任是下一代互联网的重要特征.目前,互联网的路由系统只按照分组的目的IP地址转发分组,携带虚假源IP地址的伪造分组也会被传输到目的地,这会在威胁接收方安全的同时,隐藏发送方的真实身份.可信任互联网的路由系统不仅需要能够正确地转发分组,而且能够验证分组来自正确的发送方.基于路由的域间分布式分组过滤是过滤伪造分组的有效方法.提出了BGP的路由选择通知功能扩展,为域间分组过滤提供过滤标准.在扩展的支持下,边界路由器能够鉴别进入本自治系统的分组的真实性,过滤掉伪造其他自治系统地址的分组.模拟结果表明,路由选择通知不会对BGP正常的路由功能产生负面影响,选择合理的路由选择时钟参数,可以在同时取得较小带宽开销和较快收敛速度的情况下,为域间分布式分组过滤提供支持. 相似文献