首页>
外国专利>
SUPPORTING ACCESS CONTROL LIST RULES THAT APPLY TO TCP SEGMENTS BELONGING TO 'ESTABLISHED' CONNECTION
SUPPORTING ACCESS CONTROL LIST RULES THAT APPLY TO TCP SEGMENTS BELONGING TO 'ESTABLISHED' CONNECTION
展开▼
机译:支持适用于“已建立”连接的TCP段的访问控制列表规则
展开▼
页面导航
摘要
著录项
相似文献
摘要
Embodiments provide a TCAM-based access control list that supports disjunction operations in rules. A network frame is received. Embodiments determine set TCP flags of the network frame. Upon determining that the set TCP flags match a first entry in a numeric range table, bits of a search key corresponding to the first entry are updated. The search key accesses a second entry stored in a TCAM. The first entry further comprises an encode field to scan a TCP header of the network frame for set TCP flags, a first mask field to a condition corresponding to unset TCP flags to identify in the network frame, a second mask field to a condition corresponding to set TCP flags to identify in the network frame, and an operation field specifying a disjunction operation for comparing the set TCP flags with the first mask field and the second mask field.
展开▼