CN100426786C - Network access control method based on access control listing - Google Patents
Network access control method based on access control listing Download PDFInfo
- Publication number
- CN100426786C CN100426786C CNB2004100585505A CN200410058550A CN100426786C CN 100426786 C CN100426786 C CN 100426786C CN B2004100585505 A CNB2004100585505 A CN B2004100585505A CN 200410058550 A CN200410058550 A CN 200410058550A CN 100426786 C CN100426786 C CN 100426786C
- Authority
- CN
- China
- Prior art keywords
- port
- access control
- message
- application protocol
- protocol identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to a network access control method based on an access control list, which comprises the following steps: a known port list containing the corresponding relation between a known port and an application protocol label is established; a dynamic port register list containing the corresponding relation among address, a port and an application protocol label which are used in sequent connection is established; a data message is received; if the message accesses the known port, the application protocol label corresponding to the known port is obtained from the known port list; else, the application protocol label used for the sequent connection is obtained from the dynamic port register; the access control list is searched according to the application protocol label; the message is treated in matching according to access rules. Using the method of the present invention can accurately identify the types of multiple-connection application protocol and the sequent connection message protocol so that the access rules of the access control list can support the shunting demands of the multiple-connection protocol according to service.
Description
Technical field
The present invention relates to a kind of internet access control method, especially a kind of method for network access control based on Access Control List (ACL).
Background technology
Access Control List (ACL) (the ACL that often says in the Internet, Access Control List) technology is a kind of access control technology, this technology is used the information in the packet filtering technology read data packet packet header, according to the rule that pre-defines bag is filtered, and reaches the purpose of access control.The major function of ACL is exactly an one side resource conservation node, stops the visit of disabled user to resource node, limits the access rights that specific user node can possess on the other hand.
Access control list (ACL) regulations is made up of some Permit/Deny statements, constitutes a kind of rule jointly, and this rule is cited as the differentiation standard to packet.Usually, every acl rule can comprise some relevant sub-rules, the IP address that defines in the sub-rule and the scope difference of port numbers can define the protocol type of host IP address scope, range of port number and carrying in every sub-rule, as long as just can be thought different sub-rules.
ACL can be divided into standard access control tabulation (Standard ACL) and extended access list (Extended ACL) by content.Wherein, standard access control tabulation is only mated packet according to source address, thereby allows or refuse the outlet of all communication flowss by router of the IP address of Network Based, subnet or main frame; Extended access list, information such as protocol type according to source/destination address, source/destination slogan, carrying are mated packet, thereby can allow to use some protocol communication flow to pass through to same address, and refusal use the flow of other agreements to pass through.
Existing ACL technology can only the definition of data bag source/destination address, source/destination slogan, the information such as protocol type of carrying, so also can only reach the purpose of access control based on the packet filtering function of existing Access Control List (ACL) according to these finite information.To single application protocol that connects, its serve port is well-known, use the existing ACL technology can be effectively to message classification, and multi-link application protocol has common characteristic, its initial connection is based on well-known port, negotiate follow-up connection on this basis in succession, follow-up connection all is based on non-well-known port, thereby existing ACL technology can't constitute good support for the access control of multi-link protocol type.
With agreement H.323 is example, and H.323 consensus standard is formulated by ITU-T, is described in how to realize multimedia service on the packet network, is the important technology basis of IP telephony system.H.323 be the agreement of a more complicated, a complete calling is mainly by Call Admission Control, call out control, the medium control procedure is formed, and this plurality of processes is to be based upon on the different host-host protocols, H.323 protocol groups is by RTP, RTCP, H.225RAS, H.225, H.245, T.120 several sections constitutes, wherein, H.225RAS passage is used for transmitting the Call Admission Control signaling, H.225 be used for transmitting call control signalling, H.245 be used for transmitting medium control signaling, RTP, RTCP is used for transmitting various Voice ﹠ Video data, T.120 is used for carrying out data service.Passage also adopts different host-host protocols simultaneously, the use UDP that has, the use TCP that has.In above-mentioned communication process, have only and H.225RAS have well-known port 1719, and other H.225, H.245, RTP, RTCP etc. consult in the passage of communication process to produce in front, be used for follow-up communication, what not because know the port of TCP/UDP, and source address is identical with destination address, therefore according to existing ACL technology be can't finish to H.245, the function discerned of protocol channels such as RTP, RTCP.
In the operating environment of the ip voice of reality, in order to guarantee the real-time of video, speech, require to realize that RTCP, RTP message in the agreement are H.323 had forwarding mechanism more preferably, guarantee that so that higher QoS to be provided the above reason makes traditional ACL technology can't guarantee this point.Similar agreement H.323 also has a lot, and more representational have FTP, SIP, a MGCP etc.Because the existence of these multi-link agreements causes existing ACL technology can't solve multi-link agreement is shunted this essence by type of service problem.
Summary of the invention
Technical problem to be solved by this invention provides a kind of method for network access control based on Access Control List (ACL), and this method can satisfy the demand of multi-link agreement by the type of service shunting.
For addressing the above problem, technical scheme provided by the invention is: a kind of method for network access control based on Access Control List (ACL).At first set up the well-known port tabulation, with the corresponding registration of well-known port with application protocol identification; Then set up the dynamic port registration table and message is mated, be specially: setting up in the process of dynamic port registration table, the address that will be used for follow-up connection, port with and pairing application protocol identification correspondence be registered in the dynamic port registration table, in matching process to message, if the message visit is well-known port, then from the well-known port tabulation, obtain the application protocol identification of this port correspondence, if the message visit is not well-known port, then from the dynamic port registration table, obtain the application protocol identification of the port correspondence that is used for follow-up connection, be applied behind the protocol-identifier, in Access Control List (ACL), search, this message is carried out matching treatment according to the access rule that pre-establishes.
In above-mentioned method for network access control based on Access Control List (ACL), the described process of setting up the dynamic port registration table may further comprise the steps: the application protocol identification that at first obtains message, its method is to judge according to well-known port tabulation and the message received whether the port of the message visit of receiving is well-known port, if this message visit is well-known port, then directly from the well-known port tabulation, obtain application protocol identification, whether this port had carried out registration in the dynamic port registration table otherwise search, if the list item of finding this port then obtains application protocol identification from the dynamic port registration table, if in the dynamic port registration table not the list item register of this port then directly end register;
After obtaining application protocol identification, can judge the dynamic registration that whether needs to carry out this port, then message is decoded if need carry out follow-up registration, address and the port that whether is useful on follow-up connection in the message judged in the decoding back, then finish registration if be not used in the address of follow-up connection and the information of port in the message, otherwise the address that is used for follow-up connection and the port that will obtain are registered at the dynamic port registration table, and indicate the application protocol identification of address and port correspondence in the list item of registration.
In method for network access control based on the Access Control List (ACL) technology, the described process that message is mated may further comprise the steps: what judge whether the message received visit according to well-known port tabulation and the message received is well-known port, if then from the well-known port tabulation, obtain the application protocol identification of this port correspondence, otherwise search the dynamic port registration table, then from the dynamic port registration table, obtain application protocol identification if in the dynamic port registration table, find the list item of this port, if the list item register of this port not in the dynamic port registration table then is the unknown with this application protocol type identification; In the Access Control List (ACL) that presets, search the access rule of the application protocol identification correspondence of obtaining,, then message is handled according to access rule if defined the access rule of the represented application protocol of this application protocol identification in the rule that pre-establishes; Otherwise finish the coupling of this message.
Corresponding to method for network access control provided by the invention, should constitute access control rule by the standard commands and the application protocol identification of access rule in the Access Control List (ACL) that this method was applied to, also can constitute access control rule by standard commands, application protocol identification and network segment address and the pairing mask of network segment address of access rule.
With respect to prior art, the beneficial effect that the present invention brings is: owing to mainly according to the type of application protocol message is mated in method for network access control provided by the invention, therefore, special in multi-link agreement, even the port right and wrong of follow-up connection are well-known, also can accurately mate message according to access control rule.Thereby utilize method of the present invention can accurately discern the protocol type of the follow-up connection message of multi-link application protocol, make acl rule can support the demand of multi-link agreement by service distributing.Utilize method provided by the present invention can realize carrying out tactful route, functions such as tactful NAT, QOS by type of service.
Description of drawings
Fig. 1 is for setting up dynamic port registration table flow chart;
Fig. 2 is message coupling flow chart.
Embodiment
The invention provides a kind of method for network access control of supporting multi-link agreement, to the message control that conducts interviews, it mainly comprises registered port and two processes of ACL coupling to the method according to the application protocol type.The ACL coupling is finished the matching feature of acl rule; Registered port makes and the application protocol type that can accurately discern follow-up connection comprises the process of setting up the well-known port tabulation and setting up the dynamic port registration table in the registered port again.
At first, in order to realize method for network access control provided by the present invention, need on the basis of original " standard access control tabulation " and " extended access list ", increase a class " application protocol Access Control List (ACL) ".The rule that " application protocol Access Control List (ACL) " supported has:
(1)rule?permit?application-protocol
(2)rule?deny?application-protocol
(3)rule?permit?x.x.x.x?y.y.y.y?application-protocol
(4)rule?deny?x.x.x.x?y.y.y.y?application-protocol
Application-protocol is the title of application protocol, for example H.323, distributes a unique sign for each agreement during application, and is corresponding one by one with the application protocol title.X.x.x.x y.y.y.y is network segment address and corresponding mask thereof, and expression ACL allows or forbid the visit of this network segment.Because some application protocol relates to multiple bearing protocol, as H.323, wherein bearing protocol H.225/H.245 is a Transmission Control Protocol, and the bearing protocol of RTP/RTCP is a udp protocol, thus in " application protocol Access Control List (ACL) " not to the type definition of bearing protocol.
Setting up the well-known port tabulation is meant: the well-known port of registration in tabulation, and indicate the application protocol type of this port correspondence, and specify a cover coding/decoding function to be used to discern the message of this application protocol.Because the port of being registered is well-known, can when the applied system initialization of this method, carry out so set up the work of well-known port tabulation.The applied system of this method is meant the system or equipment that can realize routing function, as router etc.Setting up the well-known port tabulation finishes when these system or equipments carry out initialization.
Fig. 1 is an embodiment flow chart of setting up the dynamic port registration table.At first, step 11 judges for the message of tabulating according to well-known port and receive whether the port of this message visit is well-known port, if visit is well-known port, owing to well-known port and application protocol type are registered in the well-known port tabulation, thereby can from the well-known port tabulation, directly be obtained the application protocol identification of this port correspondence.If the message visit is not well-known port, then this message port of visiting might carry out registration in the access control process in front in the dynamic port registration table, thereby as step 12, need in the dynamic port registration table, search, whether step 13 can find this port for judging in the dynamic port registration table, if in the dynamic port registration table, do not find this port, illustrate that this non-well-known port also do not register, the feasible application protocol type that can't determine this message then should be carried out step 19 and be finished registration this time; If the port of searching is registered, then obtain the application protocol identification of this port correspondence in the described dynamic port registration table in the dynamic port registration table.Step 14 is for finally obtaining the application protocol identification of this port from well-known port tabulation or dynamic port registration table.
After determining to be which kind of application protocol, carry out step 15, promptly can judge the dynamic registration that whether needs to carry out this port, if promptly do not need dynamic registration, then needn't discern the protocol type that is used for follow-up connection, can carry out step 19 and finish registration this time, discern the protocol type of follow-up connection if desired, then renewal of registration process.
Described set up the content that the dynamic port registration table can be understood as the foundation of the dynamic port registration table that normal conditions think and upgrades two parts herein.Method for network access control of the present invention is that constantly circulation is carried out, also constantly the information of new port, address and pairing application protocol is registered in the dynamic port registration table, renewal owing to this table is identical with the method for building up of this table simultaneously, thereby in fact this dynamic port registration table does not exist the situation about finishing of setting up.By above-mentioned reason, should will be interpreted as the foundation of this table in the registration process of dynamic port registration table to the port that is used for follow-up connection, address and corresponding application protocol among the present invention.
Be example below with the File Transfer Protocol, introduce how to set up the dynamic port registration table, can obtain the sign (ID) of the application protocol of subsequent packet dynamically.
File Transfer Protocol has two connections: control connection is connected with data, and wherein control connection has well-known port 21, and data connect to be rely on order in the message on the control connection to consult to obtain.Connect in order to reach the follow-up data that can dynamically discern FTP, need carry out according to following step:
At first, 21 ports of Transmission Control Protocol are registered a well-known port.And giving the ID of this well-known port specified protocol is FTP, and can have the message of negotiate further port in the sign File Transfer Protocol, specifies a cover coding/decoding function for FTP control channel, is used for discerning the message content of File Transfer Protocol.Because 21 ports are predicted, thus this step can in system initialization, just finish.
In the time of the control message process of FTP, because to cross 21 be a well-known port to registered in advance, just can find its agreement ID by port 21, utilize agreement ID can know that the FTP message can have the message of negotiate further port simultaneously, therefore call corresponding decoding functions, message is decoded with the message content of identification File Transfer Protocol.If find that message content is exactly the swap data of negotiated ports, then just can predict the port information that the FTP data connect, like this port information that obtains is registered a dynamic registration port in the dynamic port registration table from message content, and to specify an agreement ID for this port be FTP-DATA, since can be not again in the data channel of FTP further negotiated ports, therefore we specify the message that can not have the negotiate further port in the data message of FTP again, have not also needed to have specified coding/decoding function for the FTP data channel.By registration, make when follow-up FTP data message passes through like this, search corresponding dynamic port registration table, just can know that this message belongs to a FTP data message, and obtain the agreement ID of this message by port information.
Fig. 2 is an embodiment flow chart of message coupling.Step 21 is for receiving the process of message, after receiving message, carry out step 22, judge according to well-known port tabulation and the message received whether the port of this message visit is well-known port,, then from the well-known port tabulation, obtain corresponding application protocol identification if visit is well-known port; If the message visit is not well-known port, then the port of this message visit might carry out registration in the dynamic port registration table, thereby need carry out step 23, in the dynamic port registration table, continue to search this port, (port of dynamic registration is the port that obtains by application protocol negotiation between the terminal, is used for follow-up visit.Have only multi-link agreement just can need the dynamic registration of port, its registration process is as noted before.) and judge the registration whether this port is arranged in the dynamic port registration table as step 24, if in the dynamic port registration table, do not find this port, then can't determine the application protocol type of this message, is unknown as step 25 with the application protocol identification of this message, if the port of searching is registered in the dynamic port registration table, then obtain its corresponding application protocol identification, step 26 is for obtaining the process of application protocol identification from well-known port tabulation or dynamic port registration table.Step 27 is for judging whether the application protocol identification that obtains is to define in the access rule, if defined the access control rule of this protocol type message in the rule, then execution in step 28, application protocol identification according to the current message that obtains, according to the access control rule in the Access Control List (ACL) that presets, message is mated, if undefined access control rule in the rule to this protocol type (comprise and be designated condition of unknown) message, then execution in step 29, finish the coupling to current message.
In implementation procedure of the present invention, the coupling of the foundation of dynamic port registration table and renewal and message is not separate process.Initial stage, most application protocol identifications obtain by the well-known port tabulation, also continuous in the dynamic port registration table simultaneously on the well-known port basis, being used for the address of follow-up connection, port and corresponding application protocol thereof are registered, along with increasing of follow-up connection, part in the follow-up connection of carrying out again may not be the follow-up connection of carrying out on the basis of well-known port, but the follow-up connection of on the basis of the non-well-known port that carries out the dynamic port registration, carrying out, thereby this time is in the process that the dynamic port registration table is set up, obtain from present dynamic port registration table with regard to the sign that has some application protocols, be used for registration to follow-up connectivity port, and in the process of message coupling, some messages also are to mate according to the application protocol type that is used for follow-up connection in the dynamic port registration table.
More than method for network access control provided by the present invention is described in detail, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; In addition, for one of ordinary skill in the art, according to thought of the present invention, the part that all can change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (7)
1, a kind of method for network access control based on Access Control List (ACL) is characterized in that, comprising:
1) sets up the well-known port tabulation that includes well-known port and application protocol identification corresponding relation in advance;
2) obtain the application protocol identification of message, when having the address that is used for follow-up connection and port in the message, set up and include the described dynamic port registration table that is used for address, port and the application protocol identification corresponding relation of follow-up connection;
3) receiving data packets if this message visit is well-known port, then obtains the application protocol identification of this port correspondence from the well-known port tabulation; Otherwise from the dynamic port registration table, obtain the application protocol identification that is used for follow-up connection;
4) search Access Control List (ACL) according to described application protocol identification, according to access rule this message is mated to transmit and handle.
2, the method for network access control based on Access Control List (ACL) as claimed in claim 1, it is characterized in that, this method further comprises: obtain the application protocol identification of message, update package contains the dynamic port registration table of the address, port and the application protocol identification corresponding relation that are useful on follow-up connection;
The described application protocol identification that obtains message is specially:
211) judge according to well-known port tabulation and the message received whether the port of this message visit is well-known port, if then carry out step 213), otherwise carry out step 212);
212) search the list item whether this port is arranged in the dynamic port registration table, carry out step 213 if find then), otherwise finish registration;
213) obtain corresponding application protocol identification.
3, the method for network access control based on Access Control List (ACL) as claimed in claim 1, it is characterized in that, this method also comprises: judge whether to carry out the registration of dynamic port, judge whether have the address that is used for follow-up connection and the step of port in the message if need then to continue to carry out, otherwise finish to register.
4, the method for network access control based on Access Control List (ACL) as claimed in claim 1 is characterized in that, the step that step 3) obtains application protocol identification is specially:
31) judge according to well-known port tabulation and the message received whether the port of this message visit is well-known port, if then carry out step 33), otherwise carry out step 32);
32) search the list item of whether registering this port in the dynamic port registration table, if find then carry out step 33), otherwise with this application protocol type identification be the unknown;
33) obtain the application protocol identification of this port correspondence.
5, the method for network access control based on Access Control List (ACL) as claimed in claim 1, it is characterized in that, coupling transmit to be handled and to be specially in the step 4): if defined the access rule of the represented application protocol of the application protocol identification that obtains in the rule that pre-establishes, then according to access rule message is handled; Otherwise finish the coupling of this message.
6, the method for network access control based on Access Control List (ACL) as claimed in claim 1 is characterized in that: also comprise the standard commands of application access rule and the access control rule that application protocol identification is formulated message before the step 1).
7, according to claim 1 based on the method for network access control of Access Control List (ACL), it is characterized in that: also comprise standard commands, application protocol identification and the network segment address of application access rule and the access control rule that the pairing mask of network segment address is formulated message before the step 1).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100585505A CN100426786C (en) | 2004-08-18 | 2004-08-18 | Network access control method based on access control listing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100585505A CN100426786C (en) | 2004-08-18 | 2004-08-18 | Network access control method based on access control listing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1738290A CN1738290A (en) | 2006-02-22 |
| CN100426786C true CN100426786C (en) | 2008-10-15 |
Family
ID=36080952
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100585505A Expired - Fee Related CN100426786C (en) | 2004-08-18 | 2004-08-18 | Network access control method based on access control listing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100426786C (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100555991C (en) * | 2006-12-29 | 2009-10-28 | 华为技术有限公司 | The method of message access control, forwarding engine device and communication equipment |
| CN101183988B (en) * | 2007-11-19 | 2010-08-18 | 成都市华为赛门铁克科技有限公司 | Method of identifying packet corresponding service types and device thereof |
| CN101247328B (en) * | 2007-12-28 | 2011-12-28 | 北京九合创胜网络科技有限公司 | Multi-connection processing method and device for network application |
| CN101272350B (en) * | 2008-05-06 | 2011-01-05 | 北京星网锐捷网络技术有限公司 | Output access control method and output access control device |
| CN101640913B (en) * | 2008-08-01 | 2012-04-25 | 中国移动通信集团公司 | System and method for mobility management |
| CN101635676B (en) * | 2009-08-31 | 2011-07-27 | 杭州华三通信技术有限公司 | Message processing method and network equipment |
| CN102098272B (en) * | 2009-12-10 | 2014-02-19 | 华为技术有限公司 | Protocol identification method, device and system |
| CN102594814B (en) * | 2012-02-10 | 2014-11-12 | 福建升腾资讯有限公司 | Terminal-based network access control system |
| CN103684909B (en) * | 2013-11-30 | 2017-06-13 | 广州西维尔计算机系统有限公司 | Information processing method and system based on event source |
| CN108259504A (en) * | 2018-01-30 | 2018-07-06 | 盛科网络(苏州)有限公司 | It is a kind of based on group realize accesses control list a method and device |
| CN109842629B (en) * | 2019-03-03 | 2022-05-10 | 杭州立思辰安科科技有限公司 | Method for realizing self-defined protocol based on protocol analysis framework |
| CN112954055B (en) * | 2021-02-08 | 2023-04-07 | 杭州迪普科技股份有限公司 | Access control method and device based on FTP |
| CN114285819A (en) * | 2021-12-29 | 2022-04-05 | 深圳市共进电子股份有限公司 | Method and device for visiting intranet by visitor network, computer equipment and medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5915087A (en) * | 1996-12-12 | 1999-06-22 | Secure Computing Corporation | Transparent security proxy for unreliable message exchange protocols |
| US6377577B1 (en) * | 1998-06-30 | 2002-04-23 | Cisco Technology, Inc. | Access control list processing in hardware |
| CN1429005A (en) * | 2001-12-25 | 2003-07-09 | 深圳市中兴通讯股份有限公司上海第二研究所 | Wide-band network authentication, authorization and accounting method |
| CN1465014A (en) * | 2001-07-20 | 2003-12-31 | 诺基亚有限公司 | Selective routing of data flows using a tcam |
-
2004
- 2004-08-18 CN CNB2004100585505A patent/CN100426786C/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5915087A (en) * | 1996-12-12 | 1999-06-22 | Secure Computing Corporation | Transparent security proxy for unreliable message exchange protocols |
| US6377577B1 (en) * | 1998-06-30 | 2002-04-23 | Cisco Technology, Inc. | Access control list processing in hardware |
| CN1465014A (en) * | 2001-07-20 | 2003-12-31 | 诺基亚有限公司 | Selective routing of data flows using a tcam |
| CN1429005A (en) * | 2001-12-25 | 2003-07-09 | 深圳市中兴通讯股份有限公司上海第二研究所 | Wide-band network authentication, authorization and accounting method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1738290A (en) | 2006-02-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8873436B2 (en) | Routing and quality decision in mobile IP networks | |
| JP3872477B2 (en) | Multiple call system and method through local IP network | |
| JP4276568B2 (en) | Router and SIP server | |
| CN100426786C (en) | Network access control method based on access control listing | |
| EP2241091B1 (en) | Combining locally addressed devices and wide area network (wan) addressed devices on a single network | |
| US20040085952A1 (en) | Mechanism for implementing Voice Over IP telephony behind network firewalls | |
| US20060002395A1 (en) | Communication system, communication terminal device used in communication system and communication method used in communication system | |
| MXPA04008586A (en) | Method and apparatus for processing internet protocol transmissions. | |
| US7873826B2 (en) | Routing voice over internet (VoIP) call | |
| US20060193323A1 (en) | Apparatus and method for providing session initiation protocol (SIP) service in private network | |
| US20120027008A1 (en) | Addressing Techniques For Voice Over Internet Protocol Router | |
| US7643466B2 (en) | Method and system for using either public or private networks in 1xEV-DO system | |
| WO2014080364A1 (en) | IDENTIFYING NATed DEVICES FOR DEVICE-SPECIFIC TRAFFIC FLOW STEERING | |
| EP2479935A1 (en) | Method, system and communication terminal for implementing inter-communication between new network and internet | |
| JP2007013304A (en) | Extension telephone system and extension telephone communication method | |
| CN102025658A (en) | Method and system for realizing intercommunication between identity network and internet | |
| US8184622B2 (en) | Integrated internet telephony system and signaling method thereof | |
| US7773613B2 (en) | Communication control method and system | |
| TWI393410B (en) | System and method for communication between a plurality of networks | |
| US20030031173A1 (en) | Multilayer internet protocol (MLIP) for peer-to-peer service of private internet and method for transmitting/receiving MLIP packet | |
| US20060077972A1 (en) | Processing voice data in packet communication network with encryption | |
| KR100383583B1 (en) | Method for auto routing of proxy of session initiation protocol | |
| CN1812402B (en) | Method for realizing H.323 communication data packet through fire wall | |
| KR20040066331A (en) | Domain name service processing system and method on intra network | |
| JP2004040476A (en) | Address transformer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20081015 Termination date: 20170818 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |