公开(公告)号：US07644164B2

公开(公告)日：2010-01-05

申请号：US11818215

申请日：2007-06-13

申请人： Taro Saiki ,  Satoshi Iyoda ,  Yoshimasa Koyama

发明人： Taro Saiki ,  Satoshi Iyoda ,  Yoshimasa Koyama

IPC分类号： G06F15/16 ,  G06F15/173

CPC分类号： H04L67/2814 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/166

摘要： A relay program, communication processing program, and firewall system capable of simplifying security management in a firewall. In a firewall, only an aggregation port that is an aggregation of one or a plurality of ports to be allowed to pass through is set to be allowed. When a communication source client makes a connection with a target connection request destination connected to an internal network, the communication source client issues connection request information specifying the target connection request destination with its destination set to the aggregation port. In a relay server, a connection request information acquisition unit reads the connection request information that passed through the firewall and is input via the aggregation port. A relay unit changes the destination to the target connection request destination based on the connection request information and sends the connection request information to the target connection request destination to thereby make a connection request, and also sends connection result information obtained from the target connection request destination to the communication source client.

摘要翻译： 一种能够简化防火墙安全管理的中继程序，通信处理程序和防火墙系统。 在防火墙中，仅允许允许通过的一个或多个端口的聚合的聚合端口被允许。 当通信源客户端与连接到内部网络的目标连接请求目的地进行连接时，通信源客户端将其目的地设置为聚合端口，发出指定目标连接请求目的地的连接请求信息。 在中继服务器中，连接请求信息获取单元读取通过防火墙通过聚合端口输入的连接请求信息。 中继单元基于连接请求信息将目的地更改为目标连接请求目的地，并将连接请求信息发送到目标连接请求目的地，从而进行连接请求，还发送从目标连接请求目的地获取的连接结果信息 到通信源客户端。

公开(公告)号：US20080028078A1

公开(公告)日：2008-01-31

申请号：US11818215

申请日：2007-06-13

申请人： Taro Saiki ,  Satoshi Iyoda ,  Yoshimasa Koyama

发明人： Taro Saiki ,  Satoshi Iyoda ,  Yoshimasa Koyama

IPC分类号： G06F15/16

CPC分类号： H04L67/2814 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/166

摘要： A relay program, communication processing program, and firewall system capable of simplifying security management in a firewall. In a firewall, only an aggregation port that is an aggregation of one or a plurality of ports to be allowed to pass through is set to be allowed. When a communication source client makes a connection with a target connection request destination connected to an internal network, the communication source client issues connection request information specifying the target connection request destination with its destination set to the aggregation port. In a relay server, a connection request information acquisition unit reads the connection request information that passed through the firewall and is input via the aggregation port. A relay unit changes the destination to the target connection request destination based on the connection request information and sends the connection request information to the target connection request destination to thereby make a connection request, and also sends connection result information obtained from the target connection request destination to the communication source client.

摘要翻译： 一种能够简化防火墙安全管理的中继程序，通信处理程序和防火墙系统。 在防火墙中，仅允许允许通过的一个或多个端口的聚合的聚合端口被允许。 当通信源客户端与连接到内部网络的目标连接请求目的地进行连接时，通信源客户端将其目的地设置为聚合端口，发出指定目标连接请求目的地的连接请求信息。 在中继服务器中，连接请求信息获取单元读取通过防火墙通过聚合端口输入的连接请求信息。 中继单元基于连接请求信息将目的地更改为目标连接请求目的地，并将连接请求信息发送到目标连接请求目的地，从而进行连接请求，还发送从目标连接请求目的地获取的连接结果信息 到通信源客户端。