公开(公告)号：US07770215B2

公开(公告)日：2010-08-03

申请号：US11554081

申请日：2006-10-30

申请人： Chris O'Rourke ,  Gaurang K. Shah ,  Louis F. Menditto ,  Mark Albert ,  Michael S. Sutton ,  Pranav K. Tiwari ,  Robert M. Batz ,  Richard Gray ,  Sean W. Hull ,  Tzu-Ming Tsang

发明人： Chris O'Rourke ,  Gaurang K. Shah ,  Louis F. Menditto ,  Mark Albert ,  Michael S. Sutton ,  Pranav K. Tiwari ,  Robert M. Batz ,  Richard Gray ,  Sean W. Hull ,  Tzu-Ming Tsang

IPC分类号： G06F9/00

CPC分类号： H04L63/1458 ,  H04L63/02 ,  H04L63/0227 ,  H04L67/1002 ,  H04L67/1036

摘要： A method for protecting firewall load balancers from a denial of service attack is provided. Packets are received by the firewall load balancer. Each packet has a source and a destination. The firewall load balancer is equipped with a connection database that can contain entries about the packets. Upon receipt of a packet, the connection database is queried to determine whether or not there is an entry for the received packet. If an entry is found in the database, the packet is forwarded to its destination. Otherwise, if the packet was received from a firewall, then a new connection entry for the packet is built and is saved to the connection database and the packet is forwarded on to its destination. If the packet does not have an entry (match) in the connection database and the packet was not received from a firewall, then the packet is forwarded to a firewall.

摘要翻译： 提供了一种保护防火墙负载均衡器免受拒绝服务攻击的方法。 数据包由防火墙负载平衡器接收。 每个数据包都有源和目标。 防火墙负载平衡器配有可以包含有关数据包的条目的连接数据库。 在接收到分组时，查询连接数据库以确定是否存在所接收分组的条目。 如果在数据库中找到条目，则将数据包转发到其目的地。 否则，如果从防火墙接收到数据包，则会建立新的数据包连接条目，并将其保存到连接数据库，并将数据包转发到其目的地。 如果数据包在连接数据库中没有条目（匹配），并且未从防火墙接收到数据包，则将数据包转发到防火墙。

公开(公告)号：US20080028456A1

公开(公告)日：2008-01-31

申请号：US11554081

申请日：2006-10-30

申请人： Chris O'Rourke ,  Gaurang K. Shah ,  Louis F. Menditto ,  Mark Albert ,  Michael S. Sutton ,  Pranav K. Tiwari ,  Robert M. Batz ,  Richard Gray ,  Sean W. Hull ,  Tzu-Ming Tsang

发明人： Chris O'Rourke ,  Gaurang K. Shah ,  Louis F. Menditto ,  Mark Albert ,  Michael S. Sutton ,  Pranav K. Tiwari ,  Robert M. Batz ,  Richard Gray ,  Sean W. Hull ,  Tzu-Ming Tsang

IPC分类号： G06F15/16

CPC分类号： H04L63/1458 ,  H04L63/02 ,  H04L63/0227 ,  H04L67/1002 ,  H04L67/1036

摘要： A method for protecting firewall load balancers from a denial of service attack is provided. Packets are received by the firewall load balancer. Each packet has a source and a destination. The firewall load balancer is equipped with a connection database that can contain entries about the packets. Upon receipt of a packet, the connection database is queried to determine whether or not there is an entry for the received packet. If an entry is found in the database, the packet is forwarded to its destination. Otherwise, if the packet was received from a firewall, then a new connection entry for the packet is built and is saved to the connection database and the packet is forwarded on to its destination. If the packet does not have an entry (match) in the connection database and the packet was not received from a firewall, then the packet is forwarded to a firewall.

摘要翻译： 提供了一种保护防火墙负载均衡器免受拒绝服务攻击的方法。 数据包由防火墙负载平衡器接收。 每个数据包都有源和目标。 防火墙负载平衡器配有可以包含有关数据包的条目的连接数据库。 在接收到分组时，查询连接数据库以确定是否存在所接收分组的条目。 如果在数据库中找到条目，则将数据包转发到其目的地。 否则，如果从防火墙接收到数据包，则会建立新的数据包连接条目，并将其保存到连接数据库，并将数据包转发到其目的地。 如果数据包在连接数据库中没有条目（匹配），并且未从防火墙接收到数据包，则将数据包转发到防火墙。

公开(公告)号：US07131140B1

公开(公告)日：2006-10-31

申请号：US09788690

申请日：2001-02-19

申请人： Chris O'Rourke ,  Gaurang K Shah ,  Louis F Menditto ,  Mark Albert ,  Michael S Sutton ,  Pranav K Tiwari ,  Robert M Batz ,  Richard Gray ,  Sean W Hull ,  Tzu-Ming Tsang

发明人： Chris O'Rourke ,  Gaurang K Shah ,  Louis F Menditto ,  Mark Albert ,  Michael S Sutton ,  Pranav K Tiwari ,  Robert M Batz ,  Richard Gray ,  Sean W Hull ,  Tzu-Ming Tsang

IPC分类号： G06F9/00

CPC分类号： H04L63/1458 ,  H04L63/02 ,  H04L63/0227 ,  H04L67/1002 ,  H04L67/1036

摘要： A method for protecting firewall load balancers from a denial of service attack is provided. Packets are received by the firewall load balancer. Each packet has a source and a destination. The firewall load balancer is equipped with a connection database that can contain entries about the packets. Upon receipt of a packet, the connection database is queried to determine whether or not there is an entry for the received packet. If an entry is found in the database, the packet is forwarded to its destination. Otherwise, if the packet was received from a firewall, then a new connection entry for the packet is built and is saved to the connection database and the packet is forwarded on to its destination. If the packet does not have an entry (match) in the connection database and the packet was not received from a firewall, then the packet is forwarded to a firewall.

摘要翻译： 提供了一种保护防火墙负载均衡器免受拒绝服务攻击的方法。 数据包由防火墙负载平衡器接收。 每个数据包都有源和目标。 防火墙负载平衡器配有可以包含有关数据包的条目的连接数据库。 在接收到分组时，查询连接数据库以确定是否存在所接收分组的条目。 如果在数据库中找到条目，则将数据包转发到其目的地。 否则，如果从防火墙接收到数据包，则会建立新的数据包连接条目，并将其保存到连接数据库，并将数据包转发到其目的地。 如果数据包在连接数据库中没有条目（匹配），并且未从防火墙接收到数据包，则将数据包转发到防火墙。

公开(公告)号：US06891839B2

公开(公告)日：2005-05-10

申请号：US09771232

申请日：2001-01-26

申请人： Mark Albert ,  Robert Batz ,  Richard Gray ,  Jacob Mark McGuire ,  Louis Menditto ,  Chris O'Rourke ,  Pranav Tiwari ,  Tzu-Ming Tsang

发明人： Mark Albert ,  Robert Batz ,  Richard Gray ,  Jacob Mark McGuire ,  Louis Menditto ,  Chris O'Rourke ,  Pranav Tiwari ,  Tzu-Ming Tsang

IPC分类号： H04L12/46 ,  H04L12/56 ,  H04L29/06 ,  H04L29/08 ,  H04L29/12

CPC分类号： H04L29/12009 ,  H04L12/4633 ,  H04L29/06 ,  H04L29/12783 ,  H04L45/00 ,  H04L45/50 ,  H04L61/35 ,  H04L63/0218 ,  H04L63/0254 ,  H04L67/02 ,  H04L67/025 ,  H04L67/1002 ,  H04L69/329

摘要： A network is disclosed that includes a first tier of forwarding agents connected to a first tier of network devices. A second tier of forwarding agents is connected to a second tier of network devices. A service manager is configured to receive a packet from one of the forwarding agents; determine the tier of the forwarding agent; and send an instruction to the forwarding agent directing the forwarding agent to forward the packet to a network device connected to the tier of forwarding agents that includes the forwarding agent.

摘要翻译： 公开了一种网络，其包括连接到第一层网络设备的第一层转发代理。 第二层转发代理连接到第二层网络设备。 服务管理器被配置为从其中一个转发代理接收分组; 确定转发代理的层次; 并向转发代理发送指令，指示转发代理将分组转发到连接到包括转发代理的转发代理层的网络设备。

公开(公告)号：US08438281B2

公开(公告)日：2013-05-07

申请号：US11175849

申请日：2005-07-06

申请人： Mark Albert ,  Robert Batz ,  Louis Menditto ,  Richard Gray ,  Tzu-Ming Tsang ,  Michael Sutton

发明人： Mark Albert ,  Robert Batz ,  Louis Menditto ,  Richard Gray ,  Tzu-Ming Tsang ,  Michael Sutton

IPC分类号： G06F15/173

CPC分类号： H04L43/04 ,  H04L12/14 ,  H04L12/1425 ,  H04L67/02

摘要： Techniques for separately accounting for multiple transactions in the same data packets communicated over a network using Transport Control Protocol (TCP) include receiving an Internet Protocol (IP) data packet that includes Transport Control Protocol (TCP) payload data. The TCP payload is parsed to determine boundary data that indicates a byte location on a boundary between a first transaction and a second transaction. A byte count that indicates a number of bytes in the TCP payload associated with the first transaction is determined based on the boundary data. Accounting data for the first transaction is determined based at least in part on the byte count. These techniques allow a service gateway to bill separately for different requests and responses carried in TCP data packets, such as those for Hypertext Transfer Protocol (HTTP) and Real Time Streaming Protocol (RTSP).

摘要翻译： 用于单独计算通过使用传输控制协议（TCP）通过网络传送的相同数据分组中的多个事务的技术包括接收包括传输控制协议（TCP）有效载荷数据的因特网协议（IP）数据分组。 解析TCP有效载荷以确定指示在第一事务和第二事务之间的边界上的字节位置的边界数据。 基于边界数据确定指示与第一事务相关联的TCP有效载荷中的字节数的字节计数。 至少部分地基于字节计数确定第一事务的计费数据。 这些技术允许服务网关对TCP数据分组（例如超文本传输​​协议（HTTP）和实时流协议（RTSP））中携带的不同请求和响应进行单独计费。

公开(公告)号：US20070011329A1

公开(公告)日：2007-01-11

申请号：US11175849

申请日：2005-07-06

申请人： Mark Albert ,  Robert Batz ,  Louis Menditto ,  Richard Gray ,  Tzu-Ming Tsang ,  Michael Sutton

发明人： Mark Albert ,  Robert Batz ,  Louis Menditto ,  Richard Gray ,  Tzu-Ming Tsang ,  Michael Sutton

IPC分类号： G06F15/173

CPC分类号： H04L43/04 ,  H04L12/14 ,  H04L12/1425 ,  H04L67/02

摘要： Techniques for separately accounting for multiple transactions in the same data packets communicated over a network using Transport Control Protocol (TCP) include receiving an Internet Protocol (IP) data packet that includes Transport Control Protocol (TCP) payload data. The TCP payload is parsed to determine boundary data that indicates a byte location on a boundary between a first transaction and a second transaction. A byte count that indicates a number of bytes in the TCP payload associated with the first transaction is determined based on the boundary data. Accounting data for the first transaction is determined based at least in part on the byte count. These techniques allow a service gateway to bill separately for different requests and responses carried in TCP data packets, such as those for Hypertext Transfer Protocol (HTTP) and Real Time Streaming Protocol (RTSP).

摘要翻译： 用于单独计算通过使用传输控制协议（TCP）通过网络传送的相同数据分组中的多个事务的技术包括接收包括传输控制协议（TCP）有效载荷数据的因特网协议（IP）数据分组。 解析TCP有效载荷以确定指示在第一事务和第二事务之间的边界上的字节位置的边界数据。 基于边界数据确定指示与第一事务相关联的TCP有效载荷中的字节数的字节计数。 至少部分地基于字节计数确定第一事务的计费数据。 这些技术允许服务网关对TCP数据分组（例如超文本传输​​协议（HTTP）和实时流协议（RTSP））中携带的不同请求和响应进行单独计费。

公开(公告)号：US20050044138A1

公开(公告)日：2005-02-24

申请号：US10645139

申请日：2003-08-21

申请人： Mark Albert ,  Robert Batz ,  Richard Gray ,  Louis Menditto ,  Michael Sutton ,  Tzu-Ming Tsang ,  Pranav Tiwari

发明人： Mark Albert ,  Robert Batz ,  Richard Gray ,  Louis Menditto ,  Michael Sutton ,  Tzu-Ming Tsang ,  Pranav Tiwari

IPC分类号： G06Q30/00 ,  G06F15/16 ,  G06F17/60

CPC分类号： G06Q30/02 ,  G06Q20/102

摘要： An apparatus for managing network access is provided that includes a billing system element operable to receive one or more packets of a communication flow and to communicate with a price server. The price server is operable to receive a query from the billing system element associated with a pricing parameter relating to a data segment to be accessed by an end user associated with the communication flow. The price server is also operable to return a response to the billing system element that includes the pricing parameter relating to the data segment such that the end user can verify the pricing parameter before accessing the data segment.

摘要翻译： 提供了一种用于管理网络访问的装置，其包括可操作以接收通信流的一个或多个分组并与价格服务器通信的计费系统元件。 价格服务器可操作以从与由与通信流相关联的最终用户访问的数据段相关的定价参数相关联的计费系统元件接收查询。 价格服务器还可操作地向包括与数据段相关的定价参数的计费系统元件返回响应，使得最终用户可以在访问数据段之前验证定价参数。

公开(公告)号：US20090006435A1

公开(公告)日：2009-01-01

申请号：US11778592

申请日：2007-07-16

申请人： Juan M. Mojica ,  Walter Dixon ,  Richard Gray ,  Tzu-Ming Tsang ,  John Ferguson Linton

发明人： Juan M. Mojica ,  Walter Dixon ,  Richard Gray ,  Tzu-Ming Tsang ,  John Ferguson Linton

IPC分类号： G06F17/30

CPC分类号： H04L41/0213 ,  H04L41/046 ,  H04L43/0817 ,  H04L43/16

摘要： In one embodiment, a control processor sends unique identifiers to each traffic processor in a multi-processor system of different unique identifiers may be sent for each traffic processor supported Management Information Base (MIB). The traffic processors modify MIB object identifiers to include the unique identifiers and then transmit notifications that include the unique identifiers, MIB object identifiers, and associated traffic processor parameter values. In another embodiment, the control processor handles the task of attaching unique identifiers so each MIB object identifiers are uniquely correlated with a particular traffic processor.

摘要翻译： 在一个实施例中，控制处理器向不同唯一标识符的多处理器系统中的每个业务处理器发送唯一的标识符，可以为每个支持流量处理器的管理信息库（MIB）发送唯一的标识符。 业务处理器修改MIB对象标识符以包括唯一标识符，然后发送包括唯一标识符，MIB对象标识符和相关联的业务处理器参数值的通知。 在另一个实施例中，控制处理器处理附加唯一标识符的任务，因此每个MIB对象标识符与特定业务处理器唯一相关。

公开(公告)号：US07168827B2

公开(公告)日：2007-01-30

申请号：US10886276

申请日：2004-07-01

申请人： Paul L. Stein ,  David M. Dietrich ,  Tim B. Murray ,  Sarmad A. Hannosh ,  Richard Gray

发明人： Paul L. Stein ,  David M. Dietrich ,  Tim B. Murray ,  Sarmad A. Hannosh ,  Richard Gray

IPC分类号： F21V7/00

CPC分类号： B60Q1/2611 ,  F21S43/14 ,  F21S43/31 ,  F21S43/40 ,  F21V5/04 ,  F21W2107/10 ,  F21W2111/00 ,  F21Y2115/10 ,  Y10S362/80

摘要： A light source with an integral surface of revolution to project an emergency warning light signal for a vehicle in a substantially horizontal 360° arc. A centrally positioned mirror assembly has a plurality of light sources spaced about the mirror assembly.

摘要翻译： 具有整体旋转表面的光源，用于以基本上水平的360°弧度投射用于车辆的紧急警告灯信号。 中心定位的镜组件具有围绕镜组件间隔开的多个光源。

公开(公告)号：US20060119285A1

公开(公告)日：2006-06-08

申请号：US11340242

申请日：2006-01-25

申请人： Richard Gray

发明人： Richard Gray

IPC分类号： H05B37/02

CPC分类号： H05B41/2855 ,  H05B41/2824

摘要： A CCFL can exhibit different strike characteristics depending on age and temperature. A CCFL in a direct driven CCFL circuit that is difficult to strike can appear to be malfunctioning using a standard start up operation. A controlled start up allows additional opportunities for a slow striking CCFL to strike. In one embodiment, the CCFL of the direct drive CCFL circuit can be initially driven at a switching frequency substantially different than a resonant frequency. Based on certain conditions, the switching frequency can subsequently be allowed to approach resonant frequency in a controlled manner. If the driving frequency reaches the resonant frequency of the CCFL during a set time period, then the CCFL can enter into steady state operation. At this point, the same conditions can be monitored to identify fault conditions in the direct drive CCFL circuit.

摘要翻译： CCFL可以根据年龄和温度显示不同的打击特性。 直接驱动的CCFL电路中的CCFL在使用标准启动操作时可能会出现故障。 受控的启动允许一个缓慢的CCFL罢工的额外机会。 在一个实施例中，直接驱动CCFL电路的CCFL可以以基本上不同于谐振频率的开关频率被初始地驱动。 基于某些条件，随后允许开关频率以受控的方式接近谐振频率。 如果在一段时间内驱动频率达到CCFL的谐振频率，则CCFL可以进入稳态运行。 在这一点上，可以监控相同的条件来识别直流驱动CCFL电路中的故障状况。