利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

89 条记录 (耗时 0.034 秒)

    Method and system for partitioning filter rules for multi-search enforcement
    1.
    发明授权
    Method and system for partitioning filter rules for multi-search enforcement 失效
    用于分割多搜索执行过滤规则的方法和系统

    公开(公告)号:US06917946B2

    公开(公告)日:2005-07-12

    申请号:US10218950

    申请日:2002-08-12

    申请人: Everett Arthur Corl, Jr. Olga Golovanevsky Clark Debs Jeffries Robert Franklin Kantner, Jr. Randall William Worzella Avraham Zehavi

    发明人: Everett Arthur Corl, Jr. Olga Golovanevsky Clark Debs Jeffries Robert Franklin Kantner, Jr. Randall William Worzella Avraham Zehavi

    IPC分类号: H04L29/06 G06F17/30

    CPC分类号: H04L63/0236 H04L63/0263 Y10S707/922 Y10S707/99942 Y10S707/99943

    摘要: A method and system for storing a plurality of filter rules in a computer system is disclosed. The plurality of filter rules uses at least one range of values in at least one dimension. The method and system include separating a portion of the plurality of filter rules into a plurality of pure subsets of filter rules. Each of the plurality of pure subsets of filter rules includes at least one of the plurality of filter rules. The method and system also include combining a portion of the plurality of pure subsets of filter rules to provide a combined subset and determining whether an efficiency of utilizing the plurality of filter rules is improved by combining the portion of the plurality of pure subsets of filter rules. The method and system further includes storing the plurality of filter rules including storing the portion of the plurality of subsets of filter rules as the combined subset if the efficiency of searching the plurality of filter rules is improved.

    摘要翻译: 公开了一种在计算机系统中存储多个过滤规则的方法和系统。 多个过滤器规则使用至少一个维度中的至少一个值范围。 所述方法和系统包括将所述多个过滤器规则的一部分分成多个过滤器规则的纯子集。 滤波器规则的多个纯子集中的每一个包括多个滤波器规则中的至少一个。 该方法和系统还包括组合滤波器规则的多个纯子集的一部分以提供组合子集,并且通过组合滤波器规则的多个纯子集的一部分来确定是否提高利用多个滤波器规则的效率 。 该方法和系统还包括存储多个滤波器规则,包括如果提高搜索多个滤波器规则的效率,则存储多个滤波器规则子集的一部分作为组合子集。

    Method and system for testing filter rules using caching and a tree structure
    2.
    发明授权
    Method and system for testing filter rules using caching and a tree structure 失效
    使用缓存和树结构测试过滤规则的方法和系统

    公开(公告)号:US06529897B1

    公开(公告)日:2003-03-04

    申请号:US09540500

    申请日:2000-03-31

    申请人: Everett Arthur Corl, Jr. Gordon Taylor Davis Clark Debs Jeffries Malcolm Scott Ware

    发明人: Everett Arthur Corl, Jr. Gordon Taylor Davis Clark Debs Jeffries Malcolm Scott Ware

    IPC分类号: G06F1730

    CPC分类号: H04L47/10 H04L47/24 H04L47/2425 H04L63/0227 H04L63/0263 H04Q11/04 H04Q2213/13103 H04Q2213/13343 Y10S707/99932

    摘要: A method and system for testing a plurality of filter rules in a computer system is disclosed. The plurality of filter rules are used with a key that is capable of matching at least one of the plurality of filter rules. The at least one filter rule corresponds to at least one action. The computer system has a cache including a plurality of bins and a decision tree. The method and system include searching a plurality of stored keys in the cache for the key. Preferably, this search of the cache for the key includes determining whether a stored key exactly matches the key. A plurality of stored filter rules corresponds to the plurality of stored keys. A plurality of stored actions corresponds to the plurality of stored filter rules. The cache stores each of the plurality of stored keys and at least one stored action in each bin of a portion of the bins. The method and system also include obtaining the at least one action from the cache if the key is found in plurality of stored keys and otherwise obtaining the at least one action using the decision tree. Preferably, searches of the decision tree and cache start simultaneously. The decision tree search is terminated if the key is found in the cache. The cache is written to if the at least one action is obtained using the decision tree, but preferably only if the at least one filter rule has a priority of one.

    摘要翻译: 公开了一种用于测试计算机系统中的多个过滤规则的方法和系统。 多个滤波器规则与能够匹配多个滤波器规则中的至少一个的密钥一起使用。 至少一个过滤规则对应于至少一个动作。 计算机系统具有包括多个箱体和决策树的高速缓存器。 该方法和系统包括在密钥的高速缓存中搜索多个存储的密钥。 优选地,对于密钥的高速缓存的搜索包括确定存储的密钥是​​否与密钥完全匹配。 多个存储的过滤规则对应于多个存储的密钥。 多个存储的动作对应于多个存储的过滤器规则。 高速缓存存储多个存储的密钥中的每一个以及至少一个存储的动作在仓的一部分的每个仓中。 所述方法和系统还包括如果在多个存储的密钥中找到密钥并且否则使用所述决策树获得所述至少一个动作,则从所述高速缓存获得所述至少一个动作。 优选地,决策树和高速缓存的搜索同时开始。 如果在缓存中找到密钥,则决定树搜索将被终止。 如果使用决策树获得至少一个动作,则优先写入高速缓存,但是优选地仅当所述​​至少一个过滤器规则具有优先级为1时。

    System, method and computer program for filtering multi-action rule set
    5.
    发明授权
    System, method and computer program for filtering multi-action rule set 失效
    用于过滤多动作规则集的系统,方法和计算机程序

    公开(公告)号:US06473763B1

    公开(公告)日:2002-10-29

    申请号:US09540921

    申请日:2000-03-31

    申请人: Everett Arthur Corl, Jr. Clark Debs Jeffries Colin Beaton Verrilli

    发明人: Everett Arthur Corl, Jr. Clark Debs Jeffries Colin Beaton Verrilli

    IPC分类号: G06F1730

    CPC分类号: H04L63/0263 G06F17/30985 H04L43/50 H04L63/0236 H04L63/1433 Y10S707/99942 Y10S707/99943

    摘要: A method and system for testing a plurality of filter rules in a computer system is disclosed. The plurality of filter rules is used with a key. Each of the plurality of filter rules is capable of being described using a plurality of bits corresponding to a portion of the key. The plurality of bits can include at least one binary value, at least one wildcard, and at least one boundary symbol. The at least one binary value can be a zero or a one. The method and system include selecting a portion of the plurality of filter rules that the key can match by testing part of the key against a portion of the plurality of bits and explicitly testing the key against the portion of the plurality of filter rules. A first bit of the portion of the plurality of bits has a first maximum number of the at least one binary symbol for the plurality of filter rules. Each subsequent bit of the portion plurality of bits has a second maximum number of the at least one binary symbol for a plurality of remaining bits and is selected based on testing of a prior bit. Preferably, the portion of the plurality of bits is tested using a decision tree which includes nodes corresponding to a second portion of the plurality of bits.

    摘要翻译: 公开了一种用于测试计算机系统中的多个过滤规则的方法和系统。 多个过滤器规则与密钥一起使用。 多个滤波器规则中的每一个能够使用与密钥的一部分相对应的多个比特来描述。 多个比特可以包括至少一个二进制值,至少一个通配符和至少一个边界符号。 至少一个二进制值可以是零或一个。 所述方法和系统包括通过根据多个比特的一部分测试部分密钥来选择密钥可以匹配的多个过滤规则的一部分,并针对多个过滤规则的部分显式测试密钥。 多个位的部分的第一位具有用于多个滤波器规则的至少一个二进制符号的第一最大数目。 部分多个比特的每个后续比特具有多个剩余比特的至少一个二进制符号的第二最大数目,并且基于先前比特的测试来选择。 优选地,使用包括对应于多个比特的第二部分的节点的决策树来测试多个比特的部分。

    Method and system for exploiting likelihood in filter rule enforcement
    7.
    发明授权
    Method and system for exploiting likelihood in filter rule enforcement 失效
    在过滤规则执行中利用可能性的方法和系统

    公开(公告)号:US06947983B2

    公开(公告)日:2005-09-20

    申请号:US09887374

    申请日:2001-06-22

    申请人: Everett Arthur Corl, Jr. Gordon Taylor Davis Clark Debs Jeffries

    发明人: Everett Arthur Corl, Jr. Gordon Taylor Davis Clark Debs Jeffries

    IPC分类号: H04L29/06 G06F15/173

    CPC分类号: H04L63/0227 H04L29/06 H04L63/0263 H04L69/22

    摘要: A method and system for determining whether to enforce a plurality of filter rules for a packet including a key in a computer network is disclosed. Each of the plurality of filter rules has a priority. The method and system include accumulating statistics for each of the plurality of filter rules. The statistics indicate a frequency of enforcement for each of the plurality of filter rules. The method and system also include placing the plurality of filter rules in an order for testing against the key. The order is based on the frequency of each filter rule of the portion of the plurality of filter rules. Consequently, more frequently enforced filter rules may be tested first.

    摘要翻译: 公开了一种用于确定是否对包括计算机网络中的密钥的分组执行多个滤波器规则的方法和系统。 多个过滤器规则中的每一个具有优先级。 该方法和系统包括累积多个过滤规则中的每一个的统计信息。 统计数据表示多个过滤规则中的每一个的执行频率。 该方法和系统还包括将多个过滤器规则放置成按照该键进行测试的顺序。 该顺序基于多个滤波器规则的该部分的每个滤波器规则的频率。 因此,可以首先测试更频繁地执行的过滤规则。

    Method and apparatus for processing frames using static and dynamic classifiers
    8.
    发明授权
    Method and apparatus for processing frames using static and dynamic classifiers 失效
    使用静态和动态分类器处理帧的方法和装置

    公开(公告)号:US06675223B1

    公开(公告)日:2004-01-06

    申请号:US09546463

    申请日:2000-04-10

    申请人: Everett Arthur Corl, Jr. Clark Debs Jeffries Colin Beaton Verilli

    发明人: Everett Arthur Corl, Jr. Clark Debs Jeffries Colin Beaton Verilli

    IPC分类号: G06F1730

    CPC分类号: H04L45/742 H04L69/12 H04L69/22 Y10S707/99933

    摘要: A method and apparatus for processing network frames using static and dynamic classifiers provides a flexible and modifiable frame classification system. Static and Dynamic classifiers are used in combination within a network processing system to provide the range capability and hardware assist capability of the static classifier, along with the incremental modifications possible with a dynamic classifier. The dynamic classifier is searched first for rules directing processing of a received frame. The static classifier is searched only if a dynamic classifier key for the frame is not found, or the dynamic key actions indicated that the static classifier should also be searched.

    摘要翻译: 使用静态和动态分类器处理网络帧的方法和装置提供了灵活和可修改的帧分类系统。 静态和动态分类器在网络处理系统中组合使用,以提供静态分类器的范围能力和硬件辅助能力,以及动态分类器可能的增量修改。 首先搜索动态分类器以指导接收帧的处理。 只有当没有找到该帧的动态分类器密钥时,才会搜索静态分类器,或者动态关键动作表示也应该搜索静态分类器。

    System method and computer program for prioritizing filter rules
    9.
    发明授权
    System method and computer program for prioritizing filter rules 失效
    用于优先排序过滤规则的系统方法和计算机程序

    公开(公告)号:US06484171B1

    公开(公告)日:2002-11-19

    申请号:US09540333

    申请日:2000-03-31

    申请人: Everett Arthur Corl, Jr. Anthony Matteo Gallo Clark Debs Jeffries Colin Beaton Verrilli

    发明人: Everett Arthur Corl, Jr. Anthony Matteo Gallo Clark Debs Jeffries Colin Beaton Verrilli

    IPC分类号: G06F1730

    CPC分类号: H04L47/10 H04L45/00 H04L47/20 Y10S707/99937 Y10S707/99943 Y10S707/99945

    摘要: This process accepts rule domination declarations and subjects rules to a computer program which either finds a type of administrative error (cyclic domination) or assigns a priority number to each rule so that any two rules which intersect (some key fits both rules) have necessarily different priority numbers. In the case that priority numbers are assigned, the process goes on to check for a second type of administrative error, namely inclusion of a first rule in a second (every key which fits the first rule also fits the second), and with the second having higher priority (so that the first is never referenced). If neither error occurs, then the number of different priority numbers is minimized. Every key when tested by such a rule set with neither error must fit either no rules at all or must fit exactly one rule with highest priority. In the latter case, the action of the unambiguously determined rule can then be applied to the packet represented by the key.

    摘要翻译: 该过程接受规则控制声明和主体规则到计算机程序,该计算机程序找到一种管理错误(循环统治)或为每个规则分配一个优先级号,以便相交的任何两个规则(一些关键符合两条规则)必然不同 优先级数字。 在分配优先级编号的情况下,进程继续检查第二种类型的管理错误,即在第二种类型中包括第一规则(适合第一规则的每个密钥也适合第二规则),并且与第二类 具有较高的优先级(使得第一个从未被引用)。 如果没有发生错误,则不同优先级号码的数量被最小化。 每个密钥通过既不具有错误的规则进行测试时,也不能完全符合任何规则,也不能完全符合一个具有最高优先级的规则。 在后一种情况下,明确确定的规则的动作可以应用于由密钥表示的分组。

    System and method and computer program for filtering using tree structure
    10.
    发明授权
    System and method and computer program for filtering using tree structure 失效
    使用树结构进行过滤的系统和方法以及计算机程序

    公开(公告)号:US06298340B1

    公开(公告)日:2001-10-02

    申请号:US09312148

    申请日:1999-05-14

    申请人: Jean Louis Calvignac Everett Arthur Corl, Jr. Anthony Matteo Gallo Marco C. Heddes Clark Debs Jeffries Piyush Chunilal Patel Mark Anthony Rinaldi Colin Beaton Verrilli

    发明人: Jean Louis Calvignac Everett Arthur Corl, Jr. Anthony Matteo Gallo Marco C. Heddes Clark Debs Jeffries Piyush Chunilal Patel Mark Anthony Rinaldi Colin Beaton Verrilli

    IPC分类号: G06F1730

    CPC分类号: G06F17/30961 Y10S707/99931 Y10S707/99933 Y10S707/99943 Y10S707/99944

    摘要: A classification system includes a software managed tree testing bits from a key which labels an item. The bits are chosen by application of the Choice Bit Algorithm to the Rules in a Database of Rules. A controller including logic parses an unknown Key for bits to be tested in the decision nodes of a binary tree. Tests dictated by the tree are conducted in a predetermined way until all but one Rule from the database or all but a few Rules from the database are eliminated from consideration, whereupon the Key is fully tested by the one remaining Rule or in a lattice constructed of the remaining plurality of Rules, to determine an action to enforce on the item. Certain compare tests are used in the binary tree for the case that otherwise identical or similar rules are applied to integer ranges of key values which do not fall upon power of 2 boundaries. Furthermore, some very frequently occurring rules in such final tests might be designated as secondary rules, the remaining rules designated as primary rules, the entire decision tree recalculated using only primary rules, and the primary rules then connected to secondary rules only when logically necessary by means of a system of pointers making use of relative priorities of rules.

    摘要翻译: 分类系统包括从标签项目的键的软件管理树测试位。 通过将选择位算法应用于规则数据库中的规则来选择位。 包含逻辑的控制器在二叉树的决策节点中解析要测试的位的未知密钥。 由树进行的测试以预定的方式进行,直到从数据库中除了一个规则之外的所有除了数据库中的所有规则或从数据库中除了少数几个规则之外的所有测试都被消除,由此Key被完整的一个规则或由 剩余的多个规则,以确定对该项目执行的操作。 在二叉树中使用某些比较测试,否则相同或相似的规则应用于不落在2边界的幂的关键值的整数范围。 此外,这些最终测试中的一些非常频繁出现的规则可能被指定为次要规则,剩余的规则被指定为主要规则,仅使用主要规则重新计算的整个决策树,然后仅在逻辑上必要时连接到次级规则的主要规则 使用指针的相对优先级的指针系统的手段。