Computer implemented system and method for snooping PCP packets
US10938777B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Oct 9, 2018 |
| Grant date | Mar 2, 2021 |
| Priority date | — |
| Expiry date | Jan 28, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0263
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Whenever an IP packet is routed from a source computing device through to a NAT device on the way to a destination computing device, a PCP client transmits a PCP query to a PCP server to determine the external IP address and external port number that have been substituted for the source IP address and source port number previously incorporated within the IP packet. Subsequently, the PCP server responds to the PCP client with the information denoting the mapping between the source IP address-some port number pair and the external IP address-external port number pair. A snooping agent is utilized to firstly snoop on the mapping communicated from the PCP server to the PCP client, and secondly to communicate the mapping information to a policy server incorporating a plurality of predefined firewall rules usable in deducing appropriate PACKET ALLOW/PACKET DROP decisions, based on the mapping information.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.