Dynamic packet filter utilizing session tracking

Assignee

• TELECOM ITALIA S.p.A. · IT

Inventors

• Ronen Goldberg · Givat Shmuel, IL
• Gady Daniely · Jerusalem, IL
• Moshe Zezak · Rishon LeZion, IL
• Drory Shohat · Ramat Gan, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0254
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A novel and useful dynamic packet filter that can be incorporated in a hardware based firewall suitable for use in portable computing devices such as cellular telephones and wireless connected PDAs adapted to connect to the Internet. The invention performs dynamic packet filtering on packets received over an input packet stream. The dynamic filter checks dynamic protocol behavior using information extracted from the received packet. Sessions are created and stored in a session database to track the state of communications between the source and destination. Recognition of a session is accelerated by use of a hash table to quickly determine the corresponding session record in the session database. Session related data is read from the session database and the received packet is checked against a set of rules to determine whether to allow or deny the packet.