CN117714279B - Device management method, router and readable storage medium - Google Patents

Abstract

The present application discloses a method for device management, a router, and a readable storage medium, and belongs to the field of terminal technology. The method includes: in the case of receiving a service request from a first electronic device, responding to the service request according to service authority configuration information, the service authority configuration information is used to indicate the mapping relationship between the service authority of the first electronic device and the first media access control MAC address information currently in use. In the case where the first electronic device re-accesses the router using the second MAC address information, the first MAC address information in the service authority configuration information is modified to the second MAC address information according to the first mapping relationship, and the first mapping relationship is used to record the mapping relationship between the device fingerprint feature of the first electronic device and the MAC address information. In this way, the service authority configuration information is always valid, thereby ensuring that the service authority of the first electronic device can be effectively controlled.

Description

Device management method, router and readable storage medium

Technical Field

The present application relates to the field of terminal technology, and in particular to a device management method, a router, and a readable storage medium.

Background Art

With the rapid development of terminal technology, electronic devices are widely used. In some application scenarios, users can configure the service permissions of an electronic device connected to a router to limit the Internet access permissions of the electronic device, such as protecting children from Internet access.

In the related art, the service rights of the electronic device are usually configured in a router based on the media access control (MAC) address information of the electronic device.

However, in some scenarios, electronic devices may use random MAC address information to access the router, that is, no longer use the original MAC address information to access, which will cause the service authority configuration in the router to become invalid.

Summary of the invention

The present application provides a device management method, a router and a readable storage medium, which can solve the problem in the related art that when an electronic device uses random MAC address information to access, the service authority configuration in the router becomes invalid. The technical solution is as follows:

In a first aspect, a device management method is provided, which is applied to a router, and the method includes:

In the case of receiving a service request from a first electronic device, responding to the service request according to the service authority configuration information, wherein the first electronic device is any electronic device connected to the router, and the service authority configuration information is used to indicate a mapping relationship between the service authority of the first electronic device and the first media access control MAC address information currently in use;

In the case where the first electronic device uses the second MAC address information to re-access the router, the first MAC address information in the service authority configuration information is modified to the second MAC address information according to a first mapping relationship, wherein the first mapping relationship is used to record a mapping relationship between a device fingerprint feature of the first electronic device and the MAC address information, and the device fingerprint feature is determined based on messages exchanged between the first electronic device and the router after the first electronic device accesses the router.

In this way, the MAC address information in the service authority configuration information matches the MAC address information used when the first electronic device accesses the router, which means that the service authority configuration information is always valid, thereby ensuring that the service authority of the first electronic device can be effectively controlled.

As an example of the present application, when the first electronic device re-accesses the router using the second MAC address information, modifying the first MAC address information in the service authority configuration information to the second MAC address information according to the first mapping relationship includes:

When the first electronic device re-accesses the router using the second MAC address information, acquiring the device fingerprint feature according to the message exchanged between the first electronic device and the router;

Querying corresponding MAC address information from the first mapping relationship according to the device fingerprint feature to obtain the first MAC address information;

When the first MAC address information is different from the second MAC address information, the first MAC address information in the service authority configuration information is modified to the second MAC address information.

In this way, by monitoring the messages exchanged between the first electronic device and the router, a first mapping relationship between the device fingerprint feature of the first electronic device and the first MAC address information is established, so that the MAC address information of the first electronic device is managed based on the first mapping relationship, so that after the MAC address information of the first electronic device is changed, the business authority configuration information can be modified in time, so that after the first electronic device is accessed using random MAC address information, the configured business authority configuration information will not be invalid.

As an example of the present application, the method further includes:

The first MAC address information in the first mapping relationship is modified to the second MAC address information.

In this way, by modifying the first mapping relationship, when the first electronic device subsequently accesses again using the random MAC address information, the router can still manage the MAC address information according to the modified first mapping relationship.

As an example of the present application, when the first electronic device re-accesses the router using the second MAC address information, acquiring the device fingerprint feature according to the message exchanged between the first electronic device and the router includes:

When the first electronic device re-accesses the router using the second MAC address information, monitoring messages of a target type, wherein the messages of the target type include multicast domain name system MDNS messages, datagram transport layer security protocol DTLS messages, and BROWSER messages;

When a message of the target type is monitored, the device fingerprint feature is obtained from the monitored message.

In this way, by monitoring different types of messages at the same time, the router can obtain the device fingerprint feature of the first electronic device, thereby improving the success rate of obtaining the device fingerprint feature.

As an example of the present application, when the first electronic device re-accesses the router using the second MAC address information, monitoring a target type of message includes:

When the first electronic device uses the second MAC address information to re-access the router, the target type of message is monitored through the first hook and the second hook respectively, wherein the first hook is used to monitor the MDNS message, and the second hook is used to monitor the DTLS message and the BROWSER message.

In this way, different types of messages are monitored through different hooks, so that when the first electronic device reports any type of message, the message can be monitored, thereby ensuring that the device fingerprint feature of the first electronic device can be effectively obtained.

As an example of the present application, in the case where the message of the target type is monitored, obtaining the device fingerprint feature from the monitored message includes:

When the MDNS message is intercepted, the character string corresponding to the first key field in the MDNS message is parsed to obtain the device fingerprint feature;

When the DTLS message is intercepted, the character string corresponding to the second key field in the DTLS message is parsed to obtain the device fingerprint feature;

When the BROWSER message is monitored, the character string corresponding to the third key field in the BROWSER message is parsed to obtain the device fingerprint feature.

In this way, different messages are parsed according to the characteristics of each message, so that the device fingerprint characteristics of the first electronic device can be successfully acquired.

As an example of the present application, the first key field is the name field, the second key field is the UDID field, and the third key field is the response computer name field of the message whose command is Request Announcement (0x02) or the HostName field of the message whose command is Host Announcement (0x01).

As an example of the present application, the first hook is NF_BR_LOCAL_IN HOOK, and the second hook is NF_INET_LOCAL_IN HOOK.

In this way, adding monitoring functions to the existing hooks of the router can achieve the purpose of monitoring the target type of messages while reducing development costs.

As an example of the present application, the method further includes:

In response to the first electronic device re-accessing the router using the second MAC address information, sending a NetBIOS detection message to the first electronic device;

The NetBIOS response message sent by the first electronic device is monitored.

In this way, by sending a NetBIOS detection message, the router feeds back a NetBIOS response message, so that the device fingerprint feature can be obtained from the NetBIOS response message.

As an example of the present application, in the case where the message of the target type is monitored, obtaining the device fingerprint feature from the monitored message includes:

When the NetBIOS response message is monitored, the character string corresponding to the name field in the NetBIOS response message is parsed to obtain the device fingerprint feature.

In this way, according to the characteristics of the NetBIOS response message, the character string corresponding to the name field in the NetBIOS response message is parsed, so that the device fingerprint characteristics can be obtained.

As an example of the present application, the router includes a data acquisition module, a data control management module, and a service configuration module: when the first electronic device re-accesses the router using the second MAC address information, the device fingerprint feature is obtained according to the message exchanged between the first electronic device and the router, including:

When the first electronic device re-accesses the router using the second MAC address information, the data acquisition module obtains the device fingerprint feature according to the message exchanged between the first electronic device and the router;

The data acquisition module sends the device fingerprint feature and the second MAC address information to the data control management module;

Querying corresponding MAC address information from the first mapping relationship according to the device fingerprint feature to obtain the first MAC address information includes:

The data control management module queries the corresponding MAC address information from the first mapping relationship according to the device fingerprint feature to obtain the first MAC address information;

When the first MAC address information is different from the second MAC address information, modifying the first MAC address information in the service authority configuration information to the second MAC address information includes:

In a case where the first MAC address information is different from the second MAC address information, the data control management module sends a target message to the service configuration module, where the target message carries the first MAC address information and the second MAC address information;

The service configuration module modifies the first MAC address information in the service authority configuration information into the second MAC address information according to the first MAC address information.

In this way, the first MAC address information in the service authority configuration information is modified through the interaction of multiple modules, thereby ensuring that the service authority configuration information is not invalid.

In a second aspect, an electronic device is provided, comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the device management method described in the first aspect when executing the computer program.

In a third aspect, a computer-readable storage medium is provided, wherein instructions are stored in the computer-readable storage medium, and when the computer-readable storage medium is executed on a computer, the computer executes the device management method described in the first aspect.

In a fourth aspect, a computer program product comprising instructions is provided, which, when executed on a computer, enables the computer to execute the device management method described in the first aspect.

The technical effects obtained by the above-mentioned second aspect, third aspect and fourth aspect are similar to the technical effects obtained by the corresponding technical means in the above-mentioned first aspect, and will not be repeated here.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG1 is a schematic diagram showing an application scenario according to an exemplary embodiment;

FIG2 is a schematic diagram showing an application scenario according to another exemplary embodiment;

FIG3 is a schematic diagram showing the structure of a router according to an exemplary embodiment;

FIG4 is a schematic diagram showing a framework of a router according to an exemplary embodiment;

FIG5 is a schematic diagram showing a process of establishing a first mapping relationship according to an exemplary embodiment;

FIG6 is a schematic diagram showing a framework of a router according to another exemplary embodiment;

FIG7 is a schematic flow chart of a method for device management according to an exemplary embodiment;

FIG8 is a schematic diagram showing the structure of an electronic device according to an exemplary embodiment;

Fig. 9 is a schematic diagram showing a software system of an electronic device according to an exemplary embodiment.

DETAILED DESCRIPTION

In order to make the objectives, technical solutions and advantages of the present application clearer, the implementation methods of the present application will be further described in detail below in conjunction with the accompanying drawings.

It should be understood that the "multiple" mentioned in this application refers to two or more. In the description of this application, unless otherwise specified, "/" means or, for example, A/B can mean A or B; "and/or" in this article is only a description of the association relationship of associated objects, indicating that there can be three relationships, for example, A and/or B can mean: A exists alone, A and B exist at the same time, and B exists alone. In addition, in order to facilitate the clear description of the technical solution of this application, the words "first" and "second" are used to distinguish between the same or similar items with basically the same functions and effects. Those skilled in the art can understand that the words "first" and "second" do not limit the quantity and execution order, and the words "first" and "second" do not limit them to be different.

References to "one embodiment" or "some embodiments" etc. described in the specification of this application mean that one or more embodiments of the present application include specific features, structures or characteristics described in conjunction with the embodiment. Therefore, the statements "in one embodiment", "in some embodiments", "in some other embodiments", "in some other embodiments", etc. that appear in different places in this specification do not necessarily refer to the same embodiment, but mean "one or more but not all embodiments", unless otherwise specifically emphasized in other ways. The terms "including", "comprising", "having" and their variations all mean "including but not limited to", unless otherwise specifically emphasized in other ways.

Routers are widely used in homes, shopping malls, offices and other scenes. Electronic devices can realize various Internet services by accessing routers. However, in some scenes, users usually need to configure the service permissions of one or some electronic devices connected to the router to control the Internet services of these electronic devices, such as children's Internet protection, WiFi blacklist and other services. In the process of configuring the service permissions, the service permission configuration information of the electronic device to be controlled is generally recorded in the router. The service permission configuration information is used to indicate the mapping relationship between the MAC address information of the electronic device and the service permissions. For example, for any electronic device connected to the router, if the user configures the service permissions of the electronic device in the router, the router records the mapping relationship between the MAC address information of the electronic device and the configured service permissions. The recorded MAC address information is usually the original MAC address information of the electronic device, or the MAC address information of the electronic device that is solidified at the factory. In this way, when the electronic device makes a service request to the router, it will carry its own MAC address information. After the router determines that there is a configured service permission for the electronic device based on the mapping relationship and the MAC address information carried in the service request, it responds to the service request of the electronic device according to the configured service permissions, thereby achieving the purpose of controlling the Internet service of the electronic device.

With the widespread use of electronic devices, device manufacturers have continuously strengthened the protection of user privacy and user data security, and introduced a random MAC mechanism to enable electronic devices to use randomly generated MAC address information to access the router when connecting to the WiFi network, instead of using the original MAC address information. This not only brings security to users, but also affects the Internet access control service of the router, allowing electronic devices to bypass the Internet access control service, thus causing the Internet access control service to fail.

To this end, an embodiment of the present application provides a device management method, which can modify the MAC address information in the service authority configuration information to the random MAC address information after the electronic device uses random MAC address information to access the router, so as to ensure that the service authority configuration information is still valid, thereby solving the problem of Internet access control service failure due to random MAC.

For ease of understanding, the following briefly introduces an exemplary application scenario involved in the embodiments of the present application by taking a mobile phone and a tablet computer as an example in which the electronic devices connected to the router are mobile phones and tablet computers.

Tablet A and mobile phone B are both connected to router L, where tablet A uses MAC1 to connect to the router. When the user needs to set up child Internet protection for tablet A, he can open APP1 in mobile phone B and log in to the account bound to router L in APP1, where APP1 is an application that can be used to manage router L. Exemplarily, APP1 is a smart space application. As shown in Figure (a) of Figure 1, after mobile phone B logs in to the account of router L through APP1, the router login page S1 is displayed. The router login page S1 includes a router logo, and the user can click the router logo. As shown in Figure (b) of Figure 1, in response to the user's click operation on the router logo, the mobile phone displays the router management page S2, and the router management page S2 includes a "child Internet access" option, and the user can click the "child Internet access" option. As shown in Figure (c) of Figure 1, in response to the user's triggering operation on the "child Internet access" option, the mobile phone displays the child Internet protection page S3, and the child Internet protection page S3 includes a "turn on child protection" control. When the user triggers the "Turn on child protection" control, as shown in Figure 1 (d), in response to the user's triggering operation, mobile phone B displays a device selection page S4, which displays two mobile phones connected to router L, that is, tablet computer A (Honor MagicPad13) and mobile phone B (Honor Pro5), so that the user can select tablet computer A for business permission configuration. In response to the user's selection operation on tablet computer A, as shown in Figure 1 (e), mobile phone B displays a business permission configuration page S5, so that the user can set business permissions in the business permission configuration page S5. For example, if the user turns off the switch corresponding to the "game" item, mobile phone B will notify router L of the business permission configuration accordingly, and router L will record the mapping relationship between tablet computer A's MAC1 and the game prohibition business permission. In this way, when the user uses tablet computer A to download the game application package, router L will prohibit the business request, that is, tablet computer A cannot download the game application package.

It should be noted that the above is explained by setting the prohibition of downloading game application packages in the business permission configuration page S5 as an example. In another example, the user can also perform other business permission configurations based on the business permission configuration page S5, such as setting a blacklist to set websites that are not allowed to be accessed by the tablet computer A. For another example, the user can also set the time period and duration of the Internet access of the tablet computer A based on the business permission configuration page S5, which will not be described in detail in the embodiment of the present application.

Please refer to Figure 2. After tablet computer A uses MAC1 to access router L and the user configures the service permissions, router L records the mapping relationship between MAC1 and the service permissions. The user can trigger "Forget Network" in tablet computer A. At this time, router L still records the mapping relationship between MAC1 and the service permissions. Afterwards, the user can trigger tablet computer A to re-access router L. At this time, tablet computer A randomly generates MAC2, and then uses MAC2 to access router L. MAC2 is different from MAC1. In this case, the method provided in the embodiment of the present application can enable router L to modify MAC1 in the service permission configuration information to MAC2, that is, router L records the mapping relationship between MAC2 and the service permissions. Afterwards, when the user uses tablet computer A to download the game application package, router L rejects the service request, that is, tablet computer A still cannot download the game application package.

It should be noted that the random MAC application scenario described in Figure 2 is only exemplary. In another example, the user may also use other methods to enable the tablet computer A to use randomly generated MAC address information to access the router L when reconnecting to the router. The embodiment of the present application is not limited to this.

It should also be noted that the above application scenarios are only exemplary and do not limit the application of the method provided in the embodiment of the present application. In another example, the method can also be applied to other scenarios of service authority control based on MAC address information, which is not limited in the embodiment of the present application.

It should also be noted that the above is based on the example that the electronic device accessing the router is a mobile phone. In another example, the electronic device accessing the router may also include a tablet computer, a digital camera, a desktop, a laptop, a handheld computer, a notebook computer, an ultra-mobile personal computer (ultra-mobile personal computer, UMPC), a netbook, a personal digital assistant (personal digital assistant, PDA), an augmented reality (augmented reality, AR)\virtual reality (virtual reality, VR) device, etc., and the embodiments of the present application are not limited to this.

After introducing the application scenarios involved in the embodiments of the present application, the structure of the router involved in the embodiments of the present application will be introduced next. Please refer to Figure 3, which is a structural diagram of a router provided in the embodiments of the present application. The router includes at least one processor 301, a communication bus 302, a memory 303 and at least one communication interface 304.

The processor 301 may be a microprocessor (including a central processing unit (CPU) etc.), an application-specific integrated circuit (ASIC), or may be one or more integrated circuits for controlling the execution of the program of the present application.

The communication bus 302 may include a pathway for transmitting information between the above-mentioned components.

The memory 303 may be a read-only memory (ROM), a random access memory (RAM), an electrically erasable programmable read-only memory (EEPROM) or other magnetic storage device, or any other medium that can be used to carry or store the desired program code in the form of instructions or data structures and can be accessed by the router, but is not limited thereto. The memory 303 may exist independently and be connected to the processor 301 via the communication bus 302. The memory 303 may also be integrated with the processor 301.

The communication interface 304 uses any device such as a transceiver for communicating with other devices or communication networks.

In a specific implementation, as an embodiment, the processor 301 may include one or more CPUs, such as CPU0 and CPU1 shown in FIG. 3 .

In a specific implementation, as an embodiment, the router may include multiple processors, such as processor 301 and processor 305 shown in FIG3. Each of these processors may be a single-core processor or a multi-core processor. The processor here may refer to one or more devices, circuits, and/or processing cores for processing data (such as computer program instructions).

As an embodiment, the router may further include an output device 306 and an input device 307. The output device 306 communicates with the processor 301 and may display information in a variety of ways. For example, the output device 306 may be a liquid crystal display (LCD), a light emitting diode (LED) display device, etc. The input device 307 communicates with the processor 301 and may receive user input in a variety of ways. For example, the input device 307 may be a mouse, a keyboard, a touch screen device, or a sensor device, etc.

The memory 303 is used to store the program code 310 for executing the solution of the present application, and the processor 301 is used to execute the program code 310 stored in the memory 303. The router can implement the methods provided in the following embodiments through the processor 301 and the program code 310 in the memory 303.

Please refer to Fig. 4, which is a schematic diagram of a framework of a router according to an exemplary embodiment. The router includes a data acquisition module, a data control management module and a service configuration module.

As an example of the present application, the data acquisition module is used to monitor messages carrying device fingerprint features, and parse the device fingerprint features and the MAC address information of the first electronic device, and then report them to the data control management module, wherein the device fingerprint features of the first electronic device are used to uniquely identify the first electronic device, and exemplarily, the device fingerprint features include device identification information, device model and device fingerprint features, and the device identification information may include the device name and/or device ID. As an example and not a limitation, as shown in FIG4 , the data acquisition module includes a first module and a second module, and the data acquisition module monitors different types of messages through the first module and the second module respectively.

The data control management module is used to establish a first mapping relationship between the device fingerprint feature of the first electronic device and the MAC address information, and manage the first mapping relationship, and notify the service configuration module when it is determined that the MAC address information of the first electronic device has changed. As an example but not a limitation, the data control management module includes a data collection module and an address management module, the data collection module is used to establish and manage the first mapping relationship, and the address management module is used to notify the service configuration module when the MAC address information of the first electronic device has changed.

The service configuration module is used to configure the service authority of the first electronic device and process the service request of the first electronic device according to the configured service authority.

Further, referring to FIG. 4 , the router also includes a device access management module, which is used to allocate IP address information to the first electronic device. In addition, the device access management module is also used to broadcast an access message after the first electronic device accesses the router, and the access message includes access information related to the first electronic device, such as the IP address information of the first electronic device and the MAC address information currently used to access the router.

As an example of the present application, the data acquisition module and the first module in the data control management module run in the kernel space; the second module in the data control management module and the device access management module run in the user space. The kernel space is the operating space of the kernel, which can execute any command and call all resources of the system; the user space is the operating space of some conventional processes, which can only perform simple operations, cannot directly call system resources, and needs to issue instructions to the kernel through the system interface. Since the kernel space and the user space are independent of each other, even if the conventional process crashes, the kernel will not be affected, that is, in the embodiment of the present application, parsing the device fingerprint features and the MAC address information of the electronic device has almost no influence on establishing the first mapping relationship and managing the first mapping relationship.

On the basis of the above embodiments, the method provided by the embodiment of the present application is introduced below. The method for managing devices provided by the embodiment of the present application is to manage the MAC address information of the first electronic device based on the first mapping relationship, so that the MAC address information in the service authority configuration information matches the MAC address information currently used by the first electronic device to access the router, thereby ensuring that the set service authority configuration information is not invalid. The first mapping relationship is the mapping between the device fingerprint feature of the first electronic device and the currently used MAC address information. For ease of understanding, the process of establishing the first mapping relationship is introduced below in conjunction with Figure 5:

Please refer to Figure 5, which is a flow chart of a method for establishing a first mapping relationship according to an exemplary embodiment. The embodiment of the present application takes the method implemented by the interaction between the router and the first electronic device as an example. Further, the router interacts with the first electronic device through the above-mentioned multiple modules. Exemplarily, the method may include some or all of the following contents:

Step 501: A first electronic device accesses a router using first MAC address information.

The first MAC address information is the MAC address information used by the first electronic device to access the router this time. In one possible case, the first MAC address information is the original MAC address information of the first electronic device, that is, the MAC address information fixedly set by the first electronic device when it leaves the factory. For example, when the first electronic device accesses the router for the first time, it uses its original MAC address information to access. In another possible case, the first MAC address information is the MAC address information randomly generated when the first electronic device accesses the router this time. The embodiment of the present application is described by taking the example that the first MAC address information is the original MAC address information of the first electronic device.

When the first electronic device uses the first MAC address information to request access to the router, the router establishes a link with the first electronic device, and then allocates IP address information to the first electronic device through the device access management module, so that the first electronic device successfully accesses the router.

It should be noted that the first electronic device accessing the router described in the embodiment of the present application means that the first electronic device has been connected to the WiFi network of the router, or in other words, the router has allocated Internet Protocol (IP) address information to the first electronic device, and the first electronic device can access the Internet through the router.

Step 502: The device access management module sends an access message to the data control management module. The access message carries access information of the first electronic device.

In one example, the access information of the first electronic device includes first MAC address information and IP address information.

That is, after determining that the first electronic device has successfully accessed the router, the device access management module can send an access message to the data control management module to notify the device control management module that the first electronic device has accessed, and notify the device control management module of the access information of the first electronic device.

In one example, the first MAC address information may be reported by the kernel space to the device access management module through netlink, wherein netlink is an inter-process communication (IPC) mechanism, which is a mechanism for communication between the kernel space and the user space.

Step 503: The data control management module pulls up the second module and sends access information to the second module.

In one example, the second module is a netbiosc process.

That is, after receiving the access message, the data control management module pulls up the second module and sends the access information of the currently connected first electronic device to the second module. As an example, the data control management module can splice the access information of the first electronic device into command parameters according to preset rules, and then send the spliced command parameters to the second module.

Step 504: The second module sends a NetBIOS detection message to the first electronic device based on the access information.

As an example of the present application, the second module sends a NetBIOS detection message to the first electronic device based on the IP address information and the first MAC address information to request information such as device fingerprint features of the first electronic device.

For example, part of the content of the NetBIOS detection message is as follows:

＞Intrnet Protocol Version 4,Src:192.168.6.111,Dst:192.168.6.47

＞User Datagram Protocol,Src Port:137,Dst Port:137

∨NetBIOS Name Service

Transaction ID:0xfela

＞Flags:0x000,Opcode:Name query

Step 505: After receiving the NetBIOS detection message, the first electronic device generates a NetBIOS response message based on its own device fingerprint feature and the first MAC address information.

In one example, the first electronic device receives a NetBIOS detection message through a netbios services process.

Step 506: The first electronic device sends a NetBIOS response message to the second module.

That is, after receiving the NetBIOS detection message, the first electronic device responds to the router with its own device fingerprint and the first MAC address information via a NetBIOS response message. As an example, the first electronic device sends a NetBIOS response message to the second module via a netbios services process.

Step 507: The second module parses the character string corresponding to the name field in the NetBIOS response message to obtain the device fingerprint feature.

After the second module monitors the NetBIOS response message, it parses the name field in the NetBIOS response message, thereby obtaining the device fingerprint feature. For example, the message content including the name field in the NetBIOS response message is as follows:

＞Intrnet Protocol Version 4,Src:192.168.6.47,Dst:192.168.6.111

＞User Datagram Protocol,Src Port:137,Dst Port:137

∨NetBIOS Name Service

Transaction ID: 0xfela

＞Flags:0x8400,Response,Opcode:Name query,Authoritative,Reply code:Noerror

...

∨Answers

∨...

∨Name flags:0x8400,Name type,ONT:B-node,Name is active

Name:LAPTOP-NF89D0NP<00>(workstation/Redirector)

In this case, the second module can obtain the character string LAPTOP-NF89D0NP after parsing the name field in the NetBIOS response message, and the character string is the device fingerprint feature of the first electronic device.

In addition, during the message transmission process, the first electronic device will encapsulate MAC address information and other information in the outer layer of the message, such as Intrnet Protocol Version 4, Src:192.168.6.47, Dst:192.168.6.111 in the above message, which is the encapsulated MAC address information, thereby packaging the message into a data frame. Therefore, by parsing the monitored NetBIOS response message (that is, the data frame), the first MAC address information of the first electronic device can be obtained, for example, the first MAC address information is 192.168.6.47.

Step 508: The second module sends the device fingerprint feature and the first MAC address information to the data control management module.

After parsing the device fingerprint feature of the first electronic device, the second module reports the device fingerprint feature and the first MAC address information of the first electronic device to the data control management module, wherein the first MAC address information can be parsed from the NetBIOS response message.

Step 509: The data control management module establishes a first mapping relationship based on the device fingerprint feature and the first MAC address information.

That is, the data control management module associates the device fingerprint feature with the first MAC address information.

Step 510: The data control management module stores the first mapping relationship in the database.

It should be noted that step 502 to step 510 is an optional embodiment. In another example, after the first electronic device is connected to the router, the router and the first electronic device may not perform NetBIOS message interaction.

Step 511: When the first electronic device is connected to the router, the first module monitors messages belonging to the target type.

The target type of message is a message including a device fingerprint feature. As an example of the present application, the target type of message includes a multicast Domain Name System (MDNS) message, a datagram transport layer security (DTLS) message, and a BROWSER message.

Normally, after the first electronic device is connected to the router, it will interact with the router through some messages according to business needs, and the messages sent are different when the type and brand of the first electronic device are different. In one example, when the first electronic device is a computer (window) or mobile phone type electronic device, after the first electronic device of some manufacturers is connected to the router, it may send an MDNS message to the router to notify the communication information of the first electronic device itself to other electronic devices connected to the same local area network through the MDNS message, such as the communication information includes the IP address information and device name of the first electronic device, so that other electronic devices can find the first electronic device based on the communication information, and then communicate with the first electronic device when necessary. In another example, when the first electronic device is a mobile phone or computer type electronic device, after the first electronic device of some manufacturers is connected to the router, it may also send a DTLS message to the router to achieve mutual discovery with other electronic devices through the DTLS message, so that the first electronic device can establish communication with other electronic devices in the local area network. In addition, when the first electronic device is a computer-type electronic device, after the first electronic device of certain manufacturers is connected to the router, it may also send a BROWSER message to the router to exchange information with other electronic devices through the BROWSER message, for example, the information includes access information, operating system version, domain name, machine name, etc.

It can be seen that when the first electronic device is an electronic device of a different type and a different manufacturer, the message sent by the first electronic device after accessing the router is different. Based on this, since it is uncertain what kind of message the first electronic device sends after accessing the router, that is, the router cannot determine which type of message of the target type the first electronic device will send after accessing, after the first electronic device accesses the router, the router simultaneously monitors all types of messages of the target type through the first module, that is, it simultaneously monitors MDNS messages, DTLS messages, and BROWSER messages, so that no matter which type of message of the three types is sent by the first electronic device, the first module can monitor it.

As an example of the present application, the specific implementation of the first module monitoring the messages belonging to the target type includes: the first module monitors the messages of the target type through the first hook and the second hook respectively, where the first hook is used to monitor the MDNS messages, and the second hook is used to monitor the DTLS messages and the BROWSER messages.

In one example, the first hook and the second hook are two hooks in the bridge of the router. For example, as shown in FIG6 , the first hook is NF_BR_LOCAL_IN HOOK and the second hook is NF_INET_LOCAL_IN HOOK. That is, the monitoring function of the target type of message can be added to NF_BR_LOCAL_IN HOOK and NF_INET_LOCAL_IN HOOK respectively. In this way, the purpose of message monitoring is achieved while reducing development.

Please refer to Figure 6, NF_BR_LOCAL_IN HOOK is in the link layer of the kernel, and NF_INET_LOCAL_IN HOOK is in the network layer of the kernel.

It should be noted that there is no strict execution order between step 511 and steps 502 to 510 .

Step 512: When the first module monitors a message belonging to the target type, it analyzes the monitored message to obtain a device fingerprint feature.

As described above, before the first electronic device sends a message to the router, it packages the message into a data frame, carries the first MAC address information, port number, protocol type and other information in the data frame, and then sends the data frame to the router. Accordingly, after the router receives the data frame through the first module, the first MAC address information can be parsed from the data frame. In addition, the first module can parse the port number and protocol type from the data frame, so that the type of the message can be determined based on the port number and protocol type.

As an example of the present application, when the first module monitors a message and determines that the type of the message belongs to the target type based on the port number and protocol information, the first module parses the message according to the parsing rules corresponding to the type of the currently received message to obtain the device fingerprint characteristics of the first electronic device.

Among them, the parsing rules corresponding to different types of messages are generally different. The parsing rules corresponding to various types of messages in the target type can be set according to needs. Specifically, the following possible situations can be included:

In one possible case, the first electronic device sends an MDNS message to the router after accessing the router. In this case, the first module will monitor the MDNS message through NF_BR_LOCAL_IN HOOK. After that, the first module will parse the string corresponding to the first key field in the Queries area of the monitored MDNS message through NF_BR_LOCAL_IN HOOK to determine the device fingerprint feature of the first electronic device.

The character string corresponding to the first key field includes the device fingerprint feature. In one example, the first key field is the name field. Exemplarily, part of the content of the MDNS message monitored from the first electronic device is as follows:

∨Multicast Domain Name System(query)

∨Queries

∨s00013130.local:type ANY,class IN,"QM"question

Name:s00013130.local

In this case, the first module can traverse the Queries area in the MDNS message through the NF_BR_LOCAL_IN HOOK to find the name field in the Queries area, and then parse the string corresponding to the name field. For example, the parsed string is s00013130.local, and the parsed string is determined as the device fingerprint feature of the first electronic device, that is, the device fingerprint feature of the first electronic device can be determined as "s00013130.local".

In another possible case, after the first electronic device accesses the router, it sends a DTLS message to the router. In this case, the first module will monitor the DTLS message through NF_INET_LOCAL_IN HOOK. After that, the first module parses the string corresponding to the second key field in the DTLS message through NF_INET_LOCAL_IN HOOK to obtain the device fingerprint feature of the first electronic device. The second key field is a field associated with the device fingerprint feature. In one example, the second key field is a UDID field.

Exemplarily, part of the monitored DTLS message from the first electronic device is as follows:

P...＝.192.168.6.255..device_discover.{"deviceID":"{\"UDID\":\"F02C4E4236FA24888\"}","devicename":"HONOR 50Pro","type":14," hicomversion":"3.2.0.0","mode":1,"deviceHash":"0","serviceData":"EID:0,gId:B7,...}"

In this case, the first module parses the string corresponding to the UDID field in the DTLS message through NF_INET_LOCAL_IN HOOK, that is, parses the "F02C4E4236FA24888" string corresponding to the "UDID" field, and then determines the string as the device fingerprint feature of the first electronic device, that is, determines the device fingerprint feature of the first electronic device as "F02C4E4236FA24888".

In another possible case, the first electronic device sends a BROWSER message to the router after accessing the router. In this case, the first module will monitor the BROWSER message through the NF_INET_LOCAL_IN HOOK. After that, the first module parses the string corresponding to the third key field in the BROWSER message through the NF_INET_LOCAL_IN HOOK to obtain the device fingerprint feature of the first electronic device. The third key field is a field associated with the device fingerprint feature.

In an example, the third key field is the response computer name field of a message whose command is Request Announcement (0x02), or the third key field is the Host Name field of a message whose command is Host Announcement (0x01).

For example, part of the monitored BROWSER message from the first electronic device is as follows:

＞Ethernet II,Src:0e:89:c1:15:fc:25(0e:89:c1:15:fc:25),Dst:Broadcast(ff:ff:ff:ff:ff:ff)

＞Internet Protocol Version 4,Src:192.168.3.13,Dst:192.168.3.255

＞User Datagram Protocol,Src Port:138,Dst Port:138

＞NetBIOSDatagram Service

∨Microsoft Windows Browser Protoclo

Command:Requst Announcement(0x02)

Unused flags:0x00

Response Computer Name:LAPTOP-NF89D0NP

In this case, the first module parses the string corresponding to the response computer name field of the message whose command is RequestAnnouncement (0x02) through NF_INET_LOCAL_IN HOOK to obtain the string LAPTOP-NF89D0NP. The first module determines the obtained string as the device fingerprint feature of the first electronic device, that is, determines that the device fingerprint feature of the first electronic device is LAPTOP-NF89D0NP.

For another example, part of the content of the BROWSER message monitored from the first electronic device is as follows:

＞Ethernet II,Src:0e:89:c1:15:fc:25(0e:89:c1:15:fc:25),Dst:Broadcast(ff:ff:ff:ff:ff:ff)

＞Internet Protocol Version 4,Src:192.168.3.13,Dst:192.168.3.255

＞User Datagram Protocol,Src Port:138,Dst Port:138

＞NetBIOS Datagram Service

∨Microsoft Windows Browser Protoclo

Command:Host Announcement(0x01)

Update Count:0

Update Periodicity: 12 minutes

Host Name:LAPTOP-NF89D0NP

In this case, the first module parses the string corresponding to the Host Name field of the Host Announcement (0x01) message through NF_INET_LOCAL_IN HOOK, and the obtained string is LAPTOP-NF89D0NP. The first module determines the obtained string as the device fingerprint feature of the first electronic device, that is, determines that the device fingerprint feature of the first electronic device is LAPTOP-NF89D0NP.

In another possible case, the first module may also monitor two or more types of messages. In this case, the first module may parse each of the two or more types of messages monitored according to the above-mentioned possible implementation methods to obtain the device fingerprint features carried in each message. For example, the first module may monitor MDNS messages and BROWSER messages. In this case, the first module parses the device fingerprint features in the MDNS message through NF_BR_LOCAL_IN HOOK according to the above-mentioned first possible implementation method, and the first module parses the device fingerprint features in the BROWSER message through NF_INET_PRE_FORWARD HOOK according to the above-mentioned third possible implementation method.

It should be noted that the above is explained by taking the example of monitoring DTLS messages and BROWSER messages through NF_INET_LOCAL_IN HOOK. In another example, DTLS messages and BROWSER messages can also be monitored through other hooks in the link layer, which is not limited in the embodiment of the present application.

Step 513: The first module reports the device fingerprint feature and the first MAC address information to the data control management module.

In one example, the first module reports the device fingerprint feature and the first MAC address information of the first electronic device to the data control management module through netlink.

Step 514: The data control management module establishes a first mapping relationship based on the device fingerprint feature and the first MAC address information, and stores it in the database.

In one possible case, the data control management module has not established the first mapping relationship. In this case, after receiving the device fingerprint feature and the first MAC address information reported by the first module, the data control management module establishes the first mapping relationship between the device fingerprint feature and the first MAC address information.

As an example of the present application, when multiple messages belonging to the target type and different types are monitored, the device fingerprint feature of the first electronic device is obtained from each of the multiple messages to obtain multiple device fingerprint features of the first electronic device. At this time, the specific implementation of establishing a first mapping relationship between the device fingerprint feature and the first MAC address information may include: performing fault-tolerant processing on the multiple device fingerprint features of the first electronic device, and performing deduplication processing on at least one device fingerprint feature of the first electronic device after the fault-tolerant processing. A first mapping relationship is established based on the device fingerprint feature of the first electronic device after the deduplication processing and the first MAC address information.

According to the previous records, the first module may monitor different types of messages. After parsing, the first module will obtain multiple device fingerprint features of the first electronic device, and the first module will report the multiple device fingerprint features of the first electronic device to the data control management module. In this case, the data control management module can perform deduplication processing on the multiple device fingerprint features, that is, delete the same device fingerprint features from the multiple device fingerprint features to obtain the deduplicated device fingerprint features. Afterwards, the deduplicated device fingerprint features can be fault-tolerantly processed, such as removing abnormal data. Among them, abnormal data is non-character and non-digital, or data that does not display information, or characters whose length does not match the length indicated in the message. After fault-tolerant processing, the data control management module establishes a first mapping relationship between the final device fingerprint feature and the first MAC address information.

After establishing the first mapping relationship, the data control management module stores the first mapping relationship in the database.

In another possible case, the data control management module has already established the first mapping relationship. For example, as described above, after the first electronic device is connected to the router, the router obtains the first MAC address information and device fingerprint characteristics of the first electronic device through the NetBIOS response message, and establishes the first mapping relationship. In this case, the data control management module can query the first MAC address information and device fingerprint characteristics from the database, and then the data control management module may no longer repeatedly establish the first mapping relationship.

It should be noted that the embodiment of the present application is described by taking the case where only the first electronic device is connected to the router as an example. In one possible case, in addition to the first electronic device, other electronic devices may be connected to the router. As an example, for the router, as long as there is an electronic device connected, the router can monitor the message belonging to the target type through the first module, and then parse the device fingerprint features and MAC address information in the monitored message, and then report it to the data control management module. The data control management module can establish a mapping relationship between each group of device fingerprint features and MAC address information reported by the first module, and store it in the database for management, so as to manage the MAC address information and device fingerprint features of each electronic device connected to the router.

Based on the above embodiment, the device management method provided by the embodiment of the present application is described in detail in combination with the business authority configuration scenario. Please refer to Figure 7, which is a flow chart of a device management method according to an exemplary embodiment, which can be applied to the router shown in Figure 4 above. The router interacts with the first electronic device through multiple modules. The method may include some or all of the following contents:

Step 701: After the service configuration module is started, it subscribes to a target message from the data control management module. The target message is used to publish MAC update information.

As an example of the present application, see FIG6 , the service configuration module is started after the router is running. Afterwards, the service configuration module can subscribe to the target message from the data control management module, so that the data control management module can notify the service configuration module through the target message when it determines that the MAC address information of any electronic device connected to the router has changed.

In one example, the target message is an ATP_MSG_RANDOMMAC_DEV_ONLINE message.

In one example, the service configuration module subscribes to the target message from the address management module in the data control management module.

Step 702: The first electronic device sends service authority configuration information to the service configuration module.

After the first electronic device uses the first MAC address information to access the router, the user can configure permissions for one or some services of the first electronic device. For example, the user can configure permissions for the child online protection service. The configuration process can refer to the application scenario shown in Figure 1. In this case, the first electronic device can send service permission configuration information to the service configuration module. The service permission configuration information includes the first MAC address information and the service permission of the first electronic device, so that the router stores the service permission configuration information locally, thereby facilitating the subsequent response to the service request of the first electronic device according to the service permission configuration information.

The embodiment of the present application is described by taking the configuration of the permissions of the first electronic device as an example. In another example, the router can be logged in through the second electronic device, and then the service permissions of the first electronic device can be configured. The embodiment of the present application is not limited to this.

Step 703: The business configuration module stores business authority configuration information.

Step 704: The service configuration module receives a service request from the first electronic device, where the service request carries the first MAC address information of the first electronic device.

That is, when the first electronic device is connected to the router, when the user uses the first electronic device to access the Internet, the first electronic device sends a service request to the router, and the service request includes the first MAC address information. In addition, the service request may also include relevant description information of the service requested by the first electronic device, so that the router can determine what kind of service the first electronic device is currently requesting based on the relevant description information.

Step 705: The service configuration module responds to the service request according to the service authority configuration information.

Since the mapping relationship between the first MAC address information and the configured service authority is recorded in the service authority configuration information, when receiving a service request from the first electronic device, the router determines whether the service currently requested by the first electronic device has been set with authority according to the service authority configuration information. If it is determined according to the service authority configuration information that the service currently requested by the first electronic device has been set with authority, the service request is responded to according to the set authority. For example, if the service request is a request to download a game application package, and the service authority configuration information indicates that the download of the game application package is prohibited, the service configuration module does not perform the download operation, and feeds back a download failure notification to the first electronic device. Otherwise, if it is determined according to the service authority configuration information that the service currently requested by the first electronic device has not been set with authority, the corresponding Internet access operation is performed. For example, if the service is a request to download a certain application package of the learning class, and the service authority configuration information does not indicate that the download of the application package of the learning class is prohibited, the service request can be forwarded to the corresponding server to download the application package requested by the first electronic device from the server.

The above describes how the router controls the Internet access of the first electronic device after the first electronic device is connected to the router and permissions are configured for a certain service of the first electronic device. On this basis, if the user triggers the first electronic device to forget the network and reconnect to the router, the first electronic device may use the randomly generated second MAC address information to access the router, and the second MAC address information is different from the first MAC address information. In this case, the router and the first electronic device perform the following operations:

Step 706: The first electronic device re-accesses the router using the second MAC address information.

The second MAC address information is randomly generated.

In one possible case, as shown in FIG. 2 , when the first electronic device uses the first MAC address information to access the router, the user can trigger the first electronic device to forget the network in the first electronic device, and then trigger the first electronic device to re-access the router. Accordingly, the first electronic device can generate random MAC address information (i.e., the second MAC address information), and then the first electronic device uses the second MAC address information to request access to the router. The router establishes a link with the first electronic device, and allocates IP address information through the device access management module, so that the first electronic device re-accesses the router, thereby connecting the first electronic device to the WiFi network, and the first electronic device can continue to access the Internet through the router.

Step 707: After the first electronic device uses the second MAC address information to access the router, the device access management module sends an access message to the data control management module. The access message carries access information when the first electronic device re-accesses.

The access information during re-access includes the second MAC address information and the reallocated IP address information.

Step 708: The data control management module sends access information to the second module.

For its specific implementation, please refer to step 503 in the embodiment shown in FIG. 5 .

Step 709: The second module obtains the device fingerprint feature and the second MAC address information of the first electronic device based on the access information.

For its specific implementation, please refer to steps 504 to 507 in the embodiment shown in FIG. 5 .

Step 710: The second module sends the device fingerprint feature and the second MAC address information to the data control management module.

For its specific implementation, please refer to step 508 in the embodiment shown in FIG. 5 .

After the data control management module receives the device fingerprint feature and the second MAC address information reported by the second module, the operation proceeds to the following step 713 .

It should be noted that steps 707 to 710 are optional operations.

Step 711: when the first module monitors a message of the target type, a device fingerprint feature of the first electronic device is parsed from the monitored message.

As mentioned above, when an electronic device is connected to the router, the first module starts to monitor the target type of message, so when the first electronic device sends a target type of message to the router, the first module can monitor the message. After that, the device fingerprint feature of the first electronic device can be parsed from the monitored message. In addition, the second MAC address information can also be parsed.

The process of the first module monitoring messages of the target type and parsing messages of different types can be seen from steps 511 to 512 in the embodiment shown in FIG. 5 .

Step 712: The first module sends the device fingerprint feature and the second MAC address information to the data control management module.

Step 713: The data control management module queries the first MAC address information from the first mapping relationship based on the device fingerprint feature.

Since the first mapping relationship records the first MAC address information and the device fingerprint feature of the first electronic device, the data control management module can query the corresponding first MAC address information from the first mapping relationship according to the device fingerprint feature reported by the first module.

Step 714: When it is determined that the first MAC address information is different from the second MAC address information, the data control management module sends a target message to the service configuration module.

Since the service configuration module has subscribed to the target message, when it is determined that the first MAC address information is different from the second MAC address information, the data control management module sends the target message to the service configuration module. In one example, the target message carries the first MAC address information and the second MAC address information, which is used to indicate to the service configuration management module that the first MAC address information has been changed to the second MAC address information.

In one example, the data control management module sends a target message to the service configuration module through the address management module.

In addition, the data control management module modifies the first MAC address information in the first mapping relationship into the second MAC address information, so that when the first electronic device subsequently uses the third MAC address information to access the router, the router can still modify the second MAC address information into the third MAC address information according to the first mapping relationship.

Step 715: The service configuration module modifies the first MAC address information in the service authority configuration information into the second MAC address information.

Since the second MAC address information in the service authority configuration information matches the MAC address information currently used by the first electronic device to access the router, the configured service authority configuration information is still valid, so that when the second electronic device subsequently uses the second MAC address information to make a service request, the router can correctly respond to the service request, thereby ensuring the effectiveness of Internet access service control.

In an embodiment of the present application, in the case of receiving a service request from a first electronic device, the service request is responded to according to the service authority configuration information, and the service authority configuration information is used to indicate the mapping relationship between the service authority of the first electronic device and the first media access control MAC address information currently in use. In the case where the first electronic device re-accesses the router using the second MAC address information, the first MAC address information in the service authority configuration information is modified to the second MAC address information according to the first mapping relationship, and the first mapping relationship is used to record the mapping relationship between the device fingerprint feature of the first electronic device and the MAC address information. In this way, the MAC address information in the service authority configuration information matches the MAC address information used when the first electronic device accesses the router, that is, the service authority configuration information is always valid, thereby ensuring that the service authority of the first electronic device can be effectively controlled.

Next, the electronic device involved in the embodiment of the present application is briefly introduced. Please refer to Figure 8, which is a schematic diagram of the structure of an electronic device according to an exemplary embodiment. The electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (USB) interface 130, a charging management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, a button 190, a motor 191, an indicator 192, a camera 193, a display screen 194, and a subscriber identification module (SIM) card interface 195, etc. Among them, the sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, etc.

It is to be understood that the structure illustrated in the embodiment of the present application does not constitute a specific limitation on the electronic device 100. In other embodiments of the present application, the electronic device 100 may include more or fewer components than shown in the figure, or combine some components, or split some components, or arrange the components differently. The components shown in the figure may be implemented in hardware, software, or a combination of software and hardware.

The processor 110 may include one or more processing units, for example, the processor 110 may include an application processor (AP), a modem processor, a graphics processor (GPU), an image signal processor (ISP), a controller, a memory, a video codec, a digital signal processor (DSP), a baseband processor, and/or a neural-network processing unit (NPU), etc. Different processing units may be independent devices or integrated into one or more processors.

The controller may be the nerve center and command center of the electronic device 100. The controller may generate an operation control signal according to the instruction operation code and the timing signal to complete the control of fetching and executing instructions.

The processor 110 may also be provided with a memory for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may store instructions or data that the processor 110 has just used or cyclically used. If the processor 110 needs to use the instruction or data again, it may be directly called from the memory. This avoids repeated access, reduces the waiting time of the processor 110, and thus improves the efficiency of the system.

In some embodiments, the processor 110 may include one or more interfaces, such as an inter-integrated circuit (I2C) interface, an inter-integrated circuit sound (I2S) interface, a pulse code modulation (PCM) interface, a universal asynchronous receiver/transmitter (UART) interface, a mobile industry processor interface (MIPI), a general-purpose input/output (GPIO) interface, a subscriber identity module (SIM) interface, and/or a universal serial bus (USB) interface, etc.

It is understandable that the interface connection relationship between the modules illustrated in the embodiment of the present application is only a schematic illustration and does not constitute a structural limitation on the electronic device 100. In other embodiments of the present application, the electronic device 100 may also adopt different interface connection methods in the above embodiments, or a combination of multiple interface connection methods.

The charging management module 140 is used to receive charging input from a charger. The charger may be a wireless charger or a wired charger. In some wired charging embodiments, the charging management module 140 may receive charging input from a wired charger through the USB interface 130. In some wireless charging embodiments, the charging management module 140 may receive wireless charging input through a wireless charging coil of the electronic device 100. While the charging management module 140 is charging the battery 142, it may also power the electronic device 100 through the power management module 141.

The power management module 141 is used to connect the battery 142, the charging management module 140 and the processor 110. The power management module 141 receives input from the battery 142 and/or the charging management module 140, and supplies power to the processor 110, the internal memory 121, the external memory, the display screen 194, the camera 193 and the wireless communication module 160. The power management module 141 can also be used to monitor parameters such as battery capacity, battery cycle number, battery health status (leakage, impedance), etc. In some other embodiments, the power management module 141 can also be set in the processor 110. In other embodiments, the power management module 141 and the charging management module 140 can also be set in the same device.

The wireless communication function of the electronic device 100 can be implemented through the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modem processor and the baseband processor.

Antenna 1 and antenna 2 are used to transmit and receive electromagnetic wave signals. Each antenna in the electronic device 100 can be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve the utilization of the antennas. For example, antenna 1 can be reused as a diversity antenna for a wireless local area network. In some other embodiments, the antenna can be used in combination with a tuning switch.

The wireless communication module 160 can provide wireless communication solutions for application in the electronic device 100, including wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), Bluetooth (BT), global navigation satellite system (GNSS), frequency modulation (FM), near field communication technology (NFC), infrared technology (IR), etc.

The electronic device 100 implements the display function through a GPU, a display screen 194, and an application processor. The GPU is a microprocessor for image processing, which connects the display screen 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or change display information.

The display screen 194 is used to display images, videos, etc. The display screen 194 includes a display panel. The display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light emitting diode or an active-matrix organic light emitting diode (AMOLED), a flexible light-emitting diode (FLED), Miniled, MicroLed, Micro-oLed, a quantum dot light-emitting diode (QLED), etc. In some embodiments, the electronic device 100 may include 1 or N display screens 194, where N is an integer greater than 1.

The electronic device 100 can realize the shooting function through ISP, camera 193, video codec, GPU, display screen 194 and application processor.

The external memory interface 120 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the electronic device 100. The external memory card communicates with the processor 110 through the external memory interface 120 to implement a data storage function, such as storing music, video and other files in the external memory card.

The internal memory 121 can be used to store computer executable program codes, which include instructions. The processor 110 executes various functional applications and data processing of the electronic device 100 by running the instructions stored in the internal memory 121. The internal memory 121 may include a program storage area and a data storage area. Among them, the program storage area may store an operating system, an application required for at least one function (such as a sound playback function, an image playback function, etc.), etc. The data storage area may store data created by the electronic device 100 during use (such as audio data, a phone book, etc.), etc. In addition, the internal memory 121 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one disk storage device, a flash memory device, a universal flash storage (UFS), etc.

The electronic device 100 can implement audio functions, such as music playback, recording, etc., through the audio module 170, the speaker 170A, the receiver 170B, the microphone 170C, the headphone interface 170D and the application processor.

The key 190 includes a power key, a volume key, etc. The key 190 may be a mechanical key or a touch key. The electronic device 100 may receive key inputs and generate key signal inputs related to user settings and function control of the electronic device 100.

Motor 191 can generate vibration prompts. Motor 191 can be used for incoming call vibration prompts, and can also be used for touch vibration feedback. Indicator 192 can be an indicator light, which can be used to indicate charging status, power changes, messages, missed calls, notifications, etc.

The software system of the electronic device 100 may adopt a layered architecture, an event-driven architecture, a micro-core architecture, a micro-service architecture, or a cloud architecture. The embodiment of the present application takes the Android system of the layered architecture as an example to exemplify the software system of the electronic device 100.

FIG9 is a block diagram of a software system of an electronic device 100 provided in an embodiment of the present application. Referring to FIG9 , the layered architecture divides the software into several layers, each layer having a clear role and division of labor. The layers communicate with each other through software interfaces. In some embodiments, the Android system is divided into four layers, namely, from top to bottom, the application layer, the application framework layer, the Android runtime (Android runtime) and the system layer, and the kernel layer.

The application layer may include a series of application packages. As shown in FIG9 , the application package may include applications such as camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, short message, etc.

The application framework layer provides an application programming interface (API) and a programming framework for the application of the application layer. The application framework layer includes some predefined functions. As shown in FIG9 , the application framework layer may include a window manager, a content provider, a view system, a phone manager, a resource manager, a notification manager, etc. The window manager is used to manage window programs. The window manager can obtain the size of the display screen, determine whether there is a status bar, lock the screen, capture the screen, etc. The content provider is used to store and obtain data and make these data accessible to applications. These data may include videos, images, audio, dialed and received calls, browsing history and bookmarks, phone books, etc. The view system includes visual controls, such as controls for displaying text, controls for displaying pictures, etc. The view system can be used to construct the display interface of the application. The display interface can be composed of one or more views, for example, including a view for displaying a text message notification icon, a view for displaying text, and a view for displaying pictures. The phone manager is used to provide communication functions of the electronic device 100, such as management of call status (including connected, hung up, etc.). The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, etc. The notification manager enables applications to display notification information in the status bar. It can be used to convey notification-type messages and can disappear automatically after a short stay without user interaction. For example, the notification manager is used to notify the completion of downloads, message reminders, etc. The notification manager can also be a notification that appears in the system's top status bar in the form of an icon or scroll bar text, such as notifications from applications running in the background. The notification manager can also be a notification that appears on the screen in the form of a dialog window, such as a text message prompt in the status bar, a beep, an electronic device vibrating, an indicator light flashing, etc.

Android Runtime includes core libraries and virtual machines. Android runtime is responsible for scheduling and management of the Android system. The core library consists of two parts: one is the function that the Java language needs to call, and the other is the Android core library. The application layer and the application framework layer run in the virtual machine. The virtual machine executes the Java files of the application layer and the application framework layer as binary files. The virtual machine is used to perform object life cycle management, stack management, thread management, security and exception management, and garbage collection.

The system library can include multiple functional modules, such as: surface manager, media library, 3D graphics processing library (such as: OpenGL ES), 2D graphics engine (such as: SGL), etc. The surface manager is used to manage the display subsystem and provide fusion of 2D and 3D layers for multiple applications. The media library supports playback and recording of a variety of commonly used audio and video formats, as well as static image files, etc. The media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc. The 3D graphics processing library is used to implement 3D graphics drawing, image rendering, synthesis, and layer processing, etc. The 2D graphics engine is a drawing engine for 2D drawing.

The kernel layer is the layer between hardware and software. The kernel layer contains at least display driver, camera driver, audio driver, and sensor driver.

The following is an illustrative description of the workflow of the software and hardware of the electronic device 100 in conjunction with capturing a photo scene.

When the touch sensor 180K receives a touch operation, the corresponding hardware interrupt is sent to the kernel layer. The kernel layer processes the touch operation into an original input event (including touch coordinates, timestamp of the touch operation, and other information). The original input event is stored in the kernel layer. The application framework layer obtains the original input event from the kernel layer and identifies the control corresponding to the original input event. For example, if the touch operation is a single-click operation and the control corresponding to the single-click operation is the control of the camera application icon, the camera application calls the interface of the application framework layer, starts the camera application, and then calls the kernel layer to start the camera driver to capture static images or videos through the camera 193.

In the above embodiments, it can be implemented in whole or in part by software, hardware, firmware or any combination thereof. When implemented using software, it can be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer instructions are loaded and executed on the router, the process or function described in the embodiment of the present application is generated in whole or in part. The computer instructions can be stored in a computer-readable storage medium, or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions can be transmitted from a website site, router, server or data center by wired (such as: coaxial cable, optical fiber, data subscriber line (Digital Subscriber Line, DSL)) or wireless (such as: infrared, wireless, microwave, etc.) mode to another website site, router, server or data center. The computer-readable storage medium can be any available medium that the router can access, or a data storage device such as a server, data center, etc. that includes one or more available media integrated. The available medium may be a magnetic medium (eg, a floppy disk, a hard disk, a magnetic tape), an optical medium (eg, a digital versatile disc (DVD)), or a semiconductor medium (eg, a solid state drive (SSD)).

The above are optional embodiments provided for the present application and are not intended to limit the present application. Any modifications, equivalent substitutions, improvements, etc. made within the technical scope disclosed in the present application shall be included in the protection scope of the present application.

Claims (11)

1. A device management method, characterized in that it is applied to a router, and the method comprises: In the case of receiving a service request from a first electronic device, responding to the service request according to the service authority configuration information, wherein the first electronic device is any electronic device connected to the router, and the service authority configuration information is used to indicate a mapping relationship between the service authority of the first electronic device and the first media access control MAC address information currently in use; When the first electronic device re-accesses the router using the second MAC address information, monitoring messages of a target type, wherein the messages of the target type include multicast domain name system MDNS messages, datagram transport layer security protocol DTLS messages, and BROWSER messages; When a message of the target type is monitored, a device fingerprint feature is obtained from the monitored message; According to the device fingerprint feature, query the corresponding MAC address information from the first mapping relationship to obtain the first MAC address information, wherein the first mapping relationship is used to record the mapping relationship between the device fingerprint feature of the first electronic device and the MAC address information; When the first MAC address information is different from the second MAC address information, the first MAC address information in the service authority configuration information is modified to the second MAC address information. 2. The method according to claim 1, characterized in that the method further comprises: The first MAC address information in the first mapping relationship is modified to the second MAC address information. 3. The method according to claim 1, wherein when the first electronic device re-accesses the router using the second MAC address information, monitoring a target type of message comprises: When the first electronic device uses the second MAC address information to re-access the router, the target type of message is monitored through the first hook and the second hook respectively, wherein the first hook is used to monitor the MDNS message, and the second hook is used to monitor the DTLS message and the BROWSER message. 4. The method according to claim 3, wherein when a message of the target type is monitored, obtaining the device fingerprint feature from the monitored message comprises: When the MDNS message is intercepted, the character string corresponding to the first key field in the MDNS message is parsed to obtain the device fingerprint feature; When the DTLS message is intercepted, the character string corresponding to the second key field in the DTLS message is parsed to obtain the device fingerprint feature; When the BROWSER message is monitored, the character string corresponding to the third key field in the BROWSER message is parsed to obtain the device fingerprint feature. 5. The method according to claim 4, wherein the first key field is a name field, the second key field is a UDID field, and the third key field is a response computer name field of a message whose command is Request Announcement (0x02) or a Host Name field of a message whose command is Host Announcement (0x01). 6. The method according to any one of claims 3 to 5, characterized in that the first hook is NF_BR_LOCAL_INHOOK, and the second hook is NF_INET_LOCAL_IN HOOK. 7. The method according to any one of claims 3 to 5, characterized in that the method further comprises: In response to the first electronic device re-accessing the router using the second MAC address information, sending a NetBIOS detection message to the first electronic device; The NetBIOS response message sent by the first electronic device is monitored. 8. The method according to claim 7, wherein when a message of the target type is monitored, obtaining the device fingerprint feature from the monitored message comprises: When the NetBIOS response message is monitored, the character string corresponding to the name field in the NetBIOS response message is parsed to obtain the device fingerprint feature. 9. The method according to any one of claims 1 to 5, characterized in that the router comprises a data acquisition module, a data control management module and a service configuration module: The acquiring the device fingerprint feature according to the message exchanged between the first electronic device and the router when the first electronic device re-accesses the router using the second MAC address information includes: When the first electronic device re-accesses the router using the second MAC address information, the data acquisition module obtains the device fingerprint feature according to the message exchanged between the first electronic device and the router; The data acquisition module sends the device fingerprint feature and the second MAC address information to the data control management module; Querying corresponding MAC address information from the first mapping relationship according to the device fingerprint feature to obtain the first MAC address information includes: The data control management module queries the corresponding MAC address information from the first mapping relationship according to the device fingerprint feature to obtain the first MAC address information; When the first MAC address information is different from the second MAC address information, modifying the first MAC address information in the service authority configuration information to the second MAC address information includes: In a case where the first MAC address information is different from the second MAC address information, the data control management module sends a target message to the service configuration module, where the target message carries the first MAC address information and the second MAC address information; The service configuration module modifies the first MAC address information in the service authority configuration information into the second MAC address information according to the first MAC address information. 10. A router, characterized in that the router comprises a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the method according to any one of claims 1 to 9 when executing the computer program. 11. A computer-readable storage medium, characterized in that the computer-readable storage medium stores instructions, which, when executed on a computer, enable the computer to execute the method according to any one of claims 1 to 9.