[go: up one dir, main page]

CN119966869A - Network detection control device and method - Google Patents

Network detection control device and method Download PDF

Info

Publication number
CN119966869A
CN119966869A CN202510184620.3A CN202510184620A CN119966869A CN 119966869 A CN119966869 A CN 119966869A CN 202510184620 A CN202510184620 A CN 202510184620A CN 119966869 A CN119966869 A CN 119966869A
Authority
CN
China
Prior art keywords
network
external
data
card
linux
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202510184620.3A
Other languages
Chinese (zh)
Inventor
李卫星
李平师
刘轩
邵宝昆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
AMPLESKY COMMUNICATION TECHNOLOGIES Ltd
Original Assignee
AMPLESKY COMMUNICATION TECHNOLOGIES Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by AMPLESKY COMMUNICATION TECHNOLOGIES Ltd filed Critical AMPLESKY COMMUNICATION TECHNOLOGIES Ltd
Priority to CN202510184620.3A priority Critical patent/CN119966869A/en
Publication of CN119966869A publication Critical patent/CN119966869A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0823Errors, e.g. transmission errors
    • H04L43/0829Packet loss
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0852Delays
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0852Delays
    • H04L43/087Jitter
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • H04L49/208Port mirroring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/70Virtual switches

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a network detection control device and a network detection control method, which aim to solve the problem that the prior art generally has limitation in accessing equipment through a mirror image port of a switch. The device is connected through a network interface, allows network control through a wireless network, comprises a linux system, a wifi module, a flash memory chip, a first network card and a second network card, wherein the first network card and the second network card are bridged through a virtual network bridge technology provided by the linux system, first external equipment is connected to the second external equipment through the first network card and the second network card in sequence, the first network card is connected to the first external network equipment through the network interface and a network cable, and the second network card is connected to the second external network equipment through the network interface and the network cable.

Description

Network detection control equipment and method
Technical Field
The present application relates to the field of network detection technologies, and in particular, to a network detection device.
Background
In the process of network management and maintenance, network monitoring is an important link for ensuring network performance, security and stability. In order to realize effective network monitoring, a technical scheme is generally adopted, in which a specific monitoring device is accessed through a mirror port (also called SPAN port, english name SwitchedPortAnalyzer) of a switch to capture a data packet flowing through the switch. These packets are then analyzed to provide critical information about network traffic patterns, potential security threats, and network health.
However, while this switch mirror-based approach is widely used in practice, it also has some objective limitations. First, not all switches are configured with mirror ports, which is especially common in some small or older models of network devices. Second, in those environments that do be equipped with a mirror, these resources may already be occupied due to other monitoring or security requirements. In this case, if room is needed for a new monitoring task, the existing settings must be reconfigured, which may interrupt the ongoing monitoring activity or, in the worst case, affect the overall performance and stability of the network.
Disclosure of Invention
The application provides a network detection control device and a network detection control method, which aim to solve the problem that the prior art generally has limitation in accessing equipment through a mirror image port of a switch.
In a first aspect, a network detection control device is provided, including a linux device, a first network card and a second network card;
the linux device is connected with the first network card and the second network card and is used for creating a virtual network bridge between the first network card and the second network card, and data forwarding between the first network card and the second network card is realized through the virtual network bridge;
The first network card is connected to the first external network device through a network interface network cable and is used as a network data entry to receive data from the first external network device;
The second network card is connected to the second external network device through a network interface network cable, and is used as an outlet of network data, and the network data forwarded from the first network card through the virtual network bridge is sent to the second external network device, so that the original network cable connection of the first external network device and the second external network device is replaced.
In the scheme, the wireless network communication system further comprises a wifi module, wherein the wifi module is connected with the linux equipment and is used for realizing data packet inter-conversion with the virtual network bridge through a forwarding mechanism of the linux system, meanwhile, the wifi module provides a wireless network, and the external monitoring equipment is connected with the wireless network to control the linux equipment so as to control network communication between the first external network equipment and the second external network equipment.
In the scheme, the virtual network bridge further comprises a flash memory chip, wherein the flash memory chip is connected with the linux device and used for storing the data packets grabbed on the virtual network bridge.
In the scheme, the system also comprises a wifi module and a flash memory chip;
The wifi module is connected with the linux device and realizes the data packet inter-conversion with the virtual network bridge through a forwarding mechanism of the linux system, meanwhile, the wifi module provides a wireless network, the external monitoring device controls the linux device through connecting the wireless network and further controls network communication between the first external network device and the second external network device, and the flash memory chip is connected with the linux device and used for storing the data packet grabbed on the virtual network bridge.
In the above solution, optionally, the network interface is an RJ45 network port.
In the above scheme, optionally, after the first network card and the second network card are bridged by the virtual bridge, the first network card and the second network card become ports of the virtual bridge, the ip address and the mac address of the ports are not directly used for network communication any more, and are uniformly managed by the virtual bridge, and the virtual bridge decides to receive the local data packet, forwards, discards or broadcasts the data packet according to the destination mac address of the data packet.
In a second aspect, a network detection method is provided, and the network detection method is based on network detection control equipment, wherein the equipment comprises a linux device, a wifi module, a flash memory chip, a first network card and a second network card; the method comprises the steps that a first network card and a second network card are connected to a linux device, a virtual network bridge is created between the first network card and the second network card, the first network card is connected to a first external network device through a network interface network cable and used as an inlet of network data to receive data from the first external network device, the second network card is connected to a second external network device through the network interface network cable and used as an outlet of the network data to send the network data forwarded from the first network card and passing through the virtual network bridge to the second external network device, the wifi module is connected with the linux device, a wireless network is provided at the same time, an external monitoring device logs in a control page of the linux device through the wireless network and further controls the linux device, the flash memory chip is connected with the linux device and used for storing data packets grabbed on the virtual network bridge, and the network detection method is applied to the linux device and comprises the steps that:
responding to a network detection instruction sent by a user through external monitoring equipment, and starting a data packet capturing tool;
The method comprises the steps of capturing all data packets passing through a virtual network bridge, storing the captured data packets in a flash memory chip, analyzing the captured data packets by using a pre-defined algorithm, identifying the protocol format and port number of the data packets, classifying and searching suspicious behaviors;
displaying the analysis result on a control page for a user to check;
and responding to a detection instruction sent by a user through the external monitoring equipment, and isolating the suspicious equipment or performing corresponding measures.
In the above scheme, the method further optionally further comprises analyzing the captured data packet by using a pre-defined algorithm, if a video stream is detected, performing video decoding, and displaying video content through a control page.
In a third aspect, a network control method is provided, where the network control method is based on network detection control equipment, and the equipment includes a linux device, a wifi module, a flash memory chip, a first network card and a second network card; the method comprises the steps that a first network card and a second network card are connected to a linux device, a virtual network bridge is created between the first network card and the second network card, the first network card is connected to a first external network device through a network interface network cable and used as an inlet of network data to receive data from the first external network device, the second network card is connected to a second external network device through the network interface network cable and used as an outlet of the network data to send the network data forwarded from the first network card and passing through the virtual network bridge to the second external network device, the wifi module is connected with the linux device, a wireless network is provided at the same time, an external monitoring device logs in a control page of the linux device through the wireless network and further controls the linux device, the flash memory chip is connected with the linux device and used for storing data packets grabbed on the virtual network bridge, and the network control method is applied to the linux device and comprises the steps that:
Responding to a 'network control' command sent by a user through external monitoring equipment, analyzing the protocol format and port number of a network data packet by utilizing data in a linux kernel protocol stack through a pre-defined algorithm, correspondingly filtering the protocol packet through a netfilter function of the linux, and logarithmically realizing network control on network jitter, delay and packet loss rate through a tc tool;
continuously monitoring the effect of network control, and recording related data by using a flash memory chip;
Responding to an adjustment instruction of a user, modifying a network control parameter, and feeding back the effect of network control to a control page in real time for the user to check;
and responding to a command of 'canceling network control' of a user, clearing the network control configuration and recovering the normal state of the network.
In a fourth aspect, a computer program product comprises a computer program/instruction which, when executed by a processor, implements the steps of the above method.
Compared with the prior art, the application has at least the following beneficial effects:
Based on further analysis and study of the problems in the prior art, the application recognizes that the prior art usually accesses equipment through a mirror image port of a switch to capture network packets, and then analyzes the network packets to perform related network analysis. The device mainly comprises a linux system and two network cards by providing a small-sized network device. The two real network cards of the device are connected out through the rj45 network port. In actual use, the device is connected to the switch network which needs to be detected or controlled, and then the device control page is logged in, so that the operation which is required to be performed can be selected. When the device works, the two network cards are bridged through the virtual switch technology, the two network cards are bridged together, all accessed data can be forwarded through the linux network card, or according to user selection, corresponding filtering can be performed according to principles such as protocols, ports, mac and the like. The method has the advantages of timely finding out the network environment problem, reducing the working pressure of operators, simulating the weak network environment to test network equipment, improving the weak network resistance of the equipment, improving the network detection efficiency, along with simple equipment access, easy upgrading and remote control.
The application further comprises a wifi module based on the linux system and the two network cards, the wifi module provides a wireless network, and the external equipment can control the network through the wireless network.
In addition, the application also comprises a flash memory chip, and a large amount of network storage can be performed through the memory function provided by the flash memory chip for manually analyzing the network condition.
Drawings
Fig. 1 is a schematic diagram of a connection relationship between network probe control devices according to a first embodiment of the present application.
Fig. 2 is a schematic diagram of a connection relationship between network probe control devices according to a second embodiment of the present application.
Fig. 3 is a schematic diagram of a connection relationship of a network probe control device according to a third embodiment of the present application.
Fig. 4 is a schematic diagram of a connection relationship of a network probe control device according to a fourth embodiment of the present application.
Fig. 5 is a schematic diagram of a connection relationship of a network probe control device according to a fifth embodiment of the present application.
Fig. 6 is a schematic diagram of a connection relationship between network probe control devices according to a sixth embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
In the description of the present application, unless otherwise indicated, the meaning of "a plurality" is two or more. The terms "first," "second," "third," and the like in this disclosure are intended to distinguish between the referenced objects without a special meaning in terms of technical connotation (e.g., should not be construed as emphasis on the degree of importance or order, etc.). The expressions "comprising", "including", "having", etc. also mean "not limited to" (certain units, components, materials, steps, etc.).
In one embodiment, referring to fig. 1, there is provided a network probing control device including a linux device, a first network card, and a second network card;
the linux device is connected with the first network card and the second network card and is used for creating a virtual network bridge between the first network card and the second network card and realizing data forwarding between the first network card and the second network card through the virtual network bridge;
the first network card is connected to the first external network device through a network interface network cable and is used as a network data entry to receive data from the first external network device;
The second network card is connected to the second external network device through the network interface network cable and is used as an outlet of network data, and the network data forwarded from the first network card through the virtual network bridge is sent to the second external network device, so that the original network cable connection of the first external network device and the second external network device is replaced.
In this embodiment, the first external network device and the second external network device are originally connected through a network cable, the connection mode refers to the dotted line part of fig. 1, after the network detection control device is connected to the first external network device and the second external network device through the first network card and the second network card, the original network cable connection relationship is replaced, and data forwarding between the first external network device and the second external network device is completed by the first network card, the second network card and a virtual bridge connecting the first network card and the second network card.
In this embodiment, the first external network device and/or the second external network device may be a switch (refer to fig. 3), a network terminal or other network devices, and the first external network device and the second external network device may be two external networks independent of each other or belong to the same external network.
The relationship between the first external network device and the second external network device may be varied and specifically includes, but is not limited to, the following:
(1) The first external network device and the second external network device may be two external network devices independent of each other, which are directly connected through a network cable, but do not belong to any larger network environment.
(2) The first external network device and the second external network device may belong to the same external network, for example, they are all connected to the same Local Area Network (LAN), and referring to fig. 4, a broken line portion between the first external network device and the second external network device indicates an original connection relationship, and after the network probe control device of the present application is accessed, the original network connection relationship is replaced.
(3) The first external network device or the second external network device may belong to an external network, and the other device communicates with the device through a network cable, referring to fig. 5, or the second external network device belongs to an external network, and a dotted line portion between the first external network device and the second external network device indicates an original connection relationship, and after the network probe control device of the present application is accessed, the original network cable connection relationship is replaced.
(4) The first external network device may belong to the network 1, and the second external network device may belong to the network 2, where the first external network device and the second external network device are connected via a network cable in some manner (such as a gateway or a router), and referring to fig. 6, a dotted line portion between the first external network device and the second external network device represents an original connection relationship, and after the network probe control device of the present application is accessed, the original network cable connection relationship is replaced.
The present application is applicable regardless of the topology between the first external network device and the second external network device as long as they are connected by a network cable and are capable of data communication.
In this embodiment, the naming of the first network card and the second network card is only for convenience of distinction and description, and does not represent a fixed connection object or a data flow direction thereof. In practical applications, the functions of the first network card and the second network card may be interchanged. For example, the first network card may be connected to a second external network device as an outlet for network data, and the second network card may be used as an inlet for network data.
The network bridge is designed to realize bidirectional forwarding of data, and the data flows in both directions between the first network card and the second network card. Thus, the "ingress" and "egress" roles of the first network card and the second network card are merely based on a description of one data transfer direction under the current device connection relationship, and do not represent their fixed functions.
In one embodiment, referring to fig. 2, the system further comprises a wifi module, wherein the wifi module is connected with the linux device and is used for realizing data packet inter-conversion with the virtual network bridge through a forwarding mechanism of the linux system, meanwhile, the wifi module provides a wireless network, and the external monitoring device controls the linux device through the connection of the wireless network so as to control network communication between the first external network device and the second external network device.
In one embodiment, the system further comprises a flash memory chip, wherein the flash memory chip is connected with the linux device and used for storing the data packets grabbed on the virtual network bridge.
In one embodiment, the system also comprises a wifi module and a flash memory chip;
The wireless network system comprises a wifi module, a flash memory chip, a wireless network and a wireless network, wherein the wifi module is connected with the linux device and realizes the data packet mutual conversion with the virtual network bridge through a forwarding mechanism of the linux system, meanwhile, the wifi module provides a wireless network, an external monitoring device controls the linux device through being connected with the wireless network so as to control network communication between a first external network device and a second external network device, and the flash memory chip is connected with the linux device and is used for storing the data packet grabbed on the virtual network bridge. In one embodiment, the network interface is an RJ45 portal.
The embodiment provides a small-sized network device, which is provided with two real network cards and is connected out through a rj45 network port. Meanwhile, the device provides a wifi module, and network control can be performed through a wireless network. And the device provides a storage function, can perform a large amount of network storage and is used for manually analyzing the network condition. In actual use, the device is connected to the switch network which needs to be detected or controlled, and then the device control page is logged in, so that the operation which is required to be performed can be selected.
The device mainly comprises a linux system, a wifi module, a flash memory chip and two network cards.
When the device works, the two network cards are bridged through the virtual switch technology, the two network cards are bridged together, all accessed data can be forwarded through the linux network card, or according to user selection, corresponding filtering can be performed according to principles such as protocols, ports, mac and the like.
The network device test method has the beneficial effects that 1) network environment problems are found in time, the working pressure of operators is reduced, 2) network device test can be conducted by simulating weak network environments, the weak network resistance of the device is improved, and 3) the network detection efficiency is improved.
In one embodiment, after the first network card and the second network card are bridged by the virtual bridge, the first network card and the second network card become ports of the virtual bridge, the ip address and the mac address of the ports are not directly used for network communication any more, the virtual bridge is uniformly managed, and the virtual bridge decides to receive the local data packet, forward, discard or broadcast the data packet according to the destination mac address of the data packet.
In this embodiment, the bridge is a virtual network device having characteristics of the network device (IP, MAC address, etc. may be configured), and is a virtual switch, similar to the physical switch device. The network bridge is a network device which realizes relay at a link layer and forwards frames, can isolate collision according to MAC partition blocks, and connects a plurality of network segments of a network at a data link layer.
For a common physical device, only two ends of the common physical device send data from one end to the other end, for example, data received by a physical network card from an external network is forwarded to a kernel protocol stack, and data received from the protocol stack is forwarded to the external physical network. Unlike bridge, which has multiple ports, data can come in from any port, and then out from which port the principle is similar to a physical switch, the mac address needs to be seen.
Bridge is built on a slave device (physical device, virtual device, vlan device, etc., i.e. an attach device, similar to a network cable connected between a real world switch and a user terminal), and an IP (refer to LinuxBridge MAC address actions) can be configured for bridge so that the host can communicate with other hosts in the network through this bridge device. In addition its slaves are virtualized as ports, neither their IP nor MAC are available, and they are set to accept any packets, the packet's way to which is ultimately decided by the bridge device-receiving the local, forwarding, dropping, broadcasting.
In one embodiment, a network detection method is provided, the network detection method is based on network detection control equipment, the equipment comprises a linux device, a wifi module, a flash memory chip, a first network card and a second network card, the linux device is connected with the first network card and the second network card, a virtual network bridge is created between the first network card and the second network card, the first network card is connected to the first external network device through a network interface network cable and used as an inlet of network data to receive data from the first external network device, the second network card is connected to the second external network device through the network interface network cable and used as an outlet of network data, the network data forwarded from the first network card and passing through the virtual network bridge is sent to the second external network device, the wifi module is connected with the linux device, meanwhile, a wireless network is provided, the external monitoring device logs in a control page of the linux device through the wireless network, the control page of the linux device is further controlled, the flash memory chip is connected with the linux device and used for storing data packets grabbed on the virtual network bridge, and the network detection method is applied to the linux device and comprises the steps of:
responding to a network detection instruction sent by a user through external monitoring equipment, and starting a data packet capturing tool;
The method comprises the steps of capturing all data packets passing through a virtual network bridge, storing the captured data packets in a flash memory chip, analyzing the captured data packets by using a pre-defined algorithm, identifying the protocol format and port number of the data packets, classifying and searching suspicious behaviors;
displaying the analysis result on a control page for a user to check;
and responding to a detection instruction sent by a user through the external monitoring equipment, and isolating the suspicious equipment or performing corresponding measures.
In one embodiment, the method further comprises analyzing the captured data packets using a pre-customized algorithm, decoding the video if a video stream is detected, and displaying the video content through the control page.
In this embodiment, the detection device is first connected in series to the network to be detected or controlled by the network cable. If the network state needs to be detected, the device is connected through wifi, then the network detection function is clicked, all data packets passing through the network can be analyzed on the webpage, classification is carried out according to ports, protocols and the like, and suspicious data contents such as an arp attack and the like are found out. If the network stream contains video content, the detection device can also decode the video and watch the video through the pc connected to the wifi device, and the detection device can be used for analyzing reasons when the video quality is poor.
In one embodiment, a network control method is provided, the network control method is based on network detection control equipment, the equipment comprises a linux device, a wifi module, a flash memory chip, a first network card and a second network card, the linux device is connected with the first network card and the second network card, a virtual network bridge is created between the first network card and the second network card, the first network card is connected to the first external network device through a network interface network cable and used as an inlet of network data to receive data from the first external network device, the second network card is connected to the second external network device through the network interface network cable and used as an outlet of network data, the network data forwarded from the first network card and passing through the virtual network bridge is sent to the second external network device, the wifi module is connected with the linux device, meanwhile, a wireless network is provided, the external monitoring device logs in a control page of the linux device through the wireless network, the external monitoring device is controlled by connecting with the wireless network, the flash memory chip is connected with the linux device and used for storing data packets grabbed on the virtual network bridge, and the network control method is applied to the linux device and comprises the steps of:
Responding to a 'network control' command sent by a user through external monitoring equipment, analyzing the protocol format and port number of a network data packet by utilizing data in a linux kernel protocol stack through a pre-defined algorithm, correspondingly filtering the protocol packet through a netfilter function of the linux, and logarithmically realizing network control on network jitter, delay and packet loss rate through a tc tool;
continuously monitoring the effect of network control, and recording related data by using a flash memory chip;
Responding to an adjustment instruction of a user, modifying a network control parameter, and feeding back the effect of network control to a control page in real time for the user to check;
and responding to a command of 'canceling network control' of a user, clearing the network control configuration and recovering the normal state of the network.
In this embodiment, the detection device is first connected in series to the network to be detected or controlled by the network cable. If the control is network control, the equipment is connected through wifi, and then corresponding control is carried out. Such as to increase network jitter, increase network delay, increase packet loss rate, etc. in the network into which the device is to be connected.
In this embodiment, two network cards may be seen in the linux system, and the two network cards are respectively connected to two network cables that are connected in series.
After the network data enters the system network card, a virtual network card bridge can be created by brctl addbrbridge command through brctl tool, then two eth0 and eth1 are bridged by brctl addif command, thus a virtual network bridge is built by linux tool without switch, and all data packets can be grabbed and stored on br0,
If automatic analysis is to be realized, the monitoring analysis of the network data packets can be finally realized on all forwarded data through a custom algorithm (through data in a kernel protocol stack, analyzing the protocol format, port number and the like of the packets, further finding out suspicious network data packets).
If network control is to be realized, the network jitter, delay, packet loss rate and other corresponding controls can be realized by a custom algorithm (analyzing the protocol format, port number and the like of the packet through data in a kernel protocol stack, then carrying out corresponding filtering on the protocol packet through a netfilter function and realizing the network jitter, delay, packet loss rate and the like through a tc tool)
In the system, a wifi module is loaded, and data packets of bridge and wifi are mutually transferred through a route. Meanwhile, wifi provides a network, so that the pc can control equipment.
In an embodiment, a computer program product is also provided, comprising a computer program/instruction which, when executed by a processor, implements the steps of the method of the above embodiments.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.

Claims (10)

1. The network detection control device is characterized by comprising a linux device, a first network card and a second network card;
the linux device is connected with the first network card and the second network card and is used for creating a virtual network bridge between the first network card and the second network card, and data forwarding between the first network card and the second network card is realized through the virtual network bridge;
The first network card is connected to the first external network device through a network interface network cable and is used as a network data entry to receive data from the first external network device;
The second network card is connected to the second external network device through a network interface network cable, and is used as an outlet of network data, and the network data forwarded from the first network card through the virtual network bridge is sent to the second external network device, so that the original network cable connection of the first external network device and the second external network device is replaced.
2. The network sounding control apparatus of claim 1, further comprising a wifi module;
Meanwhile, the wifi module provides a wireless network, and the external monitoring equipment controls the linux equipment through connecting the wireless network, thereby controlling network communication between the first external network equipment and the second external network equipment.
3. The network probe control device according to claim 1, further comprising a flash memory chip;
The flash memory chip is connected with the linux device and is used for storing the data packets grabbed on the virtual network bridge.
4. The network detection control device according to claim 1, further comprising a wifi module and a flash memory chip;
meanwhile, the wifi module provides a wireless network, and the external monitoring equipment controls the linux equipment through connecting the wireless network, thereby controlling network communication between the first external network equipment and the second external network equipment;
The flash memory chip is connected with the linux device and is used for storing the data packets grabbed on the virtual network bridge.
5. The network probe control device of claim 1, wherein the network interface is an RJ45 portal.
6. The network probing control device of claim 1, wherein the first network card and the second network card become ports of the virtual bridge after being bridged by the virtual bridge, and the ip address and the mac address of the ports are no longer directly used for network communication, and are uniformly managed by the virtual bridge, and the virtual bridge determines to receive, forward, discard or broadcast the data packet according to the destination mac address of the data packet.
7. The network detection method is characterized by comprising a linux device, a wifi module, a flash memory chip, a first network card and a second network card, wherein the linux device is connected with the first network card and the second network card, a virtual network bridge is established between the first network card and the second network card, the first network card is connected to a first external network device through a network interface network cable and used as an inlet of network data to receive data from the first external network device, the second network card is connected to a second external network device through a network interface network cable and used as an outlet of network data to send the network data forwarded from the first network card through the virtual network bridge to the second external network device, the wifi module is connected with the linux device and simultaneously provides a wireless network, the external monitoring device logs in a control page of the linux device through the wireless network, the flash memory chip is connected with the linux device and used for storing data from the first external network device and used as an outlet of network data, the flash memory chip is used for capturing the network data of the linux device, and the method comprises the steps of capturing the network data of the linux device, and the network detection method comprises the steps of:
responding to a network detection instruction sent by a user through external monitoring equipment, and starting a data packet capturing tool;
The method comprises the steps of capturing all data packets passing through a virtual network bridge, storing the captured data packets in a flash memory chip, analyzing the captured data packets by using a pre-defined algorithm, identifying the protocol format and port number of the data packets, classifying and searching suspicious behaviors;
displaying the analysis result on a control page for a user to check;
and responding to a detection instruction sent by a user through the external monitoring equipment, and isolating the suspicious equipment or performing corresponding measures.
8. The network probing method as recited in claim 7 further comprising analyzing the captured data packets using a pre-customized algorithm, decoding the video if a video stream is detected, and displaying the video content via the control page.
9. The network control method is characterized by comprising a linux device, a wifi module, a flash memory chip, a first network card and a second network card, wherein the linux device is connected with the first network card and the second network card, a virtual network bridge is established between the first network card and the second network card, the first network card is connected to a first external network device through a network interface network cable and used as an inlet of network data to receive data from the first external network device, the second network card is connected to a second external network device through a network interface network cable and used as an outlet of network data to send the network data forwarded from the first network card through the virtual network bridge to the second external network device, the wifi module is connected with the linux device and simultaneously provides a wireless network, the external monitoring device logs in a control page of the linux device through the wireless network, the flash memory chip is connected with the linux device and used for storing data from the first external network device and used as an outlet of network data, the flash memory chip is used for capturing the data of the virtual package, and the control method is applied to the linux device, and comprises the steps of:
Responding to a 'network control' command sent by a user through external monitoring equipment, analyzing the protocol format and port number of a network data packet by utilizing data in a linux kernel protocol stack through a pre-defined algorithm, correspondingly filtering the protocol packet through a netfilter function of the linux, and logarithmically realizing network control on network jitter, delay and packet loss rate through a tc tool;
continuously monitoring the effect of network control, and recording related data by using a flash memory chip;
Responding to an adjustment instruction of a user, modifying a network control parameter, and feeding back the effect of network control to a control page in real time for the user to check;
and responding to a command of 'canceling network control' of a user, clearing the network control configuration and recovering the normal state of the network.
10. A computer program product comprising computer programs/instructions which, when executed by a processor, implement the steps of the method of claim 7.
CN202510184620.3A 2025-02-19 2025-02-19 Network detection control device and method Pending CN119966869A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202510184620.3A CN119966869A (en) 2025-02-19 2025-02-19 Network detection control device and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202510184620.3A CN119966869A (en) 2025-02-19 2025-02-19 Network detection control device and method

Publications (1)

Publication Number Publication Date
CN119966869A true CN119966869A (en) 2025-05-09

Family

ID=95586069

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202510184620.3A Pending CN119966869A (en) 2025-02-19 2025-02-19 Network detection control device and method

Country Status (1)

Country Link
CN (1) CN119966869A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111030980A (en) * 2019-08-09 2020-04-17 哈尔滨安天科技集团股份有限公司 Linux transparent network equipment platform implementation method, device and storage medium
CN118714023A (en) * 2024-08-28 2024-09-27 西安四叶草信息技术有限公司 A method and controller for constructing a virtual-real network range platform

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111030980A (en) * 2019-08-09 2020-04-17 哈尔滨安天科技集团股份有限公司 Linux transparent network equipment platform implementation method, device and storage medium
CN118714023A (en) * 2024-08-28 2024-09-27 西安四叶草信息技术有限公司 A method and controller for constructing a virtual-real network range platform

Similar Documents

Publication Publication Date Title
US10911355B2 (en) Multi-site telemetry tracking for fabric traffic using in-band telemetry
US8149705B2 (en) Packet communications unit
KR101574167B1 (en) Network system and method of controlling path
JP5557066B2 (en) Switch system, centralized monitoring management method
EP3544237B1 (en) Sdn-based remote stream mirroring control method, implementation method, and related device
US9590922B2 (en) Programmable and high performance switch for data center networks
US10091073B2 (en) Large-scale passive network monitoring using multiple tiers of ordinary network switches
CN103209318B (en) A kind of web camera
CN101997871A (en) Device for quickly capturing, filtering and forwarding data
US9544216B2 (en) Mesh mirroring with path tags
CN105827629B (en) Software definition safe flow guide device and its implementation under cloud computing environment
US9319334B2 (en) Apparatus and method for controlling congestion in a communication network
CN103475559B (en) Method and system for processing and transmitting message according to contents of message
US20250202831A1 (en) Network Isolation Method and System, and Related Device
RU2602333C2 (en) Network system, packet processing method and storage medium
CN113347258A (en) Method and system for data acquisition, monitoring and analysis under cloud flow
CN107210969B (en) A data processing method and related equipment based on software-defined network
CN110971540B (en) Data information transmission method and device, switch and controller
CN111262782B (en) Message processing method, device and equipment
CN113300800B (en) A multi-mode deterministic data processing device and method
CN119966869A (en) Network detection control device and method
CN103684719A (en) Network dual-redundancy hot swap method independent of platforms
US11418537B2 (en) Malware inspection apparatus and malware inspection method
US8050266B2 (en) Low impact network debugging
CN121000642B (en) A method and apparatus for collecting flow data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination