| 摘要 |
An apparatus and method for enhancing the infrastructure of a network such as the Internet is disclosed. A packet interceptor/processor apparatus is coupled with the network so as to be able to intercept and process packets flowing over the network. Further, the apparatus provides external connectivity to other devices that wish to intercept packets as well. The apparatus applies one or more rules to the intercepted packets which execute one or more functions on a dynamically specified portion of the packet and take one or more actions with the packets. The apparatus is capable of analyzing any portion of the packet including the header and payload. Actions include releasing the packet unmodified, deleting the packet, modifying the packet, logging/storing information about the packet or forwarding the packet to an external device for subsequent processing. Further, the rules may be dynamically modified by the external devices. |
| 主权项 |
1. A method of transparently provisioning at least one service to a network, each of the at least one service being provided by at least one application service provider of a plurality of application service providers to the network via at least one application associated therewith, the network carrying a plurality of packets each being transmitted by a source to at least one intended destination intended by the source, each of the plurality of packets comprising routing data operative to cause the forwarding of the packet via the network towards the at least one intended destination, the method comprising:
interfacing between an interface to the network and a first application of the at least one application associated with a first application service provider of the plurality of application service providers, the first application operative to perform a first service of the at least one service; interfacing between the interface to the network and a second application of the at least one application associated with a second application service provider of the plurality of application service providers, the second application operative to perform a second service of the at least one service; intercepting, via the interface, each of the plurality of packets prior to a forwarding thereof toward the at least one intended destination; evaluating each intercepted packet based on a first specification of a first subset of the plurality of packets with respect to which the first application is to perform the first service and a second specification of a second subset of the plurality of packets with respect to which the second application is to perform the second service, wherein at least the first specification specifies the first subset based on criteria other than only the routing data contained in the intercepted packet; and acting on the intercepted packet, based on the evaluating, to facilitate the performance of the first service, the second service or a combination thereof with respect to the intercepted packet when the intercepted packet is included in the specified first subset, the specified second subset, or a combination thereof. |
