主权项 |
1. A method comprising:
receiving, at a network device, a packet; determining, by the network device and using a key, whether information identifying a packet flow, associated with the packet, is stored in a data structure,
the key being generated based on information included in the packet; retrieving, by the network device and based on the information identifying the packet flow, particular information that is used to perform at least two of a first inspection of the packet regarding one or more protocol irregularities, a second inspection of the packet regarding one or more attack signatures, or a third inspection of the packet regarding one or more traffic signatures matching the packet flow when the information identifying the packet flow is stored in the data structure; determining, by the network device, whether to drop the packet or forward the packet,
determining whether to drop the packet or forward the packet including performing the at least two of:
the first inspection without a user request to perform the first inspection,the second inspection without a user request to perform the second inspection, orthe third inspection without a user request to perform the third inspection,
the at least two of the first inspection, the second inspection, or the third inspection being performed using the particular information when the particular information is retrieved,one of the first inspection, the second inspection, or the third inspection being performed based on another one of the first inspection, the second inspection, or the third inspection being performed; and processing, by the network device, the packet based on determining whether to drop the packet or forward the packet,
processing the packet including dropping the packet based on determining that the packet is to be dropped, andprocessing the packet including forwarding the packet based on determining that the packet is to be forwarded. |