摘要 |
Embodiments of the present invention provide a policy processing method and network device. The method includes: performing a mixed orchestration on all service rules corresponding to multiple services, so as to construct multiple condition data sets; performing, according to the constructed multiple condition data sets, unified condition matching on packet feature information of a received network data packet, and outputting a condition matching result set; and calling, according to the condition matching result set, a service application to execute a policy action corresponding to each condition identifier in the condition matching result set. In solutions of the embodiments of the present invention, by performing a mixed orchestration on multiple service rules, all service rules are organized in a unified manner, information required by all services is extracted in one packet data scanning process, and only one matching and rule verification process is required. Thereby, redundant operations between multiple services are reduced, convergence of multiple services on a single device is facilitated, and device integration and performance are improved. |