Method, device and gateway server for detecting proxy at the gateway

摘要

The present invention provides a method for detecting proxy at the gateway, comprising decomposing the access request from the IP need to be proxy-monitored into an access request to original address and an access request to gateway-specified address to access the original address and the gateway-specified separately; determining whether a specific cookie information is included in said access request to gateway-specified address or not to obtain a second determining result; responding to the access request to said gateway-specified address and embedding the cookie information with the time stamp into the client PC by the gateway when said second determining result is no, and reading said cookie information when said second determining result is yes; determining whether said IP is using proxy or not on the basis of said cookie information. Accordingly, the present invention also provides a device and gateway server for detecting proxy at the gateway. It can be detected accurately and secretly in the intranet whether a certain IP is using common proxy or nat proxy.

主权项

1. A method for detecting a proxy at a gateway comprising:
determining whether an access request from a certain IP address needs to be proxy-monitored or not to obtain a first determining result; decomposing said access request into an access request to an original address and an access request to a gateway-specified address, and to access the original address and the gateway-specified address separately when the first determining result is yes; determining whether a specific cookie information is included in said access request to the gateway-specified address or not to obtain a second determining result, said specific cookie information being a cookie information with a time stamp embedded into a client PC by the gateway when the gateway responds to said access request to the gateway-specified address; responding to the access request to the gateway-specified address and embedding the cookie information with the time stamp into the client PC by the gateway when said second determining result is no, wherein, one cookie information being used to identify one PC; reading said cookie information when said second determining result is yes; determining whether said IP address is using a proxy or not on the basis of said cookie information; wherein said determining whether said IP address is using the proxy or not on the basis of said cookie information further comprises: pre-establishing a list to cache the cookie information and cookie count of each IP address; clearing all the cookie information of the corresponding IP address cached in said list and assigning 0 to said cookie count, and responding to the access request to the gateway-specified address and further embedding the cookie information into the client PC, when said second determining result is no; reading said cookie information when said second determining result is yes, and inserting this cookie information into the corresponding cookie information list of corresponding IP addresses and adding said cookie count by 1 when said cookie information doesn't exist in the cache; determining whether the corresponding cookie count of said certain IP addresses is more than or equal to 2 or not, and obtaining a judgement that said IP address is using the proxy if the corresponding cookie count of said certain IP address is more than or equal to 2.