| 摘要 |
<p>The present invention relates to the communication field, and discloses a method for preventing a network attack. The method includes: receiving a packet; when the received packet is a first packet, judging whether a source IP address and a source MAC address information that are carried in the first packet exist in a first record table; if the source IP address and the source MAC address information that are carried in the first packet exist in the first record table, obtaining a second packet, the source addresses of which are the same as the source as addresses of the first packet, according to the first packet, and sending the second packet to a CPU for processing. Through this method, a network attack can be prevented effectively, and a packet can be sent to the CPU for processing in the case that the validity of the packet is determined. Therefore, some application that requires sending packets to the CPU for processing is supported. The present invention further discloses an apparatus for preventing a network attack.</p> |
