PROBLEM TO BE SOLVED: To improve the performance of a data packet filter, even when the number of rules required for realizing a security policy is increased.SOLUTION: This data packet filter stores the plural ordered rules 222 to be successively adapted to a reception data packet for realizing the security policy. The rules are automatically re-arrayed to improve the performance of the packet filter. The rules to be more frequently matched to an incoming data packet are moved forward in order, and those which are to be less frequency matched to the incoming data packet are moved backward in order. When a certain rule matches with the packet, in order to permit the first rule to be matched with the reception data packet to control a method for processing the packet, the remaining rules need not be evaluated. The data packet is matched with the rule at high speed by re-arraying the rules, and the performance of the data packet filter is improved.

Data packet filter operation method
Application Number
Publication Number
Application Date
December 2, 1999
Publication Date
June 23, 2000
Sugla Binay
Raz Danny
Krishnan P
Lucent Technol
H04L 12/56