Patent application number | Description | Published |
20130297774 | AVOIDING DELAYED DATA - Roughly described, a network interface device receiving data packets from a computing device for transmission onto a network, the data packets having a certain characteristic, transmits the packet only if the sending queue has authority to send packets having that characteristic. The data packet characteristics can include transport protocol number, source and destination port numbers, source and destination IP addresses, for example. Authorizations can be programmed into the NIC by a kernel routine upon establishment of the transmit queue, based on the privilege level of the process for which the queue is being established. In this way, a user process can use an untrusted user-level protocol stack to initiate data transmission onto the network, while the NIC protects the remainder of the system or network from certain kinds of compromise. | 11-07-2013 |
20140105208 | FEED PROCESSING - A data processing system comprising: a processing subsystem supporting a plurality of consumers, each consumer being arranged to process messages received into a corresponding receive queue; a network interface device supporting a virtual interface for each of the receive queues; and a hardware accelerator coupled to the processing subsystem by the network interface device and configured to parse one or more streams of data packets received from a network so as to, for each consumer: identify in the data packets messages having one or more of a set of characteristics associated with the consumer; and frame the identified messages in a new stream of data packets addressed to a network endpoint associated with the virtual interface of the consumer so as to cause said new stream of data packets to be delivered into the receive queue of the consumer. | 04-17-2014 |
20140304719 | MODIFYING APPLICATION BEHAVIOUR - A data processing system comprising: an operating system providing an application programming interface; an application supported by the operating system and operable to make calls to the application programming interface; an intercept library configured to intercept calls of a predetermined set of call types made by the application to the application programming interface; and a configuration data structure defining at least one action to be performed for each of a plurality of sequences of one or more calls having predefined characteristics, the one or more calls being of the predetermined set of call types; wherein the intercept library is configured to, on intercepting a sequence of one or more calls defined in the configuration data structure, perform the corresponding action(s) defined by the configuration data structure. | 10-09-2014 |
20140304802 | LOCKED DOWN NETWORK INTERFACE - A logic device and method are provided for intercepting a data flow from a network source to a network destination. A data store holds a set of compliance rules and corresponding actions. A packet inspector is configured to inspect the intercepted data flow and identify from the data store a compliance rule associated with the inspected data flow. A packet filter is configured to, when the data flow is identified as being associated with a compliance rule, carry out an action with respect to the data flow corresponding to the compliance rule. | 10-09-2014 |
20140304803 | LOCKED DOWN NETWORK INTERFACE - A logic device and method are provided for intercepting a data flow from a network source to a network destination. A data store holds a set of compliance rules and corresponding actions wherein at least one of the set of compliance rules is a temporary compliance rule valid for a predetermined period. A packet inspector is configured to inspect the intercepted data flow and identify from the data store a temporary compliance rule associated with the inspected data flow. A packet filter is configured to when the data flow is identified as being associated with the temporary compliance rule, carry out an action with respect to the data flow corresponding to the temporary compliance rule while the temporary compliance rule is valid. | 10-09-2014 |
20140310405 | TCP PROCESSING FOR DEVICES - A data processing system is provided. A host processing device supports a host transport engine operable to establish a first transport stream over a network with a remote peer. Device hardware comprises a device transport engine. The device transport engine is configured to monitor the first transport stream to determine a state of the first transport stream and in response to an indication from the host processing device perform transport processing of the first transport stream. | 10-16-2014 |
20140355606 | METHOD AND APPARATUS FOR MULTICAST PACKET RECEPTION - Roughly described, incoming data packets are delivered by the NIC directly to at least two user level endpoints. In an aspect, only filters that cannot be ambiguous are created in the NIC. In another aspect, the NIC maintains a filter table supporting direct delivery of incoming unicast and multicast data packets to one user level endpoint. Additional requests to join the same multicast group cause replacement of the NIC filter with one in the kernel. In another aspect, a NIC has limited capacity to maintain multicast group memberships. In response to a new multicast filter request, the kernel establishes it in the NIC only if the NIC still has sufficient capacity; otherwise it is established in the kernel. | 12-04-2014 |
20140355613 | PACKET CAPTURE - Roughly described, a network interface device for connection between a host data processing device and a network, comprising: a controller for supporting communication with a host data processing device over a data bus interface; and a packet capture unit between the controller and the network and comprising: a packet inspector configured to parse incoming data packets to identify data packets of a first data flow; a duplication engine to generate a duplicate data flow from the first data flow; and a packet capture engine to process said duplicate data flow into a packet capture data stream having a predefined format. The network interface device is configured to cause: the first data flow to be made available to a consumer process of a host data processing device to which the network interface device is connected; and the processed packet capture data stream to be stored at a packet capture buffer. | 12-04-2014 |