Wi-Fi control method and device, electronic equipment and storage medium

文档序号：1893793 发布日期：2021-11-26 浏览：12次中文

阅读说明：本技术 一种Wi-Fi管控方法、装置、电子设备及存储介质 (Wi-Fi control method and device, electronic equipment and storage medium ) 是由徐冬香童将黄扬洋于 2021-10-28 设计创作，主要内容包括：本申请实施例公开了一种Wi-Fi管控方法、装置、电子设备及存储介质,方法应用于树莓派,包括：确定预设范围内的接入点和客户端的连接地址信息集合；确定黑名单地址信息集合；基于白名单地址信息集合和/或黑名单地址信息集合,从连接地址信息集合中确定目标地址信息集合；确定目标地址信息集合对应的目标接入点集合和目标客户端集合；向目标接入点集合对应的客户端和/或目标客户端集合发送管控指令。本申请实施例可以精准地管控预设范围内的所有目标接入点和目标客户端,全面防止数据泄露。(The embodiment of the application discloses a Wi-Fi control method, a device, electronic equipment and a storage medium, wherein the method is applied to a raspberry pi and comprises the following steps: determining a connection address information set of an access point and a client in a preset range; determining a blacklist address information set; determining a target address information set from the connection address information set based on the white list address information set and/or the black list address information set; determining a target access point set and a target client set corresponding to the target address information set; and sending a management and control instruction to the client corresponding to the target access point set and/or the target client set. According to the embodiment of the application, all target access points and target clients in the preset range can be accurately managed and controlled, and data leakage is comprehensively prevented.)

1. A Wi-Fi control method is applied to a raspberry pi, and comprises the following steps:

determining a connection address information set of an access point and a client in a preset range; each piece of connection address information in the connection address information set corresponds to one access point or one client;

determining a blacklist address information set;

determining a target address information set from the connection address information set based on a white list address information set and/or the black list address information set;

determining a target access point set and a target client set corresponding to the target address information set;

sending a management and control instruction to a client corresponding to the target access point set and/or the target client set; the regulating instruction is used for instructing an access point in the target access point set and/or a client in the target client set to disconnect.

2. The Wi-Fi enforcement method of claim 1, wherein the determining a set of blacklisted address information comprises:

and if the situation that a first client in the clients is connected with a first access point in the access points for multiple times or continuously is detected, and the connection address information corresponding to the first client belongs to a blacklist address information set, determining that the connection address information corresponding to the first access point belongs to the blacklist address information set.

3. The Wi-Fi enforcement method of claim 1, wherein the determining a set of blacklisted address information comprises:

and if the fact that a second client in the clients is connected with a second access point in the access points for multiple times or continuously is detected, and the connection address information corresponding to the second access point belongs to a blacklist address information set, determining that the connection address information corresponding to the second client belongs to the blacklist address information set.

4. The Wi-Fi enforcement method of claim 1, wherein the determining a set of blacklisted address information comprises:

if it is detected that a plurality of clients in the clients are connected with a third access point in the access points for multiple times or continuously, the number of the clients is greater than a number threshold, and the connection address information corresponding to the third access point does not belong to a white list address information set, determining that the connection address information corresponding to the third access point belongs to the black list address information set.

5. The Wi-Fi management method of claim 1, wherein the management instruction comprises a first management instruction, and after determining the set of connection address information of the access point and the client within the preset range, the method further comprises:

determining a connection relation information set of an access point and a client in a preset range;

the sending of the management and control instruction to the client corresponding to the target access point set and/or the target client set includes:

sending a first management and control instruction to the target client side set based on the connection relation information set; the first management and control instruction is used for indicating that the clients in the target client set are disconnected from the access points connected with the clients.

6. The Wi-Fi management method of claim 1, wherein the management instruction comprises a second management instruction, and wherein after determining the set of connection address information of the access point and the client within the preset range, the method further comprises:

determining a connection relation information set of an access point and a client in a preset range;

the sending of the management and control instruction to the client corresponding to the target access point set and/or the target client set includes:

sending a second control instruction to the client corresponding to the target access point set based on the connection relation information set; the second management instruction is used for instructing an access point in the target access point set to disconnect from a client connected with the access point.

7. The Wi-Fi enforcement method of claim 5, wherein the sending a first enforcement instruction to the set of target clients based on the set of connection relationship information comprises:

determining a client in an attempted connection state from the target client set based on the connection relation information set;

and sending the first management and control instruction to the client in the connection attempting state.

8. The Wi-Fi regulating method of claim 6, wherein the sending a second regulating instruction to the set of target access points based on the set of connection relationship information comprises:

determining an access point in an attempted connection state from the set of target access points based on the set of connection relationship information;

and sending the second control instruction to the client corresponding to the access point in the connection attempting state.

9. The Wi-Fi enforcement method of claim 1, wherein the enforcement instructions are sent at a preset sending period within a preset time threshold.

10. The Wi-Fi management and control method of claim 1, wherein the determining the set of connection address information of the access point and the client within the preset range comprises:

acquiring interactive data information within a preset range;

and determining a connection address information set of the access point and the client in a preset range based on the interactive data information.

11. The Wi-Fi management and control method of claim 1, wherein the determining a set of target address information from the set of connection address information based on a set of whitelist address information and/or a set of blacklist address information comprises:

if the connection address information set contains alternative address information which belongs to the blacklist address information set or does not belong to the whitelist address information set, determining that the alternative address information is target address information in the target address information set.

12. A Wi-Fi management apparatus, comprising:

the connection address determining module is used for determining a connection address information set of the access point and the client in a preset range; each piece of connection address information in the connection address information set corresponds to one access point or one client;

the blacklist address determining module is used for determining a blacklist address information set;

the target address determining module is used for determining a target address information set from the connection address information set based on a white list address information set and/or a black list address information set;

a control target determining module, configured to determine a target access point set and a target client set corresponding to the target address information set;

a sending module, configured to send a management and control instruction to a client corresponding to the target access point set and/or the target client set; the regulating instruction is used for instructing an access point in the target access point set and/or a client in the target client set to disconnect.

13. An electronic device comprising a processor and a memory, the memory having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, the at least one instruction, the at least one program, the set of codes, or the set of instructions being loaded and executed by the processor to implement the Wi-Fi management method of any of claims 1-11.

14. A computer-readable storage medium, having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to implement the Wi-Fi enforcement method of any one of claims 1-11.

15. A computer program product, comprising a computer program stored in a readable storage medium, from which at least one processor of a computer device reads and executes the computer program, causing the computer device to perform the Wi-Fi enforcement method of any one of claims 1-11.

Technical Field

The invention relates to the field of wireless communication, in particular to a Wi-Fi control method and device, electronic equipment and a storage medium.

Background

With the rapid development of internet technology, while people enjoy the convenience brought by the internet for data transmission, internet information protection is also an important task that people can not neglect. Wi-Fi networks are widely used in network communication and data transmission of enterprises, but because the Wi-Fi networks have low security and the enterprises have higher and higher requirements for data confidentiality, the Wi-Fi networks need to be detected and protected more comprehensively to prevent data leakage.

The existing prevention and control method generally manages and controls wireless networking of devices in a router in a black and white list mode, so that devices in a black list or devices not in a white list can be prevented from connecting to a specified network, but the situation that a target is connected with a private hotspot is difficult to manage and control.

Disclosure of Invention

Aiming at the defects in the prior art, the embodiment of the disclosure provides a Wi-Fi control method, which can accurately control all target access points and target clients within a preset range, and comprehensively prevent data leakage.

The Wi-Fi control method provided by the embodiment of the application is applied to a raspberry pi, and comprises the following steps: determining a connection address information set of an access point and a client in a preset range; each connection address information in the connection address information set corresponds to an access point or a client; determining a blacklist address information set; determining a target address information set from the connection address information set based on the white list address information set and/or the black list address information set; determining a target access point set and a target client set corresponding to the target address information set; sending a management and control instruction to a client corresponding to the target access point set and/or a target client set; the regulating instruction is used for instructing the access point in the target access point set and/or the client in the target client set to disconnect.

Specifically, determining a blacklist address information set includes: if it is detected that a first client in the clients is connected or continuously connected with a first access point in the access points for multiple times and the connection address information corresponding to the first client belongs to the blacklist address information set, it is determined that the connection address information corresponding to the first access point belongs to the blacklist address information set.

Specifically, determining a blacklist address information set includes: and if the situation that a second client in the clients is connected or continuously connected with a second access point in the access points for multiple times is detected, and the connection address information corresponding to the second access point belongs to the blacklist address information set, determining that the connection address information corresponding to the second client belongs to the blacklist address information set.

Specifically, determining a blacklist address information set includes: and if the fact that a plurality of clients in the clients are connected with a third access point in the access points for multiple times or continuously is detected, the number of the clients is larger than a number threshold value, and the connection address information corresponding to the third access point does not belong to a white list address information set, determining that the connection address information corresponding to the third access point belongs to a black list address information set.

Specifically, the management and control instruction includes a first management and control instruction, and after determining the connection address information sets of the access point and the client within the preset range, the method further includes: determining a connection relation information set of an access point and a client in a preset range; sending a management and control instruction to a client corresponding to the target access point set and/or a target client set, including: sending a first control instruction to a target client set based on the connection relation information set; the first control instruction is used for indicating that the client in the target client set is disconnected with the access point connected with the client.

Specifically, the management and control instruction includes a second management and control instruction, and after determining the connection address information sets of the access point and the client within the preset range, the method further includes: determining a connection relation information set of an access point and a client in a preset range; sending a management and control instruction to a client corresponding to the target access point set and/or a target client set, including: sending a second control instruction to the client corresponding to the target access point set based on the connection relation information set; the second management and control instruction is used for indicating that the access point in the target access point set is disconnected with the client connected with the access point.

Specifically, based on the connection relationship information set, sending a first management and control instruction to the target client set, including: determining a client in an attempted connection state from a target client set based on the connection relation information set; and sending a first management and control instruction to the client in the connection attempting state.

Specifically, based on the connection relationship information set, sending a second management and control instruction to the target access point set, including: determining an access point in an attempted connection state from the target access point set based on the connection relation information set; and sending a second management and control instruction to the client corresponding to the access point in the connection attempting state.

Specifically, the management and control instruction is transmitted in a preset transmission cycle within a preset time threshold.

Specifically, determining a connection address information set of an access point and a client within a preset range includes: acquiring interactive data information within a preset range; and determining a connection address information set of the access point and the client in a preset range based on the interactive data information.

Specifically, determining a target address information set from a connection address information set based on a white list address information set and/or a black list address information set includes: if the alternative address information in the connection address information set belongs to the blacklist address information set or does not belong to the whitelist address information set, determining that the alternative address information is the target address information in the target address information set.

Correspondingly, the application provides a Wi-Fi management and control device, and the device includes: the connection address determining module is used for determining a connection address information set of the access point and the client in a preset range; each connection address information in the connection address information set corresponds to an access point or a client; the blacklist address determining module is used for determining a blacklist address information set; the target address determining module is used for determining a target address information set from the connection address information set based on the white list address information set and/or the black list address information set; the control target determining module is used for determining a target access point set and a target client set corresponding to the target address information set; the sending module is used for sending a control instruction to the client corresponding to the target access point set and/or the target client set; the regulating instruction is used for instructing the access point in the target access point set and/or the client in the target client set to disconnect.

Specifically, the blacklist address determining module is configured to determine that connection address information corresponding to a first access point belongs to a blacklist address information set if it is detected that a first client in the clients connects to a first access point in the access points for multiple times or continuously, and connection address information corresponding to the first client belongs to the blacklist address information set.

Specifically, the blacklist address determining module is configured to determine that connection address information corresponding to a second client belongs to a blacklist address information set if it is detected that the second client in the clients is connected to or continuously connected to a second access point in the access points for multiple times and connection address information corresponding to the second access point belongs to the blacklist address information set.

Specifically, the blacklist address determining module is configured to determine that connection address information corresponding to a third access point belongs to a blacklist address information set if it is detected that a plurality of clients in the clients are connected to or continuously connected to a third access point in the access points for multiple times, the number of the plurality of clients is greater than a number threshold, and connection address information corresponding to the third access point does not belong to a whitelist address information set.

Specifically, the management and control instruction includes a first management and control instruction, and the apparatus further includes: the connection relation determining module is used for determining a connection relation information set of the access point and the client in a preset range; the sending module is used for sending a first control instruction to the target client set based on the connection relation information set; the first control instruction is used for indicating that the client in the target client set is disconnected with the access point connected with the client.

Specifically, the management control instruction includes a second management control instruction, and the apparatus further includes: the connection relation determining module is used for determining a connection relation information set of the access point and the client in a preset range; the sending module is used for sending a second control instruction to the client corresponding to the target access point set based on the connection relation information set; the second management and control instruction is used for indicating that the access point in the target access point set is disconnected with the client connected with the access point.

Specifically, the sending module is configured to determine, from the target client set, a client in an attempted connection state based on the connection relationship information set; and sending a first management and control instruction to the client in the connection attempting state.

Specifically, the sending module is configured to determine, from the set of target access points, an access point in an attempted connection state based on the set of connection relationship information; and sending a second management and control instruction to the client corresponding to the access point in the connection attempting state.

Specifically, the management and control instruction is transmitted in a preset transmission cycle within a preset time threshold.

Specifically, the control target determining module is used for acquiring interactive data information within a preset range; and determining a connection address information set of the access point and the client in a preset range based on the interactive data information.

Specifically, the target address determining module is configured to determine that the alternative address information is the target address information in the target address information set if the alternative address information in the connection address information set belongs to the blacklist address information set or does not belong to the whitelist address information set.

Accordingly, an embodiment of the present disclosure provides an electronic device, which includes a processor and a memory, where the memory stores at least one instruction, at least one program, a code set, or an instruction set, and the at least one instruction, the at least one program, the code set, or the instruction set is loaded and executed by the processor to implement the Wi-Fi management and control method described above.

Accordingly, embodiments of the present disclosure provide a computer-readable storage medium having at least one instruction, at least one program, a set of codes, or a set of instructions stored therein, which is loaded and executed by a processor to implement the Wi-Fi management method described above.

Accordingly, embodiments of the present disclosure provide a computer program product comprising a computer program stored in a readable storage medium, from which at least one processor of a computer device reads and executes the computer program, causing the computer device to perform the Wi-Fi policing method described above.

The embodiment of the application has the following beneficial effects:

(1) Wi-Fi management and control in the area can be realized only through the raspberry pi, and installation and movement are facilitated;

(2) according to the detected abnormal connection event, continuously updating the blacklist address information set, thereby ensuring that the control range covers all suspicious objects;

(3) and sending a control instruction to the access point corresponding to the blacklist and the client corresponding to the blacklist, and comprehensively implementing control from the access point side and the equipment side.

Drawings

In order to more clearly illustrate the technical solutions and advantages of the embodiments of the present application or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.

Fig. 1 is a schematic view of an application scenario of a Wi-Fi management and control method provided in an embodiment of the present application;

fig. 2 is a first flowchart of a Wi-Fi management method according to an embodiment of the present disclosure;

fig. 3 is a second flowchart of a Wi-Fi management and control method provided in an embodiment of the present application;

fig. 4 is a third flow chart of a Wi-Fi management and control method provided in an embodiment of the present application;

fig. 5 is a fourth flowchart illustrating a Wi-Fi management and control method according to an embodiment of the present application;

fig. 6 is a schematic structural diagram of a Wi-Fi control apparatus according to an embodiment of the present disclosure;

fig. 7 is a hardware structure block diagram of a server of a Wi-Fi management and control method provided in an embodiment of the present application.

Detailed Description

To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings. It should be apparent that the described embodiment is only one embodiment of the present application and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

An "embodiment" as referred to herein relates to a particular feature, structure, or characteristic that may be included in at least one implementation of the present application. In the description of the embodiments of the present application, it should be understood that the terms "upper", "lower", "left", "right", "top", "bottom", and the like, indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are only used for convenience in describing the present application and simplifying the description, and do not indicate or imply that the devices/systems or elements referred to must have a specific orientation, be constructed and operated in a specific orientation, and thus, should not be taken as limiting the present application. The terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. Moreover, the terms "first," "second," and the like are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in other sequences than described or illustrated herein. Furthermore, the terms "comprises," "comprising," and "having"/"is," and any variations thereof, are intended to cover non-exclusive inclusions, such that a process, method, system/apparatus, article, or apparatus that comprises a list of steps or elements/modules is not necessarily limited to those steps or elements/modules expressly listed, but may include other steps or elements/modules not expressly listed or inherent to such process, method, article, or apparatus.

The following describes a specific embodiment of a Wi-Fi management and control method provided by the present application. Referring to fig. 1, fig. 1 is a schematic view illustrating an application scenario of a Wi-Fi control method according to an embodiment of the present application. As shown in fig. 1, includes a server 101 and a terminal 102. Alternatively, the server 101 and the terminal 102 may be connected through a wireless link or a wired link, which is not limited in this disclosure.

In an alternative embodiment, the server 101 may be used for Wi-Fi management, monitoring communication data within a preset range, and implementing management. Specifically, the server 101 may be a server based on a raspberry, and may also be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a CDN (Content Delivery Network), a big data and artificial intelligence platform, and the like. Alternatively, the operating system running on the server 101 may include, but is not limited to, an IOS, Linux, Windows, Unix, Android system, and the like.

In an alternative embodiment, the terminal 102 may assist the server 101 in the management of Wi-Fi. The terminal 102 may be used to edit, inject, or change a regulatory script in Wi-Fi regulation. Optionally, the control script may include blacklist address information and whitelist address information, and the information may be displayed or modified on the terminal 102. Optionally, the server 101 may further obtain blacklist address information and whitelist address information from the terminal 102. In particular, the terminal 102 may include, but is not limited to, a smart phone, a desktop computer, a tablet computer, a laptop computer, a smart speaker, a digital assistant, an Augmented Reality (AR)/Virtual Reality (VR) device, a smart wearable device, and other types of electronic devices. Optionally, the operating system running on the electronic device may include, but is not limited to, an android system, an IOS system, linux, windows, and the like.

In addition, it should be noted that fig. 1 is only one application environment of the Wi-Fi management and control method provided by the present disclosure, and in practical applications, other application environments may also be included, for example, based on checking monitored addresses, and may also be implemented on the terminal 102.

Fig. 2 is a first flowchart of a Wi-Fi management method provided in an embodiment of the present application, and the present specification provides the method operation steps as shown in the embodiment or the flowchart, but more or less operation steps may be included based on conventional or non-inventive labor. Specifically, the Wi-Fi management and control method can be applied to a raspberry pi, and the execution subject can be a server based on the raspberry pi. The order of steps recited in the embodiments is only one of many possible orders of execution and does not represent the only order of execution, and in actual execution, the steps may be performed sequentially or in parallel as in the embodiments or methods shown in the figures (e.g., in the context of parallel processors or multi-threaded processing). Specifically, as shown in fig. 2, the method includes:

step S201: and determining a connection address information set of the access point and the client within a preset range.

In a specific implementation manner, interactive data information within a preset range can be acquired; and determining a connection address information set of the access point and the client in a preset range based on the interactive data information. Specifically, updating the raspberry pi system to the kali kernel can support a monitoring mode, and by starting the monitoring mode, all access points and clients within a preset range can be monitored, where the preset range can be the range of the whole enterprise building, the access points can include a router, Wi-Fi, a hotspot, and a soft AP, and the clients can include smart phones, desktop computers, tablet computers, notebook computers, smart speakers, digital assistants, Augmented Reality (AR)/Virtual Reality (VR) devices, smart wearable devices, and other types of electronic devices.

Specifically, the raspberry pi zero w based hardware raspberry, the EP-0097 USB expansion board, the 16Gtf card and the card reader can realize the listening mode of the raspberry pie through the following steps. The latest raspberry tas can be downloaded and swiped into the tf card through the balaneether, config.txt tail addition dtoverlay = dwc2 in the tf card is modified to load the usb device, cmdlene.txt tail addition modules-load = dwc2 in the tf card is modified, g _ ether, and the raspberry tas system kernel is updated to re4son-kernel to support the network card monitor mode. After the configuration is completed according to the steps, after the configuration is restarted, a command of ' ssh pi @ ' (ping ras paraperpypi.local-t 1| grep-oE ' (\ d {1,3} \\\ 3} \ d {1,3} ' | head-n 1) ' is implemented to enter a raspberry group, so that a monitoring mode can be started, and the Wi-Fi control method of the application is implemented by matching with a control script. In this embodiment of the present application, the management and control script may be set to boot automatically.

Specifically, the connection address information set may include connection address information of access points and clients within a preset range, each connection address information in the connection address information set corresponds to one access point or one client, and the connection address information may be a MAC address. Specifically, their connection address information may be acquired while their corresponding connection dictionary may be acquired.

Step S202: and determining a blacklist address information set.

In a specific embodiment, a set of blacklist address information, including the blacklist address information therein, may be determined in the governing script. Specifically, a set of white list address information, including white list address information therein, may be determined in the governing script. In some scenarios, not all employees have the right to access or transmit the internal file, and therefore their corresponding clients or their possible access points also belong to the objects to be managed and controlled. In particular, the set of blacklisted address information and the set of whitelisted address information may be continuously updated. The set of blacklist address information may be updated by detecting an abnormal connection event and based on the abnormal connection event.

Fig. 3 is a second flowchart of a Wi-Fi management method according to an embodiment of the present application. Step S202 is further described below in conjunction with fig. 3, and specifically as illustrated in fig. 3, the process includes:

step S301: judging whether a first client in the clients is detected to be connected with a first access point in the access points for multiple times or continuously; if yes, the process proceeds to step S302.

Specifically, multiple connections may refer to the historical number of connections being greater than a preset number threshold, and a persistent connection may refer to the connection duration being greater than a preset duration threshold.

Step S302: judging whether the connection address information corresponding to the first client belongs to a blacklist address information set or not; if yes, the process proceeds to step S303.

Specifically, it may also be determined whether connection address information corresponding to the first client belongs to a blacklist address information set, and connection address information corresponding to the first access point does not belong to a whitelist address information set; if yes, the process proceeds to step S303. Therefore, the equipment which is authenticated can be excluded, and the control misoperation is prevented.

Step S303: and determining that the connection address information corresponding to the first access point belongs to a blacklist address information set.

According to some specific embodiments, by performing the above steps S301 to S303 to determine the blacklist address information set, a suspicious access point, i.e. a first access point, that needs to be managed and controlled may be screened out. If the first client is already blacklisted, the first client may also continuously try to acquire data, so the access point which the first client tries to connect to may also be an access point for leaking data, and the access point needs to be blacklisted to implement regulation; however, it is not reasonable to add the address information of the access point to the blacklist address information set only according to one connection, and in order to eliminate the misconnection, it is necessary to satisfy the condition of multiple connections or continuous connections, and the first access point is included in the blacklist to prevent misjudgment of the blacklist, which results in an excessively large control range.

Fig. 4 is a third flow chart of a Wi-Fi management and control method provided in the embodiment of the present application. Step S202 is further described below in conjunction with fig. 4, and specifically as illustrated in fig. 4, the process includes:

step S401: judging whether a second client in the clients is detected to be connected with a second access point in the access points for multiple times or continuously; if yes, the process proceeds to step S402.

Step S402: judging whether the connection address information corresponding to the second access point belongs to a blacklist address information set or not; if yes, the process proceeds to step S403.

Specifically, it may also be determined whether connection address information corresponding to the second access point belongs to a blacklist address information set, and connection address information corresponding to the second client does not belong to a whitelist address information set; if yes, the process proceeds to step S303. Therefore, the access points which are authenticated can be excluded, and the management and control misoperation is prevented.

Step S403: and determining that the connection address information corresponding to the second client belongs to the blacklist address information set.

According to some specific embodiments, by performing the above steps S401 to S403 to determine the blacklist address information set, a suspicious client, i.e., a second client, that needs to be managed and controlled may be screened out. If the second access point is already blacklisted, the second access point may also continuously try to reveal data, so the client trying to connect to it may also be the client trying to acquire the revealed data, and needs to be blacklisted to implement regulation; however, it is not reasonable to add the address information of the client to the blacklist address information set only according to one connection, and in order to eliminate the misconnection, it is necessary to satisfy the condition of multiple connections or continuous connections, and a second client is included in the blacklist to prevent misjudgment of the blacklist, which results in an excessively large control range.

Fig. 5 is a fourth flowchart illustrating a Wi-Fi management method according to an embodiment of the present application. Step S202 is further described below in conjunction with fig. 5, and specifically as illustrated in fig. 5, the process includes:

step S501: judging whether a plurality of clients in the clients are detected to be connected with a third access point in the access points for multiple times or continuously; if yes, the process proceeds to step S502.

Step S502: judging whether the number of the plurality of clients is larger than a number threshold value; if yes, the process proceeds to step S503.

Step S503: judging whether the connection address information corresponding to the third access point does not belong to a white list address information set; if yes, the process proceeds to step S504.

Step S504: and determining that the connection address information corresponding to the third access point belongs to the blacklist address information set.

According to some specific embodiments, by performing the above steps S501 to S504 to determine the blacklist address information set, a suspicious access point, i.e. a third access point, that needs to be managed and controlled may be screened out. In general, in a conference scenario, a situation may occur in which a large number of devices connect to the same access point, however, the access point generally belongs to a white list; if an access point which does not belong to the white list abnormally accesses a large number of clients in the monitoring range, the access point is suspected to threaten the security work of data or the privacy information of a large number of clients. By performing steps S501 to S504, the third access point in the above scenario may be blacklisted to implement policing.

The Wi-Fi policing method of the embodiments of the present application is explained below based on the steps illustrated in fig. 2.

Step S203: and determining a target address information set from the connection address information sets based on the white list address information set and/or the black list address information set.

Three embodiments of specifically determining the set of target address information are described below:

first, if there is alternative address information in the connection address information set that belongs to the blacklist address information set or does not belong to the whitelist address information set, it is determined that the alternative address information is the target address information in the target address information set.

And secondly, if the alternative address information in the connection address information set belongs to the blacklist address information set, determining the alternative address information as the target address information in the target address information set.

Thirdly, if the alternative address information in the connection address information set does not belong to the white list address information set, determining that the alternative address information is the target address information in the target address information set.

Step S204: and determining a target access point set and a target client set corresponding to the target address information set.

Step S205: and sending a management and control instruction to the client corresponding to the target access point set and/or the target client set.

In a specific embodiment, the management instruction may be used to instruct an access point in the target access point set and/or a client in the target client set to disconnect, and may be sent within a preset time threshold at a preset sending period. The management and control instruction may be a deauthentication packet, and the continuous sending of the management and control instruction may continuously control disconnection of the target. Specifically, a management and control task may be generated based on the target address information and the connection dictionary corresponding to the target address information, and the management and control task may be sent to the task queue. And the management and control task is used for indicating to send the deauthentication packet to the current network environment so as to disconnect the client corresponding to the target address information from the access point.

In a specific embodiment, the management and control instruction is continuously sent to the target client, so that the target client cannot be connected to any network.

Two embodiments for specifically sending the management and control instruction are described below, which can be executed separately to implement management and control in a targeted manner; it can also be performed jointly to implement overall regulation:

in the first kind of the method, the first,

for the client belonging to the blacklist, the client can be controlled to disconnect from the connected access point through the control instruction, and can not be connected to the access point which is trying to connect. In particular, the regulating instruction may comprise a first regulating instruction. After determining the connection address information sets of the access points and the clients within the preset range, determining the connection relationship information sets of the access points and the clients within the preset range. In particular, the connection relationship information set may be used to characterize the connection status of the client, which may include unconnected, connecting, or attempting to connect. For the connection status of the connection, the connection relation information may be used to characterize all the clients connected by each access point, including their connection address information.

After the connection relation information set is determined, a first management and control instruction can be sent to the target client side set based on the connection relation information set; the first control instruction is used for indicating that the client in the target client set is disconnected with the access point connected with the client. Specifically, a client in an attempted connection state may be determined from the set of target clients based on the set of connection relationship information; and sending a first management and control instruction to the client in the connection attempting state.

In the second type of the above-mentioned methods,

for the access points belonging to the blacklist, all the access points connected with the access points can be controlled to be disconnected with the access points through the control instruction. The control instruction comprises a second control instruction, and after the connection address information sets of the access points and the clients in the preset range are determined, the connection relation information sets of the access points and the clients in the preset range are determined. In particular, the connection relationship information set may be used to characterize the connection status of the client, which may include unconnected, connecting, or attempting to connect. For the connection status of the connection, the connection relation information may be used to characterize all the clients connected by each access point, including their connection address information.

After the connection relationship information set is determined, a second management and control instruction can be sent to the client corresponding to the target access point set based on the connection relationship information set; the second management and control instruction is used for indicating that the access point in the target access point set is disconnected with the client connected with the access point. Specifically, an access point in an attempted connection state may be determined from the set of target access points based on the set of connection relationship information; and sending a second management and control instruction to the client corresponding to the access point in the connection attempting state.

In a specific embodiment, the two embodiments may be combined to determine all access points that need to send the first management and control instruction and the second management and control instruction, and if there is an access point that belongs to both the first management and control instruction sending object and the second management and control instruction sending object, only one of the management and control instructions, for example, the first management and control instruction, needs to be sent.

In the embodiment of the application, the Wi-Fi control in the area can be realized only through the raspberry pi, so that the installation and the movement are convenient; according to the detected abnormal connection event, continuously updating the blacklist address information set, thereby ensuring that the control range covers all suspicious objects; and sending a control instruction to the access point corresponding to the blacklist and the client corresponding to the blacklist, and comprehensively implementing control from the access point side and the equipment side.

An embodiment of the present application further provides a Wi-Fi management and control apparatus, and fig. 6 is a schematic diagram of a Wi-Fi management and control apparatus 600 provided in the embodiment of the present application, and as shown in fig. 6, the apparatus includes:

a connection address determining module 601, configured to determine a connection address information set of an access point and a client within a preset range; each connection address information in the set of connection address information corresponds to an access point or a client.

A blacklist address determining module 602, configured to determine a set of blacklist address information.

A target address determining module 603, configured to determine a target address information set from the connection address information sets based on the white list address information set and/or the black list address information set.

And a regulatory target determining module 604, configured to determine a target access point set and a target client set corresponding to the target address information set.

A sending module 605, configured to send a management and control instruction to a client corresponding to the target access point set and/or the target client set; the regulating instruction is used for instructing the access point in the target access point set and/or the client in the target client set to disconnect.

Specifically, the management and control instruction is transmitted in a preset transmission cycle within a preset time threshold.

The apparatus in the embodiments of the present application is based on the same application concept as the method embodiments described above.

The embodiment of the application further provides electronic equipment, and the electronic equipment can be arranged in the server to store the Wi-Fi management and control method used for implementing the method embodiment. The method provided by the embodiment of the application can be executed in a computer terminal, a server or a similar operation device. Taking an operation on a server as an example, fig. 7 is a hardware structure block diagram of the server of the Wi-Fi management and control method provided in the embodiment of the present application. As shown in fig. 7, the server 700 may have a relatively large difference due to different configurations or performances, and may include one or more Central Processing Units (CPUs) 710 (the processor 710 may include but is not limited to a Processing device such as a microprocessor MCU or a programmable logic device FPGA, etc.), a memory 730 for storing data, and one or more storage media 720 (e.g., one or more mass storage devices) for storing applications 723 or data 722. Memory 730 and storage medium 720 may be, among other things, transient storage or persistent storage. The program stored in the storage medium 720 may include one or more modules, each of which may include a series of instruction operations for the server. Still further, central processor 710 may be configured to communicate with storage medium 720 and execute a series of instruction operations in storage medium 720 on server 700. The server 700 may also include one or more power supplies 760, one or more wired or wireless network interfaces 750, one or more input-output interfaces 770, and/or one or more operating systems 721, such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, etc.

The input/output interface 770 may be used to receive or transmit data over a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the server 700. In one example, i/o Interface 770 includes a Network adapter (NIC) that may be coupled to other Network devices via a base station to communicate with the internet. In one example, the input/output interface 770 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.

It will be understood by those skilled in the art that the structure shown in fig. 7 is only an illustration and is not intended to limit the structure of the electronic device. For example, server 700 may also include more or fewer components than shown in FIG. 7, or have a different configuration than shown in FIG. 7.

The application provides a storage medium, which may be disposed in a server to store at least one instruction, at least one program, a code set, or a set of instructions related to implementing a Wi-Fi management and control method in an embodiment of the method, where the at least one instruction, the at least one program, the code set, or the set of instructions are loaded and executed by the processor to implement the parking assist method.

The embodiment of the present application further provides a storage medium, where the storage medium may be disposed in a server to store at least one instruction, at least one program, a code set, or a set of instructions related to implementing the Wi-Fi management method in the method embodiment, and the at least one instruction, the at least one program, the code set, or the set of instructions is loaded and executed by the processor to implement the Wi-Fi management method.

Optionally, in this embodiment, the storage medium may be located in at least one network server of a plurality of network servers of a computer network. Optionally, in this embodiment, the storage medium may include, but is not limited to, a storage medium including: various media that can store program codes, such as a usb disk, a Read-only Memory (ROM), a removable hard disk, a magnetic disk, or an optical disk.

Embodiments of the present application further provide a computer program product, where the computer program product includes a computer program, where the computer program is stored in a readable storage medium, and at least one processor of a computer device reads and executes the computer program from the readable storage medium, so that the computer device executes the Wi-Fi management and control method described above.

In the present invention, unless otherwise expressly stated or limited, the terms "connected" and "connected" are to be construed broadly, e.g., as meaning either a fixed connection or a removable connection, or an integral part; can be mechanically or electrically connected; either directly or indirectly through intervening media, either internally or in any other relationship. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.

It should be noted that: the foregoing sequence of the embodiments of the present application is for description only and does not represent the superiority and inferiority of the embodiments, and the specific embodiments are described in the specification, and other embodiments are also within the scope of the appended claims. In some cases, the actions or steps recited in the claims can be performed in the order of execution in different embodiments and achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown or connected to enable the desired results to be achieved, and in some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

All the embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment is described with emphasis on differences from other embodiments. In particular, for the embodiments of the apparatus/system, since they are based on embodiments similar to the method embodiments, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiments.

The foregoing is a preferred embodiment of the present invention, and it should be noted that it would be apparent to those skilled in the art that various modifications and enhancements can be made without departing from the principles of the invention, and such modifications and enhancements are also considered to be within the scope of the invention.

21页详细技术资料下载

Wi-Fi control method and device, electronic equipment and storage medium

相关技术

网友询问留言