Network equipment remote management and control method, device, equipment and storage medium
阅读说明:本技术 一种网络设备远端管控方法、装置、设备及存储介质 (Network equipment remote management and control method, device, equipment and storage medium ) 是由 羿龙 陈健辉 邱晨烁 于 2021-07-28 设计创作,主要内容包括:本发明公开了一种网络设备远端管控方法、装置、设备及存储介质。本发明通过获取XPON设备、OLT设备、网关路由器及服务器的组网成功信号;依据所述组网成功信号,在所述XPON设备WAN侧的配置表中配置第一逻辑端口号及第一I P地址范围;将所述第一逻辑端口号及所述第一I P地址范围存储在所述XPON设备的存储器中;获取所述XPON设备的启动信号;依据所述启动信号,接收所述XPON设备的协议数据及所述第一逻辑端口号;判断所述XPON设备的协议数据类型及第一逻辑端口号类型;依据判断结果,控制所述第一I P地址范围内的用户对所述XPON设备的远程管理权限。本发明的一种网络设备远端管控方法能够实现对网络设备准确有效地远端管控,安全性及准确性高。(The invention discloses a network equipment remote management and control method, a device, equipment and a storage medium. The invention acquires the networking success signals of XPON equipment, OLT equipment, a gateway router and a server; according to the networking success signal, configuring a first logic port number and a first I P address range in a configuration table at the WAN side of the XPON equipment; storing said first logical port number and said first I P address range in a memory of said XPON device; acquiring a starting signal of the XPON equipment; receiving protocol data of the XPON equipment and the first logic port number according to the starting signal; judging the protocol data type and the first logic port number type of the XPON equipment; and controlling the remote management authority of the users in the first I P address range to the XPON equipment according to the judgment result. The network equipment remote control method can realize accurate and effective remote control on the network equipment, and has high safety and accuracy.)
1. A method for remote management of a network device, the method comprising:
acquiring networking success signals of XPON equipment, OLT equipment, a gateway router and a server;
according to the networking success signal, configuring a first logic port number and a first IP address range in a configuration table at the WAN side of the XPON equipment;
storing the first logical port number and the first IP address range in a memory of the XPON device;
acquiring a starting signal of the XPON equipment;
receiving protocol data of the XPON equipment and the first logic port number according to the starting signal;
judging the protocol data type and the first logic port number type of the XPON equipment;
and controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result.
2. The remote management method for a network device according to claim 1, wherein the method further comprises:
according to the networking success signal, configuring a second logic port number and a second IP address range in a configuration table at the WAN side of the XPON equipment;
storing the second logical port number and the second IP address range in a memory of the XPON device;
acquiring a starting signal of the XPON equipment;
receiving protocol data of the XPON equipment and the second logic port number according to the starting signal;
judging the protocol data type and the second logic port number type of the XPON equipment;
and opening the remote management authority of the user in the second IP address range to the XPON equipment according to the judgment result.
3. The method of claim 1, wherein the determining the protocol data type and the first logical port number type of the XPON device comprises:
acquiring the protocol data type in a memory of the XPON equipment;
and checking the first logic port number, and judging whether the first logic port number is a standard logic port number in the protocol data type.
4. The method as claimed in claim 3, wherein said controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result comprises:
and if the first logical port number is the standard logical port number in the protocol data type, carrying out data transmission according to the protocol data type and the first logical port number.
5. The method as claimed in claim 3, wherein said controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result further comprises:
if the first logical port number is not the standard logical port number in the protocol data type;
redirecting the TCP message of the first logical port number to a standard logical port number in the protocol data type;
and carrying out data transmission according to the protocol data type and the oriented standard logical port number.
6. The method of claim 1, wherein before controlling the remote management authority of the XPON device by the user in the first IP address range according to the determination result, the method further comprises: checking whether the first IP address range is empty.
7. The method according to claim 5, wherein the redirecting the TCP packet of the first logical port number to the standard logical port number in the protocol data type comprises:
confirming that a destination MAC address pointing to the XPON equipment is valid;
in the iptables table, modifying the TCP message of the managle linked list in the FREROUTING stage, including:
if the port number received from the WAN side is the non-oriented standard logical port number, discarding;
and if the port number received by the WAN side is the standard logical port number after the positioning, receiving.
8. A remote management and control device for network equipment, the device comprising:
the networking signal acquisition module is used for acquiring networking success signals of the XPON equipment, the OLT equipment, the gateway router and the server;
the configuration module is used for configuring a first logic port number and a first IP address range in a configuration table at the WAN side of the XPON equipment according to the networking success signal;
a storage module, configured to store the first logical port number and the first IP address range in a memory of the XPON device;
the starting signal acquisition module is used for acquiring a starting signal of the XPON equipment;
a receiving module, configured to receive, according to the start signal, protocol data of the XPON device and the first logical port number;
the judging module is used for judging the protocol data type and the first logic port number type of the XPON equipment;
and the management control module is used for controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result.
9. A network equipment remote control equipment, comprising: at least one processor, at least one memory, and computer program instructions stored in the memory that, when executed by the processor, implement the method of any of claims 1-7.
10. A storage medium having computer program instructions stored thereon, which when executed by a processor implement the method of any one of claims 1-7.
Technical Field
The present invention relates to the field of network device control technologies, and in particular, to a method, an apparatus, a device, and a storage medium for remote control of a network device.
Background
XPON (passive optical network) as a new generation optical fiber access technology has great advantages in the aspects of anti-interference performance, bandwidth characteristics, access distance, maintenance and management and the like. In general, an XPON is accessed to a previous-stage router through an OLT (optical line terminal), and remote management such as permission setting, parameter modification, and the like is performed on the XPON through a WAN side (connected to an external network side). With the increasingly complex network environment and the increasing number of terminal devices in the modern society, the centralized remote management mode is adopted. The management logic in the mode can save cost, is convenient to manage and high in integration level. However, in the prior art, a remote management method based on a standard port number is adopted, and the management method has no flexibility and is not high in accuracy. Therefore, how to implement accurate and effective remote control of network devices has become an urgent problem to be solved by those skilled in the art.
Disclosure of Invention
In view of the above drawbacks, embodiments of the present invention provide a method, an apparatus, a device, and a storage medium for remote management and control of a network device, so as to solve the problems in the prior art.
In a first aspect, an embodiment of the present invention provides a method for remote management and control of a network device, where the method includes:
acquiring networking success signals of XPON equipment, OLT equipment, a gateway router and a server;
according to the networking success signal, configuring a first logic port number and a first IP address range in a configuration table at the WAN side of the XPON equipment;
storing the first logical port number and the first IP address range in a memory of the XPON device;
acquiring a starting signal of the XPON equipment;
receiving protocol data of the XPON equipment and the first logic port number according to the starting signal;
judging the protocol data type and the first logic port number type of the XPON equipment;
and controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result.
Preferably, the method further comprises:
according to the networking success signal, configuring a second logic port number and a second IP address range in a configuration table at the WAN side of the XPON equipment;
storing the second logical port number and the second IP address range in a memory of the XPON device;
acquiring a starting signal of the XPON equipment;
receiving protocol data of the XPON equipment and the second logic port number according to the starting signal;
judging the protocol data type and the second logic port number type of the XPON equipment;
and opening the remote management authority of the user in the second IP address range to the XPON equipment according to the judgment result.
Preferably, the determining the protocol data type and the first logical port number type of the XPON device includes:
acquiring the protocol data type in a memory of the XPON equipment;
and checking the first logic port number, and judging whether the first logic port number is a standard logic port number in the protocol data type.
Preferably, the controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result includes:
and if the first logical port number is the standard logical port number in the protocol data type, carrying out data transmission according to the protocol data type and the first logical port number.
Preferably, the controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result further includes:
if the first logical port number is not the standard logical port number in the protocol data type;
redirecting the TCP message of the first logical port number to a standard logical port number in the protocol data type;
and carrying out data transmission according to the protocol data type and the oriented standard logical port number.
Preferably, before controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result, the method further includes: checking whether the first IP address range is empty.
Preferably, the redirecting the TCP packet of the first logical port number to the standard logical port number in the protocol data type includes:
confirming that a destination MAC address pointing to the XPON equipment is valid;
in the iptables table, modifying the TCP message of the managle linked list in the FREROUTING stage, including:
if the port number received from the WAN side is the non-oriented standard logical port number, discarding;
and if the port number received by the WAN side is the standard logical port number after the positioning, receiving.
In a second aspect, an embodiment of the present invention provides a remote control apparatus for a network device, where the apparatus includes:
the networking signal acquisition module is used for acquiring networking success signals of the XPON equipment, the OLT equipment, the gateway router and the server;
the configuration module is used for configuring a first logic port number and a first IP address range in a configuration table at the WAN side of the XPON equipment according to the networking success signal;
a storage module, configured to store the first logical port number and the first IP address range in a memory of the XPON device;
the starting signal acquisition module is used for acquiring a starting signal of the XPON equipment;
a receiving module, configured to receive, according to the start signal, protocol data of the XPON device and the first logical port number;
the judging module is used for judging the protocol data type and the first logic port number type of the XPON equipment;
and the management control module is used for controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result.
In a third aspect, an embodiment of the present invention provides a remote management and control device for a network device, including: at least one processor, at least one memory, and computer program instructions stored in the memory, which when executed by the processor, implement the method of the first aspect of the embodiments described above.
In a fourth aspect, embodiments of the present invention provide a storage medium having stored thereon computer program instructions, which when executed by a processor, implement the method of the first aspect in the above embodiments.
In summary, embodiments of the present invention provide a method, an apparatus, a device, and a storage medium for remote management and control of a network device. The invention acquires the networking success signals of XPON equipment, OLT equipment, a gateway router and a server; according to the networking success signal, configuring a first logic port number and a first IP address range in a configuration table at the WAN side of the XPON equipment; storing the first logical port number and the first IP address range in a memory of the XPON device; acquiring a starting signal of the XPON equipment; receiving protocol data of the XPON equipment and the first logic port number according to the starting signal; judging the protocol data type and the first logic port number type of the XPON equipment; and controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result. Therefore, the network equipment remote control method can realize accurate and effective remote control on the network equipment based on the logical port number and the IP address, and has high safety and accuracy.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a remote management method for a network device according to an embodiment of the present invention.
Fig. 2 is a system framework diagram of a remote management method for a network device according to an embodiment of the present invention.
Fig. 3 is a flowchart of the method for managing and controlling a remote end of a network device according to an embodiment of the present invention, where the method determines the protocol data type and the first logical port number type of the XPON device.
Fig. 4 is a flowchart of the method for remote management of a network device according to the determination result to control the remote management authority of the user in the first IP address range to the XPON device in the embodiment of the present invention.
Fig. 5 is a flowchart of redirecting a TCP packet of the first logical port number to a standard logical port number in the protocol data type in the remote management method of the network device according to the embodiment of the present invention.
Fig. 6 is an iptables flow chart of a remote management and control method of a network device according to an embodiment of the present invention.
Fig. 7 is a schematic structural diagram of a remote management and control apparatus of a network device according to an embodiment of the present invention.
Fig. 8 is a schematic structural diagram of a remote management and control device of a network device according to an embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Referring to fig. 1, an embodiment of the present invention provides a remote management and control method for a network device, which can implement accurate, effective and remote management and control on a network device based on a logical port number and an IP address, and has high security and accuracy.
The method comprises the following steps:
s1, acquiring networking success signals of XPON equipment, OLT equipment, a gateway router and a server;
preferably, referring to fig. 2, after networking is successful, on the LAN side of the XPON device, users 1 to X access the XPON device through an intranet, and perform data transmission in the intranet; on the WAN side of the XPON equipment, the OLT equipment, the gateway router, the server and other users X access the XPON equipment through the extranet, and data transmission is carried out through the extranet.
S2, configuring a first logic port number and a first IP address range in a configuration table at the WAN side of the XPON equipment according to the networking success signal;
preferably, for example, if the administrator realizes remote control of the XPON device through the server, including but not limited to parameter setting, status monitoring, and access right setting, first configure a first logical port number and a first IP address range in a configuration table on the WAN side of the XPON device. In network technology, a Port (Port) includes two types, a logical Port and a physical Port. The physical port refers to a physically existing port, such as an interface used for connecting other network equipment on an ADSL Modem, a hub, a switch and a router; logical ports refer to ports used to distinguish services in a logical sense, such as service ports in the TCP/IP protocol, with port numbers ranging from 0 to 65535; such as 80 ports for browsing web services; such as 21 ports for FTP service. It is to be understood that the service type and number of the first logical port number are not specifically limited herein.
S3, storing the first logic port number and the first IP address range in a memory of the XPON equipment; in this embodiment, the first logical port number and the first IP address range are stored in a FLASH of the XPON device.
S4, acquiring a starting signal of the XPON equipment;
s5, receiving the protocol data and the first logic port number of the XPON equipment according to the starting signal;
s6, judging the protocol data type and the first logic port number type of the XPON equipment;
preferably, referring to fig. 3, the determining the protocol data type and the first logical port number type of the XPON device includes:
s61, acquiring the protocol data type in the memory of the XPON equipment;
s62, checking the first logic port number, and judging whether the first logic port number is a standard logic port number in the protocol data type.
And S7, controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result.
Preferably, referring to fig. 4, the controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result includes:
and S71, if the first logical port number is the standard logical port number in the protocol data type, performing data transmission according to the protocol data type and the first logical port number.
Preferably, the controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result further includes:
s72, if the first logic port number is not the standard logic port number in the protocol data type;
s73, redirecting the TCP message of the first logic port number to a standard logic port number in the protocol data type;
and S74, transmitting data according to the protocol data type and the oriented standard logical port number.
Preferably, for example, a standard logical port of a protocol Telnet is 23, and if the first logical port number is 23, data transmission is performed according to the protocol data type and the logical port number 23; if the first logical port number is 24, where 24 is a non-standard logical port number, the logical port number 24 is redirected to a standard logical port number of 23, and data transmission is performed according to the standard logical port number 24 after the redirection.
Preferably, referring to fig. 5, the redirecting the TCP packet of the first logical port number to the standard logical port number in the protocol data type includes:
s731, confirming that the destination MAC address pointing to the XPON equipment is valid;
s732, in the iptables table, modifying a TCP message of a managle linked list in an FREROUTING stage, wherein the step comprises the following steps:
s732a, if the port number received from the WAN side is the standard logical port number after the non-direction, discarding;
s732b, if the port number received on the WAN side is the standard logical port number after the positioning, the reception is performed.
Preferably, before controlling the remote management authority of the user in the first IP address range to the XPON device according to the determination result, the method further includes: checking whether the first IP address range is empty.
Specifically, referring to fig. 6, in the iptables flow chart, the embodiment defines that the remote MAC address pointing to the XPON device is valid. Therefore, if the first IP address range is not empty, the packet at the INPUT stage is processed according to the filter rule of the filter linked list in the iptables table. In this embodiment, if the first logical port number is 24, where 24 is a non-standard logical port number, the logical port number 24 is redirected to a standard logical port number of 23, and data transmission is performed according to the specified standard logical port number 24. For example, if the port number received from the WAN side is 80 or 23, the port number 80 or 23 is discarded; if the port number received from the WAN side is 24, the reception is performed. It is understood that the filtering rule of the filter linked list may be set according to the requirement, and is not limited specifically herein.
Preferably, in this embodiment, after the first IP address range is set, all messages in the first IP address range that are not specified are discarded, for example, a service corresponding to the first logical port number is an access right, and the functions set by applying the remote management method for a network device of the present invention are as follows: and the users and the equipment outside the first IP address range have no right to access the XPON equipment through a WAN side external network. Therefore, the invention has accurate control and high safety.
In another preferred embodiment, the method further comprises:
according to the networking success signal, configuring a second logic port number and a second IP address range in a configuration table at the WAN side of the XPON equipment;
storing the second logical port number and the second IP address range in a memory of the XPON device;
acquiring a starting signal of the XPON equipment;
receiving protocol data of the XPON equipment and the second logic port number according to the starting signal;
judging the protocol data type and the second logic port number type of the XPON equipment;
and opening the remote management authority of the user in the second IP address range to the XPON equipment according to the judgment result. It is understood that the configuration number of the logical port number and the configuration range of the IP address in this embodiment may be set according to the need, and are not limited specifically herein.
Referring to fig. 7, an embodiment of the present invention provides a remote management and control apparatus for a network device, where the apparatus includes:
a networking signal acquiring module 1, configured to acquire networking success signals of an XPON device, an OLT device, a gateway router, and a server;
the configuration module 2 is configured to configure a first logical port number and a first IP address range in a configuration table on the WAN side of the XPON device according to the networking success signal;
a storage module 3, configured to store the first logical port number and the first IP address range in a memory of the XPON device;
the starting signal acquisition module 4 is used for acquiring a starting signal of the XPON equipment;
a receiving module 5, configured to receive, according to the start signal, the protocol data of the XPON device and the first logical port number;
the judging module 6 is used for judging the protocol data type and the first logic port number type of the XPON equipment;
and the management control module 7 is used for controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result.
In addition, the method for remotely controlling the network device according to the embodiment of the present invention described in conjunction with fig. 1 may be implemented by a remote controlling device of the network device. Fig. 8 shows a schematic diagram of a hardware structure of a remote management and control device of a network device according to an embodiment of the present invention.
The network device remote management device may include a processor 401 and memory 402 storing computer program instructions.
Specifically, the processor 401 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured as one or more Integrated circuits implementing embodiments of the present invention.
Memory 402 may include mass storage for data or instructions. By way of example, and not limitation, memory 402 may include a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, tape, or Universal Serial Bus (USB) Drive or a combination of two or more of these. Memory 402 may include removable or non-removable (or fixed) media, where appropriate. The memory 402 may be internal or external to the data processing apparatus, where appropriate. In a particular embodiment, the memory 402 is a non-volatile solid-state memory. In a particular embodiment, the memory 402 includes Read Only Memory (ROM). Where appropriate, the ROM may be mask-programmed ROM, Programmable ROM (PROM), Erasable PROM (EPROM), Electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory or a combination of two or more of these.
The processor 401 reads and executes the computer program instructions stored in the memory 402 to implement any one of the remote network device management methods in the above embodiments.
In one example, the network device remote management device may also include a communication interface 403 and a bus 410. As shown in fig. 8, the processor 401, the memory 402, and the communication interface 403 are connected via a bus 410 to complete communication therebetween.
The communication interface 403 is mainly used for implementing communication between modules, apparatuses, units and/or devices in the embodiments of the present invention.
Bus 410 may include hardware, software, or both to couple components of the network device's remote management device to each other. By way of example, and not limitation, a bus may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a Hypertransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a Micro Channel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus or a combination of two or more of these. Bus 410 may include one or more buses, where appropriate. Although specific buses have been described and shown in the embodiments of the invention, any suitable buses or interconnects are contemplated by the invention.
In addition, in combination with the remote management and control method for the network device in the foregoing embodiments, the embodiments of the present invention may provide a computer-readable storage medium to implement the method. The computer readable storage medium having stored thereon computer program instructions; the computer program instructions, when executed by a processor, implement any of the above embodiments of the remote management method for a network device.
In summary, embodiments of the present invention provide a method, an apparatus, a device, and a storage medium for remote management and control of a network device. The invention acquires the networking success signals of XPON equipment, OLT equipment, a gateway router and a server; according to the networking success signal, configuring a first logic port number and a first IP address range in a configuration table at the WAN side of the XPON equipment; storing the first logical port number and the first IP address range in a memory of the XPON device; acquiring a starting signal of the XPON equipment; receiving protocol data of the XPON equipment and the first logic port number according to the starting signal; judging the protocol data type and the first logic port number type of the XPON equipment; and controlling the remote management authority of the user in the first IP address range to the XPON equipment according to the judgment result. Therefore, the network equipment remote control method can realize accurate and effective remote control on the network equipment based on the logical port number and the IP address, and has high safety and accuracy.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As described above, only the specific embodiments of the present invention are provided, and it can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system, the module and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.