| CPC H04L 63/0263 (2013.01) [H04L 63/0236 (2013.01)] | 20 Claims |
|
1. A security device, comprising:
a computer-readable storage medium storing one or more sequences of instructions; and
a processor configured to execute the one or more sequences of instructions to:
receive, via a first network interface, a network packet;
evaluate attributes of the received network packet against a ruleset to identify a first rule match, wherein the attributes comprise an identifier of the first network interface, a source address, and a destination address;
compare the attributes of the received network packet against a table listing one or more network devices associated with the first network interface or a second network interface associated with the first network interface;
switch the attributes of the received network packet by changing the identifier of the first network interface to an identifier of the second network interface and swapping the source address and the destination address;
evaluate the switched attributes of the received network packet against the ruleset to identify a second rule match;
compare the switched attributes of the received network packet against the table;
select one of the first rule match or the second rule match based on the comparisons of the network packet attributes and the switched network packet attributes against the table; and
process the received network packet according to the selected one of the first rule match or the second rule match.
|