CN111107551A - Wireless network bridge networking method and device - Google Patents
Wireless network bridge networking method and device Download PDFInfo
- Publication number
- CN111107551A CN111107551A CN201811269261.8A CN201811269261A CN111107551A CN 111107551 A CN111107551 A CN 111107551A CN 201811269261 A CN201811269261 A CN 201811269261A CN 111107551 A CN111107551 A CN 111107551A
- Authority
- CN
- China
- Prior art keywords
- signal strength
- received signal
- bridge
- networking
- strength value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000006855 networking Effects 0.000 title claims abstract description 112
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000001514 detection method Methods 0.000 claims abstract description 124
- 230000004044 response Effects 0.000 claims abstract description 121
- 239000000523 sample Substances 0.000 claims description 56
- 238000000060 site-specific infrared dichroism spectroscopy Methods 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 9
- 230000005540 biological transmission Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/08—Testing, supervising or monitoring using real traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/20—Selecting an access point
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application provides a wireless network bridge networking method and a wireless network bridge networking device, wherein the method comprises the following steps: the wireless bridge is in access point mode: generating corresponding character string information by using the equipment characteristic information of the network bridge; encrypting the character string information and the network connection authentication parameters of the network bridge to obtain encrypted information; when receiving a detection request message sent by an opposite-end wireless network bridge, determining a received signal strength value of the local network bridge for receiving the detection request message; and carrying the received signal strength value and the encryption information to a detection response message and sending the detection response message to the opposite-end wireless bridge, so that the opposite-end wireless bridge performs networking according to the received signal strength value and the encryption information. The device characteristic information corresponding to the network access authentication parameter is encrypted into encrypted information, so that the privacy and integrity of the device characteristic information can be guaranteed, the opposite-end wireless bridge can verify the authenticity of the detection response message by decrypting the encrypted information, the fact that the device is connected to a real wireless network is guaranteed, and information is prevented from being stolen.
Description
Technical Field
The present application relates to the field of network communication technologies, and in particular, to a wireless bridge networking method and apparatus.
Background
In networking technologies related to wireless network bridges, point-to-multipoint wireless network bridge networking technologies are widely applied. A point-to-multipoint wireless bridge group network is comprised of a plurality of wireless bridges in an access point mode and a plurality of wireless bridges in a client mode. The wireless bridge in the client mode is connected to the wireless bridge in the access point mode through a wireless network for data transmission, and each wireless bridge in the access point mode can be accessed to a plurality of wireless bridges in the client mode.
Currently, in the process of connecting a wireless bridge in a client mode to a wireless bridge in an access point mode, a technician configures an SSID (Service Set Identifier) and a password of each wireless bridge in the access point mode, then the wireless bridge in the client mode detects SSIDs of surrounding wireless bridges in the access point mode, and the technician selects one SSID from all detected SSIDs and inputs a corresponding password to complete network connection between the wireless bridge in the client mode and the wireless bridge in the access point mode.
However, in the detection process, the detection response message sent by the wireless bridge in the access point mode may be intercepted by a third party and maliciously tampered in the transmission process, and when the wireless bridge in the client mode receives the detection response message, the authenticity of the detection response message cannot be verified, so that the detection response message may be connected to a pseudo wireless network, and information may be stolen.
Disclosure of Invention
In view of the above, the present application provides a wireless bridge networking method and apparatus, so as to solve the problem that information is stolen due to a networking method in the related art.
According to a first aspect of embodiments herein, there is provided a wireless bridge networking method, the method being applied to a wireless bridge, the method comprising:
the wireless bridge in access point mode performs the steps of:
generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information of the network bridge;
encrypting the character string information and the network connection authentication parameters of the network bridge to obtain encrypted information;
when receiving a detection request message sent by an opposite-end wireless network bridge, determining a received signal strength value of the detection request message received by the local network bridge;
and carrying the received signal strength value and the encryption information into a detection response message for responding to the detection request message, and sending the detection response message to the opposite-end wireless bridge, so that the opposite-end wireless bridge performs networking according to the received signal strength value and the encryption information.
According to a second aspect of embodiments of the present application, there is provided a wireless bridge networking method, applied to a wireless bridge, the method comprising:
the network bridge performs the following steps in client mode:
sending a detection request message;
receiving at least one detection response message for responding to the detection request message;
aiming at each received detection response message, generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message; decrypting the encrypted information carried by the detection response message to obtain character string information and networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message;
and selecting a received signal strength value meeting preset conditions from the extracted received signal strength values, and networking by using the networking authentication parameters corresponding to the selected received signal strength value.
According to a third aspect of the embodiments of the present application, there is provided a wireless bridge networking apparatus, which is applied to a wireless bridge, and includes:
the wireless bridge in access point mode performs the steps of:
the generating module is used for generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information of the network bridge;
the encryption module is used for encrypting the character string information and the network connection authentication parameters of the network bridge to obtain encryption information;
the device comprises a determining module, a receiving module and a sending module, wherein the determining module is used for determining the receiving signal strength value of the detection request message received by the local network bridge when the detection request message sent by the opposite-end wireless network bridge is received;
and the sending module is used for carrying the received signal strength value and the encrypted information into a detection response message used for responding to the detection request message, and sending the detection response message to the opposite-end wireless bridge so as to enable the opposite-end wireless bridge to carry out networking according to the received signal strength value and the encrypted information.
According to a fourth aspect of the embodiments of the present application, there is provided a wireless bridge networking apparatus, which is applied to a wireless bridge, and includes:
the network bridge performs the following steps in client mode:
a sending module, configured to send a probe request packet;
a receiving module, configured to receive at least one probe response packet for responding to the probe request packet;
the consistency verification module is used for generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message aiming at each received detection response message, and decrypting the encrypted information carried by the detection response message to obtain the character string information and the networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message;
and the networking module is used for selecting the received signal strength value meeting the preset condition from the extracted received signal strength values and networking by utilizing the networking authentication parameters corresponding to the selected received signal strength value.
By applying the embodiment of the application, the wireless bridge in the access point mode can firstly generate character string information by using the device characteristic information of the wireless bridge, and encrypt the character string information and the networking authentication parameter of the wireless bridge to obtain encryption information, so that when a detection request message sent by an opposite-end wireless bridge is received, the received signal strength value of the detection request message received by the network bridge can be determined, the received signal strength value and the encryption information are carried into a detection response message used for responding to the detection request message and are sent to the opposite-end wireless bridge, and the opposite-end wireless bridge can perform networking according to the received signal strength value and the encryption information. Based on the above description, it can be known that privacy and integrity can be ensured by encrypting the character string information and the networking authentication parameters corresponding to the device feature information into encrypted information, and if the probe response message is maliciously tampered in the transmission process, the wireless bridge at the opposite end can also verify the authenticity of the probe response message by decrypting the encrypted information, so as to ensure that the connected wireless network is a real wireless network and avoid information theft. In addition, the wireless bridge of the opposite end can select the wireless bridge of the access point mode with the optimal link quality for networking according to the received signal strength value carried by the detection response message.
Drawings
Fig. 1 is a diagram illustrating an application scenario for wireless bridge networking according to an exemplary embodiment of the present application;
fig. 2 is a flowchart illustrating an embodiment of a wireless bridge networking method according to an exemplary embodiment of the present application;
fig. 3 is a flow diagram illustrating another embodiment of a wireless bridge networking method according to an exemplary embodiment of the present application;
FIG. 4 is a hardware block diagram of a wireless bridge according to an exemplary embodiment of the present application;
FIG. 5 is a block diagram of an embodiment of a wireless bridge networking device according to one illustrative embodiment of the present application;
fig. 6 is a block diagram of an embodiment of another wireless bridge networking device shown in accordance with an example embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Fig. 1 is a diagram of an application scenario of wireless bridge networking according to an exemplary embodiment of the present application, where the application scenario shown in fig. 1 is a video monitoring scenario of point-to-multipoint wireless bridge networking, and the scenario includes: network cameras (5 are shown in fig. 1) arranged at various positions, wireless bridges (5 are shown in fig. 1) in a client mode, wireless bridges (2 are shown in fig. 1) in an access point mode, a switch, and a Network Video Recorder (NVR) located at a monitoring center, wherein, the network cameras are used for shooting peripheral videos, each network camera is connected with a wireless network bridge in a client mode in a wired mode, the wireless bridge in client mode is used to receive video data transmitted by the webcam over the wired network, sending the received video data to the wireless network bridge in the access point mode through a wireless network; the wireless bridge in access point mode is wired to the switch, and the network hard disk video recorder is used for sending the received video data to the switch and sending the video data to the monitoring center by the switch for storage.
At present, in the process of connecting a wireless bridge in a client mode to a wireless bridge in an access point mode, a technician configures an SSID and a password of each wireless bridge in the access point mode, and then a wireless bridge in the client mode can detect the SSID of the surrounding wireless bridge in the access point mode through a detection request message, so that the technician selects one SSID from all detected SSIDs, inputs a corresponding password, and completes wireless connection between the wireless bridge in the client mode and the wireless bridge in the access point mode. In the detection process, the detection response message responded by the wireless bridge in the access point mode to the detection request message may be intercepted and maliciously tampered by a third party in the transmission process, and the wireless bridge in the client mode cannot verify the authenticity of the detection response message when receiving the detection response message, so that the wireless bridge may be connected to a pseudo wireless network, and subsequently transmitted video data is stolen.
Based on this, the wireless bridge in the access point mode may first generate a character string information by using the device feature information of the wireless bridge, and encrypt the character string information and the network connection authentication parameter of the wireless bridge to obtain the encryption information, so that when receiving a detection request message sent by an opposite-end wireless bridge, the wireless bridge determines a received signal strength value of the detection request message received by the network bridge, carries the received signal strength value and the encryption information to a detection response message for responding to the detection request message, and sends the detection response message to the opposite-end wireless bridge, so that the opposite-end wireless bridge performs networking according to the received signal strength value and the encryption information.
Therefore, the privacy and the integrity of the detection response message can be ensured by encrypting the character string information and the networking authentication parameters corresponding to the equipment characteristic information into the encrypted information, and if the detection response message is maliciously tampered in the transmission process, the opposite-end wireless bridge can verify the authenticity of the detection response message by decrypting the encrypted information, so that the fact that the detection response message is connected to a real wireless network is ensured, and the information is prevented from being stolen. In addition, the wireless bridge of the opposite end can select the wireless bridge of the access point mode with the optimal link quality for networking according to the received signal strength value carried by the detection response message.
The technical solution of the present application will be described in detail with specific examples.
Fig. 2 is a flowchart illustrating an embodiment of a wireless bridge networking method according to an exemplary embodiment of the present application, which may be applied to a wireless bridge in an access point mode. As shown in fig. 2, the networking method of the wireless bridge includes the following steps:
step 201: and generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information of the network bridge.
In one embodiment, the device feature information of the local bridge may be used to generate corresponding string information using a predetermined algorithm (e.g., algorithm a). The device characteristic information may be a unique identification of the wireless bridge, such as a Basic Service Set Identifier (BSSID).
Step 202: and encrypting the character string information and the network connection authentication parameters of the network bridge to obtain encrypted information.
In an embodiment, the string information and the networking authentication parameters may be encrypted by using a predetermined algorithm (e.g., AES encryption algorithm) to ensure the privacy and integrity thereof and avoid malicious tampering by a third party.
Wherein, the networking authentication parameters (at least including SSID and password) can be generated according to the device attribute information (such as device serial number or device MAC address) of the network bridge, thereby simplifying the traditional manual SSID and password configuration process.
Step 203: when receiving a detection request message sent by an opposite-end wireless network bridge, determining a received signal strength value of the local network bridge for receiving the detection request message.
In an embodiment, when a probe request message is Received through a certain wireless channel, a Received Signal Strength Indicator (RSSI) value for receiving the probe request message may be measured.
Step 204: and carrying the received signal strength value and the encryption information into a detection response message for responding to the detection request message, and sending the detection response message to the opposite-end wireless bridge, so that the opposite-end wireless bridge performs networking according to the received signal strength value and the encryption information.
In an embodiment, the encryption information and the received signal strength value may be filled in a reserved extension information field in the probe response message, as shown in table 1, which is an exemplary format of the reserved extension information field in the probe response message, wherein the reserved information element type is used to identify whether there is content in the reserved extension information field, and is represented by 1 byte, and the length is used to indicate the total length of the content added in the reserved extension information field, and is represented by 1 byte, and finally, the content specifically added in the field, and may add 128 bytes of content at the maximum.
| Reservation information element type | Length of | Encryption information, received signal strength value |
TABLE 1
It should be noted that, because the encryption information of the probe response packet includes the SSID and the password, the wireless bridge at the opposite end can automatically implement network connection through the SSID and the password, without manual reference, thereby simplifying the operation flow of network connection.
In this embodiment, in the ap mode, the wireless bridge may first generate a string information by using the device feature information of the wireless bridge, and encrypt the string information and the network connection authentication parameter of the wireless bridge to obtain encrypted information, so that when receiving a probe request message sent by an opposite-end wireless bridge, a received signal strength value of the network bridge receiving the probe request message may be determined, and the received signal strength value and the encrypted information are carried in a probe response message for responding to the probe request message and sent to the opposite-end wireless bridge, so that the opposite-end wireless bridge performs networking according to the received signal strength value and the encrypted information. Based on the above description, it can be known that privacy and integrity can be ensured by encrypting the character string information and the networking authentication parameters corresponding to the device feature information into encrypted information, and if the probe response message is maliciously tampered in the transmission process, the wireless bridge at the opposite end can also verify the authenticity of the probe response message by decrypting the encrypted information, so as to ensure that the connected wireless network is a real wireless network and avoid information theft. In addition, the wireless bridge of the opposite end can select the wireless bridge of the access point mode with the optimal link quality for networking according to the received signal strength value carried by the detection response message.
Fig. 3 is a flowchart illustrating another embodiment of a wireless bridge networking method according to an exemplary embodiment of the present application, which may be applied to a wireless bridge in a client mode, as shown in fig. 3, where the wireless bridge networking method includes the following steps:
step 301: and sending a detection request message.
In one embodiment, the supported wireless channels may be sequentially traversed, and Probe Request messages may be sent in a broadcast manner to detect the presence of wireless bridges in the ap mode.
For each supported wireless channel, the wireless bridge may stay for a preset time length, where the preset time length can ensure that a wireless bridge response probe response packet in the access point mode is received, where the wireless bridge supports the same wireless channel all around, and for example, the preset time length may be set to 10 milliseconds.
Step 302: at least one probe response message is received in response to the probe request message.
In an embodiment, the probe response packet carries device characteristic information, encryption information, and a received signal strength value.
Step 303: and aiming at each received detection response message, generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message.
In an embodiment, the device characteristic information may be extracted from a header structure of the probe response packet, and a predetermined algorithm (e.g., algorithm a) may be used to generate the character string information corresponding to the device characteristic information.
The device feature information may be a unique identifier of the wireless bridge, such as BSSID (Basic Service set identifier).
Step 304: and decrypting the encrypted information carried by the detection response message to obtain the character string information and the networking authentication parameters.
In one embodiment, the encrypted information may be extracted from the reserved extension information field of the probe response message, and decrypted by a predetermined algorithm (e.g., AES decryption algorithm). The networking authentication parameters at least comprise an SSID and a password, and the SSID and the password are obtained from encrypted information, so that the privacy and integrity of the networking authentication parameters can be guaranteed.
Step 305: and if the generated character string information is consistent with the character string information obtained by decryption, extracting the received signal strength value carried by the detection response message.
In an embodiment, if the generated character string information is consistent with the character string information obtained by decryption, it indicates that the probe response message is not tampered and is a real message, and a received signal strength value carried by the probe response message can be extracted for subsequent selection for networking; if the generated character string information is inconsistent with the character string information obtained by decryption, the detection response message is tampered and is not a real message, and the detection response message can be discarded. Therefore, the authenticity of the detection response message can be verified by comparing the generated character string information with the character string information obtained by decryption.
Step 306: and selecting a received signal strength value meeting preset conditions from the extracted received signal strength values, and networking by using the networking authentication parameters corresponding to the selected received signal strength value.
In an embodiment, after each probe response message is verified, a maximum received signal strength value may be selected from the extracted received signal strength values, and the maximum received signal strength value may be determined as a received signal strength value meeting a preset condition.
In the application scenario of wireless bridge networking, the transmission rate from the wireless bridge in the client mode to the wireless bridge in the access point mode for transmitting uplink data (such as video data) is emphasized, and as the larger the received signal strength value is, the better the corresponding link quality is, the networking authentication parameters (at least including SSID and password) corresponding to the maximum received signal strength value can be selected for networking.
It should be noted that, after the wireless network bridge in the client mode is connected to the wireless network, a wireless channel receiving the probe response packet (carrying the maximum received signal strength value) needs to be used as an operating channel for data interaction.
In an exemplary scenario, assume that a wireless bridge in client mode supports two wireless channels: the wireless channel 1 and the wireless channel 2 receive 3 detection response messages through the wireless channel 1 and receive 4 detection response messages through the wireless channel 2. Assuming that each probe response message is true, so that 7 received signal strength values, SSIDs and passwords can be obtained, then selecting a maximum received signal strength value from the 7 received signal strength values, and performing networking by using the SSID and the password corresponding to the selected maximum received signal strength value.
It should be noted that, after the wireless bridge in the client mode performs networking by using the networking authentication parameter corresponding to the selected received signal strength value, the wireless bridge may send a probe request message once at preset time intervals, receive at least one probe response message for responding to the probe request message, where the at least one probe response message is for responding to the probe request message, and then generate, for each received probe response message, character string information corresponding to the device characteristic information by using the device characteristic information carried in the probe response message; decrypting the encrypted information carried by the detection response message to obtain character string information and networking authentication parameters; if the generated character string information is consistent with the character string information obtained through decryption, extracting a received signal strength value carried by the detection response message, finally determining a maximum received signal strength value from the extracted received signal strength values, and if a difference value between the maximum received signal strength value and the currently selected received signal strength value is larger than a positive threshold value, re-networking by using networking authentication parameters corresponding to the maximum received signal strength value.
Because the wireless bridge in the client mode cannot send the detection request message during the data interaction through the working channel, the wireless bridge can be switched to the non-working channel to send the detection request message for detection after the working channel works for a preset time interval, and then switched back to the working channel for data interaction after the non-working channel stays for a period of time (for example, 10 milliseconds), so that all the non-working channels can be sequentially and circularly traversed.
It should be further noted that, in practical applications, due to building obstruction and other reasons, the wireless bridge in the client mode cannot detect the existing wireless bridge in the access point mode, and therefore, the wireless coverage extension needs to be performed in a back-to-back relay manner, where the back-to-back relay manner may be composed of a wireless bridge in the client mode and a wireless bridge in the access point mode, and the wireless bridge are connected by a wire. Thus, a client mode wireless bridge for relaying may be wirelessly connected to an existing access point mode wireless bridge, while a client mode wireless bridge that was previously unable to detect an access point mode wireless bridge may be wirelessly connected to an access point mode wireless bridge for relaying. However, since the distance between the client mode wireless bridge for relaying and the access point mode wireless bridge for relaying is generally relatively short, the client mode wireless bridge for relaying preferentially connects to the access point mode wireless bridge for relaying, rather than the existing access point mode wireless bridge, resulting in an inability to network in the desired topology.
Therefore, the wireless bridge in the client mode for relaying can send the MAC address of the wireless network interface of the bridge to the wireless bridge in the access point mode through the wired network interface, so that the wireless bridge in the access point mode refuses response when receiving the detection request message carrying the MAC address, and networking according to expected topology can be guaranteed.
In the embodiment of the application, after a wireless bridge sends a detection request message in a client mode, at least one detection response message used for responding to the detection request message is received, then, for each received detection response message, character string information corresponding to the equipment characteristic information is generated by using the equipment characteristic information carried by the detection response message, encrypted information carried by the detection response message is decrypted to obtain the character string information and networking authentication parameters, if the generated character string information is consistent with the character string information obtained by decryption, a received signal strength value carried by the detection response message is extracted, finally, a received signal strength value meeting a preset condition is selected from the extracted received signal strength values, and networking is performed by using the networking authentication parameters corresponding to the selected received signal strength value. Based on the above description, it can be known that the authenticity of the probe response packet is verified by decrypting the encrypted information carried in the probe response packet, so that the probe response packet can be ensured to be finally connected to a real wireless network, and information is prevented from being stolen. Because the signal strength value carried by the probe response message is used for indicating the quality of the link, the link quality corresponding to the received signal strength value which is selected from the received signal strength values and meets the preset condition is optimal, and the wireless network bridge can be connected to the wireless network with the optimal link quality in the client mode.
Fig. 4 is a hardware block diagram of a wireless bridge according to an exemplary embodiment of the present application, the wireless bridge comprising: a communication interface 401, a processor 402, a machine-readable storage medium 403, and a bus 404; wherein the communication interface 401, the processor 402 and the machine-readable storage medium 403 communicate with each other via a bus 404. The processor 402 may perform the wireless bridge networking method described above by reading and executing machine executable instructions in the machine readable storage medium 402 corresponding to the control logic of the wireless bridge networking method, and the details of the method are described in the above embodiments and will not be described again here.
The machine-readable storage medium 403 referred to herein may be any electronic, magnetic, optical, or other physical storage device that can contain or store information such as executable instructions, data, and the like. For example, the machine-readable storage medium may be: a RAM (random Access Memory), a volatile Memory, a non-volatile Memory, a flash Memory, a storage drive (e.g., a hard drive), any type of storage disk (e.g., an optical disk, a dvd, etc.), or similar storage medium, or a combination thereof.
Fig. 5 is a block diagram of an embodiment of a wireless bridge networking device according to an exemplary embodiment of the present application, the device being applied to a wireless bridge, the device comprising:
the wireless bridge in access point mode performs the steps of:
a generating module 510, configured to generate, by using the device feature information of the local network bridge, character string information corresponding to the device feature information;
the encryption module 520 is configured to encrypt the string information and the network connection authentication parameter of the network bridge to obtain encrypted information;
a determining module 530, configured to determine, when receiving a probe request message sent by an opposite-end wireless bridge, a received signal strength value of the probe request message received by the local network bridge;
a sending module 540, configured to carry the received signal strength value and the encryption information to a probe response message used for responding to the probe request message, and send the probe response message to the peer wireless bridge, so that the peer wireless bridge performs networking according to the received signal strength value and the encryption information.
In an optional implementation manner, the networking authentication parameter is generated according to the device attribute information of the local network bridge;
the networking authentication parameters include at least: a service set identifier SSID, and a password.
Fig. 6 is a block diagram of an embodiment of another wireless bridge networking device according to an exemplary embodiment of the present application, the device being applied to a wireless bridge, the device comprising:
the network bridge performs the following steps in client mode:
a sending module 610, configured to send a probe request packet;
a receiving module 620, configured to receive at least one probe response packet for responding to the probe request packet;
a consistency verification module 630, configured to, for each received probe response packet, generate, by using the device characteristic information carried in the probe response packet, character string information corresponding to the device characteristic information, and decrypt encrypted information carried in the probe response packet to obtain the character string information and networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message;
and the networking module 640 is configured to select a received signal strength value meeting a preset condition from the extracted received signal strength values, and perform networking by using the networking authentication parameter corresponding to the selected received signal strength value.
In an optional implementation manner, the networking module 640 is specifically configured to select a maximum received signal strength value from the extracted received signal strength values in a process of selecting a received signal strength value meeting a preset condition from the extracted received signal strength values; and determining the maximum received signal strength value as a received signal strength value meeting a preset condition.
In an alternative implementation, the apparatus further comprises (not shown in fig. 6):
a re-networking module, configured to send a probe request message once every preset time interval after the networking module 640 performs networking by using the networking authentication parameter corresponding to the selected received signal strength value, and receive at least one probe response message for responding to the probe request message; aiming at each received detection response message, generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message; decrypting the encrypted information carried by the detection response message to obtain character string information and networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message; determining a maximum received signal strength value from the extracted received signal strength values; and if the difference value between the maximum received signal strength value and the currently selected received signal strength value is larger than a positive threshold value, performing networking again by using the networking authentication parameter corresponding to the maximum received signal strength value.
In an alternative implementation, the apparatus further comprises (not shown in fig. 6):
and the sending module is used for sending the MAC address of the wireless network interface of the network bridge to the wireless network bridge in the access point mode through the wired network interface if the wired network interface of the network bridge is connected with the wireless network bridge in the access point mode, so that the wireless network bridge in the access point mode refuses response when receiving the detection request message carrying the MAC address.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (12)
1. A wireless bridge networking method, applied to a wireless bridge, the method comprising:
the wireless bridge in access point mode performs the steps of:
generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information of the network bridge;
encrypting the character string information and the network connection authentication parameters of the network bridge to obtain encrypted information;
when receiving a detection request message sent by an opposite-end wireless network bridge, determining a received signal strength value of the detection request message received by the local network bridge;
and carrying the received signal strength value and the encryption information into a detection response message for responding to the detection request message, and sending the detection response message to the opposite-end wireless bridge, so that the opposite-end wireless bridge performs networking according to the received signal strength value and the encryption information.
2. The method of claim 1, wherein the networking authentication parameter is generated according to device attribute information of the local bridge;
the networking authentication parameters include at least: a service set identifier SSID, and a password.
3. A wireless bridge networking method, applied to a wireless bridge, the method comprising:
the network bridge performs the following steps in client mode:
sending a detection request message;
receiving at least one detection response message for responding to the detection request message;
aiming at each received detection response message, generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message; decrypting the encrypted information carried by the detection response message to obtain character string information and networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message;
and selecting a received signal strength value meeting preset conditions from the extracted received signal strength values, and networking by using the networking authentication parameters corresponding to the selected received signal strength value.
4. The method of claim 1, wherein selecting the RSSI values meeting a predetermined condition from the extracted RSSI values comprises:
selecting a maximum received signal strength value from the extracted received signal strength values;
and determining the maximum received signal strength value as a received signal strength value meeting a preset condition.
5. The method of claim 1, wherein after networking using the networking authentication parameter corresponding to the selected rssi value, the method further comprises:
sending a detection request message once every a preset time interval, and receiving at least one detection response message for responding to the detection request message;
aiming at each received detection response message, generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message; decrypting the encrypted information carried by the detection response message to obtain character string information and networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message;
determining a maximum received signal strength value from the extracted received signal strength values;
and if the difference value between the maximum received signal strength value and the currently selected received signal strength value is larger than a positive threshold value, performing networking again by using the networking authentication parameter corresponding to the maximum received signal strength value.
6. The method of claim 1, wherein if the wired portal of the bridge is connected to a wireless bridge in the ap mode, the method further comprises:
and sending the MAC address of the wireless network interface of the network bridge to the wireless network bridge in the access point mode through the wired network interface, so that the wireless network bridge in the access point mode refuses response when receiving a detection request message carrying the MAC address.
7. A wireless bridge networking apparatus, wherein the apparatus is applied to a wireless bridge, the apparatus comprises:
the wireless bridge in access point mode performs the steps of:
the generating module is used for generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information of the network bridge;
the encryption module is used for encrypting the character string information and the network connection authentication parameters of the network bridge to obtain encryption information;
the device comprises a determining module, a receiving module and a sending module, wherein the determining module is used for determining the receiving signal strength value of the detection request message received by the local network bridge when the detection request message sent by the opposite-end wireless network bridge is received;
and the sending module is used for carrying the received signal strength value and the encrypted information into a detection response message used for responding to the detection request message, and sending the detection response message to the opposite-end wireless bridge so as to enable the opposite-end wireless bridge to carry out networking according to the received signal strength value and the encrypted information.
8. The apparatus of claim 7, wherein the networking authentication parameter is generated according to device attribute information of the local bridge;
the networking authentication parameters include at least: a service set identifier SSID, and a password.
9. A wireless bridge networking apparatus, wherein the apparatus is applied to a wireless bridge, the apparatus comprises:
the network bridge performs the following steps in client mode:
a sending module, configured to send a probe request packet;
a receiving module, configured to receive at least one probe response packet for responding to the probe request packet;
the consistency verification module is used for generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message aiming at each received detection response message, and decrypting the encrypted information carried by the detection response message to obtain the character string information and the networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message;
and the networking module is used for selecting the received signal strength value meeting the preset condition from the extracted received signal strength values and networking by utilizing the networking authentication parameters corresponding to the selected received signal strength value.
10. The apparatus according to claim 9, wherein the networking module is specifically configured to select a maximum rssi value from the extracted rssi values in selecting an rssi value meeting a predetermined condition from the extracted rssi values; and determining the maximum received signal strength value as a received signal strength value meeting a preset condition.
11. The apparatus of claim 9, further comprising: the re-networking module is used for sending a detection request message once every preset time interval after the networking module performs networking by using the networking authentication parameters corresponding to the selected received signal strength value, and receiving at least one detection response message for responding to the detection request message; aiming at each received detection response message, generating character string information corresponding to the equipment characteristic information by utilizing the equipment characteristic information carried by the detection response message; decrypting the encrypted information carried by the detection response message to obtain character string information and networking authentication parameters; if the generated character string information is consistent with the character string information obtained by decryption, extracting a received signal strength value carried by the detection response message; determining a maximum received signal strength value from the extracted received signal strength values; and if the difference value between the maximum received signal strength value and the currently selected received signal strength value is larger than a positive threshold value, performing networking again by using the networking authentication parameter corresponding to the maximum received signal strength value.
12. The apparatus of claim 9, further comprising:
and the sending module is used for sending the MAC address of the wireless network interface of the network bridge to the wireless network bridge in the access point mode through the wired network interface if the wired network interface of the network bridge is connected with the wireless network bridge in the access point mode, so that the wireless network bridge in the access point mode refuses response when receiving the detection request message carrying the MAC address.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811269261.8A CN111107551A (en) | 2018-10-29 | 2018-10-29 | Wireless network bridge networking method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811269261.8A CN111107551A (en) | 2018-10-29 | 2018-10-29 | Wireless network bridge networking method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111107551A true CN111107551A (en) | 2020-05-05 |
Family
ID=70419247
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811269261.8A Pending CN111107551A (en) | 2018-10-29 | 2018-10-29 | Wireless network bridge networking method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111107551A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114051245A (en) * | 2022-01-13 | 2022-02-15 | 深圳市彼洋科技发展有限公司 | Intelligent networking method and system for wireless network bridge |
| CN114222351A (en) * | 2021-12-22 | 2022-03-22 | 新华三大数据技术有限公司 | AP (access point) access method, AP, client and communication system |
| CN115802361A (en) * | 2022-11-28 | 2023-03-14 | 广州通则康威智能科技有限公司 | Network management and control method, device, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7039021B1 (en) * | 1999-10-05 | 2006-05-02 | Nec Corporation | Authentication method and apparatus for a wireless LAN system |
| CN103096301A (en) * | 2011-10-31 | 2013-05-08 | 华为技术有限公司 | Method for verifying wireless local area network access point and station for the same |
| CN105636037A (en) * | 2015-06-29 | 2016-06-01 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method and apparatus and electronic device |
| CN105828332A (en) * | 2016-04-29 | 2016-08-03 | 上海斐讯数据通信技术有限公司 | Method of improving wireless local area authentication mechanism |
| CN106131834A (en) * | 2016-06-30 | 2016-11-16 | 宇龙计算机通信科技(深圳)有限公司 | Method for connecting network, network connection device and terminal |
| WO2017008556A1 (en) * | 2015-07-13 | 2017-01-19 | 中兴通讯股份有限公司 | Authentication method and device for wireless access point and management platform |
-
2018
- 2018-10-29 CN CN201811269261.8A patent/CN111107551A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7039021B1 (en) * | 1999-10-05 | 2006-05-02 | Nec Corporation | Authentication method and apparatus for a wireless LAN system |
| CN103096301A (en) * | 2011-10-31 | 2013-05-08 | 华为技术有限公司 | Method for verifying wireless local area network access point and station for the same |
| CN105636037A (en) * | 2015-06-29 | 2016-06-01 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method and apparatus and electronic device |
| WO2017008556A1 (en) * | 2015-07-13 | 2017-01-19 | 中兴通讯股份有限公司 | Authentication method and device for wireless access point and management platform |
| CN105828332A (en) * | 2016-04-29 | 2016-08-03 | 上海斐讯数据通信技术有限公司 | Method of improving wireless local area authentication mechanism |
| CN106131834A (en) * | 2016-06-30 | 2016-11-16 | 宇龙计算机通信科技(深圳)有限公司 | Method for connecting network, network connection device and terminal |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114222351A (en) * | 2021-12-22 | 2022-03-22 | 新华三大数据技术有限公司 | AP (access point) access method, AP, client and communication system |
| CN114051245A (en) * | 2022-01-13 | 2022-02-15 | 深圳市彼洋科技发展有限公司 | Intelligent networking method and system for wireless network bridge |
| CN114051245B (en) * | 2022-01-13 | 2022-03-15 | 深圳市彼洋科技发展有限公司 | Intelligent networking method and system for wireless network bridge |
| CN115802361A (en) * | 2022-11-28 | 2023-03-14 | 广州通则康威智能科技有限公司 | Network management and control method, device, equipment and storage medium |
| CN115802361B (en) * | 2022-11-28 | 2023-08-11 | 广州通则康威智能科技有限公司 | Network management and control method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10691788B2 (en) | Systems and methods for provisioning a camera with a dynamic QR code and a BLE connection | |
| CN107645725B (en) | Network configuration method and system, routing equipment and network access equipment | |
| US10986677B2 (en) | Method and apparatus for connecting to access point in WLAN network | |
| CN104935593B (en) | The transmission method and device of data message | |
| EP3057351B1 (en) | Access method, system, and device of terminal, and computer storage medium | |
| US11228908B2 (en) | Data transmission method and related device and system | |
| CN105451230B (en) | The configuration method and system of internet of things equipment | |
| US20180034635A1 (en) | GPRS System Key Enhancement Method, SGSN Device, UE, HLR/HSS, and GPRS System | |
| JP2007181206A (en) | Method and device for transmitting message to individual radio device groups | |
| CN111107551A (en) | Wireless network bridge networking method and device | |
| CN107438247B (en) | Wireless relay implementation method and device | |
| CN104754575A (en) | Method, device and system for terminal certification | |
| WO2011092138A1 (en) | Efficient terminal authentication in telecommunication networks | |
| US12132823B2 (en) | Communication authentication method and related device | |
| RU2016111372A (en) | METHOD AND DEVICE FOR NETWORK ACCESS | |
| CN110943835A (en) | Distribution network encryption method and system for sending wireless local area network information | |
| KR100842623B1 (en) | System and method for processing encryption in mobile communication system | |
| WO2018233035A1 (en) | Encryption method and system for internet of things data transmission | |
| CN113596742B (en) | Data transmission method and device | |
| CN110830421B (en) | Data transmission method and device | |
| US11461478B2 (en) | Mobile network core component for managing security keys | |
| CN108990052B (en) | Method for detecting WPA2 protocol vulnerability | |
| CN108076460A (en) | A kind of method and terminal authenticated | |
| CN107005410B (en) | Internet protocol security tunnel establishment method, user equipment and base station | |
| CN118265028B (en) | Encryption and decryption data transmission method and device based on 5GC internet of things private network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200505 |