There are many computer products that contain proxies for many protocols. This is especially true for data security products. In particular, desktop, gateway, and appliance versions of antivirus, firewall, antispam, content inspection, logging, filtering, intrusion prevention, and intrusion detection products all contain proxies for many protocols. Many of these products' proxies are for the same protocols, but each proxy is implemented independently. New protocols come along frequently, and support for a greater number of protocols would be beneficial for all such products. Furthermore, support for existing protocols often needs to be updated due to changes in the way the protocol is used, understood, or defined. Implementation of proxies for new protocols, or updates to existing proxies, is usually a difficult and lengthy task and is often error prone. Furthermore, updating products in the field to add support for new protocols can be disruptive if such updates require a restart of the proxy executable, and these updates usually do require such a restart.
When tasked with writing a proxy for a given protocol, a computer programmer usually begins by looking up the protocol's specification. This specification may be published in the form of an RFC (Request for Comments) by the authority that defines the protocol. The RFC usually defines the protocol using a grammar such as BNF (Backus-Naur Form). Typically, the programmer then writes a proxy that intertwines a custom protocol decomposer (based upon the programmer's interpretation of the RFC) with application specific logic to implement the proxy activity code. Little, if any, of this proxy work can be used for creation of a new proxy. The treatment of a given protocol stream by different handcrafted protocol decomposition implementations is likely to vary widely, and is unlikely to rigorously match all aspects of the BNF from the RFC. Furthermore, such traditional proxies are delivered to customers as executable binaries, and customers are loath to update or deploy new executable binaries in the field, especially when doing so requires a restart of the proxy executable. When the BNF specification for the protocol changes, making the requisite changes to a traditional proxy implementation can be tedious, even if such changes are immaterial to the proxy activity code.
The present invention overcomes the aforementioned problems associated with the conventional art.