The subject matter disclosed herein relates generally to a filtering system and a filtering method which perform filtering of HTTP (Hyper Text Transfer Protocol) communication between a client and a service provision server.
The filtering system of conventional HTTP communication includes an HTTP proxy system and a transmission proxy system (see, e.g., JP-A-2010-244134 (referred to as Literature 1), paragraph numbers 0002 to 0005).
However, the following problems are indicated to the above systems.
In the first HTTP proxy system, in the case where an HTTP client fails to perform setting for using an HTTP proxy, filtering cannot be performed (Literature 1, paragraph number 0006).
On the other hand, in the second transmission proxy system, since a termination process of a TCP (Transmission Control Protocol) session is complicated and a process through software is required, throughput is reduced (Literature 1, paragraph numbers 0007 and 0008).
To solve the above problems, there is proposed a system in which a TCP termination process is not performed at normal times, and in the case where a URL in a request line of an HTTP access is extracted from reception packets, a passage/access refusal determination of URL is performed, and a determination result is an access refusal, the TCP termination process is performed (Literature 1, paragraph numbers 0013 and 0014).