In response to challenges faced by mobile broadband (Mobile BroadBand, MBB) operation, service gateway devices are generally deployed on gateways through which mobile terminals and mobile Internet are connected, to achieve delicacy control and management of data services. To achieve delicacy control and management of data services, the service gateway devices generally need to resolve content of data packets at layer 7 (L7), and perform related processing in accordance with the content and related attributes thereof, such as content adaptation, content enhancement, anti-virus, and network acceleration. Basically all network services are based on the TCP. Therefore, in order to implement the foregoing related processing, the service gateway devices need to intercept each TCP connection, and to add data, modify data, or delete data on the TCP connection. However, the TCP is connection-oriented, data-stream-oriented, and reliable, and provides a stream control mechanism. If data is added, modified or deleted simply, the correctness of connections is inevitably affected. A TCP proxy (TCP Proxy) technology is developed to ensure that operations, such as data addition, data modification or data deletion are performed based on correct TCP connections.
The TCP proxy includes explicit proxy and transparent proxy. In a transparent proxy mode, mobile stations do not need to specify an IP address of the proxy, and service gateway devices implement proxy of connections by intercepting the connections. The general process of the transparent proxy is as follows: A mobile station (Mobile Station, MS) sends a connection establishing packet to a service gateway device; after receiving the connection establishing packet, the service gateway device determines whether a proxy process is required; if no proxy process is required, the service gateway device directly forwards the connection establishing packet and subsequent packets to a serving provider (Serving Provider, SP). If a proxy process is required, the service gateway device generates a pseudo socket during a connection establishing phase according to TCP connection information, to disguise as the SP or the MS; after disguising as the SP or the MS, the service gateway device may perform termination processing on the connection establishing packet and the subsequent packets, and perform the foregoing related processing on terminated data at L7, such as content adaptation, content enhancement, anti-virus and network acceleration.
It can be seen from the foregoing TCP proxy process that, for a TCP connection, a TCP proxy process is performed all along or no TCP proxy process is performed at all. When a TCP proxy process is performed, packets are forwarded through the L7. When no TCP proxy process is performed, packets are transparently transmitted directly. The performance of forwarding through direct transparent transmission is much higher than the performance of forwarding through the L7. During delicacy control and management of data services, such as online on-demand, hypertext transfer protocol (HyperText Transfer Protocol, HTTP) large file download and header enhancement services, provided by operators through service gateway devices, generally a first packet or first few packets that an MS sends, to an SP, through a service gateway device for a service request need to be forwarded through the L7, while the subsequent packets do not need to be forwarded through the L7. However, according to the existing TCP proxy process, the TCP proxy process is performed all along, which definitely reduces system performance.