1. Field of the Invention
The present invention relates to Customer Premise Equipments (i.e., “CPE”) connected between a personal computer (i.e., “PC”) and a Digital Subscriber Line (i.e., “DSL”), and more particular, to a method for filtering Internet Protocol (i.e., “IP”) packet in customer premise equipments for digital subscriber lines.
2. Description of the Related Art
In general, DSL, also known as “xDSL”, is a high-speed modem technique that has been continuously developed to meet the increasing demands of large-scale marketing businesses of super fast Internet connection. In other words, the DSL is a public data network service for supporting bandwidth within a limited distance, using previous twisted pair wires. The xDSL is a generic name of a variety of DSL services, such as Asymmetric Digital Subscriber Line (i.e., “ADSL”), High-bit-rate Digital Subscriber Line (i.e., “HDSL”), Single-line Digital Subscriber Line (i.e., “SDSL”), Single-Pair High_Speed Digital Subscriber Line (i.e., “SHDSL”), Universal Digital Subscriber Line (i.e., “UDSL”), or Very-high-data-rate Digital Subscriber Line (i.e., “VDSL”). An ADSL system as an exemplary xDSL in the related art includes an ADSL Transceiver Unit-Central (i.e., “ATU-C”) positioned at a cental office, and ADSL Transceiver Unit-Remote (i.e., “ATU-R”) that corresponds to the customer premise equipment (i.e., “CPE”) positioned at a subscriber's area are connected to each other through ADSL using the traditional twisted pair wire. The ATU-R is then connected to personal computer (i.e., “PC”) through Ethernet link. Finally, the PC user is connected to a network like an Internet through ATU-R via ADSL and ATU-C.
On the other hand, the ATU-R can be operated in either an IP routed mode or a bridge mode, but in most of the cases, the bridge mode is used. Previously, the ATU-R was used for analyzing an IP packet transceived from the PC in the routed mode only, and for controlling the IP packet in accordance with a filtering rule. That is to say, the ATU-R could operate IP packet filtering in the IP routed mode only, so if there were an external intruder like a hacker in the bridge mode, the ATU-R could not perform either monitoring or controlling on the intruder.
As explained before, the major problem of the ATU-R, one of the CPE, is that since it can perform the IP packet filtering in the IP routed mode only, not being able to monitor or control the external intruder in the bridge mode, the IP assigned to the CPE in the bridge mode, if exposed to the outside, becomes totally open to the external intruder, with no defense.