IPFilter Infriging on Bay Network Patent? 229
jorhan writes "Darren Reed,
the author of IPFilter,
recently posted this message to the IPFilter mailing list. Apparently IPFilter may infringe upon USA patents owned by Bay Networks, specifically, #5790554. The patent might seem to own just about every conceivable way one might wish to filter and forward data packets, but trying to read through all of the "wherein said first condition" started to give me a headache (ObIANAL). But when you read what application the authors specifically had in mind, it really has little to do with network layer firewalling. Even more important is the question Darren's mail indirectly poses, "Anyone know of any prior art?""
Patent Patent Process (Score:3, Funny)
Re:Patent Patent Process (Score:4, Funny)
Re:Patent Patent Process (Score:5, Interesting)
I wrote ipfirewall, a packet filtering program for BSD/OS in 1993. I released my software via a mailing list (don't recall which one but I'm sure that I can find it) in about September of 1993. It was ported to Linux at around that time by Bob Beck and later by Ugen Antsilevich (Ugen's version is the one that made it into the Linux kernel distribution). The Linux variant was called ipfw. If you look in the kernel source code files netfilter/ipchains_core.c and netfilter/ipfwadm_core.c ipfw, you can still find my copyright:
Copyright (c) 1993 Daniel Boulet
ipfirewall v1.0 was also ported to NetBSD and FreeBSD. I also distributed ipfirewall v2.0 as a shareware product and as part of the Juniper Firewall Toolkit.
Re:Patent Patent Process (Score:5, Interesting)
I've been working with Ugen Antsilevich on the
FreeBSD port of the ipfw in 1992-1993 at Technion,
Israeli Institute of Technology.
Initial version was indeed based on Daniel's BSD/OS version, but was later almost completely redesigned.
The functionality and architecture of the ipfw very much resembles that of the ipfilter, so the claims by Bay seems ridiculous.
Gennady Sorokopud
found (Score:2, Informative)
But does Bay actually really exist anymore? Nortel sucked up them (after they had sucked up Annex). Getting updates for Annex is a bear. Bay was sort of sinking beneath the relentless Cisco; getting bought by a telco wasn't going to make them more agile.
Re:found (Score:2, Interesting)
Re:found (Score:2, Interesting)
Check DEC resources or maybe vix.com.
Re:found (Score:5, Interesting)
There was also a way of loading configuration information into it to tell it whether to forward certain kinds of packets (multicast, most notably) or not. This sounds like a filter to me, in the definition of the patent.
Re:found (Score:2)
Early bird (corporate whore) gets the worm(patent) (Score:3, Insightful)
The company that thinks of an idea that may be used widely later has the responsibility to patent it. The younger the technology is, the easier it is to get away with un-necessarely broad patent language, because people aren't aware of the number of uses that can fall within a patent's grounds.
My official recommendation for the situation is that tech patents granted in the last 5 years be reviewed by a panal of experts...patent lawyers from the government (FTC, department of commerce), paid consultants, and computer professionals from promonant comporations, i.e. Cisco Systems, IBM Corp, Microsoft, etc. to review their scope and reword them if necessary.
Note that it wouldn't be a party to get rid of tech patents, but to refine the existing ones as to nail down exactly what's protected and what isn't.
Bay Networks owns the patent, and as such, it is their responsibility to enforce it. Now, if they're nice, they could grant the authors if IPFilter a royalty-free license to use their intellectual property, but because IPFilter is an open source project, that is in effect granting the entire world permission to use it, and that is something Bay doesn't want. Hence, they need to stop the entire thing.
Conclusion: Yet another example of the shortcomings of the United States patent system. Sure, it's better than anything else in the world--but that doesn't mean it's perfect. Far from it, infact.
Re:Early bird (corporate whore) gets the worm(pate (Score:5, Insightful)
Hmmmm, I'm curious - it's the "best" patent system in the world, but here we have "yet another example" of its failings.
How much do your actually know about the patent systems of every other country in the world?
Logical application (Score:2)
Most people would say a quick sort was a radical implementation and could be patented, but I worked it out using locical application and no prior knowlage of how a quick sort worked, except that it sorted.
Re:Early bird (corporate whore) gets the worm(pate (Score:2)
It's a failure becuase there is generally little to no checking done to ensure the patent's validity.
It's a failure because it is quite expensive to defend against even frivolous patents.
It's a failure because it has been extended to cover areas that it should not cover, but which are instead more properly covered by copyright (e.g., software).
It's a failure because it rewards patents that are nigh unto unintelligible over patents that clearly describe what is patented.
These claims, of course, make certain assumptions as to what the purpose of the existence of patents are. You might consider what purpose is served by a system with the listed "failures". Just what kind of society is it encouraging.
Re:Early bird (corporate whore) gets the worm(pate (Score:1)
Re:Early bird (corporate whore) gets the worm(pate (Score:2)
Bay Networks owns the patent, and as such, it is their responsibility to enforce it.
Assuming that's what you meant, and AFAIK: The "enforce or lose it" rule is only for trademarks. So Bay could just ignore the project as long as they want, and still demand fees from other (commercial) projects.
the United States patent system. Sure, it's better than anything else in the world
That one surprised me, why would you think that? It seems that regarding the basic setup the US patent system is virtually indistinguishable from any European one.
Re:Early bird (corporate whore) gets the worm(pate (Score:3, Interesting)
Instead, let patent applicants put up a, say, $5K bond with their application. The patent office makes no attempt to validate the patent (just as presently, you might say :) but merely publish it.
Then, if someone finds any prior art, let them forward it to the patent office to examine it. Then the patent office makes a judgement, pays the bond across to the finder, and marks the patent as cancelled. Interested parties (those suckered into paying licensing fees) get notified by email alert.
Perhaps this would generate a thriving third world industry of people frantically chopping down many of the stupid patents which currently get issued.
Before complaining that putting up $5K would stifle creativity for the small guy, consider whether the current state of affairs actually works in the little guy's behalf or not...
Re:Early bird (corporate whore) gets the worm(pate (Score:2)
Re:Early bird (corporate whore) gets the worm(pate (Score:2)
Remember, there are the laws, and then there are the practices. The law tells us that it's the most important, but in practice, the practices are practiced.
Re:Early bird (corporate whore) gets the worm(pate (Score:3, Insightful)
What if an expert (from one of the big companies) comes across a patent from a competing company that would make things easier for their own company business-wise? They could argue for it to be removed. Of course, the other experts could probably just veto that opinion, but the influence is still there. This also works the other way too; a representative from one company will be in a better position to defend their own company's patents.
I say keep the professionals out of it because their own interests will taint the process. To replace them, bring in university professors that have nothing better to do than to sit on this panel of review.
Re:Early bird (corporate whore) gets the worm(pate (Score:2, Informative)
Re:Early bird (corporate whore) gets the worm(pate (Score:2)
While the patent system is in dire need of being addressed, I think that being blown up by a terrorist would suck a great deal more ass than being involved in patent litigation. At least in the long run.
Re:Early bird (corporate whore) gets the worm(pate (Score:3, Funny)
receiving a data frame at a port of a network device coupled to said network said data frame to be forwarded to a destination node in said network based on a destination address for said destination node associated with said data frame
I'm having a hard time thinking of a network device that doesn't do this. :)
Third party reexamination/PTO reexamination (Score:2)
Re:Early bird (corporate whore) gets the worm(pate (Score:1, Funny)
But the job is so boring that you eventually just start approving sh*t for the hell of it or because your eyes get too tired to parse all that legalsay.
The smarter you are, often the easier it is to get bored.
I think they should do drug testing there. Imagine all the stuff you would approve if you were on LSD.
"One click? Oh that is sooooo sparkley and rainbowish tingle mingle. Trippin' stampity stamp stamp you da man!"
Claims.. (Score:1, Interesting)
IANAL.
Patents, claims, and dependent claims (Score:3)
Keep in mind, ALL of a patent's claims must apply to your invention.
This applies only to parts of one Claim, or to Claims that depend on other Claims ("4. The invention of claim 1 where the number of consecutive items is four"). If something infringes even one independent Claim, then it infringes the patent.
Other filtering (Score:1)
a day in the life of IT (Score:5, Funny)
Re:a day in the life of IT (Score:2)
-- The Eagles, Get Over It
Oops. Forgot about the RIAA...
It doesn't seem to directly apply to IPFilter... (Score:2, Interesting)
The patent seems to be specific to network switching/routing hardware based solutions, not software based. IANAL, but it could be shown that the intent that Bay had was to do packet level filtering inside of switches on a port-to-port basis (as some of their hardware, like the Accelar series does), and not on a software-ontop-of-an-OS basis as this shows
Referring to FIG. 1, a network device 100 as may be utilized by an embodiment of the present invention is shown. Network device 100 is a LAN switch, however, it is understood by those of ordinary skill in the art that an embodiment of the present invention may be applied to other network devices such as a hub or bridge.
If I'm wrong, then a lot more than IPFilter is in trouble... Checkpoint and Raptor (now Symantec) better watch out!.
Re:It doesn't seem to directly apply to IPFilter.. (Score:2)
Re:It doesn't seem to directly apply to IPFilter.. (Score:3, Informative)
- Directing data to multiple ports (obviously very oriented towards LAN switching)
- Filtering on variable length fields
- Jumping between rules rather than sequential processing
- Less than/greater than comparisons in addition to equals/not equals
I am not too familiar with IPFilter, but a quick read of the web page indicates that it doesn't support these features, although NAT may come close in some ways to the first (IANAL).I also suspect that some bigger fish, such as Cisco, may infringe on this patent if IPFilter does
Here are the relevent piecesof the related art section:
andRe:It doesn't seem to directly apply to IPFilter.. (Score:2)
Re:It doesn't seem to directly apply to IPFilter.. (Score:2)
Not surprising (Score:3, Insightful)
Not only ipfilter (Score:3, Insightful)
Seems obvious to me that this would affect a broad range of devices from switches to load-balancers to firewalls and would probably benefit a large group of corporations to begin either investigating prior art or ask Bay nicely to license the tech.
No red alert yet. (Score:5, Informative)
It'd be nice if someone had a few thousand dollars to hire a lawyer and get a more definitive answer, but it seems like prior art was also mentioned in the (two message) thread, so this isn't (yet) a serious issue.
The patent seems to only apply if you use numeric offsets into fields. If the patent is an intent to patent just about any rule-based firewalling, just about any commercial firewall product -- like FW1 product for Solaris would be simple examples of prior art. If this isn't the case, then it's got too many differences between itself and IPFilter or IPtables to be of much use in shutting down the IPfilter project.
Re:No red alert yet. (Score:5, Insightful)
And I'm a newspaper reporter
Re:No red alert yet. (Score:2, Funny)
Pot... kettle... black.
Re:No red alert yet. (Score:2)
Re:No red alert yet. (Score:2)
*shakes head* There's got to be more than just me that believe that...
Re:No red alert yet. (Score:2)
People in technical fields seem to think that the law is a black and white list of rules like engineers might write down and other engineers might use. The law is not like that. The law is whatever a lawyer can sell to a judge or jury at a particular moment. The quality of the lawyers in a given case is much more important to the outcome of the case than whatever it is that the law says; if you have the law and a bad lawyer on your side you are probably going to lose.
A court room is a fight, and fights are generally won by the best fighters - not necessarily by the side that is in the right. Because of this it is very easy to be on the side that is in the right and lose.
Re:No red alert yet. (Score:2)
Re:No red alert yet. (Score:2)
Switches only? (Score:5, Insightful)
Now, I'm not a lawyer, but I am a network engineer who deals with packet filtering all the time, and any "expert witness" worth his salt would bring these points up in a patent-suit. Someone should step up to be first on this one (Checkpoint or Cisco would be good choices, but there are many others who would be hurt by having to license this stuff).
On a more general point, I'm sure there are patents out there on just about everything that a modern Linux, BSD, etc system does. Some are already expired, but many are not. We really need to get a game plan here. My personal take is that patents are still a good thing, even on software, but it's the duration and disclosure that kill us. How can we reasonably get patent duration for software down to 2 years and require early disclosure of a pending patent? If those two things happened, patents would actually be a good thing for Open Source!
Software Patents? (Score:2)
It's not only that the patent examiners are basically clueless in the software field, though that would be enough of a reason to repudiate them right there. It's that the basic idea doesn't make any sense. A piece of software is a mathematical expression. It may have several identity transforms performed on it (e.g., compiling, etc.). It is a precise recipie for how to do something that is so detailed that a certain kind of machine can follow it. This is clearly something for which the appropriate protection mechanisms are copyright and trade secret. The fact that you can store the program on a chip means no more than the fact that you could store the patterns for a Jaquard loom on punched cards. It's the same thing!
Software patents are a perversion of the law. Not the worst one that we've seen, but not a good one, either.
Re:Switches only? (Score:2)
Here's the yard-stick that you apply to patents: if we do it this way, does it maximize the benefit to the public? You want to encourage companies to seek patent grants, but remember that the goal is to promote the sciences and useful arts by incenting companies to contribute to the ever-expanding pool of general knowledge.
Software patents currently last 17 years, though I understand it depends somewhat on who's treaty you're looking at. Worse, that time starts ticking when the patent is granted, which can be as much as a decade after the patent application. When you're able to stifle the general public's ability to use a new software technique for as long as the entire history of the personal computer, there's a problem.
Then again, two years might be too much. Open Source may have proven that the promotion of the sciences and useful arts in the software domain is self-managing. Microsoft innovates no more than Linux/BSD/GNU/X/etc. Companies fund research like X (DEC/HP), Linux SMP (many), etc. not because they hope to reap the benefits of the patents, but because the market moves so fast that they can use the edge of simply having been there first.
if they don't enforce it, it doesn't matter (Score:3, Interesting)
Of course, unlike trademarks, the risk that they will try to enforce it remains throught the life of the patent. However, if it really worries you, you can have the patent reexamined or get a declaratory judgement.
Re:if they don't enforce it, it doesn't matter (Score:2)
All you know for now, is what they've done up to now.
A threat analysis doesn't consider motives, it considers capabilities.
One Example of Prior Art (Score:5, Informative)
I have a first edition copy of the book, D. Brent Chapman & Elizabeth D. Zwicky, _Building Internet Firewalls_ (Sevastopol, California: O'Reilly and Associates), dated September 1995. Thumbing thru it, I find chapter 6, which is titled ``Packet Filtering". ISTR that September is the month that preceeds October.
Since it takes about a year for a book to go from start of writing, thru production & at last release, I'd say Packet Filtering was a technology very familiar if not much used in late 1994.
Is that satisfactory evidence of prior art?
Geoff
Re:One Example of Prior Art (Score:1)
Re:"ISTR"? (Score:2)
LawerSpeak (Score:4, Funny)
Laywers should learn how to clean up their source code.
For one, they should give clauses names or ID's. Then they can have phrases like:
"If ($trans and $horgton) or $rollsNice or $tamper5 or ($beforeExpire7 and $gasoline) then coveredUnderStateStatute("Nebraska", 43726)"
Re:LawerSpeak (Score:2)
Oh, yes!
That's so much easier for the average person to understand.
Re:LawerSpeak (Score:2)
That is not the point. I don't think street-able legalese is possible (except maybe as approximate summaries of the detail), however the second approach is understandable by both lawyers and programmers, whereas, the first is understandable by only lawyers. Thus, better to target two niches instead of one.
gcc -o patent.doc -x LawyerSpeak patent.ls (Score:2)
"For one, they should give clauses names or ID's. Then they can have phrases like:
"If ($trans and $horgton) or $rollsNice or $tamper5 or ($beforeExpire7 and $gasoline) then coveredUnderStateStatute("Nebraska", 43726)"
What you read in a patent application isn't soure code, it's an executable designed to run on the US justice system. You are not supposed to understand it. In fact, a patent has greater value to the person who files the patent if it is (1) meaningful and yet (2) impossible to understand.
Of course if you try to disassemble a patent, the labels will be meaningless mumbo jumbo which you have to decipher, without the benefit of a symbol table.
IANAL but if I did become AL I'd write an open-source legalese compiler. Then any programmer can produce complex gobbledygook to jam up the works of the US legal system, rather than relying on money and teams of paralegals. Onward the revolution!
Re:LawerSpeak (Score:2)
Time passed. The system rigidified. The language changed. Now the purpose of the laws was to tell you what to do. The laws were the authority, not some king. And the language had become archaic. Some knights specialised in interpreting what the laws meant, and in arguing cases at the court. Originally they would back up their arguments with armed force as hired champions, but this fell into disuse. But now the knowledge of the archaic forms of the language was itself a form of power. This is probably around the time of Shakespear, and is, I guess, a likely reason that Edmund Spenser thought that his archaic form was desireable (he was presenting it at court). Note that Spensers archaic form doesn't match any real form that ever existed in common speech.
Now since the real power was vested in the laws, thanks to the Magna Charta, one way of increasing you power was to get a law passed which favored you. The obvious way was to win royal favor, but that could be difficult. Another way was to sneak in something that would benefit you, but which nobody else in power would object to, or perhaps even notice. During this period, which continues to the present, the laws became less and less coherrent. Nobody really wants this as a general feature, but many find it just dandy for their own special project.
So the original form which still underlays everything is reasonably expressable as a strictly logical form, which would often include a main switch-case statement. But in the current form, this is becomming a more and more convoluted body of text that appears designed to prevent anyone from understanding precisely what it means. To take a rather nortorious example, the ICMA 2b act passed by Virginia and Maryland was reported to be over 2000 pages long. No legislator read it. One can guess that they tried.
What's to problem? He wasn't served. (Score:5, Insightful)
Re:What's to problem? He wasn't served. (Score:2)
You didn't make an argument about patents. That's a comment about the management of some companies.
OTOH, a patent is no more evil than a pistol or a car. A patent is a tool that can be used in certain ways. This doesn't make them a good idea. Not every tool that can be built, should be built, and I feel that patents, especially software patents, are one of the mistakes.
Of course, mistake is only in terms of a certain set of desired results. If your aim is to concentrate power in a small number of hands, and to increase the domination of a subset of lawers* over the economy, then I suppose they could be considered a good idea.
* Patent lawyers are a specialized subset of lawyers who are allowed to speak at a patent court. Most lawyers are forbidden to. I have heard that this is because patent law twists the language in new and exciting ways, so that even ordinary lawyers can't properly understand it.
PF (OpenBSD's) might also be affected (Score:2, Informative)
but in the thread it talks about a prior art, the main writer of OpenBSD's PF mentioned a prior art: http://marc.theaimsgroup.com/?l=openbsd-misc&m=10
the Death of Innovation (Score:2)
Lame.
Re:the Death of Innovation (Score:2)
Re:the Death of Innovation (Score:2)
It's filtering on the DATA portion. (Score:1)
This to me seems to be the crux of the matter. They are patenting all type of filter (normal routing, re-routing, droping, etc.) based on the contents of the data packet, in some form. While I can't be certain, I think any decent packet sniffer would have this capability. (I can't remmber if any I've used are actually older than 1995, when the patent was filed.)
Anyone got more specific info? I bet we can find several examples of test equipment previous to this patent to derive data based filtering from.
How about IP stacks? Anyone know of an IP stack that could sniff the data section of a packet before 1995? Now there's gotta be a few examples of that!
Re:It's filtering on the DATA portion. (Score:1)
OpenBSD pf and the solutions (Score:3, Informative)
for prior art and points to pf probably being affected,
too (read here [theaimsgroup.com]).
Daniel Hartmeier, swiss Author of PF, the OpenBSD packet
filter, has a good reply finding prior art [theaimsgroup.com] and Darren even thanks him explicitly [theaimsgroup.com] a lot, which is not what we _were_ used to read from him.
I personally do not have any objections against him,
still - though I use pf as it is in OpenBSD [openbsd.org] - the operating system of my choice, and not
even the recent OpenSSH bug could prevent me from
trusting that team.
Re:OpenBSD pf and the solutions (Score:1)
Get a lawyer (Score:1)
Do it yourself and you could end up making matters worse for yourself (read: willful infringement) or making a mistake.
Here is a brief overview of patent infringement lawsuits [lawnotes.com]. If this does not make you want to seek legal help, then I wish you luck.
ObIANAL? (Score:1)
I understand the "I Am Not A Lawyer" portion of ObIANAL, but what's the "Ob" prefix mean?
Yeah, yeah - perhaps offtopic, but I must ask. My karma is already 50... wait, "excellent", what's up with that?!
Ryan Fenton
Patent acknowledges traditional patent filters (Score:4, Informative)
Scary, isn't it. (Score:5, Informative)
Using this filtering method, you can switch/route a packet or frame from/to any port based on ANY part of the frame. If you wanted, for some bizzar reason, to make your decision based on the crc checksum you can do it. Also, because you are looking at the entire frame/packet, it is not specific to IP. You can filter/switch/route ANY protocol IP, IPX, HTTP, DECNet, APPN, anything. It is extraordinarily powerful, though infrequently used. But it is great to have when you need it. You can find it on most of their switches and routers from the BayStack 450 to the Bay BCN router to the Passport 8600 series layer 3 switches.
I do not feel that IPFilters needs to be concerned as this patent and could possibly be applied to ANY filtering tecnique in use today. Anything from MAC based port blocking to layer 7 web switching. However, even Bay/Nortel has notr choesen to challenge or attempt to enforce the patent on anyone so far.
As an interesting side note. Up until last year Nortel was filing and being awarded patents at a rate of two per day. They patented any and everything that they did. Hell, there is even a patent(not copyright) on a set of icons they designed for you on mobile phone type PDAs. That's right, a patent on a small set of crappy looking icons. Try doing a patent search with keyword Nortel. You'll be amazed.
Re:Scary, isn't it. (Score:2)
If that's the case then I'm once again baffled by the patent process. Sure it might be a neat feature, but it's standard CS101 pattern matching used in everything from parsers to image processing.
Surely they can't patent pattern matching, nor can they patent filtering. So is the patent for 'using pattern matching to filter'?
And which part of the invention is non-obvious? If nobody else has this feature then it's just because nobody else thought it would be useful, not because it's difficult to do.
Re:Scary, isn't it. (Score:2)
It doesn't work that way. Actually, most lawyers are decent and honorable people. And they don't make huge amounts of money. So they can't afford to file suits in patent court either. And even if you win, it doesn't buy you much.
The way things are designed, you can make lots of cash by filing frivolous suits, and then settling out of court, but you can't make any money correcting flaws in the government operations. Of course, if you are a company it may allow you to stay in business, but it can be a bet the business proposition, so you're much more likely to pay off the extortionists (see start of paragraph). And if it doesn't impact you (and frequently even if it does) you may not have standing, so you can't intervene even if you want to. This isn't always bad.
Think of it this way. The judicial system has been patched over and over for around a thousand years (there was a substantial re-write job in 1066). The patches were put in place without being debugged first. If they caused problems, new patches were added on top of the old ones. Very occasionally a major subsystem was rewritten (1776-> about 1786 in the US), but usually it was just patches on top of patches. And each patch was proposed by a pressure group that was attempting to ensure it's own special ends. It's surprising that the *** mess works at all. One of the areas that has had more special interest patching, and less supervision than most is the patent system. It's nearly gotten to the point where it *DOESN'T* work at all. At the very least, it no longer serves the ends it was created to serve. I believe that it does more harm to our civilization than good. I am certain that this is true with respect to software patents.
Re:Scary, isn't it. (Score:2)
Watch out for companies in trouble (Score:2)
It's the classic change of stategy to ligitation to keep your company afloat.
Be afraid, be very afraid.
Re:Watch out for companies in trouble (Score:3, Informative)
Nortel (My employer) is doine MUCH better than what the media would let you beleive. There's a lot of BIG entities in the US that would like to see Nortel fail (need I mention any names??) Don't beleive everything you read/see.
Also, nowhere has Nortel issued any statement regarding this patent. Nortel hasn't said a word, so don't be putting up the defector shields too fast there....
Re:Watch out for companies in trouble (Score:2)
This doesn't sound like ipfilter (Score:2)
I'm confused (Score:2, Insightful)
So it seems to me that filtering packets is a result, not a method, and as long as IPFilter doesn't use Bay Networks' code or some slick algorythm patented by them then I don't see why this should even be an issue.
This is too utterly obvious to be innovative (Score:2)
This is too utterly obvious to be innovative. This patent should be used as the "poster boy" of reforming the patent system. I bet those guys at Bay Networks thought they were so clever in doing what thousands of others would consider to be quite obvious (but had other important work to do, so they never implemented it). That would tend to make me think that the level of IQ among engineers at Bay Networks is not very high if this kind of thing is something they consider to be an invention. Now we know the examiners in the USPTO are low IQ. But now I have to add in the engineers at Bay Networks, too. Boycott time.
How to read a patent (Score:5, Interesting)
When reading a patent such as this it's important to keep a few things in mind:
Ignore the abstract. It has no legal effect -- it is illustrative only. The abstract is often drafted by legal (but not technical) staff based on some summaries prepared by technical (but not "legal") staff. A lot is lost in the translation.
Ignore the summary -- skip to the claims. The most important part of a patent is the Claims section. Everything else is illustrative. The summary of the "present embodiment" (ie what was actually built) is only useful in so far as it gives you an idea of what the patentee is trying to protect. But you will almost always see that the claims are far wider and it is the claims that have legal effect.
Concentrate on the base claims. Almost all patents set out 3 or 4 "base claims". The rest of the claims will be derived claims -- they'll start with "The method set forth in claim X, where...". If a base claim is invalid (or not applicable to what you're doing) then all derived claims are also invalid. So, concentrate on them and try to find your points of difference there.
Claims repeat themselves. Generally, you'll find that the earlier base claims are narrow in scope. They'll then refine some of this in derived claims to make the application clearer or cover the most valuable applications of the invention. Then, a new base claim is started, with more generic language. That process tends to continue until the patent is very large. This is deliberate -- the patent attorney is trying to be as broad as possible, but if they're too broad, the patent will be invalid. So the strategy is to repeat the basic claims so that if a broad claim is struck down as invalid the narrower ones can still survive. If you don't infringe the narrowest patent you can often skip the broader claims. This one's a little different -- some of the claims cover different aspects of the "invention".
Get a lawyer if you're serious. A real lawyer properly briefed will do a better job than you're own analysis or general advice from others -- as Darren suggests.
Careful what you write. Finally, if you're doing some kind of patent analysis, never write "we infringe this" or "possible infringement." Instead, draw up two columns -- the list of patents you "do not infringe" (with reasons) and the list of patents "under investigation".
In this case, note that base claim 1 does not require type or offset. Derived claim 2 simply adds that as a possible variation. Like all patents it's difficult to read (it should be taken out back and shot) -- however, it does seem to envisage only a hub, depending on your definition of "destination node" and "destination port." I think claim 1 could be distinguished from IPfilter on that basis. It follows that claims 2 - 13 are also distinguishable and don't apply to IPFilter.
Claim 14 seems overly broad and relates to configuration of the invention under patent. Not easily dismissed based solely on the language of the claim though. Claims 15 - 21 are derived.
Claims 22 and 28 are problematic, and frankly, poorly drafted. 28 seems most likely to cause IPFilter grief, if it applies. But they're both (overly) broad and could be covered by prior art. These two claims need some careful analysis.
Basically, prior art is not the only way to show that you don't infringe a patent. Going the prior art route can require you to go to court to invalidate or modify the patent -- expensive proposition. It's cheaper and easier to invent around the patent by avoiding the base claims.
My two cents.
Useful, but one BIG error (Score:4, Interesting)
This is not generally true, and often false. The dependent (you called them derived) claims include all the limitations of their parent independent (you called them base) claims. For this reason, if the parent independent is NOT INFRINGED (because one or more limitation is not present in the accused), the dependent claims are not infringed. (There is an obscure exception to this rule, but it holds almost always).
The converse is not generally true. If a parent claim for A+B+C IS INFRINGED, the dependent claim for A+B+C+D might not be infringed by an accused device with A, B and C, but no D. For similar resons, the corresponding proposition for validity is NOT generally true.
A parent claim for A+B+C can read on a piece of prior art, while one of its dependents for A+B+C+D might not, because the dependent claim could have one or more additional limitations, in this case D, that are not disclosed in the prior art. This happens all the time -- invalidating the broad claim does not put an end to the case if the dependent claims are also infringed.
Re:Useful, but one BIG error (Score:2)
My pleasure. It may interest you to know that you actually understated the extent to which abstracts are irrelevant -- in the US there are regs and case law clearly stating that the abstract has NO EFFECT AT ALL on validity or a claim construction.
Bay Networks has apaprently patented IP routing. (Score:3, Insightful)
Patents should be reserved for true innovations, not something completely un-novel such as this.
How patent claims work (Score:4, Informative)
The key thing is that a court might in future decide that some claims are valid but others are not. So the first couple of claims in a patent might well lay claim to the entire state of the art, and might only be there as a kind of #define macro for subsequent claims. I once read an encryption patent (ISTR it was for a DVD system that didn't get used) where Claim 1 was for XORing the output of a random number generator with the cleartext. This was followed by a series of claims that started "A system as in Claim 1 where the random number generator is...".
So when you see a patent that seems to claim the whole of some technology, don't panic. There is going to be tons of prior art. You just have to work out where the prior art ends and the real invention starts. This is going to be a bit grey on the boundary (thats where patent lawyers make their money), but you can still get a fairly clear idea pretty quickly. You can also get a fair idea just by looking at the claims and thinking about the technology they represent. Once you get to precise descriptions of obscure algorithms then you are into the meat of the patent.
Incidentally, don't be scared of legalese. Just think of it as an unusually verbose and unstructured programming language.
Paul.
Berkeley Packet Filter? (Score:2, Informative)
Prior art? (Score:2)
Yeah, I've got your prior art. It's called the Post Office.
Gee, individual packets of unknown data with a sender, a reciever, which is then acted upon by a list of rules, and generally passes through a series of 'stations' and 'hubs' until it gets to it's destination?
Re:Not one reference to Linux (Score:1)
Re:Not one reference to Linux (Score:1)
Re:Not one reference to Linux (Score:1)
Re:Not one reference to Linux (Score:2)
When Stallman came out with the idea of GNU, he wanted to revolutionize computing with a new kernel based on a variation of Mach microkernel. It would have, amongst others, a UNIX compatible "server" (as these things are called in microkernels". as he was writing this, he (and others) came up with a bunch of tools. Though they run pretty much everywhere, they are still called the GNU tools (as opposed to the FSF toolchain, which is probably more appropriate). They run on pretty much every version of UNIX or UNIX-like variant out there, also with Cygwin, windows as well. They're the basis for a lot of embedded projects too, which usually don't even have a kernel, much less a UNIX one.
Linux came out, used the GNU toolchain. Stallman wanted what he felt was recognition for the contribution to the Linux product, that it essentially was built with the GNU toolchain. Talked to Linus, who said fine. From what I read, this was a misunderstanding, Linus thought he just meant calling Debian GNU/Linux, since all decisions are very much based on FSF/GNU principles. Stallman now calls every distribution GNU/Linux. Many flamewars have been fought on this.
Re:Not one reference to Linux (Score:1)
Better to be thought a fool than to open your mouth and remove all doubt.
Re:Not one reference to Linux (Score:2, Informative)
Re:Not one reference to Linux (Score:5, Insightful)
UNIX, much like pornography, has gone to a "I know it when I see it" thing.
From the strictest view, one might consider the only UNIX OpenUNIX from Caldera. This is where the UNIX brand name has finally ended up (ATT -> Novell (strangely enough) -> SCO -> caldera). It may die there, caldera's in bad shape. OpenUNIX is changing, becoming very Linux friendly.
Almost all UNIXes (Unices?) have a Linux compatibility layer in the kernel. So Linux is becoming the one all encompassing API, if not the one true UNIX.
UNIX came out of AT & T, back when UNIX was still a research project and they were friendly with educational institutions. BSD was a fork. SVR4 UNIX, the most common "base" variant was basically SVR3 with BSD stuff. FreeBSD/NetBSD takes on the spirit of that work. Is FreeBSD UNIX?
Darwin, The base of MacOS is a Mach Microkernel with FreeBSD/NetBSD. It will be the most distributed "UNIX" ever. Is MacOS UNIX? it's very NeXT based, which was a bastard offshoot.
Linux works like UNIX, has the same design philosophy. Is the only UNIX some folks will ever touch. You have weird hybrids of SVR4/BSDlike systems depending on where Linus and the Distro guys picked and choosed stuff.
I have Cygwin on my Win2000 box. I use a bash shell, have rlogin, gcc tools. Is Win200 Linux? I even have a
Hmm, is POSIX compliance mean UNIX? POSIX was supposed to be the one true UNIX standard. If so than the most POSIX OS is WinNT. MS had a POSIX subsystem, never really worked but was needed to satisfy government regs on OS purchasing. MS WinNT was the only OS ever to get POSIX certified, so it's the one true UNIX, from a point of view.
Don't call folks stupid on things that are just interpretation. I can say OpenUNIX, the *BSD's, or WinNT the only UNIX, depending on what my criterea are. Sayig your interpretation is the only one is just trolling for a flamewar.
At least one error of fact in your post.... (Score:2)
It was also 64-bit clean around ten years ago, and had ACLs that *worked* before anyone else.
NT inherited some lame vestiges of POSIX compliance from VMS because it is basically a bootleg version of VMS with a GUI inapropriately tacked on at the kernel level instead of userspace where it belongs. Cutler has much to regret.
If DEC had been smart enough to open the VMS source before it got too bloated, there would be no need for Linux or the various Unices. The problem areas in VMS (such as the expensive process creation and the strong bias towards American English) could have been eradicated by the same legions of hackers that have made Linux viable.
Re:Not one reference to Linux (Score:1)
You know, everything doesn't have to revolve around Linux in some way.
Re:Not one reference to Linux (Score:2, Informative)
Wakey wakey.
Re:heh (Score:2)
It's the holder of the patent you have to worry about, not the patent office.
Re:So what (Score:1, Insightful)
Re:Finally, someone admits it (Score:3, Insightful)
ALL patents are limited by the claims for God's sake! This is just boilerplate inserted by the lawyer. In fact it is quite often that a patent attorney who is writing a fair number of patents may insert a bit of boilerplate that he uses as a sort of signature, becuase patent's do not contain an author designation anywhere on the document. This bit of non-informational text may in fact just be the author's encoded signature.