DETAILED ACTION
This is a non-final office action in response to applicant’s preliminary amendment filed on 05/15/2021.
Claims 1-8, 16-21 are cancelled claims. Claims 9-15, 22-31 are pending and being considered.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Applicant’s claim for the benefit of a prior-filed application (US patent application No. 14/295,544 now US Patent No. 9,825,913 B2, filled on 6/4/2014) under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. This application is filed as divisional application of US patent application 15/816,708 now US Patent No. 11,019,030 B2.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 5/25/2021 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, initialed and dated copy of Applicant’s IDS form 1449 filed as stated above are attached to the instant Office Action.
Claim Objections
Claims 9-12, 22, 27 are objected to because of the following informalities:  
Claim 9 line 8, “based on the received set of identifies” may read “based on the received set of identifiers”;
Claim 9 line 9, “… stores a record for a transport layer connection…” may read “… stores a record for the transport layer connection…”;
Claim 9 line 11, “when the storage stores a record for …” may read “when the storage stores the record for …”;
Claim 9 lines 13-14, “storing a record …” may read “storing the record …”.
Claim 10 lines 1-2, “wherein the set of instructions for storing the record …” may read “wherein the sets of instructions for storing the record …”.
Claim 11 line 3, “… when the set of identifiers …” may read “… when the received set of identifiers …”. Applicant may clarify “set of identifiers” recited in claim 9 and claim 11.
Claim 12 line 2, “… of a set of identifying parameter…” may read “… of a set of identifying parameters…”; 
Claim 12 line 3, “the set of instructions for determining …” may read “the sets of instructions for determining …”;
Claim 12 line 6, “… match the hast value included in the set of identifier” may read “… match the hash value included in the set of identifiers”.
Claim 22 lines 9-10, “when the storage stores a record for the hash ID, performing the operation on the received packet based on the parameter specified by the record stored in storage” may read “when the storage stores the record for the hash ID, performing the operation on the received packet based on the at least one parameter specified by the record stored in the storage”;
Claim 22, “the parameter” in lines 11, 12, 13, may read as “the at least one parameter”;
Claim 22 line 11, “when the storage does not store a record …” may read “when the storage does not store the record …”.
Claim 27 recites “A computer comprising: a set of processing units for executing instructions; … a program for offloading …, the program comprising sets of instructions for: …”. It is not clear the sets of instructions are the instructions executed by the set of processing units. Applicant is suggested to recite “… the program comprising the instructions for:”, or “… the program comprising the instructions executed by the set of processing units for:”, or more appropriate form.
Claim 27 lines 11-12, “when the storage stores a record for the hash ID, performing the operation on the received packet based on the parameter specified by the record stored in storage” may read “when the storage stores the record for the hash ID, performing the operation on the received packet based on the at least one parameter specified by the record stored in storage”;
Claim 27 lines 13-15, “when the storage does not store a record for the hash ID, identifying the parameter, performing the operation on the received packet based on the parameter, and using the hash ID to store in the storage the record that specifies the parameter” may read “when the storage does not store the record for the hash ID, identifying the at least one parameter, performing the operation on the received packet based on the at least one parameter, and using the hash ID to store in the storage the record that specifies the at least one parameter”.
Corrective action is required.
Examiner Notes
Claim 9 recites “A computer readable medium…”. It is noted that para [126] of the specification of the instant application discloses: “The computer readable media does not include carrier waves and electronic signals passing wirelessly or over wired connections”. The office takes note of the estoppel introduced by the applicant and that the term "computer readable medium", as explicitly used in claim 9, is not to be construed as "signal per se" which would otherwise render this claim non-statutory under35 U.S.C. § 101.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 14 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 14 recites the limitation " wherein the set of instructions for determining a state of the transport layer connection comprises using the identified packet classification rule … " in lines 1-3.  There is insufficient antecedent basis for this limitation in the claim. 
Claim 14 depends on claim 9, but claim 9 does not specify “set of instructions for determining a state of the transport layer connection”. Also “the identified packet classification rule” has not been specified in claim 9.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 9, 22-25, 27-30 are rejected under 35 U.S.C. 103 as being unpatentable over Yang et al (US6963921B1, hereinafter, “Yang”), in view of Henry et al (US20130265883A1, hereinafter, “Henry”).
Regarding claim 9, Yang teaches:
A computer readable medium storing a computer program for execution by one or more processing units, the computer program for statefully classifying a network packet belonging to a transport layer connection (Yang, discloses method of accelerating packet re-assembly… The accelerator includes a connection database that allows retrieval of connection information based on an index constructed from a hashed TCP connection address, see [Abstract]. And [Col. 8 lines 53-57] The present invention includes a computer program product which is a storage medium (media) having instructions stored thereon/in which can be used to control, or cause, a computer to perform any of the processes of the present invention. And [Col. 3 lines 25-26] TCP re-assembly is the task performed for identifying and routing an incoming packet received at a host (i.e. statefully classifying)), the computer program comprising sets of instructions for: 
receiving a set of identifiers from a physical network interface controller (PNIC) for an incoming packet (Yang, referring to fig. 6, step 600, [Col. 6 lines 33-36] At step 600, a packet is received by a NIC device (i.e. PNIC) attached to the host. The received packet is parsed into fields needed for checking for a valid connection and for building frame status. And referring to fig. 7, step 710 perform hash and generate the index (i.e. identifiers)), the set of identifiers generated by hardware stateless lookup (Yang, see fig. 5, [Col. 5 lines 47-52] The hashing device may be any mechanism capable of rendering a unique index based on a set of parameters. Preferably, the hashing device utilizes a polynomial CRC calculation. A TCP connection address is input to the hashing mechanism which generates an index into the TCP connection address table(s) 510. And fig. 7 step 710); 
based on the received set of identifies, determining whether a connection-tracking data storage stores a record for a transport layer connection associated with the packet (Yang, [Abstract] The accelerator includes a connection database (i.e. connection-tracking data storage) that allows retrieval of connection information based on an index constructed from a hashed TCP connection (i.e. transport layer connection) address. And [Col. 7 lines 1-4] the hashed function (hash 500, for example) returns an index. That index is applied to the TCP Connection address table to retrieve a TCP connection address entry (step 720)); 
when the storage stores a record for the transport layer connection, performing an operation on the incoming packet based on a parameter specified by the record (Yang, fig. 7 step 760, and [Col. 7 lines 10-13] If the connection addresses match (step 760), the forward engine compiles a frame status and sends it to embedded CPU (i.e. performing an operation) (via TCPRxFrameQ queue 450, for example) (step 770)); 
While Yang teaches the main concept of the invention but does not teach when the storage does not store the record for the transport layer connection, storing a record in the connection-tracking data storage for the transport layer connection associated with the packet, in the similar field of endeavor Henry teaches:
when the storage does not store the record for the transport layer connection, storing a record in the connection-tracking data storage for the transport layer connection associated with the packet (Henry, discloses method for storing packets to a storage bucket using hashed values of one or more fields in the packet as hash key, [Abstract]. In particular, referring to fig. 9, suggesting if there is no hash in the data packet, store flow index and packet timestamp in the disk and save packet in the disk. And [0093] By way of example, all TCP packets between two nodes and all UDP packets between the same two nodes may be two separate flows within an encapsulating flow which includes all IP packets between the two nodes. Therefore, the system may be configured to perform additional hashes so as to define additional flows to which the packet belongs. Examiner notes Henry’s bucket can be interpreted as connection-tracking data storage as well as Yang’s connection database shown above) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Henry in the hardware assisted TCP packet accelerator of Yang by checking whether the hash flow index of incoming packet is found from the lookup of data packet and save the packet. This would have been obvious because the person having ordinary skill in the art would have been motivated to store the flow index of the incoming packets to storage bucket for network monitoring (Henry, [Abstract], [0002]).
Yang further teaches: and performing the operation on the incoming packet based on the parameter specified by the record (Yang, fig. 7 step 760, and [Col. 7 lines 10-13] If the connection addresses match (step 760), the forward engine compiles a frame status and sends it to embedded CPU (via TCPRxFrameQ queue 450, for example) (step 770) (i.e. performing an operation)). Examiner notes, Yang’s teaching of performing operation when the storage stores a record for the transport layer connection can be also applied to the packet when the storage does not store the record for the transport layer connection and subsequently stored.

Regarding claim 22, claim 22 is a method claim that encompasses limitations that are similar to those of the computer readable medium of claim 9. Therefore, claim 22 is rejected with the same rationale and motivation as applied against claim 9.

Regarding claim 27, claim 27 is a computer claim that encompasses limitations that are similar to those of the computer readable medium of claim 9. Therefore, claim 27 is rejected with the same rationale and motivation as applied against claim 9. In addition, Yang teaches a computer comprising: a set of processing units for executing instructions (Yang, see fig. 3A-3B, and fig. 4 including host CPU (not shown in the figure)).

Regarding claim 23, similarly claim 28, Yang-Henry combination teaches the method of claim 22, the computer of claim 27,
Yang further teaches: wherein the set of attributes of the received packet comprises a set of header values of the received packet (Yang, [Col. 3 lines 53-60] Header data from incoming packets are parsed and checked against a TCP connection address table to identify connections corresponding to the incoming packets. The parsed header fields are used to construct a frame status that includes header data needed for further processing of the incoming packet. The frame status is stored in a memory local to the processing mechanism that performs the further processing on the incoming packet).  

Regarding claim 24, similarly claim 29, Yang-Henry combination teaches the method of claim 23, the computer of claim 28,
Yang further teaches: wherein the set of header values comprise source IP (Internet Protocol) address, destination IP address, source port, destination port and connection protocol of the received packet (Yang, [Col. 5 lines 47-56] The hashing device may be any mechanism capable of rendering a unique index based on a set of parameters. Preferably, the hashing device utilizes a polynomial CRC calculation. A TCP connection address is input to the hashing mechanism which generates an index into the TCP connection address table(s) 510. The TCP connection address is a combination of a source IP address, a destination IP address, a TCP source port #, and a TCP destination port # of the packet being received, and is produced by combining information parsed from the packer headers).  

Regarding claim 25, similarly claim 30, Yang-Henry combination teaches the method of claim 22, the computer of claim 27,
Yang further teaches: wherein the received packet is for a machine executing on the host computer (Yang, [Col. 3 lines 61-66] The present invention is embodied as a packet accelerator device, comprising a packet header parser configured to parse packet header fields from incoming packets directed toward a host, a processing mechanism configured to perform packet re-assembly on packets determined to have valid connections with said host. See fig. 4 Host).  

Claims 10, 13 are rejected under 35 U.S.C. 103 as being unpatentable over Yang-Henry combination as applied above to claim 9, further in view of Yik et al (US20060002386A1, hereinafter, “Yik”).
Regarding claim 10, Yang-Henry combination teaches the computer readable medium of claim 9, 
The combination of Yang-Henry does not specifically teach the following limitation(s), in the same field of endeavor Yik teaches:
wherein the set of instructions for storing the record in the connection-tracking data storage comprises a set of instructions for identifying a packet classification rule that matches at least a subset of the received set of identifiers (Yik, discloses a pipelined packet processing based on extracted packet header field values, see [Abstract]. And [0136] In operation, the packet classifier 142 tests at least a subset of extracted packet header field values specified in the classification rule associated with the Mtype 126 associated with the packet against the classification rule by comparing the extracted field values with expected test values specified in the classification rule subject to corresponding test masks. In accordance with the exemplary implementation of the exemplary embodiment of the invention, when a classification rule match is found, classification rule entry 146 index in the classification rule table 144 is used as the packet flow ID).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Yik in the hardware assisted TCP packet accelerator of Yang-Henry by using packet classification rule in packet processing. This would have been obvious because the person having ordinary skill in the art would have been motivated to extract packet header field value specified in classification rule for pipelined processing of packets with benefit of reduced data transfer bandwidth requirement and early determination of switch response (Yik, [Abstract]).

Regarding claim 13, Yang-Henry-Yik combination teaches the computer readable medium of claim 10, 
Yang further teaches: wherein the subset of the received set of identifiers comprises a set of header values of the packet (Yang, [Col. 3 lines 53-60] Header data from incoming packets are parsed and checked against a TCP connection address table to identify connections corresponding to the incoming packets. The parsed header fields are used to construct a frame status that includes header data needed for further processing of the incoming packet. The frame status is stored in a memory local to the processing mechanism that performs the further processing on the incoming packet).  

Claims 11, 12 are rejected under 35 U.S.C. 103 as being unpatentable over Yang-Henry-Yik combination as applied above to claim 10, further in view of Lunteren (US20050114337A1, hereinafter, “Lunteren”).
Regarding claim 11, Yang-Henry-Yik combination teaches the computer readable medium of claim 10, 
The combination of Yang-henry-Yik does not specifically teach the following limitation(s), in the same field of endeavor Lunteren teaches:
wherein the set of instructions for identifying the packet classification rule further comprises a set of instructions for using a set of identifiers for containers to identify the packet classification rule when the set of identifiers does not comprise an identifier for the packet classification rule (Lunteren, [Abstract] discloses method for classifying data packet according to context-specific sets of processing rules based on context identifiers associated with data packets,…The method comprises: (a) for each data item in a subset of said group, providing a global search structure which is associated with all of said context identifiers, the global search structure comprising a set of range identifiers indicating, for all possible values of the data item, which of the rule ranges corresponding to that data item in said rule sets a value intersects. And referring to fig. 8 step 33 to 37, if no match is obtained at decision block 33, step 36-37, combine range IDs to search key (i.e. container)).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Lunteren in the hardware assisted TCP packet accelerator of Yang-Henry-Yik by using combined range IDs as search key for item search in classification of data packet. This would have been obvious because the person having ordinary skill in the art would have been motivated for multi-field packet classification with combined data item values to effectively mapping to applicable rule via a search process (Lunteren, [Abstract], [0003]-[0004]).

Regarding claim 12, Yang-Henry-Yik-Lunteren combination teaches the computer readable medium of claim 11, 
Yang further teaches: wherein the set of identifiers includes a hashed value of a set of identifying parameter for the transport layer connection, wherein the set of instructions for determining whether the connection-tracking data storage stores the record comprises a set of instructions for using the hashed value to determine whether the connection-tracking data storage stores a record with a hash value that matches the hast value included in the set of identifier (Yang, see Yang’s teachings of claim 9 shown above, and [Col. 5 lines 47-52] The hashing device may be any mechanism capable of rendering a unique index based on a set of parameters. Preferably, the hashing device utilizes a polynomial CRC calculation. A TCP connection address is input to the hashing mechanism which generates an index into the TCP connection address table(s) 510).  

Claims 14, 26, 31 are rejected under 35 U.S.C. 103 as being unpatentable over Yang-Henry combination as applied above, further in view of Makela (US20080028097A1, hereinafter, “Makela”).
Regarding claim 14, Yang-Henry combination teaches the computer readable medium of claim 9, 
The combination of Yang-Henry does not specifically teach the following limitation(s), in the same field of endeavor Makela teaches:
wherein the set of instructions for determining a state of the transport layer connection comprises using the identified packet classification rule only when the network packet is an initial packet of the transport layer connection (Makela, discloses TCP connection establishment over stateful firewall, see [Abstract]. And [0008] According to an embodiment, the first handshake message of the TCP connection establishment procedure is a TCP SYN packet, whereby the stateful firewalls protecting the client terminals create a rule allowing only a TCP SYN_ACK packet with a corresponding acknowledgement number to be passed through the firewalls in inbound direction).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Makela in the hardware assisted TCP packet accelerator of Yang-Henry by only allowing a TCP SYN_ACK packet to be passed the firewall by the firewall rule. This would have been obvious because the person having ordinary skill in the art would have been motivated to establish a TCP connection between client terminals protected by stateful firewalls (Makela, [Abstract]).

Regarding claim 26, similarly claim 31, Yang-Henry combination teaches the method of claim 22, the computer of claim 27,
The combination of Yang-Henry does not specifically teach the following limitation(s), in the same field of endeavor Makela teaches:
wherein the operation is a firewall operation performed by an engine executing on the host computer (Makela, [0028] Meanwhile, the firewall FW A protecting the host computer of the client A receives first handshake message (210) sent by the client B. However, the properties of the received TCP SYN packet do not match to any allowed rule of the stateful firewall FW A, whereby the firewall FW A decides to discard (220) the packet. Similarly, the firewall FW B discards (222) the TCP SYN packet sent by the client A).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Makela in the hardware assisted TCP packet accelerator of Yang-Henry by allowing a TCP SYN_ACK packet to be passed the firewall by the firewall rule. This would have been obvious because the person having ordinary skill in the art would have been motivated to establish a TCP connection between client terminals protected by stateful firewalls (Makela, [Abstract]).

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Yang-Henry-Yik combination as applied above to claim 10, further in view of Iyer et al (US7136926B1, hereinafter, “Iyer”).
Regarding claim 15, Yang-Henry-Yik combination teaches the computer readable medium of 10, 
The combination of Yang-Henry-Yik does not specifically teach the following limitation(s), in the same field of endeavor Iyer teaches:
wherein the identified packet classification rule is used only when the transport layer connection has no entry in the connection-tracking data storage (Iyer, discloses method for high speed network rule process for packet filtering, [Abstract]. And referring to fig. 8, [Col. 9 lines 59-65] At step 850, the packet processing may begin. When a new packet (i.e. no entry in the connection-tracking data storage in reference to look-up table at step 840) is received at step 850, the method proceeds to step 860 wherein the N dimensions are searched using the created search structures. The output of each of the N search structures will be an R-length bit vector. At step 870, the N output bit vectors are logically ANDed together to produce a final rule bit vector (i.e. step 860-870 identified packet classification rule is only applied to the new packet)).  
  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Iyer in the hardware assisted TCP packet accelerator of Yang-Henry-Yik by using R-length ordered rule bit vector to new packet. This would have been obvious because the person having ordinary skill in the art would have been motivated for high speed packet filtering (Iyer, [Abstract]).

Citation of References
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action:
Van Bemmel (US20140330977A1) discloses apparatus for statelessly recognizing TCP keep-alive packets.
Teplitsky (US20030161272A1) discloses methods for packet filtering using priority based rules.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL M LEE/Examiner, Art Unit 2436