CPC H04L 63/0218 (2013.01) [G06F 9/45558 (2013.01); H04L 67/63 (2022.05); G06F 2009/45595 (2013.01)] | 18 Claims |
1. For a virtual machine (VM) executing on a host computer, a method for providing firewall services on the host computer, the method comprising:
after a process of the VM requests a network connection, receiving a record from a driver executing on the VM, the record associating a set of header values of packets sent from the VM with an identifier associated with at least one firewall rule;
associating a packet received from the VM with the identifier by comparing a set of header values of the packet with the set of header values of the record;
using the identifier to identify a firewall rule from a plurality of firewall rules that have rule identifiers defined by reference to a plurality of identifiers; and
performing a firewall operation on the received packet based on the identified firewall rule.
|