Network firewall realization method suitable for virtual machine

A network firewall and virtual machine network technology, applied in the field of network firewalls, can solve the problems of no unified interface to display and modify rules, easy to cause confusion, occupying large computer resources, etc., to achieve flexible and convenient implementation methods and the effect of saving resources

Active Publication Date: 2014-09-03
G CLOUD TECH
View PDF1 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method requires a lot of labor, and there is no unified interface to display the modification rules, which is prone to confusion
[0004] 2. Each virtual machine needs to run the software of the network firewall, which additionally takes up a lot of computer resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network firewall realization method suitable for virtual machine
  • Network firewall realization method suitable for virtual machine

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Such as figure 1 , 2 Shown, the present invention comprises the steps:

[0025] Step 1: Install firewall software on the host machine and enable ip forwarding.

[0026] Step 2: The virtual machine created by the host machine is connected to the network in a bridging manner; that is, the network interface of the virtual machine is connected to the linux bridge; the bridge is equivalent to implementing a virtual switch on the linux host machine.

[0027] Step 3: Create a new sub-list every time a virtual machine is created on the host, and the name of the sub-list is the same as the name of the virtual machine.

[0028] Step 4: Initialize the sub-link list rule on the host machine, and link to the FORWARD table; the FORWARD link list allows the network data packet to be forwarded to the network interface of the virtual machine again, and release it according to the method defined by the rule of the virtual machine sub-link list (accept ), reject (reject), and discard (...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of cloud calculation, and especially relates to a network firewall realization method suitable for a virtual machine. In the method, it has to be ensured that a host computer is provided with firewall software and has ip forwarding unlatched. A created virtual machine is connected to a network through a bridging mode; then a sub link list of the virtual machine is created on the host computer, next, a network firewall rule is selected according to the virtual machine, and the firewall rule is added to the sub link list of the virtual machine; and finally, the sub link list of the virtual machine is linked to a FARWARD list of a firewall. If a user modifies the network firewall rule, a corresponding firework rule is updated to the sub link list of the virtual machine. According to the invention, the firewall rule can be executed simply on the host computer, the installation of the firework software inside operation of the virtual machine is unnecessary, and the method saves resources and flexibly and conveniently realizes the network firewall of the virtual machine.

Description

technical field [0001] The invention relates to the field of cloud computing, in particular to a method for realizing a network firewall suitable for a virtual machine. Background technique [0002] In the era of cloud computing, elastic computing resources are provided to users in the form of virtual machines. Usually, one physical host can create multiple virtual machines, and the number of virtual machines that an administrator needs to manage increases exponentially. Therefore, virtual machine network security is also facing severe challenges. Facing the problem of network security, the traditional solution is to install network firewall software on each virtual machine, and then configure corresponding firewall rules on each virtual machine. This solution has the following disadvantages: [0003] 1. The management and configuration of the network firewall is troublesome. Every time the settings are updated to modify the network firewall rules, the user needs to remote...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 张瑜科杨松莫展鹏季统凯
Owner G CLOUD TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap