can't filter traffic of vmware guest os
 

Hi

I'm using iptables to filter my network traffic. Host OS is Suse 9.3, guest (vmware) is Windows XP Prof.. The problem is: I can't create any rules that match the Windows XP network packages. I already blocked the whole network traffic but XP was still able to conect to the internet.
When I tried to use ebtables it was the same problem (also no matching of guest OS-packages). Is there no way to filter the guest OS netwrok traffic with the host OS's firewall?

thx xadian

You should have a virtual interface that is designed soley for the use of the guest OS.
Your iptables rules must target this interface.

You'll need to insert the rules in the "forward" chain of iptables. As an example, here's a line that blocks new connections from outside (eth0) to my protected network (connected to eth1) (it will allow the protected machines to reach out, though, not what you wanted)

iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -i eth0 -o eth1 -j DROP


Why don't you post your ifconfig -a output -- there is some vmnet1 device for your vmware -- and your current iptables ruleset.

If you want to block everything to and from your vmware machine, you could also just stop forwarding completely,

echo 0 > /proc/sys/net/ipv4/ip_forward

or in /etc/sysctl.conf to make it permanent.

Hope it helps,

mlp