Hi, all.
I have what may be an unusual setup I'm trying to finish off, and I"m a bit stuck. I'm close, but need a push.
Intent: Create a machine with two NICS (one to an internal net, one to the world) hosting a *virtual* firewall, and configure the networking such that the host is protected by the firewall, and gains Internet access only through the firewall, not directly through the NICS.
Where I am:
I have a Ubuntu 14.04 host box with two physical NICS running a VirtualBox Smoothwall firewall. I've created two virtual bridges on the host, one for each NIC. In the VM, I've installed the Smoothwall firewall and connected the "outside" link to one of the virtual bridges via its tap, and it's working perfectly. I've attached the other "private" network virtual NIC to the other bridge. So far, so good.
The problem:
As noted, I want the Ubuntu host to gain its connectivity to the outside world through the VM firewall via the "private" bridge, not by direct-connecting to the ethernet interface that is slaved to that bridge. In effect, I need to connect a physical host to a virtual bridge tap. Is that even possible? Or have I created for myself a mousetrap from which I cannot escape...