LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 08-14-2011, 12:35 AM   #1
sethusubbiah
Member
 
Registered: Jul 2010
Posts: 36

Rep: Reputation: 2
Blocking VM's network temorarily - KVM (setting rules in iptables)


Hi,

I am trying to perform few changes to a running VMs mac address and obtain new ip. I would like to temporarily (10-20 seconds) block the VMs network connection from the host machine. Is it possible ??

-Sethu

Last edited by sethusubbiah; 08-16-2011 at 09:57 AM.
 
Old 08-14-2011, 11:32 PM   #2
scheidel21
Senior Member
 
Registered: Feb 2003
Location: CT
Distribution: Debian PPC/i386/AMD64 6/7, Vista, XP , WIN7, Server 03/08
Posts: 1,287

Rep: Reputation: 97
I don't think what you want is possible other than maybe taking the guest console and shutting down networking. Or using firewall rules briefly
 
Old 08-16-2011, 09:57 AM   #3
sethusubbiah
Member
 
Registered: Jul 2010
Posts: 36

Original Poster
Rep: Reputation: 2
I am using CentOS Linux and am planning to setup a rule on my VM's iptable.

I want to restrict all outgoing and incoming packets to the VM for a temporary period and allow only the DHCP packet to obtain an IP address (like UDP at ports 67,68). I am not sure exactly which rule to apply and how.
 
Old 08-16-2011, 12:50 PM   #4
scheidel21
Senior Member
 
Registered: Feb 2003
Location: CT
Distribution: Debian PPC/i386/AMD64 6/7, Vista, XP , WIN7, Server 03/08
Posts: 1,287

Rep: Reputation: 97
Got me on that, maybe a packet capture with Wireshark would show you the exact types of packets you need to allow through, blacklist all and allow only the ones you want via iptables rules. You could probably script this if you know the time frame you want this to take effect in.
 
Old 08-17-2011, 12:15 AM   #5
sethusubbiah
Member
 
Registered: Jul 2010
Posts: 36

Original Poster
Rep: Reputation: 2
I find that if i set these rules :

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

This shud basically block my entire network . But still I am able to use DHCP . Which leaves me confused and happy I am confused with this behavior but I am happy my requirement is satisfied with ease but im still interested in knowing the reason. Please help me out if anyone has a clue. Thanks !

- Sethu
 
  


Reply

Tags
kvm, linux, network


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
kvm wireless bridge network shogun1234 Debian 5 08-13-2012 04:01 PM
[Debian/Qemu/KVM] Why qemu --enable-kvm works but not kvm directly? gb2312 Linux - Virtualization and Cloud 2 03-21-2011 03:05 PM
KVM Network problems in FC13 mickeyboa Fedora 7 06-26-2010 05:48 PM
Problem setting network for KVM Khao8 Linux - Networking 1 09-11-2009 06:05 AM
RH blocking the network sujte Linux - Networking 7 11-05-2004 12:31 PM


All times are GMT -5. The time now is 03:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration