Quote:
Originally Posted by quantumxaos
Hi,
I'm pretty new to using Linux firewall settings and I was wondering if anyone here knew how to setup a Linux firewall to block outgoing traffic to nonlocal IP addresses? Specifically, I'm looking to set it up such that all traffic coming from the host OS to a Virtualbox VM running Linux is blocked for security reasons. Any help is greatly appreciated.
|
If you block all traffic from the host OS, then how will you connect to the VM?
You could use an iptables to say drop all packets from the source (your computer) to this some destination subnet.
Would look like something like this:
Code:
iptables -A INPUT -i <interface> -s <host ip> --dst-range <first guest ip> <last guest ip> -j REJECT
iptables -A OUTPUT -o <interface> -d <host ip> --src-range <first guest ip> <last guest ip> -j REJECT
This will block all outgoing and incoming traffic to your guests from your host, you can't block only outgoing, because of way sockets and connections work.
For example:
If you were to block all traffic in one direction, for say SSH, you wouldn't be able to talk to either computer inbound or outbound as neither them can establish a socket with each other, If you can talk to a machine, but it can't talk back to you, you can't establish a connection, because your computer would have no idea if the other computer got the messages you are sending, as the other computer wouldn't be able to reply.