Hi everyone,
Is there any way to restrict network access for a Windows VM using KVM other than a couple of applications (Windows explorer and Firefox)? I don’t want to get into configuring the Windows firewall and would like to do this using KVM/other linux utilities on the host machine if possible As I thought, it is unlikely that I will be able to do this from the KVM side of things. Would anyone have an idea of how I could script this for subsequent Windows VMs?
Thanks!
You’ll have to accomplish that with a firewall on the OS. A network firewall could restrict traffic based on ports, but your apps aren’t that predictable.
I see, I don’t have a choice then. I will only really access the internet using Firefox, whilst the file explorer will be allowed to map a network drive on my LAN.
This is an issue that I’ve been thinking of but can’t come up with anything!
You could try configuring Firefox to access the internet through a proxy and then block the VM off from everything except the proxy and your network mount with a firewall (outside the VM).
The reverse is easy, maybe consider hosting the apps as containers?
That’s… What firewall is for
Yes, well, I was hoping I could do this from the linux side instead of configuring the Windows firewall, but apparently not
If you are finding using windows FW hard, you could try https://github.com/pylorak/TinyWall
Thank you, I’ll bookmark this! Another commenter pointed out SimpleWall, need to check that out too!
