Blocking VM guest access to host LAN?

[fappa]

I have a linux guest OS that I setup to use NAT. However as well as internet access (that I want), NAT seems to give it unrestricted access to the host LAN.

How can I block access to the host LAN? Is it possible?

[mpack]

If you use NAT then in effect the VM is just a normal application on your host, with the same network access as any other host app. Indeed all messages use the hosts IP address. So no, it can't have special restrictions put on it. You can look at other networking modes, such as bridged, but the usefulness of that will depend on the setup of your network, e.g. server or router.

[fappa]

If th VM is a normal application, can I just set up a Windows Firewall rule to block VirtualBox.exe ? From another post "Windows firewall rules ignored for bridged adapter ips" it look like it doesnt wrk for bridged, but would it work for nat?

[noteirak]

Yes it would.

[fappa]

I got it work! Heres how I set up

Windows Firewall - new rule
Program (VirtualBox.exe).
Action=Block the connection.
Profile=all
Scope=local ip = any, remote ip = (my lan address range)
Protocol=TCP all port

[mitchong]

I was wondering if you can do the same if the host machine was Linux instead of Windows? If so, do you know how you would do it using iptables commands? Thanks.

[socratis]

Please do not wake up 5-year old dead threads. You already did this with a 2-year old one, but this is too much. You can always open your own thread. Locking this.