Blocking VM guest access to host LAN?

Discussions related to using VirtualBox on Windows hosts.

Blocking VM guest access to host LAN?

Postby fappa » 21. Jun 2013, 11:24

I have a linux guest OS that I setup to use NAT. However as well as internet access (that I want), NAT seems to give it unrestricted access to the host LAN.

How can I block access to the host LAN? Is it possible?
fappa
 
Posts: 3
Joined: 21. Jun 2013, 11:19

Re: Blocking VM guest access to host LAN?

Postby mpack » 21. Jun 2013, 12:32

If you use NAT then in effect the VM is just a normal application on your host, with the same network access as any other host app. Indeed all messages use the hosts IP address. So no, it can't have special restrictions put on it. You can look at other networking modes, such as bridged, but the usefulness of that will depend on the setup of your network, e.g. server or router.
mpack
Site Moderator
 
Posts: 33919
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Blocking VM guest access to host LAN?

Postby fappa » 21. Jun 2013, 16:26

If th VM is a normal application, can I just set up a Windows Firewall rule to block VirtualBox.exe ? From another post "Windows firewall rules ignored for bridged adapter ips" it look like it doesnt wrk for bridged, but would it work for nat?
fappa
 
Posts: 3
Joined: 21. Jun 2013, 11:19

Re: Blocking VM guest access to host LAN?

Postby noteirak » 21. Jun 2013, 16:54

Yes it would.
Hyperbox - Virtual Infrastructure Manager - https://kamax.io/hbox/
Manage your VirtualBox infrastructure the free way!
noteirak
Site Moderator
 
Posts: 5197
Joined: 13. Jan 2012, 11:14
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Debian, Win 2k8, Win 7

Re: Blocking VM guest access to host LAN?

Postby fappa » 21. Jun 2013, 17:09

I got it work! Heres how I set up

Windows Firewall - new rule
Program (VirtualBox.exe).
Action=Block the connection.
Profile=all
Scope=local ip = any, remote ip = (my lan address range)
Protocol=TCP all port
fappa
 
Posts: 3
Joined: 21. Jun 2013, 11:19

Re: Blocking VM guest access to host LAN?

Postby mitchong » 15. May 2018, 14:58

I was wondering if you can do the same if the host machine was Linux instead of Windows? If so, do you know how you would do it using iptables commands? Thanks.
mitchong
 
Posts: 4
Joined: 15. May 2018, 02:15

Re: Blocking VM guest access to host LAN?

Postby socratis » 15. May 2018, 19:51

Please do not wake up 5-year old dead threads. You already did this with a 2-year old one, but this is too much. You can always open your own thread. Locking this.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
socratis
Site Moderator
 
Posts: 27690
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5


Return to VirtualBox on Windows Hosts

Who is online

Users browsing this forum: No registered users and 25 guests