Configure IPTables on KVM host to block guest bridge traffic

Make sure you understand the networking basics involved here. A bridge is a switch and operates at Layer 2. Your iptables rules apply to Layer 3 and will not be passed at this level.

Look into ebtables and specify Layer 2 rules there - or - disable the use of bridges altogether and move to a routed setup in which all traffic is passed through the host at Layer 3. Not sure if the latter option is possible using Libvirt/KVM.

Tags:

Linux

Firewall

Redhat

Iptables

Kvm Virtualization

Recent Posts