isolate vm from ubuntu internet code example

Example: expose vm but isolate with lan linux

This can be done in VirtualBox.

You must choose a connection which allows use of iptables to control packets. Thus neither NAT nor Bridge will do because they do not create a user-accessible NIC. You should use Host-only Network instead, which creates on the host a user-accessible interface called vboxnet0.

To configure it, File -> Preferences -> Network -> Host only Network -> Plus sign to create it, then Screwdriver -> DHCP Server, enable DHCP Server. Save settings, start the VM.

Now, on the guest you need to set the host as its gateway: default IP for the host is 192.168.56.1. Use Google to find instructions on how to do this on Windows. And, possibly, you may have to set the DNS servers.

On the host, all of these instructions as sudo:

1) Enable IP forwarding:

  echo "1" > /proc/sys/net/ipv4/ip_forward
2) Issue the following iptables rules:

  iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
  iptables -A FORWARD -m iprange --dst-range 192.168.1.2-192.168.1.254 -j DROP
  iptables -I FORWARD -m iprange --src-range 192.168.1.2-192.168.1.254 -j DROP
The first rule allows access to the internet of the VM; the second pair bans the VM from accessing the LAN, except of course for you router and broadcast address.

The above rules assume that the host is connected via eth0, that your LAN is 192.168.1.0/24, thar your router and broadcast address are 192.168.1.1 and 192.168.1.255, respectively. If they are not, change them accordingly.

isolate vm from ubuntu internet code example

Example: expose vm but isolate with lan linux

Tags:

Shell Example

Related

Recent Posts