Running a Windows VM on KVM, how do I restrict network access to specific applications instead of the entire OS?
Running a Windows VM on KVM, how do I restrict network access to specific applications instead of the entire OS?
Hi everyone,
Is there any way to restrict network access for a Windows VM using KVM other than a couple of applications (Windows explorer and Firefox)? I don't want to get into configuring the Windows firewall and would like to do this using KVM/other linux utilities on the host machine if possible As I thought, it is unlikely that I will be able to do this from the KVM side of things. Would anyone have an idea of how I could script this for subsequent Windows VMs?
Thanks!
You’ll have to accomplish that with a firewall on the OS. A network firewall could restrict traffic based on ports, but your apps aren’t that predictable.
I see, I don't have a choice then. I will only really access the internet using Firefox, whilst the file explorer will be allowed to map a network drive on my LAN.
This is an issue that I've been thinking of but can't come up with anything!
That's... What firewall is for
Yes, well, I was hoping I could do this from the linux side instead of configuring the Windows firewall, but apparently not
If you are finding using windows FW hard, you could try https://github.com/pylorak/TinyWall
The reverse is easy, maybe consider hosting the apps as containers?
There might be Windows-specific software that might not run with WINE, which is why I'm considering this option
Simplewall firewall in windows vm?
Thank you, this is very interesting. I'll take a look!