Hurro, Are we talking about having a vmware client filtering traffic for the host? That's an interesting way doing things...
The one I look after filters and routes/nats traffic for some other vmware clients on the same machine, using a virtual network on the vmware host, and passes some traffic off on a seperate NIC to the lan. Tt's basically a 'DMZ in a box'. Cheers, Me. On Fri, 2007-12-07 at 23:32 +1300, Jim Cheetham wrote: > Number one issue - if the firewall VM guest is halted, should the host > system have any networking capability at all? > > i.e. do you want fail-safe/default deny, or fail-open/default accept? > > When VM player first came out there was a competition for interesting > images - IIRC the winner was a firewall under Windows, which unbound > IP from the windows driver, and re-bound it to a virtual interface > into the VM guest. All traffic was copied into the VM, and only > "clean" IP made it out back out of the (IPCop?) into the Windows > environment. > > -jim > > >
