Thanks Alvaro! But that would be a configuration change. I'm looking for a hardware change, so if the software running elevates to root it can try to change the routes all it wants, but it would be contained, because there isn't a network device for it to configure. And it also shouldn't be able to connect from guest to host. The only connection from host to guest should be the `vagrant ssh` connection
On 10/23/2017 10:58 AM, Alvaro Miranda Aguilera wrote:
> for the host network only, add a private_network
>
> for the 2nd part use an script with ,run: "always" that drop the
> default gateway
>
> like: you may need to update eth0 to the first interface
>
> |config.vm.provision "shell", run: "always", inline: "eval `route -n |
> awk '{ if ($8 ==\"eth0\"&& $2 != \"0.0.0.0\") print \"route del
> default gw \"$2; }'`" end|
>
> On Sat, Oct 21, 2017 at 10:13 AM, Eric <[email protected]
> <mailto:[email protected]>> wrote:
>
> I'm looking to setup Vagrantfile's configuration for virtualbox to
> only be accessible through a private-network from the host to the
> guest, and the guest it not allowed network or internet access
>
> I'm trying to disable all guest network access from the host side,
> rather than using iptables from inside the guest
>
> --
> This mailing list is governed under the HashiCorp Community
> Guidelines - https://www.hashicorp.com/community-guidelines.html
> <https://www.hashicorp.com/community-guidelines.html>. Behavior in
> violation of those guidelines may result in your removal from this
> mailing list.
>
> GitHub Issues: https://github.com/mitchellh/vagrant/issues
> <https://github.com/mitchellh/vagrant/issues>
> IRC: #vagrant on Freenode
> ---
> You received this message because you are subscribed to the Google
> Groups "Vagrant" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
>
> https://groups.google.com/d/msgid/vagrant-up/09a5f1a4-af05-4227-abda-3af985e51216%40googlegroups.com
>
> <https://groups.google.com/d/msgid/vagrant-up/09a5f1a4-af05-4227-abda-3af985e51216%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
>
>
>
>
> --
> Alvaro
>
> --
> This mailing list is governed under the HashiCorp Community Guidelines
> - https://www.hashicorp.com/community-guidelines.html. Behavior in
> violation of those guidelines may result in your removal from this
> mailing list.
>
> GitHub Issues: https://github.com/mitchellh/vagrant/issues
> IRC: #vagrant on Freenode
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "Vagrant" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/vagrant-up/XNusz1A6G1o/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/vagrant-up/CAHqq0exw_bgvFd-AAKpFRSU6QFg0vHgSaHhNksPbNxU27bRWnA%40mail.gmail.com
> <https://groups.google.com/d/msgid/vagrant-up/CAHqq0exw_bgvFd-AAKpFRSU6QFg0vHgSaHhNksPbNxU27bRWnA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/vagrant/issues
IRC: #vagrant on Freenode
---
You received this message because you are subscribed to the Google Groups
"Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vagrant-up/1bc2afba-ab55-5d8d-d2f2-e0c8c0ef7136%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature
