I am trying to configure a vbox host running centos 4 to run 4 guest systems of various operating systems in bridge mode and have the host act as the the firewall to all of the guest hosts.
>From what I gather in the helpfile and tshark captures there is a net filter device driver listening for traffic to/from a guest and handling it all via the same physical interface. The problem is even though iptables is setup to block all traffic inbound but tcp port 22 and tcp port 443, the block only works on the vbox host. The guests are wide open to the network. For example: host is using eth2 with an ip address of 100.100.10.1 guest system is setup with bridged networking and has an address of 100.100.10.5 itpables is setupt so that ports 22 and 443 are allowed to pass the eth2 interface $IPTABLES -A INPUT -p tcp -m tcp -s x.x.x.114 --dport 22 -m state --state NEW -j ACCEPT ... ... $IPTABLES -N RULE_6 $IPTABLES -A OUTPUT -m state --state NEW -j RULE_6 $IPTABLES -A INPUT -m state --state NEW -j RULE_6 $IPTABLES -A FORWARD -m state --state NEW -j RULE_6 $IPTABLES -A RULE_6 -j LOG --log-level debug --log-prefix "-firewall-" $IPTABLES -A RULE_6 -j DROP But for some reason i can still connect to the guest system. Any help on what I am missing? thanks, Greg _______________________________________________ vbox-users mailing list vbox-users@virtualbox.org http://vbox.innotek.de/mailman/listinfo/vbox-users
