On Thu, 02 Sep 2021 16:09:23 -0500 "David Palacio" <deb...@david.palacio.io> wrote:
> Hi, > > > If you copied a disk image (.qcow2 extension) over, but not the > > setup files that Virtual Machine Manager (VMM) uses > > (in /etc/libvirt), then Windows is on a new machine, and can have > > conniptions over it. Go into Windows' device manager (or whatever > > they're calling it this week) and see if it is finding all its > > hardware correctly. > > The VM virtual network hardware is working. It can access the > internet. It can't access only the host, either on the virtual > network ip or the physical network ip. I have since removed the old > guest image and replaced it with a new installation on a new VM > configuration. The same behavior is also seen on a new Linux VM > running the Debian Bullseye Live KDE CD. OK, then that's not the issue. > > What program are you using to try to contact the host? > > I noticed the problem first with Windows Explorer to access the samba > share. It simply timesout after a minute or two. Then I have tried > ping and a browser. Pinging the host works and the host responds. > Then I used nc to test connections like this: nc -lp 8080 On the host > and point a guest browser to http://hostip:8080/ but nc never > receives anything. That sounds suspiciously like firewall ports aren't open. > > > You may also have a firewall issue, as you say. On the host, please > > run whatever you use as a firewall control program and check to see > > if the relevant port(s) is open. > > I have to point out I haven't touched anything regarding firewall > since installation, however I have attached the output of iptables > and nft in this message. > > > You may find it useful to open a terminal and, as root, run > > > > tail -f /var/log/syslog > > > > and, while that is sitting there, try contacting the host again. If > > the firewall is blocking you, you'll see it in syslog. > > Neither syslog nor journalctl display anything related at the time > this problem happens. > > > If nothing obvious jumps out at you, let us know which program(s) > > you are using to control your firewall (shorewall, ufw, gufw, > > etc.), and we will see if someone familiar with that program can > > help. > > I don't `control` my firewall. It's all Debian's default and the > installed Debian packages defaults, like libvirt, which adds some > firewall rules automatically. Attached are the outputs of `iptables > -L`, `nft list tables` and `nft list table tablename`. I looked at the ntf listings you provided. I am completely new to nft and nftables, so I may have missed something. I don't see any ports open on the guest network (192.168.122.0/24). So I suspect that's the problem. Now we need an nftables guru to chime in. I did find examples on the Web, but none of them looked like it was exactly what you needed. Sorry I can't help further. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/