I like your suggestion! I am security paranoid to a fault. For me, a system is either rock solid or wide open. obsd is the closest I've found to rock solid, and frankly a virtualbox vm running on win7 feels wide open. But the more I thought about your idea, the more I liked it. Win7 w/o the virtual firewall is more simply at risk, so why not? Seeing as I am still new to OpenBSD, I would probably have 2 vms: bsd1 passes everything incoming to bsd2 (the firewall), then bsd1 quietly logs what goes out to check for nefarious-looking packets. That would take two separate boxes to even start building, without vms. The VMs can fight and die and be replaced, and even a noob like myself can learn what works better and harder.
Can't wait to set something up. -Jim On Fri, May 24, 2019 at 3:38 PM Jean-Francois Simon <jfsimon1...@gmail.com> wrote: > Hi, > > Out of interest, I'd like to let you know a specific use of OpenBSD with > PF, in virtualbox, 2 virtual network card Bridged to physical NIC, and > building up a subnet with NAT and hence running Packet Filter as the > machine's firewall. > > > That's the firewall I use under Win7, OpenBSD running in a VM, out of > pure interest into running BSD and let it purify the network access to > desktop (without need for additional hardware). > > > Works well, love it. > > > Jean-François > >