On Mon, Mar 05, 2007 at 09:09:52AM -0700, Jon wrote: > I don't think you can do this, but it's not a limitation of > Shorewall. Each VM is its own machine and installing Shorewall on > the host OS only allows Shorewall to affect the host OS. It's akin > to installing Shorewall on some other machine on the network and > expecting it to be able to protect a totally separate machine.
I have never tried anything like this, and the last time i used VMware, it was v4.5 or so. Anyway, IIRC VMWare sets up a number of virtual interfaces on the host machine for use by the VMs. Could you not define those in Shorewall and then set your firewall rules up the way you want? I admit, the VMWare networking is mostly black magic to me, and I have not used it for a few years, but I would think you could use it, although the setup might differ quite a bit from the default. However, Jon's post makes a lot of sense, and if VMWare essentially creates a layer 2 bridge, there might not be anything you can do about it. That was probably not very helpful, but it is an interesting idea and could certainly be useful for testing if the OP could get it setup the way he wants to. K -- In Vino Veritas http://astroturfgarden.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users