Hi,
I am looking for advice for setting up Shorewall on a host with 2
virtual machines.
Here my setup :
A machine (running Debian 9) is accessing internet through eth0.
On this machine, I set up a virtual bridge br0 with IP 192.168.0.1.
I also set up two virtual machines (KVM) Machine A (vnet1 / 192.168.0.2)
and B (vnet2 / 192.168.0.3).
I set up Shorewall by following this guide
http://shorewall.org/KVM.html, that is to say with the simple
two-interface masquerading setup where the local network interface is br0.
Everything is working.
Now I would like to filter the traffic between Machine A and Machine B
(rejecting all traffic between A and B by default with some exceptions).
That's where i need advice on how to do this :-)
Should I need to set up another virtual bridge, attach each virtual
machine to its own virtual bridge and define a zone for each virtual
bridge ?
Or is this possible by tweaking the current setup ? If yes, how ?
Thanks in advance for help.
Regards,
Frederic
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
