So, if I wanted to turn a Windows KVM into a utterly safe web browser machine in which I revert the copy on write filesystem on each boot, what is the best way to also isolate it from the rest of the local network?
I've got all my KVM machines setup with bridge networking right now. Can I use some magic firewall rules to prevent one specific virtual machine from having any access to my local network? (While still allowing the spice display and mouse to operate, of course :-). Configure it on a separate subnet maybe and use NAT on the KVM host to allow it access to the outside world? _______________________________________________ virt mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/virt
