Isolate VMnets with iptables

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I would like to ask about iptables:



I have my the following config



- host= Ubuntu 18.04 
- VM1= Ubuntu18.04 
- VM2= Win10


My ifconfig as follows:



docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
vmnet2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
vmnet3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
vmnet5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
vmnet6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
vmnet7: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
vmnet8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
vmnet11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
vmnet12: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500


I would like to drop all input output on my host and allow only, 80,443, icmp outbound, aptitude updates (i think it is port 53).
I want the vmnet12 and vmnet 11 not to be able to talk to each other also to have full access to the internet etc with whichever is my current active NIC.
I also want to stop any forwarding



How can I get this working?






ubuntu iptables firewall iptables-persistent







share|improve this question



























    up vote
    0
    down vote

    favorite












    I would like to ask about iptables:



    I have my the following config



    - host= Ubuntu 18.04 
    - VM1= Ubuntu18.04 
    - VM2= Win10


    My ifconfig as follows:



    docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
    vmnet2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    vmnet3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    vmnet5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    vmnet6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    vmnet7: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    vmnet8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    vmnet11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    vmnet12: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500


    I would like to drop all input output on my host and allow only, 80,443, icmp outbound, aptitude updates (i think it is port 53).
    I want the vmnet12 and vmnet 11 not to be able to talk to each other also to have full access to the internet etc with whichever is my current active NIC.
    I also want to stop any forwarding



    How can I get this working?






    ubuntu iptables firewall iptables-persistent







    share|improve this question

























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I would like to ask about iptables:



      I have my the following config



      - host= Ubuntu 18.04 
      - VM1= Ubuntu18.04 
      - VM2= Win10


      My ifconfig as follows:



      docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
      lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
      vmnet2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet7: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet12: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500


      I would like to drop all input output on my host and allow only, 80,443, icmp outbound, aptitude updates (i think it is port 53).
      I want the vmnet12 and vmnet 11 not to be able to talk to each other also to have full access to the internet etc with whichever is my current active NIC.
      I also want to stop any forwarding



      How can I get this working?






      ubuntu iptables firewall iptables-persistent







      share|improve this question















      I would like to ask about iptables:



      I have my the following config



      - host= Ubuntu 18.04 
      - VM1= Ubuntu18.04 
      - VM2= Win10


      My ifconfig as follows:



      docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
      lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
      vmnet2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet7: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      vmnet12: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
      wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500


      I would like to drop all input output on my host and allow only, 80,443, icmp outbound, aptitude updates (i think it is port 53).
      I want the vmnet12 and vmnet 11 not to be able to talk to each other also to have full access to the internet etc with whichever is my current active NIC.
      I also want to stop any forwarding



      How can I get this working?






      ubuntu iptables firewall iptables-persistent




      ubuntu iptables firewall iptables-persistent






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Sep 27 at 12:59









      Goro

      6,62752865




      6,62752865










      asked Sep 27 at 12:53









      stilia.johny

      11




      11

























          active

          oldest

          votes











          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f471818%2fisolate-vmnets-with-iptables%23new-answer', 'question_page');

          );

          Post as a guest






















          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















           

          draft saved


          draft discarded















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f471818%2fisolate-vmnets-with-iptables%23new-answer', 'question_page');

          );

          Post as a guest
































































          -

          Popular posts from this blog

          Peggy Mitchell

          Image
          EastEnders character This article is about the soap opera character. For the British tennis player, see Peggy Michell. For the author, see Margaret Mitchell. Peggy Mitchell Barbara Windsor as Peggy Mitchell (2008) EastEnders character Portrayed by Jo Warne (1991) Barbara Windsor (1994–2016) Duration 1991, 1994–2010, 2013–2016 First appearance Episode 650 30 April 1991  ( 1991-04-30 ) Last appearance Episode 5286 17 May 2016  ( 2016-05-17 ) (appearance) Episode 5287 19 May 2016 (voiceover) Introduced by Michael Ferguson (1991) Barbara Emile (1994) Louise Berridge (2004) Kate Harwood (2005) Lorraine Newman (2013) Dominic Treadwell-Collins (2014) Spin-off appearances The Mitchells - Naked Truths (1998) Classification Former; regular Profile Other names Peggy Butcher Occupation Barmaid Businesswoman Pub landlady Jo Warne as Peggy Mitchell (1991) Family Family Mitchell Father Jack Martin Mother Lily Martin Sisters Aunt ...
          Read more

          Palaiologos

          Image
          Palaiologos Παλαιολόγος Palaeologus, Palaeologue Imperial Family Double-headed eagle with the family cypher Country Byzantine Empire, Duchy of Montferrat (remaining lineage after Empire annexed by Ottomans) Founded 11th century  ( 11th century ) Founder Nikephoros Palaiologos (first known) Final ruler Constantine XI Palaiologos (Byzantine Empire) Margaret Paleologa (Montferrat) Titles Byzantine Emperor Marquess of Montferrat Style(s) "Augustus" "Basileus" "Autokrator" Traditions Greek Orthodoxy (predominantly) Roman Catholicism (remaining lineage in Montferrat) Dissolution 1533  ( 1533 ) Cadet branches Claimants: House of Kastrioti (defunct) House of Rurik (defunct) Palaiologan dynasty Chronology Michael VIII 1259–1282 with Andronikos II as co-emperor, 1261–1282 Andronikos II 1282–1328 with Michael IX (1294–1320) and Andronikos III (1321–1328) as co-emperors Andronikos III 1328–1341 John...
          Read more

          The Forum (Inglewood, California)

          Image
          The Forum "LA Forum" Prairie Ave. façade of The Forum in 2014 Full name The Forum, presented by Chase Former names The Forum (1967–1988) Great Western Forum (1988–2003) Address 3900 W. Manchester Blvd Location Inglewood, California Coordinates Coordinates: 33°57′29″N 118°20′31″W  /  33.95806°N 118.34194°W  / 33.95806; -118.34194 Public transit     Downtown Inglewood station Owner The Madison Square Garden Company Operator MSG Entertainment Seating type Reserved Capacity 17,500 Half-bowl: 8,000 Construction Broke ground July 1, 1966  ( 1966-07-01 ) Opened December 30, 1967  ( 1967-12-30 ) Renovated 1988, 2012–2014 Construction cost $16 million Renovation: 2014: $76.5 million Architect Charles Luckman Associates (original) Brisbin Brook Beynon (renovation) Structural engineer Johnson & Nielsen Associates (original) Severud Associates (renovation) Genera...
          Read more