On Tue, 2011-12-27 at 21:30 -0500, Tom Horsley wrote: > I'd like to make a Windows virtual machine that has access to > the outside world but is completely blocked from access to my > local area network (other than whatever forwarding and routing > has to happen on my LAN). > > The idea is to make a virtual windows box which can suffer > any ill effects of unsafe browsing practices, while preventing > any of those effects from escaping into my LAN. (Then if I > use a qcow2 image with a backing file, I can reset the machine > to its original undamaged state by simply regenerating a > new qcow2 image). > > I keep thinking along the lines of setting up a new bridge > on a separate subnet and doing some sort of NAT routing, > but details escape me. I can write those words, but have no > idea how to actually accomplish what I want (especially how > to restrict the NAT to the outside world and prevent any > access to local LAN). > > I keep thinking this should have been dome by someone already > and there should be examples out there, anyone know of any? ---- decent routers have the option for a 'DMZ' host that will achieve what you want without any effort. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
