I've set up a number of guests running on kvm on Ubuntu. Network access for the guests is via network bridge with br0 sitting on top of eth0. I have ufw running on the host machine and this is restricting traffic to the host. Is there a way to make the rules on the host apply to all the guests, so blocking a port on the host firewall would prevent access on all the guests?
Ubuntu – Can ufw on a kvm host restrict traffic to guests
bridgefirewallkvm-virtualizationUbuntuufw
Related Topic
- Centos – the correct way to setup a bonded bridge on Centos 6 for KVM guests
- Centos KVM Host OS not passing all network traffic Guest OS
- KVM – New KVM Guests Cannot Access Outside LAN
- Can’t access KVM Host (network brige)
- Centos – No networking connectivity in KVM guests / VPS
- Docker – Breaks Libvirt Bridge Network
Best Answer
I'm not sure about ufw specifically, but I can block / filter ports to guests by using iptables on the host. You must add the rules to the FORWARD chain. If you can access the FORWARD chain from ufw, then add your rules to it, and they should apply to the guests as well.