Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

KVM networking security for IP addresses
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

KVM networking security for IP addresses

alfredalfred Member, Host Rep
edited March 2016 in Help

I'm setting up KVM/libvirt on my dedi, and so far I have bridged networking working (with static IPs configured in the guest).

However, doesn't this mean that the guest can configure any IP they wish, and/or multiple IPs? Is there any way I can restrict this?

Comments

  • Awmusic12635Awmusic12635 Member, Host Rep

    etables is an option

    Thanked by 1alfred
  • alfredalfred Member, Host Rep

    @Awmusic12635 said:
    etables is an option

    Thanks! I was literally just looking into that :)
    For anyone else interested, I found libvirt's network filters. Applying the clean-traffic filter worked for me:

    <interface type='bridge'>
  <mac address='52:54:00:4f:5c:3d'/>
  <source bridge='br0'/>
  <model type='virtio'/>
  <filterref filter='clean-traffic'>
    <parameter name='IP' value='170.80.170.50'/>
  </filterref>
</interface>
Sign In or Register to comment.