Selfhosted

48299 readers

1210 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

Running a Windows VM on KVM, how do I restrict network access to specific applications instead of the entire OS? (lemmy.world)

submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

Hi everyone,

Is there any way to restrict network access for a Windows VM using KVM other than a couple of applications (Windows explorer and Firefox)? ~~I don't want to get into configuring the Windows firewall and would like to do this using KVM/other linux utilities on the host machine if possible~~ As I thought, it is unlikely that I will be able to do this from the KVM side of things. Would anyone have an idea of how I could script this for subsequent Windows VMs?

Thanks!

top 10 comments

sorted by: hot top controversial new old

[–] [email protected] 13 points 2 years ago (1 children)

You’ll have to accomplish that with a firewall on the OS. A network firewall could restrict traffic based on ports, but your apps aren’t that predictable.

[–] [email protected] 1 points 2 years ago

I see, I don't have a choice then. I will only really access the internet using Firefox, whilst the file explorer will be allowed to map a network drive on my LAN.

This is an issue that I've been thinking of but can't come up with anything!

[–] [email protected] 2 points 2 years ago (1 children)

That's... What firewall is for

[–] [email protected] 1 points 2 years ago (1 children)

Yes, well, I was hoping I could do this from the linux side instead of configuring the Windows firewall, but apparently not

[–] [email protected] 1 points 2 years ago (1 children)

If you are finding using windows FW hard, you could try https://github.com/pylorak/TinyWall

[–] [email protected] 1 points 2 years ago

Thank you, I'll bookmark this! Another commenter pointed out SimpleWall, need to check that out too!

[–] [email protected] 2 points 2 years ago* (last edited 2 years ago) (1 children)

https://techcommunity.microsoft.com/t5/windows-11/how-to-block-a-program-from-accessing-the-internet-windows-11/m-p/2772951

The reverse is easy, maybe consider hosting the apps as containers?

[–] [email protected] 3 points 2 years ago

There might be Windows-specific software that might not run with WINE, which is why I'm considering this option

[–] [email protected] 1 points 2 years ago (1 children)

Simplewall firewall in windows vm?

[–] [email protected] 2 points 2 years ago

Thank you, this is very interesting. I'll take a look!