Opened 15 years ago

Closed 10 years ago

#3054 closed defect (fixed)

no way to limit outgoing IP traffic from a VM

Reported by: Rich Morin Owned by:
Component: network Version: VirtualBox 2.1.0
Keywords: secutity IP access Cc: rdm@…
Guest type: Linux Host type: Linux

Description (last modified by Frank Mehnert)

It appears that VirtualBox does not provide a way to limit the outgoing access from an app inside a VM. This means that other mechanisms must be found to (say) keep an app from spamming the host OS. If so, this is an unfortunate deficiency.

On OSX, the "sandbox" facility can be used to limit the IP access of an app, so I'll try to run VB under it. On Linux, however, the best answer I've found is to run iptables on the guest OS. This seems wrong, philosophically, because it is conceivable that the guest OS could be compromised by a malicious app.

Please consider putting in some configuration features that will allow a VM to be held to a sharply limited set of outgoing IP addresses and ports. BTW, although my need is related to the use of Debian Linux and iptables, the problem is not specific to the guest OS.

Change History (1)

comment:1 by Frank Mehnert, 10 years ago

Description: modified (diff)
Resolution: fixed
Status: newclosed

Fixed in recent releases. See section 6.10 in the user manual.

Note: See TracTickets for help on using tickets.

© 2023 Oracle
ContactPrivacy policyTerms of Use