Vagrantfile - How to enable no network access

[Eric]

I'm looking to setup Vagrantfile's configuration for virtualbox to only be accessible through a private-network from the host to the guest, and the guest it not allowed network or internet access

I'm trying to disable all guest network access from the host side, rather than using iptables from inside the guest

[Alvaro Miranda Aguilera]

for the host network only, add a private_network

for the 2nd part use an script with ,run: "always" that drop the default gateway

like: you may need to update eth0 to the first interface

  config.vm.provision "shell",
    run: "always",
    inline: "eval `route -n | awk '{ if ($8 ==\"eth0\" && $2 != \"0.0.0.0\") print \"route del default gw \" $2; }'`"
end

On Sat, Oct 21, 2017 at 10:13 AM, Eric <nais...@gmail.com> wrote:

I'm looking to setup Vagrantfile's configuration for virtualbox to only be accessible through a private-network from the host to the guest, and the guest it not allowed network or internet access

I'm trying to disable all guest network access from the host side, rather than using iptables from inside the guest

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/vagrant/issues
IRC: #vagrant on Freenode
---
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/09a5f1a4-af05-4227-abda-3af985e51216%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro

[Eric]

Thanks Alvaro!

But that would be a configuration change. I'm looking for a hardware change, so if the software running elevates to root it can try to change the routes all it wants, but it would be contained, because there isn't a network device for it to configure. And it also shouldn't be able to connect from guest to host. The only connection from host to guest should be the `vagrant ssh` connection

You received this message because you are subscribed to a topic in the Google Groups "Vagrant" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/vagrant-up/XNusz1A6G1o/unsubscribe.
To unsubscribe from this group and all its topics, send an email to vagrant-up+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/CAHqq0exw_bgvFd-AAKpFRSU6QFg0vHgSaHhNksPbNxU27bRWnA%40mail.gmail.com.