On 5/24/19 8:30 PM, Jean-Francois Simon wrote: > Hi, > > Out of interest, I'd like to let you know a specific use of OpenBSD with PF, > in > virtualbox, 2 virtual network card Bridged to physical NIC, and building up a > subnet with NAT and hence running Packet Filter as the machine's firewall. > > > That's the firewall I use under Win7, OpenBSD running in a VM, out of pure > interest into running BSD and let it purify the network access to > desktop (without need for additional hardware). > > > Works well, love it.
I have done something similar in the past. My personal preference is hyper-v on windows 10 pro which seven can be upgraded to. I would hope hyper-V has inherited kernel sandboxing/mitigation protections and hardening from Windows kernel/azure. I assign the physical nick to the OpenBSD VM and remove all check boxes like ipv4/ipv6 support from that nick. Then I had an VNAT device for windows to talk to. Glasswire ontop gives a window into the why is it connecting there or obfuscating CDNs https certs without the other free windows firewall cruft. I assume communications to the windows box could be made from a foreign network via arp manipulation but a nice setup none the less, if you can be bothered with it.