On 5/24/19 8:30 PM, Jean-Francois Simon wrote:
> Hi,
> 
> Out of interest, I'd like to let you know a specific use of OpenBSD with PF, 
> in
> virtualbox, 2 virtual network card Bridged to physical NIC, and building up a
> subnet with NAT and hence running Packet Filter as the machine's firewall.
> 
> 
> That's the firewall I use under Win7, OpenBSD running in a VM, out of pure
> interest into running BSD and let it purify the network access to
> desktop (without need for additional hardware).
> 
> 
> Works well, love it.

I have done something similar in the past. My personal preference is hyper-v on
windows 10 pro which seven can be upgraded to. I would hope hyper-V has
inherited kernel sandboxing/mitigation protections and hardening from Windows
kernel/azure.

I assign the physical nick to the OpenBSD VM and remove all check boxes like
ipv4/ipv6 support from that nick. Then I had an VNAT device for windows to talk
to. Glasswire ontop gives a window into the why is it connecting there or
obfuscating CDNs https certs without the other free windows firewall cruft.

I assume communications to the windows box could be made from a foreign network
via arp manipulation but a nice setup none the less, if you can be bothered 
with it.

Reply via email to