viq writes: > I am playing a bit with QEMU, and tried to set up network with it. > [...] I want the guest to be able to communicate ONLY with the > host, I don't want any of the traffic from it to be able to pass to > the outside world. To achieve that I thought the easiest way would > be to bridge the connection to one of the 'virtual' interfaces - > say, lo0 or a specially created for that occasion tun or gif. But, I > didn't have much luck with that... So, does anyone have an idea how > to achieve that - the traffic from the guest system not being able > to even accidentaly leak out of the host system?
Hm, creating a tun device works for me. $ cat /etc/hostname.tun0 inet 192.168.155.145 255.255.255.240 255.255.255.159 link0 description "QEMU interface" The guest is started with the following options: qemu -net nic -net tap,ifname=/dev/tun0,script=/usr/bin/true [...]