On Fri, Mar 31, 2017 at 5:56 AM, C. L. Martinez <carlopmart at gmail.com> wrote: > On Thu, Mar 30, 2017 at 06:15:28PM +0100, Nux! wrote: > > Use libvirt with mac/ip spoofing enabled. > > > > https://libvirt.org/formatnwfilter.html > > > > https://libvirt.org/firewall.html > > > > -- > > Sent from the Delta quadrant using Borg technology! > > > Thanks Nux and Kristian but I don't see if these solutions will be really > efective in my environment. Let me to explain. In this host I three > physical interfaces: eth0, eth1 and wlan0. > > eth0 is connected to my internal network. eth1 is connected to a public > router and wlan0 is connected to another public router. wlan0 and eth1 are > bonded to provide failover Internet connections. CPU doesn't supports pci > passthrough (pci passthrough would solve my problems). > If assigning a NIC directly to a VM would solve the problem, you could try using macvtap instead of PCI passthrough > > I need to deploy a fw vm to control traffic between internal and external > interfaces. In BSD systems you can seggregate all ip address and route > tables from principal routing table. It is the same effect that I would > like to implement in this host. > > And I don't see how to implement using CentOS (or another linux distro). > > -- > Greetings, > C. L. Martinez > _______________________________________________ > CentOS-virt mailing list > CentOS-virt at centos.org > https://lists.centos.org/mailman/listinfo/centos-virt > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20170331/97d67739/attachment-0006.html>