VMware bridged can't figure out rule needed

Discussion in 'LnS English Forum' started by tweed, Apr 2, 2007.

Thread Status:
Not open for further replies.
  1. tweed

    tweed Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    11
    MY PROBLEM: CAN'T connect my VMware machine THRU the MAIN PC is' on. [running latest 206beta2] Can anyone advise how to??
    [looked ALL thru the forums ...sorry]

    Hi All... First off.... WHOA.. after So many firewalls i feel SO fortunate to have read about, then tried LnS. Of course had I not spent days on the others I REALLY wouldn't have known how outrageously RIGHT looknStop is. and the log features... [look/create/track] man this is ABSOLUTELY the greatest.



    So: I have my VMware Machine which MUST run bridged [not NAT]. Static IP's on both the VM and the main OS plus the DNS' are written in as well in the network config ...

    I figured this out for a couple of the other FW's I tried after a LOTTA searching...

    With LnS it's the coolest as by ALLOWING the [usually disallowed] any other UDP/TCP Packet rules and I'm fine... Also, I understand that the rules start FROM the top of the list.

    Also cool is the MAC address feature... LOVE IT...

    So... does anyone know the basics for allowing JUST the vmmare IP or MAC address thru, while STILL retaining all the other packet filters..
    Can't figure out where to put the rules as they'd filter at the top OR bottom of the list?? right? wrong?

    Major thanks obviously!
     
    Last edited: Apr 2, 2007
  2. tweed

    tweed Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    11
    Ok! So I have one solution... [love to hear about whether this is a good one]

    I created TWO rules:
    named them ALLOW UDP ALLOW TCP
    set protocol to IP
    Source Ethernet Equals MAC address of VMware machine
    Source IP address Equals IP address of VMware machine
    Destination Ethernet address ALL Port ALL
    Destination IP address ALL Port ALL

    So... this is WAY cool and intuitive..
    I am SO knocked out at this Firewall [tight VERY tight!]

    Can anyone tell me if this is the best safest way??

    I also have LnS on the Virtual Machine as well obviously..

    P.S. one interesting thing.. after saving the 2 rules they seemed to automatically CHANGE the Ethernet type to Ip V4 fr some reason...
    MAYBE it was me though am quite sure it wasn't ...I changed them back to just IP and it all still works..
     
    Last edited: Apr 3, 2007
  3. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi tweed,

    I've also this kind of bridged configuration with VMWare, and I didn't encounter this problem so far.
    What kind of connection are you trying ? Is it simply file sharing or more ?
    For file sharing you need to import (or create) some specific rules:
    http://www.looknstop.com/En/rules/rules.htm#Partage

    With the rule you created, I'm afraid you have allowed all the trafic... so the Internet Filtering would be useless.

    Normally the log should indicates the kind of packet that are blocked and you just need to create rules for these packets.

    For the ethernet type changing, if one IP Address field is not empty and you don't specify IPV6 address but only IVPV4 ones then it is possible automatically Look 'n' Stop considers the rule is for IPV4 packet only and not IPV4 or IPV6.

    Regards,

    Frederic
     
  4. tweed

    tweed Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    11
    Frederic Great thanks... yes I DO have the VMware machine seeing the net THRU the main PC using the 2 rules I create [and put at TOP of list] on the main PC.

    The link you showed me is going to hopefully help me figure out how to see the LAN network here so that's great too! That was going to be my next rule attempt.

    I am interested to know IF the two rules I created.. like I outlined in my post above this one is ACTUALLY the best way to have the Virtual machine get to the internet THRU the main PC.

    Many thanks!
     
  5. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    No, I don't think the rules you created is the best way to solve the issue.
    For me you are allowing everything and thus the internet filtering is useless.

    So, back to my questions: what kind of connection are you trying to establish from the VMWare machine ? is it simply web, email... ? or something else ?
    If you don't put these two rules, what is the content of Look 'n' Stop log ?

    Thanks,

    Frederic
     
  6. tweed

    tweed Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    11
    Thanks Frederic... Sorry for delay in responding to your reply here..

    So.. I think? I didn't not mention that I have LnS ON the VMware machine as WELL as on the Main PC... so the ONLY IP/mac address that allows everything sorta thru TO the VMWARE machine IS the VMware machine's IP and mac address.. So then LnS ON the VMware STOPS what I want...right?? Kinda crazy busy hence my short posts and delays etc. Thanks!

    Can you see this thread and reply over there.... I think I explained it better as a reply to another VMware question/post??

    https://www.wilderssecurity.com/showthread.php?t=171678
     
  7. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Yes, this is true, but my point was to say that the internet filtring on the Look 'n' Stop running on the VM machine is useless if you created a rule that allows any packet.

    But what is the IP/MAC address you allowed exactly ? Is it the ones of the host machine, or the one of the VM machine ? (still talking about the Look 'n' Stop running on the VM Machine).

    Frederic
     
  8. tweed

    tweed Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    11
    Thanks!

    I have not created any rules on the VMware machine.... only on the Main PC.
    2 RULES for the static IP and MAC address of the VMware. So on the Main PC LnS has 2 rules to let TCP and UDP thru ONLY to one MAC address/Local IP address [192.168.1.52] pair. This pair is only on the VMware...

    Is that ok?
    better way?
    VERY nice of you to reply.
     
  9. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Last edited: Jun 4, 2007
Thread Status:
Not open for further replies.