Jump to content


KVM virtual machine & Eddie network lock in host

Eddie Network Lock KVM

  • Please log in to reply
2 replies to this topic

#1 vajravrtti



  • New Members
  • Pip
  • 3 posts

Posted 06 August 2017 - 01:55 AM

​Could someone explain why a VirtualBox virtual machine can access the Internet in a host with Eddie and network lock but a KVM virtual machine can only do that if network lock is disabled?

#2 BigX



  • New Members
  • Pip
  • 2 posts

Posted 29 October 2017 - 01:12 PM



Sorry to resurrect an old thread but I can shed some light on this issue which may help someone. ​I've just been experimenting with KVM/Qemu and noticed the same problem.

​When the network lock is switched on, I believe Eddie flushes the IPTables firewall rules and so clears the rules created when I used virt-manager to create the VM. I suspect that VirtualBox works because it doesn't make use of IPTables.

With the network Lock OFF, my firewall rules are

-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A FORWARD -d -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s -i virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT

​When the Lock is ON, the rules for the virtual interface "virbr0" are deleted.

​I'll probably have to uninstall Eddie and go back using openVPN and scripts directly to achieve the same effect like I used to when I used Windows as my main OS. Haven't figured out how to do that on Linux yet.

​Hope that helps

#3 BigX



  • New Members
  • Pip
  • 2 posts

Posted 29 October 2017 - 06:48 PM

​It's just occurred to me that I could use the "Events" in preferences to execute a script to add the rules back in. I'll have to do some experimenting and see if it works (safely)

Similar Topics Collapse

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 13075 - BW: 34222 Mbit/sYour IP: Access.