So, I finally ditched Windows... All except for my need for a VM to use some hardware that aren't supported in Windows.
I setup a Virtual Machine with Virt-Manager for a Windows VM but the network traffic is being blocked by UFW.
If I disable UFW the Windows VM can pull an IP, which is static as is, and even after turning UFW back on, the network traffic is still allowed.
I am in need of some help with networking for the VM.
Are you allowing dhcp (:53 tvp/udp) through the FW? If not try
sudo ufw allow bootps
sudo ufw allow 53/udp
sudo ufw allow 53/tcp
or maybe give it a static IP on the defined virt-manager network and allow traffic from that IP
sudo ufw allow from 192.168.150.xxx or whatever the dhcp network is
No prob, let us know how it goes. Also, thinking more about it, you may want to go the static IP route for 2 reasons
You wont be introducing a 2nd dhcp server to your home/production network
You'll always know the IP of the guest VM(s)
w/ regards to the first issue I guess you could just allow :53 and bootps from the dhcp subnet that virt manager created. Something like
sudo ufw allow from 192.168.122.0/24 to any port 53 where 192.168.122.0/24 is the subnet virt-manager created for dhcp
I think that'll allow both tcp and udp. I haven't used ufw in a while, my RHEL based distros switched to firewalld, but the concepts are the same, just different syntax. I do believe you'll need udp open as IIRC during DORA the initial DISCOVER is sent over udp, and somewhere between OFFER and REQUEST it switches to tcp...but I also haven't had to troubleshoot dhcp in a while, and I have forgotten a lot. Either way let us know how it goes!
It was able to get an IP, and I was able to get smb access, but for some reason still won't allow me to open a web browser and browse, or pull windows updates.
I may have to play around with what is allowed through UFW a bit yet.
Completely unrelated, but on my Wireguard/PiHole server I setup this weekend I did get a bit more familiarized with UFW and how that works a bit better. So with that fresh new experience for me I think I may have a few ideas on how to accomplish this.
And thank you again!
I will check again later tonight when I am back to my desktop.
Though I think another project I am going to do is instead of using a qcow2 image for my windows installation I am going to experiment with using a dedicated SSD for my windows installl to keep it out of my BTRFS snapshots, and hopefully have a bit better performance. As well as I might install my second GPU for GPU passthrough.