diff --git a/README.md b/README.md index 0542395..b3c7254 100644 --- a/README.md +++ b/README.md @@ -603,12 +603,30 @@ In the example above: - Port 8123 on the host is forwarded to port 8123 on the guest. - Port 8888 on the host is forwarded to port 80 on the guest. +# Disable networking + +To completely disable all network interfaces in a guest VM add this additional +line to your virtual machine configuration: + +- `network="none"` + +# Restricted networking + +You can isolate the guest from the host (and broader network) using the restrict +option, which will restrict networking to just the guest and any virtual devices. + +This can be used to prevent software running inside the guest from phoning home +while still providing a network inside the guest. Add this additional line to +your virtual machine configuration: + +- `network="restrict"` + # Bridged networking Connect your virtual machine to a preconfigured network bridge. Add an additional line to your virtual machine configuration -- `bridge="br0"` +- `network="br0"` # USB redirection diff --git a/quickemu b/quickemu index cc2ab7e..aa91577 100755 --- a/quickemu +++ b/quickemu @@ -992,11 +992,26 @@ function vm_boot() { echo "WARNING! Unknown mouse value: '${MOUSE}; Fallback to ps2'" fi + # $bridge backwards compatibility for Quickemu <= 4.0 if [ -n "${bridge}" ]; then - # Enable bridge mode networking + network="${bridge}" + fi + + if [ "${network}" == "none" ]; then + # Disbale all networking + echo " - Network: Disabled" + args+=(-nic none) + elif [ "${network}" == "restrict" ]; then + echo " - Network: Restricted (${NET_DEVICE})" # shellcheck disable=SC2054,SC2206 - args+=(-nic bridge,br=${bridge},model=virtio-net-pci) + args+=(-device ${NET_DEVICE},netdev=nic -netdev ${NET},restrict=y,id=nic) + elif [ -n "${network}" ]; then + # Enable bridge mode networking + echo " - Network: Bridged (${network})" + # shellcheck disable=SC2054,SC2206 + args+=(-nic bridge,br=${network},model=virtio-net-pci) else + echo " - Network: User (${NET_DEVICE})" # shellcheck disable=SC2054,SC2206 args+=(-device ${NET_DEVICE},netdev=nic -netdev ${NET},id=nic) fi @@ -1394,7 +1409,6 @@ function monitor_send_cmd { # Lowercase variables are used in the VM config file only boot="efi" -bridge="" cpu_cores="" disk_img="" disk_size="" @@ -1405,6 +1419,7 @@ guest_os="linux" img="" iso="" macos_release="" +network="" port_forwards=() preallocation="off" ram=""