hardcore Iptables


Im using a debian host and whonix in virtualbox.

Im a novice at iptables, but still have a basic understanding of them.

Can anyone tell me some iptables commands that can literally prevent everything going in and out ?
ie close all ports and allow nothing else except my Whonix Gateway + Whonix Workstations traffic to pass through.

So basically the host would have no internet capabilities.


You could use something like corridor, or switch to macvtap + passthrough with kvm (I don’t know if there is something similar for virtualbox) or attach an usb-ethernet adapter to the VM.

Hi welloff

If your referring to iptables Debian host. These are the basic recommendations.

Questions regarding advanced iptables rulesets can be answered as per https://whonix.org/wiki/Support#Free_Support_Principle

You can get closer to Tor-everything using Qubes / Qubes-Whonix.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]