Tapas Mishra mightydreams at
Mon Oct 25 12:28:58 UTC 2010

On Mon, Oct 25, 2010 at 5:21 PM, James Gray <james at> wrote:
> OK - so theres a little gem :)  DONT try to filer services on a guest at the hypervisor layer!  The hypervisor (VMware) >couldn't care less about the traffic destined for a guest, its firewall is only concerned about traffic destined for the >hypervisor.  Filter the guests' traffic on the GUEST, and only the guest.
> If you have a virtual switch you might want to do some fancy VLAN tagging voodoo to do pseudo-hypervisor filtering, but >that's probably heading into the "why bother" end of the discussion.  Just filter the traffic for the guest on the guest's >firewall and all will be well with the world :)
Yes I logged on to guest machine and
did same what you are saying in fact the reason I started this
discussion was same thing you mentioned I saw all network activity on
guest stopping no communication with any thing what so ever.

