Windows 10: Can 'not' block virtualbox traffic with firewall

I am trying to configure my Windows system such I can block VirtualBox VM traffic to for example the internet but not the local network. That is I have some services on my local network that my VMs must access but I want to block all traffic outside of the local network e.g. to and from the Internet.

I am using Windows 10 and chose to use the Windows Firewall as the configuration can be added to group policy and enforced for all users. I note VirtualBox has several services and processes, and assume virtualboxvm.exe is the process for the running VM (?). I then configure rules to block all protocols and ports for the virtualboxvm.exe for all networks (domain, private, public) both inbound and outbound. However, when running a simple ping or browser on the VM access to the internet is still possible. My rule works fine when I change it to apply for all executables.

Any ideas why I cannot block VirtualBox network traffic via the Windows Firewall?

:)

 

FIREWALL IS BLOCKING CERTAIN PROGRAMS

Hi Joseph,

Thank you for posting on Microsoft Communities.

I will be glad to help you with the issue you have with the computer. I understand the frustration when things don't work the way it should.

One of the most common problems when using a network firewall is that it sometimes blocks network traffic that you want to allow.

Please follow the below step to troubleshoot with the issue:

• Open the “Control Panel“.
• Select “System and Security.
• In the Windows Firewall section, select “Allow a program through Windows Firewall“.
• Unchecking the box to the left of the application name disallows it from accessing network resources, while checking it allows access.
• If the program you wish to block or unblock is not listed, you can click the “Allow another program…” button to add it. Choose the application in the list and select “Add“. If the program is not in this list, use the “Browse…”
  button to select the program file manually.

Hope this information is helpful. Please post in case you have any further issues, I will be glad to help you further.

Thank you.

 

Blocking outgoing traffic with Windows 10 Firewall for a specific Windows user

First of all, I'm aware of the following three questions and the corresponding answers, but none of them answer my problem:

• How to block/disable internet for one user in Windows 7 while keeping internet access for other users?
  
• Is there a way to block all internet traffic for a user with windows firewall?
  
• Windows 10 Firewall: block all - allow windows update
  

I'm running Windows 10 Professional on a laptop (stand alone, not inside a domain), which is used by multiple users. Every user has its own Windows account, and usually the list of users does not change.

I would like to block all outgoing traffic for a specific Windows user using the Windows Defender firewall. I've created a rule which blocks everything (all programs, all protocols, all ports, all IP addresses, all three profiles), and this rule seems to work well (I actually only checked ping, Firefox and wget).

When I edit this rule, on the last tab there is the option to ignore this rule for a set of users, see the following image:





My intention was to add all users where outgoing traffic is allowed, and only omit the single user that is not allowed to have outbound connections. However, the rule does not seem to work the way I thought it would, and I have no clue why. As soon as I check the corresponding checkbox and enter a single user into the list, the rule seems to be ignored, and anybody can connect.

Any help with this issue is appreciated. Thanks.

 

firewall rule to block addresses NOT on an IP list?


I am just starting to learn the Windows Firewall (working on both Windows 7 and 10) and I'm not impressed with the inflexibility of its rules. I would like to know if


1. Is there is a way to do what I want with Windows Firewall?
2. Is there is a third-party firewall that would do it?


What I want to do is create a rule that blocks outgoing connections, for program X, that are to a destination **NOT** in an IP list.


Windows Firewall is not very flexible in how you specify IP list rules. When you give an IP list, your rule will match that list... you can't say "trigger the rule for non-matching IP addresses." Therefore to allow outgoing connections to a list, you have to


1. Change the entire firewall policy to block outgoing connections by default so that you can create an "allow rule" matching your list. This will mess up the rest of your programs.


2. Somehow combine a block rule and allow rule. Create a block rule for most traffic, with the "allow" rule overriding it when appropriate. However, this doesn't appear to be possible in general. It **may** be possible for connections that use IPSec, I'm not sure. And I'm not sure if I can use IPSec in my application.

And is there a third-party firewall that can do it? Most 3rd-party firewalls are LESS sophisticated than Windows Firewall, because the use case they are addressing is providing an interface that doesn't require much comprehension. I need one that's actually MORE sophisticated than Windows Firewall.