QEMU/KVM/Libvirt not recognised on Linux Mint 20.2 Cinnamon

[greereer]

What happened:
Portmaster on Linux Mint 20.2 Cinnamon does not identify my lib-virt traffic and has put it all in the unidentified processes category, as a result I have to allow unidentified processes to make connections.

What did you expect to happen?:
I expected Portmaster to identify the lib-virt traffic and place it in it's own "Application".
Portmaster on Ubuntu 20.04 successfully identifies my lib-virt connections and puts them in their own application category

[dhaavi]

Hey @greereer, thanks for reporting this!

As a general note before go into this: Currently, VMs and such are out of scope of the Portmaster, because there are too many unknowns to cover right now. See #166 for details.

One thing that could be happening, is that your lib-virt instances are using different network integration modes. Can you check what the configuration on both is regarding the networking?
Specifically, the reason that it can't identify the processes in one case, is that the processes don't show up in the host's /proc filesystem.

[greereer]

Hello @dhaavi, thank you for your help,

I using only the system default NAT on both VMs.

Thank you again,
@greereer

[dhaavi]

Ok, then both should be visible.

If I understand correctly, the VM is displayed as one application in the Portmaster - you don't see the individual applications from within the VM, right?

I also checked again on the available libvirt network integration options here: https://wiki.libvirt.org/page/VirtualNetworking#Virtual_network_switches

If you have everything in NAT mode, it should work.

Can you select one of the connections coming from the VM in the Unidentified Processes app and press the "Copy JSON" button in the dropdown to the right of the connection?
(You will need to be in the Developer UI Mode to see that button)

[github-actions]

Auto-closing this issue after waiting for input for a month. If anyone finds the time to provide the requested information, please re-open the issue and we will continue handling it.

[Arcitec]

@dhaavi No. Portmaster blocks all NAT connections. And classifies it as "Network Noise".

That being said, it's fixable by going into Portmaster: Rules: Incoming, and adding QEMU's default network:

• Allow: 192.168.122.0/24

Documentation Update Needed :D

Virtualization defaults to using NAT instead of bridging, and QEMU uses 192.168.122.* as its network by default, so this should work for everyone who hasn't modified the defaults.

[Arcitec]

That fixed libvirt (virt-manager) for me. Probably fixes GNOME Boxes too since it's the same libvirt engine.

[Arcitec]

That takes care of IPv4.

As for IPv6, it seems nothing needs to be done:

https://libvirt.org/formatnetwork.html

"All traffic between guests connected to this network and the physical network will be forwarded to the physical network via the host's IP routing stack, after the guest's IP address is translated to appear as the host machine's public IP address (a.k.a. Network Address Translation, or "NAT"). This allows multiple guests, all having access to the physical network, on a host that is only allowed a single public IP address. If a network has any IPv6 addresses defined, the IPv6 traffic will be forwarded using plain routing, since IPv6 has no concept of NAT."

[greereer]

Hello, this solved and worked perfect for me!! thank you @Bananaman and everyone else for the making this project.