Can IPFire do its job as a virtual machine?

If I install IPFire as a virtual machine on any distro I choose, would it work as well as it does on bare metal? Would it do its job correctly? Would hostapd work correctly? Would security be compromised and the whole purpose be defeated?

Thank you for all input.

I know people who installed Ipfire on proxmox (the system has at least 2 nics, 4 for all networks) and then you can configure ipfire to vmbr0 (red), vmbr1 (green), vmbr2 (DMZ), and vmbr3 (blue) to an AP. I do have an Ipfire VM on proxmox for tests but I prefer to use a separate physical system for ipfire.


I’ve been thinking here… If hostapd is running on IPFire and providing an access point (blue), anyone who is a client to that access point has no choice but to go through IPFire. Because it’s not the outer host that provides the AP. So far, mission acomplished.

However, if the host machine is connected to the ISP modem through an Ethernet cable and feeding IPFire’s red interface, IPFire cannot protect the host’s outer interface from the wild wild web. The host machine is then vulnerable.

I don’t even know what role green would ever play in this kind of arrangement.

I think you can protect other VMs if you set up their network correctly, meaning their gateway to internet is IPFire VM. Probably the most common use case is if you have a VPS on amazon or any cloud provider and you want to protect it with IPFire. The IPFire people have streamlined and documented quite well this procedure for Amazon cloud and few other cloud providers.

1 Like