I want to ensure that the host cannot access the internet traffic going between the vm guest and the internet, and more importantly I want to make sure the internet traffic cannot reach the host OS. I'm guessing that the bulk of my question here is what iptables rules are needed to make this happen?

Currently I boot into another partition on the host hard disk whenever I connect to the internet. I unmount my data partition and shutdown many services. I would like to do the same thing here instead with a virtual machine for convenience.

Is it possible to completely isolate the host OS from the internet traffic going to and from the vm guest? Or am I better off staying with my current practice of rebooting into the other partition when I need to get online.

I want to ensure that the host cannot access the internet. While internet traffic is free to travel to and from the vm guest, and more importantly I want to make sure the internet traffic cannot reach the host OS. I'm guessing that the bulk of my question here is what iptables rules are needed to make this happen?

Currently I boot into another partition on the host hard disk whenever I connect to the internet. I unmount my data partition and shutdown many services. I would like to do the same thing here instead with a virtual machine for convenience.

Is it possible to completely isolate the host OS from the internet traffic going to and from the vm guest? Or am I better off staying with my current practice of rebooting into the other partition when I need to get online.