\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b:<\/p>\n
\r\napt install iptables-persistent apparmor-utils ovmf\r\n<\/pre>\n\u041e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 QEMU<\/strong>:<\/p>\n
\r\nvim \/etc\/libvirt\/qemu.conf\r\n<\/pre>\n\u0418 \u0434\u043e\u0431\u0430\u0432\u0438\u043c\/\u043e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443:<\/p>\n
\r\nsecurity_driver = "apparmor"\r\n<\/pre>\n\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043c \u0441\u0435\u0440\u0432\u0438\u0441 libvirt<\/strong>:<\/p>\n
\r\nsystemctl restart libvirt-bin\r\nsystemctl restart libvirtd\r\n<\/pre>\n<\/p>\n
\u0414\u0430\u043b\u0435\u0435 \u043d\u0443\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c XML<\/strong> \u0444\u0430\u0439\u043b \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u043d\u0430\u0448\u0435\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b:<\/p>\n
\r\nvim macos-mojave.xml\r\n<\/pre>\n\u0421\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c:<\/p>\n
\r\n<domain type='kvm' xmlns:qemu='http:\/\/libvirt.org\/schemas\/domain\/qemu\/1.0'>\r\n <name>macos-mojave<\/name>\r\n <uuid>2aca0dd6-cec9-4717-9ab2-0b7b13d111c3<\/uuid>\r\n <title>MacOS-Mojave<\/title>\r\n <memory unit='KiB'>8192000<\/memory>\r\n <currentMemory unit='KiB'>8192000<\/currentMemory>\r\n <vcpu placement='static'>4<\/vcpu>\r\n <os>\r\n <type arch='x86_64' machine='pc-q35-2.11'>hvm<\/type>\r\n <loader readonly='yes' type='pflash'>\/var\/lib\/kvm\/vm_images\/macos-mojave\/OVMF_CODE.fd<\/loader>\r\n <nvram>\/var\/lib\/kvm\/vm_images\/macos-mojave\/OVMF_VARS-1024x768.fd<\/nvram>\r\n <\/os>\r\n <features>\r\n <acpi\/>\r\n <kvm>\r\n <hidden state='on'\/>\r\n <\/kvm>\r\n <\/features>\r\n <clock offset='utc'\/>\r\n <on_poweroff>destroy<\/on_poweroff>\r\n <on_reboot>restart<\/on_reboot>\r\n <on_crash>restart<\/on_crash>\r\n <devices>\r\n <emulator>\/usr\/bin\/qemu-system-x86_64<\/emulator>\r\n <disk type='file' device='disk'>\r\n <driver name='qemu' type='qcow2' cache='writeback'\/>\r\n <source file='\/var\/lib\/kvm\/vm_images\/macos-mojave\/mac_hdd.img'\/>\r\n <target dev='sda' bus='sata'\/>\r\n <boot order='1'\/>\r\n \r\n\r\n<address type='drive' controller='0' bus='0' target='0' unit='0'\/>\r\n <\/disk>\r\n <controller type='sata' index='0'>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'\/>\r\n <\/controller>\r\n <controller type='pci' index='0' model='pcie-root'\/>\r\n <controller type='pci' index='1' model='dmi-to-pci-bridge'>\r\n <model name='i82801b11-bridge'\/>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'\/>\r\n <\/controller>\r\n <controller type='pci' index='2' model='pci-bridge'>\r\n <model name='pci-bridge'\/>\r\n <target chassisNr='2'\/>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'\/>\r\n <\/controller>\r\n <controller type='usb' index='0' model='ich9-ehci1'>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x7'\/>\r\n <\/controller>\r\n <controller type='usb' index='0' model='ich9-uhci1'>\r\n <master startport='0'\/>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x0' multifunction='on'\/>\r\n <\/controller>\r\n <controller type='usb' index='0' model='ich9-uhci2'>\r\n <master startport='2'\/>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x1'\/>\r\n <\/controller>\r\n <controller type='usb' index='0' model='ich9-uhci3'>\r\n <master startport='4'\/>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x2'\/>\r\n <\/controller>\r\n <interface type='bridge'>\r\n <mac address='52:54:00:AB:DF:0A'\/>\r\n <source bridge='virbr0'\/>\r\n <target dev='tap1'\/>\r\n <model type='e1000-82545em'\/>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x02' slot='0x02' function='0x0'\/>\r\n <\/interface>\r\n <input type='keyboard' bus='usb'>\r\n \r\n\r\n<address type='usb' bus='0' port='2'\/>\r\n <\/input>\r\n <input type='mouse' bus='ps2'\/>\r\n <input type='tablet' bus='usb'>\r\n \r\n\r\n<address type='usb' bus='0' port='3'\/>\r\n <\/input>\r\n <input type='keyboard' bus='ps2'\/>\r\n <graphics type='vnc' port='5901' autoport='no' listen='0.0.0.0' keymap='en-us'>\r\n <listen type='address' address='0.0.0.0'\/>\r\n <\/graphics>\r\n <sound model='ich9'>\r\n \r\n\r\n<address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'\/>\r\n <\/sound>\r\n <video>\r\n <model type='vga'\/>\r\n <\/video>\r\n <redirdev bus='usb' type='spicevmc'>\r\n \r\n\r\n<address type='usb' bus='0' port='5'\/>\r\n <\/redirdev>\r\n <hub type='usb'>\r\n \r\n\r\n<address type='usb' bus='0' port='1'\/>\r\n <\/hub>\r\n <memballoon model='none'\/>\r\n <\/devices>\r\n <qemu:commandline>\r\n <qemu:arg value='-device'\/>\r\n <qemu:arg value='isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc'\/>\r\n <qemu:arg value='-smbios'\/>\r\n <qemu:arg value='type=2'\/>\r\n <qemu:arg value='-cpu'\/>\r\n <qemu:arg value='Penryn,kvm=on,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+pcid,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check'\/>\r\n <\/qemu:commandline>\r\n<\/domain>\r\n<\/pre>\n\u041c\u044b \u043e\u043f\u0438\u0441\u0430\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443, \u0441 \u0438\u043c\u0435\u043d\u0435\u043c "macos-mojave<\/strong>", \u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u0443\u0434\u0435\u0442 4 \u044f\u0434\u0440\u0430<\/strong> \u0438 8 \u0413\u0431 \u041e\u0417\u0423<\/strong>, \u0441\u0435\u0442\u0435\u0432\u0430\u044f \u043a\u0430\u0440\u0442\u0430 \u0432 NAT<\/strong> \u0440\u0435\u0436\u0438\u043c\u0435 (\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 tap1<\/strong>), \u0430 \u0442\u0430\u043a \u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e VNC<\/strong> \u043f\u043e \u043f\u043e\u0440\u0442\u0443 5901<\/strong>.<\/p>\n
\u041f\u0440\u043e\u0432\u0435\u0440\u044c\u0442\u0435 \u043f\u0443\u0442\u0438 \u043a \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u043e\u0431\u0440\u0430\u0437\u0430 \u0434\u0438\u0441\u043a\u0430 \u0438 OVMF<\/strong> \u0444\u0430\u0439\u043b\u043e\u0432.<\/p><\/blockquote>\n
MAC<\/strong> \u0430\u0434\u0440\u0435\u0441 \u0438 UUID<\/strong> \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u043c\u0438.<\/p>\n
\u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f UUID<\/strong>:<\/p>\n
\r\nuuidgen\r\n<\/pre>\n\u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f MAC<\/strong> \u0430\u0434\u0440\u0435\u0441\u0430:<\/p>\n
\r\nprintf '52:54:00:AB:%02X:%02X\\n' $((RANDOM%256)) $((RANDOM%256))\r\n<\/pre>\n<\/p>\n
2. Virsh<\/h4>\n
\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043a libvirtd<\/strong>:<\/p>\n
\r\nvirsh --connect qemu:\/\/\/system\r\n<\/pre>\n\u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c \u043d\u0430\u0448 XML<\/strong> \u0444\u0430\u0439\u043b \u043d\u0430 \u0432\u0430\u043b\u0438\u0434\u043d\u043e\u0441\u0442\u044c:<\/p>\n
\r\nvirt-xml-validate macos-mojave.xml\r\n<\/pre>\n\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 XML<\/strong> \u0444\u0430\u0439\u043b\u0430:<\/p>\n
\r\nvirsh define macos-mojave.xml\r\n<\/pre>\n\u0417\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443:<\/p>\n
\r\nvirsh start macos-mojave\r\n<\/pre>\n\u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0432 \u0430\u0432\u0442\u043e\u0437\u0430\u043f\u0443\u0441\u043a.<\/p>\n
\u0421\u043c\u043e\u0442\u0440\u0438\u043c \u0441\u043f\u0438\u0441\u043e\u043a VM<\/strong><\/p>\n
\r\nvirsh list --all\r\n<\/pre>\n\r\nroot@KVM:~# virsh list --all\r\n Id Name State\r\n----------------------------------------------------\r\n - macos-mojave shut off\r\n<\/pre>\n\u0421\u043c\u043e\u0442\u0440\u0438\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 "macos-mojave<\/strong>"<\/p>\n
\r\nvirsh dominfo macos-mojave\r\n<\/pre>\n\r\nroot@KVM:~# virsh dominfo macos-mojave\r\nId: -\r\nName: macos-mojave\r\nUUID: 2aca0dd6-cec9-4717-9ab2-0b7b13d111c3\r\nOS Type: hvm\r\nState: shut off\r\nCPU(s): 4\r\nMax memory: 8192000 KiB\r\nUsed memory: 8192000 KiB\r\nPersistent: yes\r\nAutostart: disable\r\nManaged save: no\r\nSecurity model: none\r\nSecurity DOI: 0\r\n<\/pre>\n\u041d\u0430\u0441 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0443\u0435\u0442 \u0441\u0442\u0440\u043e\u043a\u0430: "Autostart: disable<\/strong>"<\/p>\n
\u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0432 \u0430\u0432\u0442\u043e\u0437\u0430\u043f\u0443\u0441\u043a:<\/p>\n
\r\nvirsh autostart macos-mojave\r\n<\/pre>\n\r\nroot@KVM:~# virsh autostart macos-mojave\r\nDomain macos-mojave marked as autostarted\r\n<\/pre>\n\u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c \u0441\u043d\u043e\u0432\u0430:<\/p>\n
\r\nroot@KVM:~# virsh dominfo macos-mojave\r\nId: -\r\nName: macos-mojave\r\nUUID: 2aca0dd6-cec9-4717-9ab2-0b7b13d111c3\r\nOS Type: hvm\r\nState: shut off\r\nCPU(s): 4\r\nMax memory: 8192000 KiB\r\nUsed memory: 8192000 KiB\r\nPersistent: yes\r\nAutostart: enable\r\nManaged save: no\r\nSecurity model: none\r\nSecurity DOI: 0\r\n<\/pre>\n<\/p>\n
3. IPTables<\/h4>\n
\u041f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 Virsh<\/strong> \u043f\u0435\u0440\u0435\u0442\u0438\u0440\u0430\u0435\u0442 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 IPTables<\/strong>'\u0430 \u0441\u0432\u043e\u0438\u043c\u0438. \u0414\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u044d\u0442\u043e\u0433\u043e \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c, \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u043e \u043d\u0443\u0436\u043d\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430.
\n\u0422\u0435\u043a\u0443\u0449\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439:<\/p>\n\r\niptables -S\r\n<\/pre>\n\u041f\u0440\u0438\u043c\u0435\u0440 \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 IPTables<\/strong>:<\/p>\n
\r\n#!\/bin\/bash\r\n \r\niptables -F\r\niptables -X\r\n \r\niptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT\r\niptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP\r\niptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP\r\niptables -A INPUT -m state --state INVALID -j DROP\r\niptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP\r\niptables -A INPUT -i lo -j ACCEPT\r\n \r\n########################## ALLOWED PORTS ###########################\r\n\r\niptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT\r\niptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT\r\niptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT\r\n\r\n#################### FOR SSH CONNECTIONS TO VM's ###################\r\n\r\niptables -A INPUT -p tcp -m tcp --dport 2222 -j ACCEPT\r\n \r\n####################### ALLOWED IP ADDRESSES #######################\r\n\r\n# FOR VNC ACCESS WITHOUT PASSWORD\r\niptables -A INPUT -s 1.1.1.1 -j ACCEPT\r\niptables -A INPUT -s 2.2.2.2 -j ACCEPT\r\n\r\n######################## FOR NAT FROM VM's #########################\r\n\r\niptables -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT\r\niptables -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT\r\niptables -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT\r\niptables -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT\r\n\r\n################### FOR FORWARDING PORTS TO VM's ###################\r\n\r\niptables -t nat -A PREROUTING -p tcp -d MY_EXTERNAL_IP --dport 2222 -j DNAT --to-destination 192.168.122.100:22\r\n\r\niptables -A FORWARD -i eno1 -d 192.168.122.100 -p tcp --dport 22 -j ACCEPT\r\n\r\n######################## FOR NAT FROM VM's #########################\r\n\r\niptables -A FORWARD -d 192.168.122.0\/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT\r\niptables -A FORWARD -s 192.168.122.0\/24 -i virbr0 -j ACCEPT\r\niptables -A FORWARD -i virbr0 -o virbr0 -j ACCEPT\r\niptables -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable\r\niptables -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable\r\n\r\niptables -A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT\r\n\r\niptables -P OUTPUT ACCEPT\r\niptables -P INPUT DROP\r\niptables -P FORWARD ACCEPT\r\n\r\n<\/pre>\n\u041d\u0435 \u0437\u0430\u0431\u0443\u0434\u044c\u0442\u0435 \u043f\u043e\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 IP<\/strong> \u0430\u0434\u0440\u0435\u0441, \u0438 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 "eno1<\/strong>" \u043d\u0430 \u0441\u0432\u043e\u0439.<\/p>\n
\u0421\u043a\u0440\u0438\u043f\u0442 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u0440\u0442\u0430\u043c: 22<\/strong>, 80<\/strong> \u0438 443<\/strong>. \u0410 \u0442\u0430\u043a \u0436\u0435 \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a IP<\/strong> \u0430\u0434\u0440\u0435\u0441\u0430\u043c "1.1.1.1<\/strong>" \u0438 "2.2.2.2<\/strong>" \u0418 \u0434\u0435\u043b\u0430\u0435\u0442 \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u0430 "2222<\/strong>" \u0441 \u0445\u043e\u0441\u0442\u0430 \u043d\u0430 \u043f\u043e\u0440\u0442 "22<\/strong>" \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b (IP<\/strong> \u0430\u0434\u0440\u0435\u0441 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b — 192.168.122.100<\/strong>)<\/p>\n
\u0421\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u043c \u043f\u0440\u0430\u0432\u0438\u043b\u0430:<\/p>\n
\r\niptables-save > \/etc\/iptables\/rules.v4\r\n<\/pre>\n\u0415\u0441\u043b\u0438 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u044d\u0442\u0430 \u043f\u0430\u043f\u043a\u0430, \u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0435\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c<\/p>\n
\r\nmkdir \/etc\/libvirt\/hooks\r\n<\/pre>\n\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0441\u043a\u0440\u0438\u043f\u0442:<\/p>\n
\r\nvim \/etc\/libvirt\/hooks\/network\r\n<\/pre>\n\u0421\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c:<\/p>\n
\r\n#!\/bin\/bash\r\n\r\n# Libvirt hook, see: https:\/\/www.libvirt.org\/hooks.html\r\n# for iptables reloading after host booted\r\n\r\nif [ "$2" = "started" ]; then\r\n\r\n\/bin\/systemctl restart netfilter-persistent\r\n\r\nfi;\r\n\r\nexit 0;\r\n<\/pre>\n\u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0431\u0438\u0442 \u0432\u044b\u043f\u043e\u043b\u0435\u043d\u043d\u0438\u044f:<\/p>\n
\r\nchmod +x \/etc\/libvirt\/hooks\/network\r\n<\/pre>\n\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 Virsh<\/strong> \u0431\u0443\u0434\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f IPTables<\/strong>, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0430 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435.<\/p>\n","protected":false},"excerpt":{"rendered":"
1. \u041f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0430 \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b: \u041e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 QEMU: \u0418 \u0434\u043e\u0431\u0430\u0432\u0438\u043c\/\u043e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443: \u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043c \u0441\u0435\u0440\u0432\u0438\u0441 libvirt:<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[507],"tags":[511,515,517,377,509],"_links":{"self":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/758"}],"collection":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=758"}],"version-history":[{"count":13,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/758\/revisions"}],"predecessor-version":[{"id":775,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/758\/revisions\/775"}],"wp:attachment":[{"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}