The tablet driver uses absolute position, so the mouse cursor has a nature transition when it's over the QEMU window. Also there is no "scaling" problem where the mouse moves at different speed inside and outside of the QEMU window.
Not sure about the current state of affairs, but the VirtualBox kernel modules you need on the host side have for a long time been known as being notoriously low quality and unstable. Up to the point where the kernel is considered tainted if they are loaded (i.e. any crashes or issues you report with VirtualBox modules loaded being ignored)[1][2].
It's slow as sin, for one thing. It has deceptive licensing terms, for another. And yes, the deceptive licensing started after Oracle bought Sun. That's definitely an answer. It's buggy, ridiculous software perpetuated after its irrelevancy largely to take advantage of people who haven't quite figured out QEMU yet.
I very much like VirtualBox and hope it continues to be around. However, there has been an open job posting on the site for a while now, and just after that popped up, the release cadence dropped from once a month to around once every two months. That implies things are not going as smoothly as they used to. Also, recent versions have an odd “New Cloud VM” option with only Oracle Cloud as an option. Oracle is also extremely aggressive in pushing their cloud in general, so it just seems like there could be something going on behind the scenes (like maybe a developer quit because of some things Oracle was starting to demand). This is highly speculative but seems to be a few things pointing in that type of direction.
Buggy networking, video, sound and shared filesystem support (at lease that last one is still an advantage over qemu which has... nothing. Not to matter, SMB shares can be mounted to work around)
Last time I looked at that it wasn't usable with a Windows guest. Looks like it's come on since then, thanks. Though the setup instructions are still far too complex (when compared with VirtualBox!)
this was written in 2018 and is slightly out of date, for one thing '-sdl' should be '-display gtk' if you're under gnome, '-sdl' is no longer supported.
Is there any "integrated firewall" in QEMU (and/or any linux container solutions e.g. "bubblewrap")?
For example, I run a closed source software (with both linux and windows versions) made by company A, which I use for doing business with company B. I'm happy for it to connect to company B's servers but I don't like it to phone home to company A (or any other 3rd parties)
Is it possible to run it in QEMU (or "bubblewrap"), allowing access to the public internet for a number of whitelisted websites (e.g. company B), and no access to my local lan?
It would be nice if it can be done with something like these
I'm not keen to manage a bunch of iptables or vnet rules/configs on my host because the configs seem to be all over the places and not easy to get right. Also it takes too much time/work if I just want to spin up some random softeware and test quickly.
Just set up a transparent proxy as the default route for the VM. Any non subnet-local traffic will then be filtered. Incrementally adding in sites to the allowlist as you need them is very interesting exercise in relearning your network dependencies. I say relearning because in the past you would just keep a tcpdump running on your boxes while you were working on the and that was enough to understand the normal networking. Now a fully connected host has all kinds of crap traffic all the time. I don’t really need Ubuntu to know when my hosts are up or not. Etc. etc.
if you have a router with VLAN support (Mikrotik, Ubiquiti, OpenWrt, many others), use VLANs. Isolate your VMs in their own subnet and configure your router what is allowed or not allowed for hosts in that subnet.
Depends, what you consider convenient. If you happen to have homelab cluster and you want your rules to survive a VM migration from one host to another, it is not convenient to have them defined per-node.
Alternatively, you can have a look how Proxmox does it. Proxmox uses qemu for VMs, iptables for firewall and their own cluster solution (corosync) to distribute the config (if you happen to have cluster) to all nodes. They are capable of isolating VMs connected to the same bridge.
> Depends, what you consider convenient. If you happen to have homelab cluster and you want your rules to survive a VM migration from one host to another, it is not convenient to have them defined per-node.
Yep true. I don't have a homelab, only a signle computer. I run random applications and games from time to time, so to me convenience is something I can quickly set up and discard.
Has anyone made the (unofficial, I think) Windows build work with acceleration on Windows 10? I'm away from the PC for a few days, so I cannot post specifics, but I've failed to make it work.
