From 1bfba069616e00aaa92e38aaece7f1c6f85e1215 Mon Sep 17 00:00:00 2001
From: Kroese <kroese@users.noreply.github.com>
Date: Wed, 3 May 2023 08:17:12 +0200
Subject: [PATCH] Restrict usermode network

---
 run/network.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/run/network.sh b/run/network.sh
index 049bfe6..b61b0d5 100644
--- a/run/network.sh
+++ b/run/network.sh
@@ -255,7 +255,7 @@ fi
 NET_OPTS="${NET_OPTS} -device virtio-net-pci,romfile=,netdev=hostnet0,mac=${VM_NET_MAC},id=net0"
 
 if [ "$DHCP" = "Y" ]; then
-  NET_OPTS="${NET_OPTS} -netdev user,id=hostnet1,hostfwd=tcp::5555-:5000"
+  NET_OPTS="${NET_OPTS} -netdev user,id=hostnet1,restrict=y,hostfwd=tcp::5555-:5000"
   NET_OPTS="${NET_OPTS} -device virtio-net-pci,romfile=,netdev=hostnet1,id=net1"
 fi