I'm trying to simulate a production environment using my local computer with the help of Vagrant. The VM was not supposed to have any access to the internet.

Tried to untick the "Cable Connected" on the VirtualBox settings, but I will not be able to SSH to the VM which defeat the purpose.

Vagrantfile:

config.vm.define "second" do |second|
  second.vm.box = "centos/7"
  second.vm.box_check_update = false
  second.vm.hostname = 'second'

  second.vm.network :private_network, ip: "111.111.11.111"

  second.vm.provider :virtualbox do |v|
    v.name = "second"
  end

  second.vm.synced_folder "/devdir", "/vagrant_data"
end

Verification:

curl www.google.com  ## This should return error/ cannot found?

Thanks in advance, people!

2 solutions come to mind:

1. Display the VirtualBox GUI when booting the box and use the GUI to interact with your box:

   config.vm.provider "virtualbox" do |vb|
     vb.gui = true
   end
   

2. Use a software firewall blocking all incoming, outgoing and forwarded traffic, except incoming SSH connections to port 22. For example, using iptables:

   config.vm.provision "shell", inline: <<-SHELL
     sudo iptables -F
     sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
     sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
     sudo iptables -P INPUT DROP
     sudo iptables -P FORWARD DROP
     sudo iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
     sudo iptables -P OUTPUT DROP
   SHELL
   

   This sets the default policy of the INPUT, FORWARD and OUTPUT chains to DROP and allows only incoming TCP connections on port 22. It also allows outbound traffic to flow for established connections (responding to the incoming SSH traffic).