I’m running Syncthing in a virtual machine (Debian guest under a Debian host) and would like to block this virtual machine at the host level from any other network activity, except what is necessary for syncthing’s functionality.
Is there a static list of internet addresses that I should whitelist (e.g for connecting to relays)? As for the local network, I intend to whitelist manually only the IPs of the synced devices.
Any advice on how to go about creating the necessary firewall rules?