How to block all traffic on a VM except host IP?

I am running a Vagrant VM and am trying to have a network isolated mode. Since disabling or changing anything with the default NAT interface breaks Vagrant I decided to block ALL traffic inside the CentOS 7 VM except the host IP.

Let's make 1.1.1.1 the host's IP

This is the command I am trying inside the Guest CentOS 7 VM:

sudo firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -s 1.1.1.1 -j ACCEPT && \
sudo firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -d 1.1.1.1 -j ACCEPT && \
sudo firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 1 -j DROP && \
sudo firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 1 -j DROP && \
sudo firewall-cmd --reload

With this I am able to ping from the Guest to the Host but am unable to ping the Guest from the Host.

What am I doing wrong? Basically, I just need to have SSH, TCP, and UDP access to the VM and host.

It looks like @djdomi's answer is working for me.

I deleted the gateway with the following command in the VM

sudo ip route del 0/0

Network was disconnected. However, I was able to SSH using vagrant ssh

Initially I was stuck trying to use nmap to scan the VM but I was using the private_network's static IP which did not work. Using the Vagrant's NAT IP I was able to ping from host to VM as well as nmap scans.