Virtual-Box med eget iface mot nät

Har du något? Posta då här.
Post Reply
puc
Posts: 36
Joined: 3 June 2007, 09:31

Virtual-Box med eget iface mot nät

Post by puc » 16 December 2007, 15:53

Jag ville kunna köra Virtual-Box med en direkt kopplning till internet via ett eget nic, efter några dagars trail and error har jag nu lyckats åstadkomma det jag ville.

För att bespara de andra som vill kunna göra samma sak en del besvär lägger jag i form av ett script ut det jag kommit fram till fungerar.

Code: Select all

#!/bin/sh

# This script is tested and found working in Ubuntu 7.10 - Gutsy Gibbon.
#
# This script must be run as root (sudo in Ubuntu).
#
# This script contains a set of commands that will create a bridge so
# Viritual-Box can make a direct connection to the internet via eth2
# (change to suit you).
#
# Before we can make this happen you must install bridge-utils and uml-utilities.
# (sudo apt-get install bridge-utils uml-utilities) furthermore you must put "tap0"
# as the interface to use (Interface name) by Virtual-Box in Settings > Network
# in Virtual-Box.
#
# Before you run this script, read it and change the things that need to be changed
# to suit your environment.

#################################
# First som iptables stuff to prevent traffic from the internet to enter
# localhost on (in this case) eth2.
#################################

# Flush the rules out of all chains and delete the user defined ones.
/sbin/iptables -F
/sbin/iptables -X

# Policies.
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT

# Accept traffic in on eth1 (change to suit you, this interface should be protected by a firewall).
/sbin/iptables -A INPUT -i eth1 -j ACCEPT

################################
# Make a bridge for VirtualBox.
################################

# Create Ethernet interface tap0 with user gw (change to suit you).
/usr/sbin/tunctl -t tap0 -u gw

# Make /dev/net/tun read and writable by all user.
/bin/chmod 666 /dev/net/tun

# Create the bridge.
/usr/sbin/brctl addbr br0

# Set eth2 in promiscuous mode (change to suit you).
/sbin/ifconfig eth2 0.0.0.0 promisc


# A bridge has a number of ports attached to it. Network traffic coming
# in on any of these ports will be forwarded to the other ports
# transparently, so that the bridge is invisible to the rest of the net‐
# work (i.e. it will not show up in traceroute).
#
# Make the interface eth2 (change to suit you) a port to the bridge br0.
/usr/sbin/brctl addif br0 eth2

# DHCP on br0.
/sbin/dhclient br0

# Make the interface tap0 a port to the bridge br0.
/usr/sbin/brctl addif br0 tap0

# Set the adress 10.0.0.1 (totally arbitrary as long as it isn't in use) on iterface tap0 and make it alive.
/sbin/ifconfig tap0 10.0.0.1 up

# Proxy arp make it possible for a router to answer to a ARP request if the destination address is
# another interface on your machine.
#
# Proxy ARP will respond to ARP requests on one interface as being responsible for addresses of device
# addresses on another interface. The device can then receive and forward packets addressed to the
# other devices.
#
# Proxy ARP for tap0.
/bin/bash -c 'echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp'

# Add host 10.0.0.1 with the interface tap0 to the routing table.
/sbin/route add -host 10.0.0.1 dev tap0

# Proxy ARP for host 10.0.0.1 using the eth2 (change to suit you) interface's hardware address and publish this table entry.
/usr/sbin/arp -Ds 10.0.0.1 eth2 pub

################################
# Make localhost use the right gateway (change to suit you).
################################

/sbin/route add default gw 192.168.1.3

puc
Posts: 36
Joined: 3 June 2007, 09:31

Post by puc » 19 December 2007, 20:38

Jag lyckas inte använda ovanstående script som startscript för virtualbox, det vill av okända skäl inte fugera. Det går inte heller att köra i rc.local. (Det verkar som det körs OK men virtualbox vill inte använda tap0 som interface, det blir bara ett felmedelande)

Lösningen blev detta för att starta virtualbox i ett moment med rätt inställningar för nätverket:

Code: Select all

#!/bin/sh

if [ -e /proc/sys/net/ipv4/conf/tap0 ]
then
        {
        virtualbox
        }
else
        {
        gksudo -k "sh -c '/home/gw/Desktop/test8'"
        virtualbox
        }
fi

exit 0
test8 är det första scriptet.

Jag har försökt få det att fugera som ett script med gksudo (grafisk ruta för att skriva root lösenordet) för de delar som behöver root men det vill sig inte. så lösningen får bli ett script som exekverar det första scriptet (om det är nödvändigt).

Om någon har en vettigare lösning så fortsätt gärna på tråden.

Post Reply