Thank You for Your time and answer, Arno: >Sthu Deus (sthu.d...@gmail.com on 2011-11-15 20:12 +0700): >qemu does not use sudo. -net tap,ifname=$(sudo tunctl -b) doesn't work?
/usr/bin/kvm -localtime -m 256 -no-reboot -boot c -hda /srv/vm/serv/da -net nic,macaddr=$(printf 'DE:AD:BE:EF:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256))) -net tap,ifname=$(sudo /usr/sbin/tunctl -b) kvm: -net tap,ifname=tap0: could not configure /dev/net/tun (tap0): Operation not permitted kvm: -net tap,ifname=tap0: Device 'tap' could not be initialized /usr/bin/kvm -localtime -m 256 -no-reboot -boot c -hda /srv/vm/serv/da -net nic,macaddr=$(printf 'DE:AD:BE:EF:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256))) -net tap,ifname=$(sudo /usr/sbin/tunctl -b; /usr/bin/sudo /sbin/ip link set tap1 up; /usr/bin/sudo /sbin/brctl addif br0 tap1) kvm: -net tap,ifname=tap1: could not configure /dev/net/tun (tap1): Operation not permitted kvm: -net tap,ifname=tap1: Device 'tap' could not be initialized But his works for host-guest connection as I have before said: /usr/bin/kvm -localtime -m 256 -no-reboot -boot c -hda /srv/vm/serv/da -net nic -net tap,ifname=$(sudo /usr/sbin/tunctl -b -u $(whoami); sudo /sbin/ifconfig tap0 192.168.1.2 up; sudo /sbin/route add -host 192.168.1.10 dev tap0),script=no,downscript=no; /usr/sbin/tunctl -d tap0 Though they probably need to correct the KVM networking page. :) - Some many additional movements are necessary to make it working under nirmal user. :) Now, Internet access is wanted for the guest. :) So in this case which things do You recommend for ip table routing for both (host and guest) and NAT rules? I do this as follows (w/o luck): # for f in /proc/sys/net/bridge/bridge-nf-*; do echo 0 > $f; done (manual advised that - did not test w/o it). # sysctl -w net.ipv4.ip_forward=1 Clientside: route add default gw 192.168.1.2 /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 ! -d 192.168.1.0/24 -j SNAT --to-source 192.168.0.2 Giving all the local network (the host-guest one) Internet access (to Internet router). The legend is: host: eth0 w/ .0.2 address, tap0 w/ .1.2 address, guest: eth0 w/ .1.10 address. But it does not work - I can not ping .0.1 - the router from guest nor update >> By the way, to overrun the permission problem I have tried running it >> under sudo (root) user when I got the following error: >> >> No protocol specified >> Could not initialize SDL(No available video device) - exiting >> >> So it needs a screen for KVM window running. Do You know how I can >> launch it in such case? - Except to allow root user. :) > >Most likely your sudo does not preserve $DISPLAY. Hmm. Both (under t\a user and under the sudo su) the environment show ":1". >> I've got such a problem w/ NATing: >> >> /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d ! >> 192.168.1.0/24 -j SNAT --to-source 192.168.0.2 >> >> Bad argument `192.168.1.0/24' >> >> Do You have any idea why iptables does not accept the ip nor the ip >> net? > >You need to use ! -d addr, not -d ! addr Oh! Again, in manual of iptables (by Oskar) sign "!" is used after, "-s" or "--protocol", etc. 8? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4ec54118.8d85cd0a.63b5.0...@mx.google.com