On Friday 07 March 2008 at 9:28 am, Pablo Sanchez penned
about "Re: [vbox-users] multiple real interfaces and bridging"
Hi,
I was _wrong_ that I had posted my bridging script on this list. I
did it elsewhere. Doh! Sorry.
Below is the script. It's _very_ openSUSE specific when it comes to
the `iptables' tweaks. Otherwise you should be able to hack it into
your environment.
What I suggest you do is ensure the `iptables' tweaks don't execute.
Change the following line as follows:
From
----
if [ $CHAIN_COUNT -gt 0 ] ; then
To
--
if [ 1 -eq 0 -a $CHAIN_COUNT -gt 0 ] ; then
^^^^^^^^^^
Once you get script working, you can add security back in ... :)
Change the `TAP_OWNER' to your user name. I'm using `eth0' on my
machine so you may need to ^eth0^YOUR_IFACE_HERE^
The script creates two taps:
tap0 - is bridged (see brctl) with `br0'
tap1 - is used for a VM which doesn't get Internet access - see
comments below
I'm using static IP's on this machine so I assign a static IP to `br0'
Cheers,
-pablo
-------8-<--8-<--8-<--8-<--8-<--8-<--
#!/bin/sh
TAP_OWNER="pablo"
TAPS="tap0"
#
# tap1 is used by 'rim4db-server' and doesn't get Internet access
#
# If we need Internet access, include 'tap1' in the above list
# and set the Server's NIC to DHCP or manually configure
# it:
#
# ifconfig eth0 192.168.25.78 netmask 255.255.255.0
# route add default gw 192.168.25.1
#
# Notes:
# - might need to tweak /etc/resolv.conf too
# - 192.168.25.78 is a completely arbitrary value
#
tunctl -t tap1 -u pablo
ifconfig tap1 192.168.0.1 netmask 255.255.255.0
#
# Release any IP information by downing the device
#
ifdown eth0
#
# If there isn't a chain, do nothing ...
#
CHAIN_COUNT=`iptables -L INPUT | sed 1,2d | wc -l`
if [ $CHAIN_COUNT -gt 0 ] ; then
#
# Which user defined chain will we affect? 'input_ext', 'input_int' or none?
#
iptables -L input_ext > /dev/null 2>&1
if [ $? -eq 0 ] ; then
USER_CHAIN="input_ext"
else
iptables -L input_int > /dev/null 2>&1
if [ $? -eq 0 ] ; then
USER_CHAIN="input_int"
else
USER_CHAIN="ACCEPT"
fi
fi
RULE_NUMBER=`iptables -L INPUT --line-numbers | grep $USER_CHAIN | awk '{
MAX=$1 } END { print MAX+1 }'`
iptables -I INPUT $RULE_NUMBER -i br0 -j $USER_CHAIN
iptables -I FORWARD -i br0 -j ACCEPT
fi
brctl addbr br0
ifconfig eth0 0.0.0.0 promisc
brctl addif br0 eth0
for TAP in $TAPS ; do
tunctl -t $TAP -u $TAP_OWNER
brctl addif br0 $TAP
ifconfig $TAP up
done
ifconfig br0 192.168.25.4 netmask 255.255.255.0
route add default gw 192.168.25.1
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/br0/proxy_arp
exit 0
---------
--
Pablo Sanchez - Blueoak Database Engineering, Inc
Ph: 819.459.1926 Toll free: 888.459.1926
Fax: 603.720.7723 (US) Text Page: [EMAIL PROTECTED]
_______________________________________________
vbox-users mailing list
[email protected]
http://vbox.innotek.de/mailman/listinfo/vbox-users
