Hi Pablo,
Seems that IP forwarding on Linux is not taking place.
After installing ssh client on the windows guest (via the shared folder),
I was able to ssh into the host via ip address of the tap0 interface:
ssh2.exe [EMAIL PROTECTED]
However, ssh2.exe [EMAIL PROTECTED]
(which is the IP address of host's br0 interface), fails to connect.
It beches out:
Warning: Connection to 192.168.1.1 failed: Destination Unreachable
and the command exits.
I have enabled ip forwarding, AND disabled the firewall, on the host
to no avail.
# cat /proc/sys/net/ipv4/ip_forward
1
# cat /proc/sys/net/ipv4/conf/br0/proxy_arp
1
Again, thanx for the script.
Cheers,
Joe
Pablo Sanchez wrote:
> On Friday 07 March 2008 at 9:28 am, Pablo Sanchez penned
> about "Re: [vbox-users] multiple real interfaces and bridging"
>
> Hi,
>
> I was _wrong_ that I had posted my bridging script on this list. I
> did it elsewhere. Doh! Sorry.
>
> Below is the script. It's _very_ openSUSE specific when it comes to
> the `iptables' tweaks. Otherwise you should be able to hack it into
> your environment.
>
> What I suggest you do is ensure the `iptables' tweaks don't execute.
> Change the following line as follows:
>
> From
> ----
> if [ $CHAIN_COUNT -gt 0 ] ; then
>
> To
> --
> if [ 1 -eq 0 -a $CHAIN_COUNT -gt 0 ] ; then
> ^^^^^^^^^^
>
> Once you get script working, you can add security back in ... :)
>
> Change the `TAP_OWNER' to your user name. I'm using `eth0' on my
> machine so you may need to ^eth0^YOUR_IFACE_HERE^
>
> The script creates two taps:
>
> tap0 - is bridged (see brctl) with `br0'
> tap1 - is used for a VM which doesn't get Internet access - see
> comments below
>
> I'm using static IP's on this machine so I assign a static IP to `br0'
>
> Cheers,
> -pablo
>
> -------8-<--8-<--8-<--8-<--8-<--8-<--
> #!/bin/sh
>
> TAP_OWNER="pablo"
> TAPS="tap0"
>
> #
> # tap1 is used by 'rim4db-server' and doesn't get Internet access
> #
> # If we need Internet access, include 'tap1' in the above list
> # and set the Server's NIC to DHCP or manually configure
> # it:
> #
> # ifconfig eth0 192.168.25.78 netmask 255.255.255.0
> # route add default gw 192.168.25.1
> #
> # Notes:
> # - might need to tweak /etc/resolv.conf too
> # - 192.168.25.78 is a completely arbitrary value
> #
>
> tunctl -t tap1 -u pablo
> ifconfig tap1 192.168.0.1 netmask 255.255.255.0
>
> #
> # Release any IP information by downing the device
> #
> ifdown eth0
>
> #
> # If there isn't a chain, do nothing ...
> #
> CHAIN_COUNT=`iptables -L INPUT | sed 1,2d | wc -l`
>
> if [ $CHAIN_COUNT -gt 0 ] ; then
> #
> # Which user defined chain will we affect? 'input_ext', 'input_int' or
> none?
> #
> iptables -L input_ext > /dev/null 2>&1
> if [ $? -eq 0 ] ; then
> USER_CHAIN="input_ext"
> else
> iptables -L input_int > /dev/null 2>&1
> if [ $? -eq 0 ] ; then
> USER_CHAIN="input_int"
> else
> USER_CHAIN="ACCEPT"
> fi
> fi
>
> RULE_NUMBER=`iptables -L INPUT --line-numbers | grep $USER_CHAIN | awk '{
> MAX=$1 } END { print MAX+1 }'`
> iptables -I INPUT $RULE_NUMBER -i br0 -j $USER_CHAIN
> iptables -I FORWARD -i br0 -j ACCEPT
> fi
>
> brctl addbr br0
> ifconfig eth0 0.0.0.0 promisc
> brctl addif br0 eth0
>
> for TAP in $TAPS ; do
> tunctl -t $TAP -u $TAP_OWNER
> brctl addif br0 $TAP
> ifconfig $TAP up
> done
>
> ifconfig br0 192.168.25.4 netmask 255.255.255.0
> route add default gw 192.168.25.1
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
> echo 1 > /proc/sys/net/ipv4/conf/br0/proxy_arp
>
> exit 0
> ---------
>
_______________________________________________
vbox-users mailing list
[email protected]
http://vbox.innotek.de/mailman/listinfo/vbox-users
