qemu with tap networking on FreeBSD 6.1
Fabian Keil
freebsd-listen at fabiankeil.de
Sat Jul 29 17:51:43 UTC 2006
"mal content" <artifact.one at googlemail.com> wrote:
> On 28/07/06, Fabian Keil <freebsd-listen at fabiankeil.de> wrote:
> > Personally I prefer to use NAT to connect qemu
> > (and jails) with the world outside. This way you can
> > use pfctl -ss -r to see which connections come
> > from the host system and which don't.
> >
>
> How does this work?
In my PF default configuration there are "anchor"
and "nat-anchor" lines for every device from tap0 to tap9.
My qemu configuration script is:
|#!/bin/sh -x
|tap_if=$1
|ext_if=iwi0
|number=`expr \`echo $tap_if | cut -c 4\` + 7`
|
|sudo ifconfig $tap_if 192.168.$number.49
|echo "nat pass on $ext_if from $tap_if:network to any -> $ext_if" | sudo pfctl -N -a $tap_if -f -
|echo "pass quick on $tap_if flags S/SA keep state" | sudo pfctl -a $tap_if -R -f -
I start qemu with:
sudo dd if=/dev/null of=/dev/tap0
sudo chown fk /dev/tap0
qemu -m 32 -net nic -net tap,script=/home/fk/scripts/qemu-config -hda ~/test/netbsd.img
If I have to use other tap device I have to change the network settings
in the guest system, but usually I only need one qemu process.
if_tap is loaded on boot and net.link.tap.user_open is
enabled in /etc/sysctl.conf.
Fabian
--
http://www.fabiankeil.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20060729/e2fb0538/signature.pgp
More information about the freebsd-questions
mailing list