qemu with tap networking on FreeBSD 6.1
mal content
artifact.one at googlemail.com
Sat Jul 29 18:37:25 UTC 2006
On 29/07/06, Fabian Keil <freebsd-listen at fabiankeil.de> wrote:
> "mal content" <artifact.one at googlemail.com> wrote:
>
> > On 28/07/06, Fabian Keil <freebsd-listen at fabiankeil.de> wrote:
>
> > > Personally I prefer to use NAT to connect qemu
> > > (and jails) with the world outside. This way you can
> > > use pfctl -ss -r to see which connections come
> > > from the host system and which don't.
> > >
> >
> > How does this work?
>
> In my PF default configuration there are "anchor"
> and "nat-anchor" lines for every device from tap0 to tap9.
>
> My qemu configuration script is:
>
> |#!/bin/sh -x
> |tap_if=$1
> |ext_if=iwi0
> |number=`expr \`echo $tap_if | cut -c 4\` + 7`
> |
> |sudo ifconfig $tap_if 192.168.$number.49
> |echo "nat pass on $ext_if from $tap_if:network to any -> $ext_if" | sudo pfctl -N -a $tap_if -f -
> |echo "pass quick on $tap_if flags S/SA keep state" | sudo pfctl -a $tap_if -R -f -
>
> I start qemu with:
>
> sudo dd if=/dev/null of=/dev/tap0
> sudo chown fk /dev/tap0
> qemu -m 32 -net nic -net tap,script=/home/fk/scripts/qemu-config -hda ~/test/netbsd.img
>
> If I have to use other tap device I have to change the network settings
> in the guest system, but usually I only need one qemu process.
>
> if_tap is loaded on boot and net.link.tap.user_open is
> enabled in /etc/sysctl.conf.
>
Very interesting, I wouldn't have thought of doing it like that. I'll try it.
thanks!
MC
More information about the freebsd-questions
mailing list