Date: Sat, 29 Jul 2006 19:37:23 +0100 From: "mal content" <artifact.one@googlemail.com> To: "Fabian Keil" <freebsd-listen@fabiankeil.de> Cc: freebsd-questions@freebsd.org Subject: Re: qemu with tap networking on FreeBSD 6.1 Message-ID: <8e96a0b90607291137j3808df1dj759ab773319c250@mail.gmail.com> In-Reply-To: <20060729195129.15feb19b@localhost> References: <8e96a0b90607280942o7fb9d5e5s876ad7367379210@mail.gmail.com> <20060728212909.032e047c@localhost> <8e96a0b90607281232k216490d8l33e3261f6081124d@mail.gmail.com> <20060729195129.15feb19b@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On 29/07/06, Fabian Keil <freebsd-listen@fabiankeil.de> wrote: > "mal content" <artifact.one@googlemail.com> wrote: > > > On 28/07/06, Fabian Keil <freebsd-listen@fabiankeil.de> wrote: > > > > Personally I prefer to use NAT to connect qemu > > > (and jails) with the world outside. This way you can > > > use pfctl -ss -r to see which connections come > > > from the host system and which don't. > > > > > > > How does this work? > > In my PF default configuration there are "anchor" > and "nat-anchor" lines for every device from tap0 to tap9. > > My qemu configuration script is: > > |#!/bin/sh -x > |tap_if=$1 > |ext_if=iwi0 > |number=`expr \`echo $tap_if | cut -c 4\` + 7` > | > |sudo ifconfig $tap_if 192.168.$number.49 > |echo "nat pass on $ext_if from $tap_if:network to any -> $ext_if" | sudo pfctl -N -a $tap_if -f - > |echo "pass quick on $tap_if flags S/SA keep state" | sudo pfctl -a $tap_if -R -f - > > I start qemu with: > > sudo dd if=/dev/null of=/dev/tap0 > sudo chown fk /dev/tap0 > qemu -m 32 -net nic -net tap,script=/home/fk/scripts/qemu-config -hda ~/test/netbsd.img > > If I have to use other tap device I have to change the network settings > in the guest system, but usually I only need one qemu process. > > if_tap is loaded on boot and net.link.tap.user_open is > enabled in /etc/sysctl.conf. > Very interesting, I wouldn't have thought of doing it like that. I'll try it. thanks! MC
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8e96a0b90607291137j3808df1dj759ab773319c250>