NATing with VirtaulBox and NetworkManager

From: Brian Millett <bmillett gmail com>
To: Network Manager <networkmanager-list gnome org>
Subject: NATing with VirtaulBox and NetworkManager
Date: Thu, 08 Nov 2007 15:08:21 -0600

For what it's worth,

I use VirtualBox on my fedora laptop.  Now, I need to access the guest OS from
the host as well as access the host from the guest.  Using the normal "NAT" that
is built into VirtualBox doesn't allow that.  I also can not use the Bridging
method explained in the manual, so I've done the following that works with
NetworkManager.

I need to have the guest access the net wither I'm using wireless or switch to
wired.  I setup a 'tap0' device that I assign an address, then I make sure that
the iptables firewall will let me NAT and setup MMASQUERADE for what ever device
is active.  You just need to assign a static ipaddr to the guest and make sure
that the gateway on the guest is the ipaddr of the tap0 device.

Any suggestions for improvement are greatly encouraged.


I've setup a dispatcher to do all of the work for me.

#!/bin/bash

PATH=/sbin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/sbin

if [ -x /usr/bin/logger ]; then
	LOGGER="/usr/bin/logger -s -p user.notice -t NetworkManagerDispatcher"
else
	LOGGER=echo
fi

getinterface() {
  NAME=$1
  ip link show | grep ": $NAME" | while read L; do
    OIFS=$IFS
    IFS=" :"
    set $L
    IFS=$OIFS
    echo $2
  done
}

NIC=$1
OPERAND=$2

## chown the device for virtualbox
chown root.vboxusers /dev/net/tun
chmod g+rw /dev/net/tun

# check if tap0 is already defined
interface=$(getinterface tap0)

## if not defined, then create it using openvpn
## and give it an address
if [ -z "$interface" ]; then
    openvpn --mktun --dev tap0
    #VBoxTunctl -t tap0 -u bpm
    ip link set up dev tap0

    ip addr add 192.168.89.1/24 dev tap0
    ip route add 192.168.89.0/24 dev tap0
fi

## make sure the active NIC is the one routing.
case "$OPERAND" in
    up)
        echo 1 > /proc/sys/net/ipv4/ip_forward
        iptables -t nat -F
        iptables -t nat -A POSTROUTING -o $NIC -j MASQUERADE
        ;;
    down)
        echo 0 > /proc/sys/net/ipv4/ip_forward
        iptables -t nat -F
        ;;
esac


-- 
Brian Millett - [ Col. Ben Zayn & Garibaldi, "Eyes"]
"Mr. Garibaldi. Very good."
'You know me?'
"Intimately. Fix you a drink?"
'I don't drink.'
"Really? Good. It's a vile habit when abused. Makes a soldier weak.
    Gets him in a *lot* of trouble."

Follow-Ups:
- Re: NATing with VirtaulBox and NetworkManager
  - From: Bob Ziuchkovski

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]