DragonFly users List (threaded) for 2008-06
DragonFly BSD
DragonFly users List (threaded) for 2008-06
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: vkernel and testing IP Filter


To: "Jeremy C. Reed" <reed@xxxxxxxxxxxxx>
From: Michael Neumann <mneumann@xxxxxxxx>
Date: Fri, 13 Jun 2008 18:25:59 +0200

Jeremy C. Reed wrote:
I am hoping I can use vkernel on leaf or pkgbox to do some IP Filter coding.

Can a vkernel be used to test packet filtering, networking and tcpdump?

Or maybe as an alternative, I could do my testing within bochs or gxemul environment and use kernel module(s) -- so I don't have to continually reboot my system for testing.

I am using qemu and it works well.


If your host machine is FreeBSD, you can nat the qemu-internal network
to the internet using the following in your rc.conf:

  cloned_interfaces="tap0"
  ifconfig_tap0="inet 192.168.3.1 netmask 255.255.255.0 up"
  gateway_enable="YES"
  firewall_enable="YES"
  firewall_type="OPEN"
  natd_enable="YES"
  natd_interface="rum0"
  natd_flags="-same_ports"

Just replace "rum0" with your interface that is contected with the
internet. Then start qemu with:

  qemu -m 256 -localtime -boot c \
       -hda disk1.img \
       -net nic -net tap,ifname=tap0,script=no

You can run this as normal user. But notice that when you quit qemu you
have to set the inet address for tap0 again (ifconfig tap0 inet
192.168.3.1). Assign 192.168.3.2 to your qemu-DragonFly box and voila,
you can ssh into it from outside.

You could also use bridging, but this doesn't seem to work for wireless
interfaces.

Regards,

Michael



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]