"mal content" <[EMAIL PROTECTED]> wrote: > On 28/07/06, Fabian Keil <[EMAIL PROTECTED]> wrote:
> > Personally I prefer to use NAT to connect qemu > > (and jails) with the world outside. This way you can > > use pfctl -ss -r to see which connections come > > from the host system and which don't. > > > > How does this work? In my PF default configuration there are "anchor" and "nat-anchor" lines for every device from tap0 to tap9. My qemu configuration script is: |#!/bin/sh -x |tap_if=$1 |ext_if=iwi0 |number=`expr \`echo $tap_if | cut -c 4\` + 7` | |sudo ifconfig $tap_if 192.168.$number.49 |echo "nat pass on $ext_if from $tap_if:network to any -> $ext_if" | sudo pfctl -N -a $tap_if -f - |echo "pass quick on $tap_if flags S/SA keep state" | sudo pfctl -a $tap_if -R -f - I start qemu with: sudo dd if=/dev/null of=/dev/tap0 sudo chown fk /dev/tap0 qemu -m 32 -net nic -net tap,script=/home/fk/scripts/qemu-config -hda ~/test/netbsd.img If I have to use other tap device I have to change the network settings in the guest system, but usually I only need one qemu process. if_tap is loaded on boot and net.link.tap.user_open is enabled in /etc/sysctl.conf. Fabian -- http://www.fabiankeil.de/
signature.asc
Description: PGP signature
