setting up virtual box to SNAT/DNAT

E K ekg_ab-FFYn/CNdgSA at public.gmane.org
Wed Jan 13 22:06:55 UTC 2010 

Hi Dave,

If you setup NAT networking I don't think you can access the virtual machine because the masquerading rule is set by VirtualBox and I don't know how or where it does that. Your iptable rule applies to the host network and not the virtual network.

You can bridge the virtual network card with the host network card but that got to be done when the host machine boots after the network interfaces are up. You first need to install the bridging utilities. In that case you don't need DNAT/SNAT as the virtual machine will be on the host network with its own ip address.

You can google to find which packages you need to install for network bridging (something like tun and bridge-utils on Ubuntu) as well as the configuration for VirtualBox.

HTH,
EK
--- On Wed, 1/13/10, Dave Cramer <davec-zxk95TxsVYDyHADnj0MGvQC/G2K4zDHf at public.gmane.org> wrote:

> From: Dave Cramer <davec-zxk95TxsVYDyHADnj0MGvQC/G2K4zDHf at public.gmane.org>
> Subject: [TLUG]: setting up virtual box to SNAT/DNAT
> To: tlug-lxSQFCZeNF4 at public.gmane.org
> Received: Wednesday, January 13, 2010, 11:13 AM
> I'm trying to setup asterisk inside a
> virtual box vm on a host with
> only one interface. The host is running ubuntu 6.06, and
> virtualbox
> 2.2
> 
> I can get the host to talk out, but I can't DNAT ports
> 
> I've setup a bridge device
> 
> # VirtualBox NAT bridge
> auto vnet0
> iface vnet0 inet static
>         address 172.16.0.1
>         netmask 255.255.255.0
>         bridge_ports none
>         bridge_maxwait 0
>         bridge_fd 1
> 
> 
> Here are the iptables rules
> 
>  iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp
> --dport 10022 -j
> DNAT --to-destination 172.16.0.113:22
>  iptables -A FORWARD -m state --state ESTABLISHED,RELATED
> -j ACCEPT
>  iptables -A FORWARD -i eth0 -o vnet0 -m state --state NEW
> -j ACCEPT
>  iptables -A FORWARD -o eth0 -i vnet0 -m state --state NEW
> -j ACCEPT
>  iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> 
> 
> if I telnet into port 10022 the guest sees the incoming
> packet on port
> 22, but it doesn't go back properly.
> 
> Any help would be greatly appreciated.
> 
> Dave
> --
> The Toronto Linux Users Group.     
> Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80
> columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
> 


      __________________________________________________________________
Looking for the perfect gift? Give the gift of Flickr! 

http://www.flickr.com/gift/

--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list