Archive for May, 2008

New favicon

Not that I am an artist (well, not in the common meaning of the word), but I really like my new favicon. I’m not the creator, BTW: credits go to Irilium 😉

Add comment May 14th, 2008

Set up true NAT networking on Virtualbox

For a couple of years I used Vmware as virtualization solution, because the alternatives weren’t at its level. I used to run Vmware to emulate a WinXP-Pro guest, with IIS, to write an ASP project for a course. Thanks god, the teacher changed his mind and let some of us code in PHP as well. Anyway, recently Vmware went crazy. Whenever I open it, it just disables my Shift and Control keys: only restarting X solves to problem.

So I switched to VirtualBox.

Good news:

  • It’s released under the GPL. And this is a very good thing.
  • It does not mess up with my keyboard. Yay!

Bad news:

  • I have to use the binary image of the program, because the GPL’d version has no USB support (and I need it for another course).
  • Requires the QT libraries to run. Yuck! As I am a Gnome user, I try to avoid QTs as much as possible. Well, nevermind, I’ve packaged them some time ago (when I used the GUI of wpa_supplicant, but this is another story), so I do not have to compile them.
  • There isn’t a true NAT system, as in Vmware.

The last issue drove me crazy. To set up networking in Virtualbox you have three choices (well, actually four, but I do not consider “cable unplugged” a choice 🙂 )

  • You can use a “fake” NAT, but it makes very painful the access to guest resources. You have to manually map your resources onto local ports: this is secure (well… not very secure, actually, as the socket binds to the INADDR_ANY address, and not on the loopback device), but not as friendly as the Vmware solution (that is, NAT the guests and give to the host OS a virtual network interface on the guests LAN).
  • You can use a network bridge. But this is bad, as it exposes your guests to your LAN. The problem could be solved using iptables, but, in my case, it wouldn’t help very much, as I cannot have more than one MAC address per computer (dormitory restrictions).
  • You can configure a local network between guests with no host connectivity. Not really a solution.

I looked for informations on the Net. No solution. So I decided to write a shell script on my own.

http://dark.asengard.net/mirror/gentoo/vboxnat.sh
(it’s so small that I release it in the public domain 😉 )

Why not? 😛 It combines my Bash and networking skills, and I like writing little tools, so… 🙂

It’s written with the Gentoo subsystem in mind, but it can be ported to other distros with little pain. It’s very easy to set up: edit the beginning of the script, substituting dark with your username and eth1 with the name of the physical interface that you use to connect to the world. Basically, it does the following:

  • Loads/unloads the Virtualbox kernel module
  • Starts/stops the Virtualbox network interface
  • Associates the Virtualbox network interface with the user that runs the Virtualbox guest
  • Enables/disables IP packets forwarding in the whole system
  • Starts/stops the iptables userspace daemon
  • Adds a iptable rule to allow NAT

And that’s it 🙂

UPDATE: I’ve edited and uploaded again the script to resolve the issue at comment #1. If /sbin/functions.sh is missing, wrappers functions are defined to handle the console output.

8 comments May 8th, 2008


Rate:  

Calendar

May 2008
M T W T F S S
« Apr   Jun »
 1234
567891011
12131415161718
19202122232425
262728293031  

Badges

Posts by Month

Posts by Category

What's played in the cave