On Monday 6 June, 2011 06:44:39 [email protected] wrote: > On Sunday 5 June, 2011 06:53:24 [email protected] wrote: > > On Sunday 5 June, 2011 06:36:47 Tom Eastep wrote: > > > On 06/03/2011 09:01 PM, [email protected] wrote: > > > > On Friday 3 June, 2011 16:14:03 you wrote: > > > > > > >> martians are a routing problem, not a Shorewall configuration problem. > > > >> The routing table doesn't route 192.168.12.1 out of vboxnet0. > > > > > > > > Oh dear, in that case I have no idea what to do about it. > > > > > > I would start by fixing the IP configuration of vboxnet0. > > > > Understand, but no idea how to go about that. > > > > I am a long-time Debian user, and I have always edited > > /etc/network/interfaces and /etc/wpa_supplicant/wpa_supplicant.conf. > > vboxnet0 does not appear in these because it's a virtual interface created > > by VirtualBox. VirtualBox has a graphical setup for host-only networking, > > but there is no provision for routing. (attached) > > > > I checked and do have forwarding turned on, although I've forgotten where > > to do that. > > > > The routing table looks like this: > > # route > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric Ref Use > > Iface > > 192.168.1.0 * 255.255.255.240 U 0 0 0 wlan0 > > localnet * 255.255.255.0 U 0 0 0 > > wlan0 > > link-local * 255.255.0.0 U 1000 0 0 > > wlan0 > > default sirius.darkmatt 0.0.0.0 UG 0 0 0 > > wlan0 > > > > ... but I don't know what's missing nor where is the proper place to adjust > > it. vboxnet0 is a transient interface, so surely a permanent setting is > > not appropriate, wherever that would go. > > I've asked over in the VirtualBox forum, and no one has any idea. Looks like > I'm stuck.
So everyone is clear, it is not possible to set host-only networking and masquerade/NAT through the Linux host with VirtualBox, to avoid layer 2 attacks possible with bridging. The packets simply do not get transported through the host. ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
