vkernel and testing IP Filter

Michael Neumann mneumann at ntecs.de
Fri Jun 13 09:25:59 PDT 2008


Jeremy C. Reed wrote:
I am hoping I can use vkernel on leaf or pkgbox to do some IP Filter 
coding.

Can a vkernel be used to test packet filtering, networking and tcpdump?

Or maybe as an alternative, I could do my testing within bochs or gxemul 
environment and use kernel module(s) -- so I don't have to continually 
reboot my system for testing.
I am using qemu and it works well.

If your host machine is FreeBSD, you can nat the qemu-internal network
to the internet using the following in your rc.conf:
  cloned_interfaces="tap0"
  ifconfig_tap0="inet 192.168.3.1 netmask 255.255.255.0 up"
  gateway_enable="YES"
  firewall_enable="YES"
  firewall_type="OPEN"
  natd_enable="YES"
  natd_interface="rum0"
  natd_flags="-same_ports"
Just replace "rum0" with your interface that is contected with the
internet. Then start qemu with:
  qemu -m 256 -localtime -boot c \
       -hda disk1.img \
       -net nic -net tap,ifname=tap0,script=no
You can run this as normal user. But notice that when you quit qemu you
have to set the inet address for tap0 again (ifconfig tap0 inet
192.168.3.1). Assign 192.168.3.2 to your qemu-DragonFly box and voila,
you can ssh into it from outside.
You could also use bridging, but this doesn't seem to work for wireless
interfaces.
Regards,

  Michael





More information about the Users mailing list