Host para o problema de conexão unidirecional do convidado

Question

Host para o problema de conexão unidirecional do convidado

2

Eu tenho convidado executado na minha máquina no qemu com a configuração:

/usr/local/kvm/bin/qemu-system-x86_64 -enable-kvm -cpu host -smp 8 -hda ${TEST_VIRT_ENV_IMAGE} -m 4096 
-netdev user,id=user.0 -device e1000,netdev=user.0 
-net nic,model=e1000,vlan=1,macaddr=DE:AD:1E:00:00:01  
-net tap,vlan=1,ifname=tapvm01,script=no,downscript=no  
-net nic,model=e1000,vlan=2,macaddr=DE:AD:1E:00:00:02   
-net tap,vlan=2,ifname=tapvm02,script=no,downscript=no

Então, meu convidado ifconfig é o seguinte:

#: ifconfig
eth0    //.. not necessery used only to programming/testing

eth1   //.. not necessery used only to programming/testing

eth2      Link encap:Ethernet  HWaddr 52:54:00:12:34:56
      inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
      inet6 addr: fe80::5054:ff:fe12:3456/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:60 errors:0 dropped:0 overruns:0 frame:0
      TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:8611 (8.4 KiB)  TX bytes:14290 (13.9 KiB)

lo        Link encap:Local Loopback
      inet addr:127.0.0.1  Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING  MTU:16436  Metric:1
      RX packets:8 errors:0 dropped:0 overruns:0 frame:0
      TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:480 (480.0 B)  TX bytes:480 (480.0 B)

Então meu convidado usando eth2 com ip: 10.0.2.15 para acessar a internet. (e pode se conectar à internet)

Então minha máquina host está conectada por wlan0 à internet

#: ifconfig
eth0      //not necessery (wireless connection)

lo        Link encap:Local Loopback  
      inet addr:127.0.0.1  Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING  MTU:65536  Metric:1
      RX packets:2171145 errors:0 dropped:0 overruns:0 frame:0
      TX packets:2171145 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:3992926361 (3.9 GB)  TX bytes:3992926361 (3.9 GB)

virbr0    Link encap:Ethernet  HWaddr 02:3b:2b:ef:3b:11  
      inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
      UP BROADCAST MULTICAST  MTU:1500  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr dc:85:de:76:72:d7  
      inet addr:10.5.11.237  Bcast:10.5.11.255  Mask:255.255.255.0
      inet6 addr: fe80::de85:deff:fe76:72d7/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:658910 errors:0 dropped:0 overruns:0 frame:0
      TX packets:1524898 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:645562692 (645.5 MB)  TX bytes:464157688 (464.1 MB)

Então eu tenho a interface virbr0 para encaminhar pacotes para o meu convidado.

Em seguida, estou tentando permitir o login do ssh do meu host para o convidado:

iptables -t nat -I PREROUTING -d 10.5.11.237  -j DNAT --to-destination 10.0.2.15
iptables -t nat -I POSTROUTING -s 10.0.2.15 -j SNAT --to-source 10.5.11.237 
iptables -I FORWARD -p tcp -d 10.0.2.15 --dport 22 -j ACCEPT

mas depois disso eu não consigo me conectar ao meu convidado usando o ssh

#: ssh 10.0.2.15 -l root
ssh: connect to host 10.0.2.15 port 22: Connection timed out

mas posso fazer isso com meu convidado:

#: ssh 10.5.11.237 -l root
Welcome to Ubuntu....

Portanto, tenho roteamento de convidado para host, mas não de host para guest. O que eu perdi na minha configuração?

As regras do meu iptables aparecem como seguidas

#: iptables -vL -n
Chain INPUT (policy ACCEPT 2785 packets, 5113K bytes)
 pkts bytes target     prot opt in     out     source               destination         
0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:67

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            10.0.2.15            tcp dpt:22
    0     0 ACCEPT     all  --  *      virbr0  0.0.0.0/0            192.168.122.0/24     ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  virbr0 *       192.168.122.0/24     0.0.0.0/0           
    0     0 ACCEPT     all  --  virbr0 virbr0  0.0.0.0/0            0.0.0.0/0           
    0     0 REJECT     all  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    0     0 REJECT     all  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 2776 packets, 5117K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:68

por Mazeryt 07.04.2015 / 10:46

0 respostas

O que está causando meus problemas com o som no Ubuntu 14.04? Execute o script em vez de abrir o aplicativo (xdg-mime, gvfs-mime)