Honeypots mailing list archives
Re: Usermode Linux and Bridging host
From: Richard Stevens <mail () richardstevens de>
Date: Sun, 6 Apr 2003 11:47:38 +0200
Hi, after the nice mails I received as help, I finally managed to get Bridging up successfully and it works well. I use the following script on the hostsystem with one physical interface (eth0) that is not configured at boot: -------------------------- #!/bin/sh echo Bringing up Network echo Creating tundevice tunctl -ttap0 echo Bringing up interfaces ifconfig eth0 up ifconfig tap0 up echo Bringing up bridge brctl addbr br0 brctl addif br0 eth0 brctl addif br0 tap0 brctl stp br0 on ifconfig br0 up -------------------------- If you need the Hostsystem to be accessible from the outside, modify the last ifconfig command and give br0 an IP. Of course you might also need to set up routing. I've set up my host (inittab) to only aquire the first four consoles (ALT+F1-F4) and start my uml instance at boot automatically with the following command. ./linux con0=tty:/dev/tty5 con1=tty:/dev/tty6 eth0=tuntap,tap0,fe:fd:f0:00:00:01 mem=512M umid=debian & This will grab tty5 and tty6 wich allows you to log into the uml instance via ALT+F5 and ALT+F6. I configured umid as debian to allow shutdown of the uml instance via ctrl-alt-delete sent to the uml instance with uml_mconsole. Within the uml instance I configured the ctrl-alt-delete hook in inittab to shutdown instead of the default reboot operation. Relevant for the bridging stuff to work is the eth0 part. The way it works here, the uml instance will use a preconfigured tap0 interface and assign it the MAC-address fe:fd:f0:00:00:01. Then you can assign eth0 any IP you like via the mechanisms of your distribution. I use a debian uml root_fs and I just assigned the relevant information in /etc/network/interfaces and enabled auto for it to be configured at boot. Right now, my uml instance will be run as root. That's my next step to change. For that to work I will at least have to change the tunctl line and add -u <user> to it to change ownership of the tap0 device within the hostsystem. That's something you have to keep in mind. I'm not sure what your problem is, since I'm new to all this as well but hopefully this example wich works perfectly for me, helps you a little anyways. You might also have a look at the rc.firewall script provided by The Honeynet Project. It takes care of setting up the interfaces when used in bridging mode. I found that out after asking questions and trying around myself. Sometimes the information is just there and you don't see it :-) Good luck, Richard
Attachment:
_bin
Description: signature
Current thread:
- Usermode Linux and Bridging host Richard Stevens (Apr 03)
- <Possible follow-ups>
- Re:Usermode Linux and Bridging host Shaiful (Apr 05)
- Re: Usermode Linux and Bridging host Richard Stevens (Apr 06)