Sharing the host Internet with VM
by Jason.nix from LinuxQuestions.org on (#6D2BV)
Hello,
I want to share my Linux host Internet with a VM. I selected Host-only Adapter for my VM in the network settings. A Virtual NIC created on my Linux host as the following:
Code:$ sudo ifconfig
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.21.50.67 netmask 255.255.255.128 broadcast 172.21.50.127
inet6 fe80::211:3bff:fe15:4a32 prefixlen 64 scopeid 0x20<link>
ether 00:11:3b:15:4a:32 txqueuelen 1000 (Ethernet)
RX packets 490521 bytes 434348848 (414.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 236070 bytes 64923558 (61.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 124065 bytes 184144591 (175.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 124065 bytes 184144591 (175.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vboxnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.56.1 netmask 255.255.255.0 broadcast 192.168.56.255
inet6 fe80::800:27ff:fe00:0 prefixlen 64 scopeid 0x20<link>
ether 0a:00:27:00:00:00 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1310 bytes 209400 (204.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0My current iptables rules on the host are:
Code:$ sudo iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 127.0.0.0/8 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
SYN_FLOOD tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:9050
Chain FORWARD (policy DROP)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere
ACCEPT udp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere
Chain SYN_FLOOD (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere limit: avg 5/sec burst 10
DROP all -- anywhere anywhereI did the following iptables rules on the host to forward the host Internet with my VM:
Code:# iptables -A FORWARD -o eth1 -i vboxnet0 -s 192.168.56.0/24 -m conntrack --ctstate NEW -j ACCEPT
# iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADEThen, I added net.ipv4.ip_forward=1 line to the /etc/sysctl.conf file and did:
Code:# sysctl -pBut, my VM has not the Internet. Why?
I found another iptables rule, but I got an error:
Code:# iptables -t nat -A POSTROUTING -s vboxnet0 -o eth1 -j MASQUERADE
iptables v1.8.7 (nf_tables): host/network `vboxnet0' not foundHow solve it?
Thank you.
I want to share my Linux host Internet with a VM. I selected Host-only Adapter for my VM in the network settings. A Virtual NIC created on my Linux host as the following:
Code:$ sudo ifconfig
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.21.50.67 netmask 255.255.255.128 broadcast 172.21.50.127
inet6 fe80::211:3bff:fe15:4a32 prefixlen 64 scopeid 0x20<link>
ether 00:11:3b:15:4a:32 txqueuelen 1000 (Ethernet)
RX packets 490521 bytes 434348848 (414.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 236070 bytes 64923558 (61.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 124065 bytes 184144591 (175.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 124065 bytes 184144591 (175.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vboxnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.56.1 netmask 255.255.255.0 broadcast 192.168.56.255
inet6 fe80::800:27ff:fe00:0 prefixlen 64 scopeid 0x20<link>
ether 0a:00:27:00:00:00 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1310 bytes 209400 (204.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0My current iptables rules on the host are:
Code:$ sudo iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 127.0.0.0/8 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
SYN_FLOOD tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:9050
Chain FORWARD (policy DROP)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere
ACCEPT udp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere
Chain SYN_FLOOD (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere limit: avg 5/sec burst 10
DROP all -- anywhere anywhereI did the following iptables rules on the host to forward the host Internet with my VM:
Code:# iptables -A FORWARD -o eth1 -i vboxnet0 -s 192.168.56.0/24 -m conntrack --ctstate NEW -j ACCEPT
# iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADEThen, I added net.ipv4.ip_forward=1 line to the /etc/sysctl.conf file and did:
Code:# sysctl -pBut, my VM has not the Internet. Why?
I found another iptables rule, but I got an error:
Code:# iptables -t nat -A POSTROUTING -s vboxnet0 -o eth1 -j MASQUERADE
iptables v1.8.7 (nf_tables): host/network `vboxnet0' not foundHow solve it?
Thank you.