Prev: DNS questions
Next: sudo with redirection [was: Trouble with X11 over SSH on Mandriva 2010.0]
From: bl8n8r on 3 Mar 2010 06:53
#!/bin/bash
brctl addbr br0
tunctl -u kvm -t qtap0

brctl addif br0

ifconfig qtap0 promisc arp 0.0.0.0 up
ifconfig eth1 promisc arp 0.0.0.0 up

brctl addif br0 eth1
ifconfig br0 192.168.1.220/24
route add default gw 192.168.1.254
brctl addif br0 qtap0

brctl show

/usr/bin/vde_switch --tap qtap0 --daemon --group vde2-net --mod 775 --
mgmtmode 770 --pidfile /var/run/vde_switch.pid

--------------------------
# All DHCP now gets sent to lan
echo 1 > /proc/sys/net/ipv4/ip_forward
--------------------------
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT
[0:0]
:LOCAL - [0:0]
:WAN - [0:0]
:KVM - [0:0]
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -j KVM
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A LOCAL -p tcp -m tcp --dport 22 -j ACCEPT
-A LOCAL -j REJECT --reject-with icmp-host-prohibited
-A LOCAL -j LOG
-A WAN -p tcp -m tcp --dport 80:85 -j ACCEPT
-A KVM -i br0 -o br0 -j ACCEPT
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -m state --state RELATED,ESTABLISHED -j ACCEPT
-A POSTROUTING -o qtap0 -j MASQUERADE
COMMIT



 | 
Pages: 1
Prev: DNS questions
Next: sudo with redirection [was: Trouble with X11 over SSH on Mandriva 2010.0]