/etc/network/interfaces

auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
    address 134.50.1.2
    netmask 255.255.0.0
    gateway 134.50.1.254
    bridge_ports eth0 vbox0 vbox1

# The loopback network interface
auto lo
iface lo inet loopback

/etc/vbox/interfaces

vbox0 lundeen br0
vbox1 lundeen br0

Awesome, now firewall rules work. In the vulnbox, I give myself an ip address. On the host, I set up very strict firewall rules using iptables.

Another big issue is auto-restore. Since the class often gets an address wrong, the vulnbox often crashes.

The following will shut the box down, revert to a snapshot, and turn it back on.

/usr/bin/VBoxManage controlvm vulnxp poweroff;
sleep 5;
/usr/bin/VBoxManage snapshot vulnxp discardcurrent -state
sleep 10;
/usr/bin/VBoxManage startvm vulnxp

Anyway, I put this in crontab to do every 20 minutes.

0,20,40 * * * * /path/to/virtualscript

I found this at http://www.linuxweblog.com/virtualbox-host-networking.

“”"

This is how I got host networking for VirtualBox and have it setup to use bridging on FedoraCore 6 host. This allows for two way traffic between the host and the guest. You will need bridge-utils and uml-utilities.

The first step is to configure the host with a bridge and a tap device. With this only the bridge will get an IP address and not the ethX nor the tapX device.

I am using dhcp to assign the IP addresses so the basic commands on the host are as below and can be put in the rc.local file for it to come up on boot:

You should now be able to use host networking in VirtualBox, just change “attached to” to “host interface” and add the interface name of “tap0″ in your networking settings for the guest.

Notes:

If you’re using a firewall on your host, make sure to turn it off when testing network setup.
I have had success with using APF as firewall which seems compatible with bridging.

References:

1. VirtualBox
2. Bridge
3. uml-utilities
4. 2.6.6 UML setup
   

“”"

Though this is very self-explanatory… and I hate to repost it here … I thought it was cool enough it deserved a post.

My script is nearly identical, I just don’t use dhcp.

#!/bin/sh

# VirtualBox Bridging

# load the tun module
modprobe tun

# Create a tap device with permission for the user running vbox
tunctl -t tap0 -u lundeen
chmod 666 /dev/net/tun

# Bring up ethX and tapX in promiscuous mode
ifconfig eth0 0.0.0.0 promisc
ifconfig tap0 0.0.0.0 promisc

# Create a new bridge and add the interfaces to the bridge.
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 tap0

# Give the bridge a dhcp address.
ifconfig br0 192.168.1.22
route add default gw 192.168.1.1 dev br0

It works like a charm though.  To add more, just add more tun devices.  I am using this to test samba, test SPA, and I’m sure I’ll use it for more things – it’s an incredibly useful trick.

Also, hands down I prefer Virtualbox to VMware.  I highly recommend anyone to give it a try.   The integration is better (well, I like vmware player’s integration, not vmware server, but vmware player is fairly useless), the networking is more flexable in Virtualbox, I find it more intuitive, you get unlimited snapshots, and I’m sure there’s more.  Hey, it’s open source.