:: Re: [DNG] Which qemu version is shi…
Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Mario Marietto
Fecha:  
A: Ralph Ronnquist
Cc: dng
Asunto: Re: [DNG] Which qemu version is shipped by default with devuan 3 ?
Ok. It worked. Can I ask you if using this method,freebsd is reachable from
outside its network ? If for example I want to start a web server inside
FreeBSD,can I reach the web page that it hosts if I try to connect to it
from my workstation ? I have some doubts that I can because the IP assigned
to it seems to be private (10.0.2.1) :

tap0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
       inet 10.0.2.1  netmask 255.255.255.0  broadcast 0.0.0.0
       ether 2a:00:9d:a5:77:07  txqueuelen 1000  (Ethernet)
       RX packets 0  bytes 0 (0.0 B)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 0  bytes 0 (0.0 B)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0



On Sun, Aug 20, 2023 at 12:51 PM Ralph Ronnquist <rrq@???> wrote:

> Should be "tap0" not "eth0" (of course). Sorry about that.
>
> On Sun, Aug 20, 2023 at 08:47:48PM +1000, Ralph Ronnquist wrote:
> > Ah, I forgot the "bring it up" command; you could verify this with
> >
> > # ipconfig -a
> >
> > That will present all interfaces; those that are down as well as those
> > that are up.
> >
> > The additional command is:
> >
> > # ip link set dev eth0 up
> >
> > .. usually to be done after adding it and setting its IP address, but
> > can be done after IP configuration as well.
> >
> > Ralph.
> >
> > You could verify beforhand with
> >
> > On Sun, Aug 20, 2023 at 12:27:30PM +0200, Mario Marietto wrote:
> > > Finally,after a lot of kernel recompilations,I've been able to issue
> all
> > > the commands suggested some time ago by @Ralph Ronnquist without
> getting
> > > errors :
> > >
> > > # ip tuntap add tap0 mode tap
> > > ok
> > >
> > > # ip address add 10.0.2.1/24 dev tap0
> > > ok
> > >
> > > # sysctl net.ipv4.ip_forward=1
> > > ok
> > >
> > > # net.ipv4.ip_forward = 1
> > > ok
> > >
> > > # iptables -t nat -A POSTROUTING -o mlan0 -j MASQUERADE
> > > ok
> > >
> > > Now,the problem is that I don't see any tap0 interface :
> > >
> > > # ifconfig
> > >
> > > docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
> > >        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
> > >        ether 02:42:c9:04:eb:64  txqueuelen 0  (Ethernet)
> > >        RX packets 0  bytes 0 (0.0 B)
> > >        RX errors 0  dropped 0  overruns 0  frame 0
> > >        TX packets 0  bytes 0 (0.0 B)
> > >        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

> > >
> > > lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
> > >        inet 127.0.0.1  netmask 255.0.0.0
> > >        inet6 ::1  prefixlen 128  scopeid 0x10<host>
> > >        loop  txqueuelen 1000  (Local Loopback)
> > >        RX packets 49  bytes 5414 (5.2 KiB)
> > >        RX errors 0  dropped 0  overruns 0  frame 0
> > >        TX packets 49  bytes 5414 (5.2 KiB)
> > >        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

> > >
> > > mlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
> > >        inet 192.168.1.6  netmask 255.255.255.0  broadcast 192.168.1.255
> > >        inet6 fe80::a200:9c1a:7783:969f  prefixlen 64  scopeid
> 0x20<link>
> > >        ether 60:21:c0:e9:44:63  txqueuelen 1000  (Ethernet)
> > >        RX packets 264  bytes 31934 (31.1 KiB)
> > >        RX errors 0  dropped 0  overruns 0  frame 0
> > >        TX packets 237  bytes 33545 (32.7 KiB)
> > >        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

> > >
> > > Is this normal ?
> > >
> > > On Thu, Aug 17, 2023 at 3:15 PM Mario Marietto <marietto2008@???
> >
> > > wrote:
> > >
> > > > Can someone help me,please,to understand how to fix it ?
> > > >
> > > > loziomario <https://www.reddit.com/user/loziomario/> :
> > > >
> > > > root@devuan:~# nft add table nat
> > > >
> > > > root@devuan:~# nft 'add chain nat postrouting { type nat hook
> postrouting
> > > > priority 100 ; }'
> > > >
> > > > Error: Could not process rule: No such file or directory
> > > >
> > > > deeseearr <https://www.reddit.com/user/deeseearr/> :
> > > >
> > > > Your table has no family.
> > > >
> > > > You are also trying to add a chain to a table called "postrouting"
> in the
> > > > "nat" family, which does not exist.
> > > >
> > > > All of your other rules are part of the "ip" family so this one
> should be
> > > > roo.
> > > >
> > > > On Wed, Aug 16, 2023 at 9:33 PM Mario Marietto <
> marietto2008@???>
> > > > wrote:
> > > >
> > > >> I've created a post on Reddit :
> > > >>
> > > >>
> https://www.reddit.com/r/devuan/comments/15swwij/neither_iptables_nor_nftable_are_working_for_me/
> > > >>
> > > >> where I tried to explain what my problem is. Unfortunately no one
> replied right now.
> > > >>
> > > >>
> > > >> On Wed, Aug 16, 2023 at 7:13 PM Mario Marietto <
> marietto2008@???>
> > > >> wrote:
> > > >>
> > > >>> They also suggest to check these kernel parameters :
> > > >>>
> > > >>> root@devuan:~# grep CONFIG_NF_TABLES_INET= /boot/config-`uname -r`
> > > >>> CONFIG_NF_TABLES_INET=y
> > > >>>
> > > >>> root@devuan:~# grep CONFIG_NFT_COUNTER= /boot/config-`uname -r`
> > > >>> CONFIG_NFT_COUNTER=y
> > > >>>
> > > >>> root@devuan:~# grep CONFIG_NFT_OBJREF= /boot/config-`uname -r`
> > > >>> CONFIG_NFT_OBJREF=y
> > > >>>
> > > >>> but they seem correct,right ?
> > > >>>
> > > >>>
> > > >>> On Wed, Aug 16, 2023 at 7:04 PM Mario Marietto <
> marietto2008@???>
> > > >>> wrote:
> > > >>>
> > > >>>> Reading from here :
> https://unix.stackexchange.com/questions/537912/nftables-rule-no-such-file-or-directory-error
> > > >>>>
> > > >>>> I tried to do the following :
> > > >>>>
> > > >>>> root@devuan:~# nft add table ip filter
> > > >>>>
> > > >>>> root@devuan:~# nft add chain ip filter INPUT { type filter hook
> input priority 0 \; } # create chain
> > > >>>> root@devuan:~# nft add rule ip nat POSTROUTING oifname "mlan0"
> counter masquerade
> > > >>>> Error: Could not process rule: No such file or directory
> > > >>>> add rule ip nat POSTROUTING oifname mlan0 counter masquerade
> > > >>>>             ^^^

> > > >>>>
> > > >>>> root@devuan:~# nft list ruleset
> > > >>>> table ip filter {
> > > >>>>         chain INPUT {
> > > >>>>                 type filter hook input priority filter; policy
> accept;
> > > >>>>         }
> > > >>>> }

> > > >>>>
> > > >>>>
> > > >>>>
> > > >>>> On Wed, Aug 16, 2023 at 6:58 PM Mario Marietto <
> marietto2008@???>
> > > >>>> wrote:
> > > >>>>
> > > >>>>> root@devuan:~# iptables-translate -t nat -A POSTROUTING -o
> eth0 -j
> > > >>>>> MASQUERADE
> > > >>>>> nft add rule ip nat POSTROUTING oifname "eth0" counter masquerade
> > > >>>>>
> > > >>>>> root@devuan:~# ifconfig
> > > >>>>>
> > > >>>>> lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
> > > >>>>>        inet 127.0.0.1  netmask 255.0.0.0
> > > >>>>>        inet6 ::1  prefixlen 128  scopeid 0x10<host>
> > > >>>>>        loop  txqueuelen 1000  (Local Loopback)
> > > >>>>>        RX packets 28  bytes 3449 (3.3 KiB)
> > > >>>>>        RX errors 0  dropped 0  overruns 0  frame 0
> > > >>>>>        TX packets 28  bytes 3449 (3.3 KiB)
> > > >>>>>        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

> > > >>>>>
> > > >>>>> mlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
> > > >>>>>        inet 192.168.1.6  netmask 255.255.255.0  broadcast
> > > >>>>> 192.168.1.255
> > > >>>>>        inet6 fe80::47b1:6a1e:c9a8:5e73  prefixlen 64  scopeid
> > > >>>>> 0x20<link>
> > > >>>>>        ether 50:22:c1:e9:44:63  txqueuelen 1000  (Ethernet)
> > > >>>>>        RX packets 656  bytes 59350 (57.9 KiB)
> > > >>>>>        RX errors 0  dropped 0  overruns 0  frame 0
> > > >>>>>        TX packets 351  bytes 35970 (35.1 KiB)
> > > >>>>>        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

> > > >>>>>
> > > >>>>> root@devuan:~# nft add rule ip nat POSTROUTING oifname "mlan0"
> > > >>>>> counter masquerade
> > > >>>>>
> > > >>>>> Error: Could not process rule: No such file or directory
> > > >>>>> add rule ip nat POSTROUTING oifname mlan0 counter masquerade
> > > >>>>>            ^^^

> > > >>>>>
> > > >>>>>
> > > >>>>>
> > > >>>>> On Wed, Aug 16, 2023 at 1:03 PM wirelessduck--- via Dng <
> > > >>>>> dng@???> wrote:
> > > >>>>>
> > > >>>>>>
> > > >>>>>>
> > > >>>>>> > On 16 Aug 2023, at 20:13, Mario Marietto <
> marietto2008@???>
> > > >>>>>> wrote:
> > > >>>>>> >
> > > >>>>>> > 
> > > >>>>>> > It's too much out of my knowledge. I'm not able to understand
> > > >>>>>> what's the correct syntax to use.
> > > >>>>>>
> > > >>>>>> The manpage for iptables-translate says it takes the same
> arguments
> > > >>>>>> as iptables. You can try:
> > > >>>>>>
> > > >>>>>> iptables-translate -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> > > >>>>>>
> > > >>>>>> and that should output the equivalent nftables command. I don’t
> have
> > > >>>>>> a terminal here to try that myself right now.
> > > >>>>>>
> > > >>>>>> Tom
> > > >>>>>> _______________________________________________
> > > >>>>>> Dng mailing list
> > > >>>>>> Dng@???
> > > >>>>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> > > >>>>>>
> > > >>>>>
> > > >>>>>
> > > >>>>> --
> > > >>>>> Mario.
> > > >>>>>
> > > >>>>
> > > >>>>
> > > >>>> --
> > > >>>> Mario.
> > > >>>>
> > > >>>
> > > >>>
> > > >>> --
> > > >>> Mario.
> > > >>>
> > > >>
> > > >>
> > > >> --
> > > >> Mario.
> > > >>
> > > >
> > > >
> > > > --
> > > > Mario.
> > > >
> > >
> > >
> > > --
> > > Mario.
> > _______________________________________________
> > Dng mailing list
> > Dng@???
> > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
>



--
Mario.