#!/bin/bash # # QEMU network interface configuration script. This utility needs to # be run as root, and will use the ip utility # # If you find yourself calling this script a lot, you can add the # the following to your /etc/sudoers file to be able to run this # command without entering your password each time: # # ALL=NOPASSWD: /path/to/runqemu-ifup # ALL=NOPASSWD: /path/to/runqemu-ifdown # # If you'd like to create a bank of tap devices at once, you should use # the runqemu-gen-tapdevs script instead. If tap devices are set up using # that script, the runqemu script will never end up calling this # script. # # Copyright (c) 2006-2011 Linux Foundation # # SPDX-License-Identifier: GPL-2.0-only # usage() { echo "sudo $(basename $0) " } if [ $EUID -ne 0 ]; then echo "Error: This script (runqemu-ifup) must be run with root privileges" exit 1 fi if [ $# -eq 2 ]; then echo "Warning: uid parameter is ignored. It is no longer needed." GROUP="$2" elif [ $# -eq 1 ]; then GROUP="$1" else usage exit 1 fi if taps=$(ip tuntap list 2>/dev/null); then tap_no=$(( $(echo "$taps" |cut -f 1 -d ":" | sed 's/tap//g' | sort -rn | head -n 1) + 1 )) ip tuntap add tap$tap_no mode tap group "$GROUP" && TAP=tap$tap_no fi if [ -z $TAP ]; then echo "Error: Unable to find a tap device to use" exit 1 fi IPTOOL=`which ip 2> /dev/null` if [ "x$IPTOOL" = "x" ]; then # better than nothing... IPTOOL=/sbin/ip fi if [ ! -x "$IPTOOL" ]; then echo "$IPTOOL cannot be executed" exit 1 fi IPTABLES=`which iptables 2> /dev/null` if [ "x$IPTABLES" = "x" ]; then IPTABLES=/sbin/iptables fi if [ ! -x "$IPTABLES" ]; then echo "$IPTABLES cannot be executed" exit 1 fi n=$[ (`echo $TAP | sed 's/tap//'` * 2) + 1 ] $IPTOOL addr add 192.168.7.$n/32 broadcast dev $TAP STATUS=$? if [ $STATUS -ne 0 ]; then echo "Failed to set up IP addressing on $TAP" exit 1 fi $IPTOOL link set dev $TAP up STATUS=$? if [ $STATUS -ne 0 ]; then echo "Failed to bring up $TAP" exit 1 fi dest=$[ (`echo $TAP | sed 's/tap//'` * 2) + 2 ] $IPTOOL route add to 192.168.7.$dest dev $TAP STATUS=$? if [ $STATUS -ne 0 ]; then echo "Failed to add route to 192.168.7.$dest using $TAP" exit 1 fi # setup NAT for tap0 interface to have internet access in QEMU $IPTABLES -A POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$n/32 $IPTABLES -A POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$dest/32 echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/conf/$TAP/proxy_arp $IPTABLES -P FORWARD ACCEPT echo $TAP