Gufw

Gufw not allowing Qemu Guest's packets (tun/tap)

Bug #424631 reported by mohan43u
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Gufw
Invalid
Undecided
Unassigned

Bug Description

While set up a tun/tap network with Ubuntu as host and lfslivecd as guest in Qemu, I got some problem. Here is the commands I used,

Ubuntu(host):
$ sudo qemu -cdrom lfslivecd -boot d -kernel-kqemu -m 512 -net nic -net tap &
$ sudo ifconfig tap0 192.168.10.1
$ sudo sysctl -w net.ipv4.ip_forward=1
$ sudo iptables -t nat -A POSTROUTING -j MASQUERADE

lfslivecd(guest):
$ ifconfig eth0 192.168.10.2
$ route add default gw 192.168.10.1

Both host and guest pinging each other properly.. but problem occurs when I tried to ping opendns's default servers from lfslivecd.

lfslivecd(guest):
$ ping -c 3 208.67.222.222
3 packets transmitted, 0 packets received, 100% packet loss

After disabling 'gufw', everything worked. And I added opendns's nameservers in resolv.conf

lfslivecd(guest):
$ cat > resolv.conf
nameserver 208.67.222.222
nameserver 208.67.220.220

It will be helpful if someone can write a rule to accept packets to go to Guest Instances in the default Gufw rules setup. Is accepting packets for Guest's, a security concern?

See original description
Revision history for this message
mohan43u (mohan43u) wrote :
description: updated
Revision history for this message
costales (costales) wrote :

Hi! I'm so sorry. The preconf services are full (by GNOME guide I must use 10 items max), and I think this isn't a commun issue.
Best regards mohan43u ;)

Changed in gui-ufw:
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.