Put in /etc/qemu/bridge.conf
:
allow bridge0
Run as
sudo ./bridge-up.sh
sudo ./firewall.sh
./qemu.sh
sudo ./bridge-down.sh
#!/bin/sh | |
# bridge-down, run with sudo | |
ip link del bridge0 |
#!/bin/sh | |
# bridge-up, run with sudo | |
sysctl net.ipv4.ip_forward=1 | |
ip link add name bridge0 type bridge | |
ip link set bridge0 up | |
ip addr add 192.168.167.1/24 dev bridge0 |
#!/bin/sh | |
# iptables, run with sudo | |
IPT=$(which iptables) | |
IF_INT1="bridge0" | |
IF_EXT="wlp3s0" | |
NET_INT0="192.168.167.0/24" | |
IP_EXT="192.168.0.104" | |
HTTP=80 | |
HTTPS=443 | |
SSH=22 | |
# Cleanup ifconfig rules | |
$IPT -F | |
$IPT -X | |
$IPT -Z | |
# Cleanup nat table | |
$IPT -t nat -F | |
$IPT -t nat -X | |
$IPT -t nat -Z | |
# Cleanup postrouting also | |
$IPT -t nat -F POSTROUTING | |
# Allow internal and external forwarding | |
$IPT -A FORWARD -i $IF_EXT -o $IF_INT1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT | |
$IPT -A FORWARD -i $IF_INT1 -o $IF_EXT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT | |
# NAT itself | |
$IPT -t nat -A POSTROUTING -s $NET_INT0 -o $IF_EXT -j SNAT --to-source $IP_EXT |
#!/bin/sh | |
disk="alpine.raw" | |
graphics="-vga std" | |
macaddr="DE:AD:BE:EF:4F:9D" | |
exec qemu-system-x86_64 \ | |
-machine type=q35,accel=kvm \ | |
-cpu host \ | |
-smp 1 \ | |
-enable-kvm \ | |
-drive file=$disk,format=raw \ | |
-netdev bridge,id=net0,br=bridge0 \ | |
-device e1000,netdev=net0 \ | |
-m 512M \ | |
-usb -device usb-tablet \ | |
-name Alpine\ Linux \ | |
-boot d \ | |
$graphics \ | |
"$@" \ | |
& |