lsmod|grep tun
modprobe tun
chmod 777 /etc/qemu-ifup
[root@host-10-6-6-4 gentoo]# cat /etc/qemu-ifup #!/bin/sh # # Copyright IBM, Corp. 2010 # # Authors: # Anthony Liguori <[email protected]> # # This work is licensed under the terms of the GNU GPL, version 2. See # the COPYING file in the top-level directory. # Set to the name of your bridge BRIDGE=br0 # Network information NETWORK=192.168.53.0 NETMASK=255.255.255.0 GATEWAY=192.168.53.1 DHCPRANGE=192.168.53.2,192.168.53.254 # Optionally parameters to enable PXE support TFTPROOT= BOOTP= do_brctl() { brctl "$@" } do_ifconfig() { ifconfig "$@" } do_dd() { dd "$@" } do_iptables_restore() { iptables-restore "$@" } do_dnsmasq() { dnsmasq "$@" } check_bridge() { if do_brctl show | grep "^$1" > /dev/null 2> /dev/null; then return 1 else return 0 fi } create_bridge() { do_brctl addbr "$1" do_brctl stp "$1" off do_brctl setfd "$1" 0 do_ifconfig "$1" "$GATEWAY" netmask "$NETMASK" up } enable_ip_forward() { echo 1 | do_dd of=/proc/sys/net/ipv4/ip_forward > /dev/null } add_filter_rules() { do_iptables_restore <<EOF # Generated by iptables-save v1.3.6 on Fri Aug 24 15:20:25 2007 *nat :PREROUTING ACCEPT [61:9671] :POSTROUTING ACCEPT [121:7499] :OUTPUT ACCEPT [132:8691] -A POSTROUTING -s $NETWORK/$NETMASK -j MASQUERADE COMMIT # Completed on Fri Aug 24 15:20:25 2007 # Generated by iptables-save v1.3.6 on Fri Aug 24 15:20:25 2007 *filter :INPUT ACCEPT [1453:976046] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1605:194911] -A INPUT -i $BRIDGE -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -i $BRIDGE -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i $BRIDGE -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -i $BRIDGE -p udp -m udp --dport 53 -j ACCEPT -A FORWARD -i $1 -o $1 -j ACCEPT -A FORWARD -s $NETWORK/$NETMASK -i $BRIDGE -j ACCEPT -A FORWARD -d $NETWORK/$NETMASK -o $BRIDGE -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -o $BRIDGE -j REJECT --reject-with icmp-port-unreachable -A FORWARD -i $BRIDGE -j REJECT --reject-with icmp-port-unreachable COMMIT # Completed on Fri Aug 24 15:20:25 2007 EOF } start_dnsmasq() { do_dnsmasq \ --strict-order \ --except-interface=lo \ --interface=$BRIDGE \ --listen-address=$GATEWAY \ --bind-interfaces \ --dhcp-range=$DHCPRANGE \ --conf-file="" \ --pid-file=/var/run/qemu-dnsmasq-$BRIDGE.pid \ --dhcp-leasefile=/var/run/qemu-dnsmasq-$BRIDGE.leases \ --dhcp-no-override \ ${TFTPROOT:+"--enable-tftp"} \ ${TFTPROOT:+"--tftp-root=$TFTPROOT"} \ ${BOOTP:+"--dhcp-boot=$BOOTP"} } setup_bridge_nat() { if check_bridge "$1" ; then create_bridge "$1" enable_ip_forward add_filter_rules "$1" start_dnsmasq "$1" fi } setup_bridge_vlan() { if check_bridge "$1" ; then create_bridge "$1" start_dnsmasq "$1" fi } setup_bridge_nat "$BRIDGE" if test "$1" ; then do_ifconfig "$1" 0.0.0.0 up do_brctl addif "$BRIDGE" "$1" fi [root@host-10-6-6-4 gentoo]#
qemu-system-i386 -hda gentoo.img -boot order=d -cdrom install-x86-minimal-20141125.iso -m 1024 -net nic,macaddr=00:16:3e:22:22:22 -net tap -localtime -vnc 10.6.6.4:1 & #dnsmasq --strict-order --except-interface=lo --interface=br0 --listen-address=192.168.53.1 --bind-interfaces --dhcp-range=192.168.53.2,192.168.53.254 --conf-file= --pid-file=/var/run/qemu-dnsmasq-br0.pid --dhcp-leasefile=/var/run/qemu-dnsmasq-br0.leases --dhcp-no-override
参考
http://wiki.qemu.org/Documentation/Networking/NAT#Overview