virtualbox.org

[JamesNorris]

Hi Team,

I have one use case. Can anyone help me which networking mode of the virtualbox help me execute it ?

I have one windows 64 bit host with ubuntu guest.

Now i want to intercept host traffic from guest, using wireshark. Which networking mode will support it ?

There can be two ways of achieving this,

1) If guest can see all traffic of host,
or
2) If i mirror some specific ports of host to guest.

Any help would be appreciated.

[socratis]

There's a combination of things that need to be done in order for this to work, it's not an easy one.

Your typical, default NAT works like this:

+-------+    +-------+
| Guest |--> | Host  |--> Router -> Internet
+-------+    +-------+

Your Guest *has* to go through the Host, it doesn't work the other way round.

Your Bridged mode means that the Guest is using a Host's NIC to access the Router:

+-------+
| Host  |---+-> Router -> Internet
+-------+   |
+-------+   |
| Guest |---+
+-------+

What you're looking for is to "cut" the Host-to-Router connection (red dashes in the diagram above) and establish a Host-to-Guest connection, something that's going to be running as a gateway to your Host:

+-------+
| Host  |   +-> Router -> Internet
+---+---+   |
    |       |
+---+---+   |
| Guest |---+
+-------+

That gateway from what I've seen proposed time and time again is called pfSense and it's running in your Guest. Search for "pfSense site:forums.virtualbox.org" and read the instructions in the topics that you'll find.


We should make a HowTo for this someday...

[JamesNorris]

Hi Socratis,

Thank you very much for your reply. I am going to try it today.