Debian Testing host, Winduhs XP guest. Winduhs is not allowed to directly access The Internets, and I am not setting up bridging as that makes it possible for the guest to mount layer 2 attacks on the LAN.
I need for the guest to tunnel through the host without being able to see anything on the host, so it can then get access to The Internets, while being protected by iptables (Shorewall).
Used to be with VMware I had host-only set and the guest in a different class c (192.168.2.1) from the host (192.168.1.1) I turned on ipforwarding, set Shorewall rules, and it all worked. Now I have everything set with VirtualBox, and it does not work. Guest can ping its interface but not host. Host can ping vboxnet0. Host is supposed to masquerade guest's 192.168.2.1 through to the default out at 192.168.1.1, but it's not. I think a clue is in routing, but I don't know what's wrong.
Code: Select all
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.11.0 * 255.255.255.240 U 0 0 0 wlan0
localnet * 255.255.255.0 U 0 0 0 wlan0
link-local * 255.255.0.0 U 1000 0 0 wlan0
default sirius.darkmatt 0.0.0.0 UG 0 0 0 wlan0