lost promiscuous mode on update to 4.0.6

[j2sc]

Host Ubuntu 10.04
Started with vbox 3...., have upgraded vbox without issues to 4.0.4 running as user.

Running a mail & file server in a vm as bridge.
Running an NST distro in another vm as bridge on eth0 with snort that has always 'seen' all traffic on the network up to vb 4.0.4.

After upgrading on Friday through the ubuntu update manager to virtualbox 4.0.6 the nst distro seems to have lost the ability to read all the network traffic, the only traffic seen by snort and ntop is the local destined traffic to the vm ip.

I noticed this in the release notes;
Host-Only & Bridged & Internal Networking: fix for processing promiscuous mode requests by VMs, defaulting to switch behaviour

Could this be the cause of my issue?

Any ideas on what I can do to fix this loss of ability to read all the network traffic?

[frank]

If you want the old behavior back then do

VBoxManage setextradata VM_NAME "VBoxInternal/Devices/pcnet/0/LUN#0/Config/IfPolicyPromisc" "allow-all"

This line is for the first PCNet card of your guest. Replace "pcnet" by "e1000" if your VM uses an E1000 card. The next major release will allow to use VBoxManage modifyvm but this was not possible to implement for VBox 4.0.

[cnewkirk]

I'm having the exact same problem. I ran the VBoxManage command, and I can see that it placed the ExtraData in the .vbox file, but now I can't start my VM, unless I remove the setting. I get the following error:

Failed to open a session for the virtual machine TTC.

Configuration error: Failed to get MAC address
(VERR_CFGM_VALUE_NOT_FOUND).

Unknown error creating VM (VERR_CFGM_VALUE_NOT_FOUND).

Details
ResultCode: NS_ERROR_FAILURE (0x800004005)
Component: Console
Interface: IConsole {515e8e8d-f932-4d8e-4d8e-9f32-79a52aead882}

Is this because I'm trying to change an existing VM? If so, what are my options? I'd really rather not have to rebuild the VM, but I will if I have to.

[Perryg]

@cnewkirk,
Make sure that you use e1000 if the adapter is set to Intel and this does not work if you are using NAT.

[cnewkirk]

Thanks Perry, that got it started, but still didn't resolve my problem... I suspect I added the promiscuous mode on the wrong interface. I'm using 3 interfaces in my VM, so I suppose I need to run this command against the correct interface.

Having said that, can you explain this part of the command to me:

Code: Select all

"VBoxInternal/Devices/e1000/0/LUN#0/Config/IfPolicyPromisc"

I'm guessing the /0/ after the /e1000/ somehow refers to the "slot" that the interface is using? But what about the LUN#0?

EDIT*
I need the third interface (<Adapter slot="2" ...) to be in a promiscuous mode.

[Perryg]

The /0/ is the slot number 0=1st 1=2nd and so on, or the adapter numbers. The lun# (logical unit number) should be 0 but I can't test this at the moment. I have my 3 hosts working on dev version at the moment. See if setting the slot properly works.

[cnewkirk]

Ok, that did the trick (sort of). Turns out I actually had to set two of the interfaces to allow promiscuous mode.

For anyone else who comes across this from Google or wherever, I have a server installed in a VM that uses 3 nics. Two of which are used as an inline bridge that passes traffic through it (internal and external). These NICs don't have IP addresses, so that's the reason for the third NIC. The Internal NIC and the Management NIC (the only one with an IP address) are both attached to the Internal Network (intnet) and the External NIC is Attached to the Bridged adapter. In <4.0.6, this configuration worked great and any VMs attached to the Internal Network were able to connect to the outside (through the bridge). As of version 4.0.6, I have to manually set both the Internal and External adapters to promiscuous mode to get any network traffic to pass through.

Thank you for your help Perryg!!!

[Perryg]

There you go. As I said it should work, but could not actually test it for you because all of my hosts at the moment are using the dev version and promiscuous settings are already in the main manager. Glad you got it going.