PDA

View Full Version : Please be gentle. Virtual PC with Red Hat 7.2, SEQ installed, need help with packets



weasel
01-28-2002, 09:28 AM
Well.. i know alot of people are not to thrilled with people using vmware or virtual pc to emulate linux for seq. Hey, if i had the money, or even thought i did, i would justr go buy a cheap second puter, but i don't (com'n tax return), so this is all i have, so please be nice.

I am running windows 2000, using virtual PC program to run a guest Linux 7.2 operating system. (could not get vmware to give me web access what-so-ever for some reason, so tried this one). Linux installed fine, SEQ installed fine, web access fine. I can start seq, but i get no packet info. Once i start, it says "filtering packets on device eth0, searching for eq client", then while running EQ in EQW, nothing happens in showeq. Nada, zip.

Now before i get bashed, i know that i am missing something, i am just not sure what i need to do. I know some people have used linux router to get it to work, though not understand how. Is there a program i can get for windows or linux to sniff and send to my linux? or? um.. hehe.. i dunno, thats why i need help.

high_jeeves
01-28-2002, 10:12 AM
Think networking. Virtual PC is using some flavor of NAT (probably) to send its information. It isnt listening to traffic coming from the windows side of the machine, it is probably filtering it out so that the Virtual PC and real PC "look" like two different systems. Virtual PC probably didnt include a promiscuous mode in their app, so there is no way (that I know of) to have Virtual PC listen to traffic not intended for it.

To sum up, no dice. There is no way to get this working. You need a second machine.

--Jeeves

weasel
01-28-2002, 10:51 AM
i know that people have got it to work in vmware though.. can similiar be done on virtual pc?

high_jeeves
01-28-2002, 01:03 PM
Only if it supports some mode where it doesnt filter traffic. Have you tried a TCP dump to see what you are getting? Try that and do web browsing from outside of Virtual PC, if you can get it to show you traffic, then is should work. You might want to check with the VirtualPC people for a promiscuous mode. To the best of my knowledge tho, it will not.

Anyone have different experiences with Virtual PC?

bonkersbobcat
01-28-2002, 01:38 PM
VMWare has three primary networking options: Bridged, NAT, and Host Only. Bridged means that your virtual machine is directly on the wire and has to have it's own real IP address (Well real to your network anyway) This address is seperate from that of your hosting machine; NAT means that VMWare runs its own NAT server and your VM shares the address of the host machine externally (getting a NATed address locally); Host Only means that an independent "wire" is created between your VM and the host environment that is not connected with the real network.

You have to use the first option (Bridged) to capture traffic on the real network from within your VM.

These options are set when you configure your virtual machines.

I haven't tried SEQ in this configuration, but tcpdump works fine and will see all traffic if you set the network interface to promiscuous mode.

VMWare is pretty cool. You can run linux in Windows, Windows in linux, linux in linux, or Windows in Windows. It also supports journaling of your VMs, meaning that you can fire up a VM, do a bunch of work, and then decide if you want to commit the work or roll back the entire session. Great for install and configuration testing. No, I don't work for them.

SeqTester
01-28-2002, 01:48 PM
Maybe this is a stupid Idea, but what about putting in 127.0.0.1 for IP address?

I never used an "Emulated" Unix to do SEQ but have played with Exide(sp?) for work on Win2k.

Good Luck!!

bonkersbobcat
01-28-2002, 01:52 PM
Keep in mind that VMWare does not emulate the operating system, it emulates the hardware -- right down to the BIOS. When you install linux or Windows (or anything else) in a virtual machine, you are running the real deal not an emulated version.

weasel
01-29-2002, 07:54 AM
I just did a complete fresh install of Windows XP. Dled and installed Vmware, did a red hat 7.2 guest OS.. Was able to get NAT networking to work fine, and installed show fine according to a guide on here. Now, cannot get showeq to packet sniff when i start EQ on eqw.

How do i setup bridged to work correctly? Please help, almost there!

WinXP.
Acatel DSL Modem.
WinXP PPPoe setup to replace nonworking in Winxp Enternet 300.

Thanks in advance!

high_jeeves
01-29-2002, 09:52 AM
WHoah! Important detail just popped out... are you running EQ over PPoE? If so, ShowEQ will not work. PPoE packets look different than standard TCP/IP (or UDP) packets. ShowEQ is not looking for PPoE packets. That could be your problem, please confirm that you are not running PPoE of your EQ machine?

--jeeves

weasel
01-29-2002, 05:16 PM
Well, when i installed winxp, i checked the compatibility and cound that my enternet software would not work for connecting. I found a guide to make winxp do it for me. http://www.annoyances.org/exec/show/article04-106

IS this a bad thing? Why? What can i do to solve it?

Weasel

weasel
01-29-2002, 05:28 PM
Been checking around for more info, Read this post made on another article..


Originally posted by fee
Your problem sounds like you are running a pppoe session from the EQ client. Regardless of how your showeq box is placed on the network this will be a problem. showeq can only decode ethernet packet types of regular IP over ethernet(ether type 0x0800). PPPoE, PPP or any other protocol use a different encapsulation that showeq is not written to decode properly. If you are stuck using PPPoE, you will need to set up some kind of router to manage the PPPoE link and forward the IP packets to the client, both a linux box or linksys could be used.

fee

I have heard of people doing this, would this work ya think and if so what would you recommend? I know there are router softwares you can download.. just not sure how to use them

fryfrog
01-29-2002, 06:01 PM
with a lot of work, freesco can do ppoe. if you want easy as heck, out of the box plug it in and go i would say just buy yourself a hardware router/firewall from the computer store. i may some day get one with the built in wireless/homepna/ethernet portion, as this would make for some fun, easy and flexible networking.

weasel
01-29-2002, 06:04 PM
problem is i am stuck with what i have, and cannot afford to go get any hardware routers or such, or i would just go get a new box to run linux. SO i need to do it all software wise

fryfrog
01-29-2002, 06:59 PM
well, if cash is short and you have a little time to learn, freesco (http://www.freesco.com) is a great floppy based linux distro that is a firewall / router. it runs on minimal hardware, which you probably have laying around in the trash somewhere (386+ 8mb+ ram). i believe that to use pppoe you will have to install to a HD... but, it doesn't need much. mine is on a 500mb hd just because that is the smallest functioning harddrive i have.

freescosoft.com (http://www.freescosoft.com) is an awsome place for information and such. i believe that somewhere there is the pppoe guide. pppoe is something i have NEVER done. it is somewhat more difficult than just setting up freesco for ethernet or modem routing, but it can and has been done by a lot of people.

i even went and found the url for you pppoe for freesco howto (http://www.freescosoft.com/home/extra-info/HOWTOs/PPPoE.htm)

weasel
01-29-2002, 07:13 PM
Checking it out now.. thanks =)

Question though.. would that still work since my DSL is on my host (winxp) and the linux is on the guest (VMWARE)?