[Qemu-devel] Feature request: option to disable protection in user mode networking

[Qemu-devel] Feature request: option to disable protection in user mode networking

[Mike MacCana]

Heya guys,

User mode networking is nifty++. I was wondering, though if it would be
possible to disable the guest OS protection as a runtime option. This
would allow users to set up, and test, their own firewalling on the
client systems. Personally, I'd like to be able to port scan a Windows
XP SP2 box in its default install and see what comes up.

Cheers,

Mike

Re: [Qemu-devel] Feature request: option to disable protection in user mode networking

[Lionel Ulmer]

> User mode networking is nifty++. I was wondering, though if it would be
> possible to disable the guest OS protection as a runtime option.

This is not possible as (AFAIK), QEMU's ethernet adaptator emulation layer
has absolutely no idea on which ports the guest OS is listening to. So to do
what you want, it would entail opening all possible ports on the QEMU side
and 'forward' them to the guest OS.

This is already possible, but I doubt that you want to DoS your Linux box by
using all possible ports :-)

            Lionel

-- 
		 Lionel Ulmer - http://www.bbrox.org/

Re: [Qemu-devel] Feature request: option to disable protection in user mode networking

[Johannes Schindelin]

Hi,

On Tue, 28 Sep 2004, Mike MacCana wrote:

> Personally, I'd like to be able to port scan a Windows XP SP2 box in its
> default install and see what comes up.

How about netstat?

Ciao,
Dscho

Re: [Qemu-devel] Feature request: option to disable protection in user mode networking

[John R. Hogerhuis]

On Thu, 2004-09-30 at 00:25, Lionel Ulmer wrote:
> > User mode networking is nifty++. I was wondering, though if it would be
> > possible to disable the guest OS protection as a runtime option.
> 
> This is not possible as (AFAIK), QEMU's ethernet adaptator emulation layer
> has absolutely no idea on which ports the guest OS is listening to. So to do
> what you want, it would entail opening all possible ports on the QEMU side
> and 'forward' them to the guest OS.
> 
> This is already possible, but I doubt that you want to DoS your Linux box by
> using all possible ports :-)
> 
>             Lionel

Why would you consider a "forward-all" option to be a DoS?

All cheapo NAT boxes have this and gamers who don't know any better
often use it to get games to work rather than finding the handful or
bank of ports they actually need to open. NAT is kind of analagous to
user-mode networking in QEMU, but not quite...

I think the real problem here is that to listen on a port, slirp (the
host) has to create a listening socket. If you want to effectively have
a "forward all" you would either have to have a listen open on every
port. Add to that the fact that some ports will already have listens on
them, and that as an average user qemu won't have access privileged
ports at all.

So I think the original poster needs to use TUN/TAP networking if he
wants to experiment with the guests's firewall.

-- John.

Re: [Qemu-devel] Feature request: option to disable protection in user mode networking

[Lionel Ulmer]

On Thu, Sep 30, 2004 at 12:57:11PM -0700, John R. Hogerhuis wrote:
> Why would you consider a "forward-all" option to be a DoS?

Because, as you explain later in your mail 'slirp [...] has to create a
listening socket [...] on every port.' which means that you won't be able to
start any application on the box which needs to listen to a port.

I agree that 'DoS' is maybe too big a word as 'listening' applications are
rare, but well, it would still be a pain in the ass to have all 65535
available ports taken by one application.

       Lionel

-- 
		 Lionel Ulmer - http://www.bbrox.org/