|
翻译比较累,直接贴上原文:
6.3.1. Configuring port forwarding with NAT
As the virtual machine is connected to a private network internal to VirtualBox and invisible to the host, network services on the guest are not accessible to the host machine or to other computers on the same network. However, VirtualBox can make selected services available outside of the guest by using port forwarding. This means that VirtualBox listens to certain ports on the host and resends all packets which arrive on them to the guest on the ports used by the services being forwarded.
To an application on the host or other physical (or virtual) machines on the network, it looks as though the service being proxied is actually running on the host (note that this also means that you cannot run the same service on the same ports on the host). However, you still gain the advantages of running the service in a virtual machine -- for example, services on the host machine or on other virtual machines cannot be compromised or crashed by a vulnerability or a bug in the service, and the service can run in a different operating system than the host system.
You can set up a guest service which you wish to proxy using the command line tool VBoxManage. You will need to know which ports on the guest the service uses and to decide which ports to use on the host (often but not always you will want to use the same ports on the guest and on the host). You can use any ports on the host which are not already in use by a service. An example of how to set up incoming NAT connections to an ssh server on the guest requires the following three commands:
VBoxManage setextradata "Linux Guest"
"VBoxInternal/Devices/pcnet/0/LUN#0/Config/guestssh/Protocol" TCP
VBoxManage setextradata "Linux Guest"
"VBoxInternal/Devices/pcnet/0/LUN#0/Config/guestssh/GuestPort" 22
VBoxManage setextradata "Linux Guest"
"VBoxInternal/Devices/pcnet/0/LUN#0/Config/guestssh/HostPort" 2222
The above example assumes a PCNet virtual network card; if you have configured the guest to use the Intel PRO/1000, replace "pcnet" with "e1000" in the above commands. Similarly, if you want to configure a different interface instance replace the /0/ with the appropriate index. pcnet and e1000 are counted separately in this respect, and counting starts at 0 for both types.
The name guestssh is an arbitrary one chosen for this particular forwarding configuration. With that configuration in place, all TCP connections to port 2222 on the host will be forwarded to port 22 on the guest. Protocol can be either of TCP or UDP (these are case insensitive). To remove a mapping again, use the same commands, but leaving out the values (in this case TCP, 22 and 2222).
It is not possible to configure incoming NAT connections while the VM is running. However you can change the settings for a VM which is currently saved (or powered off at a snapshot). |
|