Have you ever stumbled upon a cloned Linux system, in my case CentOS 6.5, where eth0 does not exist and eth1 isn’t started automatically?
When VMware clones a VM it gives its network card a new MAC address, ensuring that you don’t end up with several VMs with the same MAC. If your distro uses udev and it discoveres the new NIC, it gives it a different UUID, thus creating eth1 in the process, since it can’t match the MAC addresses and UUIDs of the NICs. This might break all sorts of scripts or configs.
Here is how to fix it:
- First we need to remove the discovered and assigned UUIDs from udev:
rm -f /etc/udev/rules.d/70-persistent-net.rules
- Secondly we need to edit the networking script for eth0:
Here you should change the old MAC address to the new one the VM got after cloning.
Thats it. eth0 should work as it used to on the parent VM.
thanks to William: http://www.envision-systems.com.au/blog/2012/09/21/fix-eth0-network-interface-when-cloning-redhat-centos-or-scientific-virtual-machines-using-oracle-virtualbox-or-vmware/
So, one of our domain printers was acting up and the printer department wanted me to sniff all the packets to and from the printer. So far so good, usually you could use a hub (still got one around? neither do I), or for example a switch with a monitoring or promiscuous port (not available? Welcome to the club!). Ok, now I could start arp spoofing the printer, but was too lazy to do that, besides: we have intrusion prevention up and running…
Take a good look at your machine. Is it a portable laptop like mine? Does it have any flavor of Unix or Linux on it? Well, so does mine, in this case Apple OS X (10.8.2). There’s got to be a way to bridge two ethernet interfaces, connect myself to the network and let the printer talk to the world through my laptop? You betcha!
Here’s what I did:
- grab one of those USB or Thunderbolt Ethernet Adapters
- ifconfig // to find out which interface is which
- sudo ifconfig en3 up // bring up the USB/Thunderbolt adapter, or it won’t work!
- sudo ifconfig bridge0 create
- sudo ifconfig bridge0 up
- sudo ifconfig bridge0 addm en0 addm en3
- sudo sysctl -w net.inet.ip.forwarding=1
It works! Now we can sniff away with tcpdump or wireshark for example, and are sure that no packet is going to escape us…
And to undo what we just did:
- sudo ifconfig bridge0 down
- sudo ifconfig bridge0 deletem en0 deletem en3
- sudo ifconfig bridge0 destroy
- sudo sysctl -w net.inet.ip.forwarding=0
Many thanks to Chrissy from netnerds, who set me on the right track with her post about NAT on OS X 🙂