一、QEMU的运行模式
直接摘抄自己《揭秘家用路由器0day漏洞挖掘技术》,网上查了一下也没有找到令人满意的QEMU的使用说明,就采用这本书上的介绍。如果后期能够找到比较满意的QEMU的使用方法的说明,再添加上来。
QEMU模拟器主要有两种比较常见的运作模式:User Mode(使用者模式)、System Mode(系统模式)。User Mode模式下,用户只需要将各种不同平台的处理编译得到的Linux程序放在QEMU虚拟中运行即可,其他的事情全部由QEMU虚拟机来完成,不需要用户自定义内核和虚拟磁盘等文件;System Mode模式下,最明显的特点是用户可以为QEMU虚拟机指定运行的内核或者虚拟硬盘等文件,简单来说系统模式下QEMU虚拟机是可根据用户的要求配置的。
二、QEMU在使用者模式下执行程序
当程序是静态编译(gcc编译的时候,加了静态编译选项 "-static" )完成,运行时 不需要依赖动态链接库
1. # 查看可执行程序hello的文件类型MIPS32
2. $ file hello
3. hello: ELF 32-bit MSB executable, MIPS, MIPS32 version 1 (SYSV), statically linked, not stripped
4.
5. $ cp $(which qemu-mips) ./
6.
7. # 使用qemu-mips加载hello程序
8. $ ./qemu-mips hello "Hello World"
9. Hello World
执行结果截图:
当程序是动态编译(gcc编译的时候,没有静态编译选项 "-static" )完成,程序运行时 需要依赖动态链接库
1. # 查看即将执行的文件的类型
2. $ file bin/busybox
3.
4. # 拷贝qemu-mips到当前目录
5. $ cp $(which qemu-mips) ./
6.
7. # 直接运行报错
8. $ ./qemu-mips bin/busybox
9.
10. # 更改QEMU-MIPS执行的根目录到当前目录
11. $ sudo chroot . ./qemu-mips ./bin/busybox执行的结果截图:
QEMU使用者模式下使用的命令行帮助,以 qemu-mipsel 为例:
1. fly2016@ubuntu:~$ qemu-mipsel --help
2. usage: qemu-mipsel [options] program [arguments...]
3. Linux CPU emulator (compiled for mipsel emulation)
4.
5. Options and associated environment variables:
6.
7. Argument Env-variable Description
8. -h print this help
9. -help
10. -g port QEMU_GDB wait gdb connection to 'port'
11. -L path QEMU_LD_PREFIX set the elf interpreter prefix to 'path'
12. -s size QEMU_STACK_SIZE set the stack size to 'size' bytes
13. -cpu model QEMU_CPU select CPU (-cpu help for list)
14. -E var=value QEMU_SET_ENV sets targets environment variable (see below)
15. -U var QEMU_UNSET_ENV unsets targets environment variable (see below)
16. -0 argv0 QEMU_ARGV0 forces target process argv[0] to be 'argv0'
17. -r uname QEMU_UNAME set qemu uname release string to 'uname'
18. -B address QEMU_GUEST_BASE set guest_base address to 'address'
19. -R size QEMU_RESERVED_VA reserve 'size' bytes for guest virtual address space
20. -d item[,...] QEMU_LOG enable logging of specified items (use '-d help' for a list of items)
21. -D logfile QEMU_LOG_FILENAME write logs to 'logfile' (default stderr)
22. -p pagesize QEMU_PAGESIZE set the host page size to 'pagesize'
23. -singlestep QEMU_SINGLESTEP run in singlestep mode
24. -strace QEMU_STRACE log system calls
25. -seed QEMU_RAND_SEED Seed for pseudo-random number generator
26. -trace QEMU_TRACE [[enable=]<pattern>][,events=<file>][,file=<file>]
27. -version QEMU_VERSION display version information and exit
28.
29. Defaults:
30. QEMU_LD_PREFIX = /usr/gnemul/qemu-mipsel
31. QEMU_STACK_SIZE = 8388608 byte
32.
33. You can use -E and -U options or the QEMU_SET_ENV and
34. QEMU_UNSET_ENV environment variables to set and unset
35. environment variables for the target process.
36. It is possible to provide several variables by separating them
37. by commas in getsubopt(3) style. Additionally it is possible to
38. provide the -E and -U options multiple times.
39. The following lines are equivalent:
40. -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG
41. -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG
42. QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG
43. Note that if you provide several changes to a single variable
44. the last change will stay in effect.三、QEMU的系统模式使用
QEMU运行在系统模式下,需要为QEMU指定 内核镜像、IDE硬盘0/1镜像、内核命令行 等参数,QEMU虚拟机才能正常运行。Debian官网提供了QEMU虚拟机各种平台架构的内核镜像、硬盘文件镜像文件的下载
这里以下载 mips大端机 的虚拟机镜像文件为例,点击进去以后会发现mips虚拟机镜像文件的下载说明。我们根据mips虚拟机镜像文件的使用命令参数进行选择性的下载。
1. Debian Squeeze and Wheezy mips images for QEMU
2. ==============================================
3.
4. This directory contains Debian Squeeze and Wheezy mips images for QEMU and
5. the corresponding kernels and initrds:
6. 1d58f831f5e5064753c0c138d8d74057 debian_squeeze_mips_standard.qcow2
7. cb56139b63b88fdb38776051d28bb750 vmlinux-2.6.32-5-4kc-malta
8. 7165e80b0e5c5c3e40f2ca46401373ce vmlinux-2.6.32-5-5kc-malta
9. bf699f435160b0bd9ac62905fa64701e debian_wheezy_mips_standard.qcow2
10. 1fecbe19ff49a6fd715901483b23647c vmlinux-3.2.0-4-4kc-malta
11. 19e6e853d4a7a7b9ed5e787b7f875835 vmlinux-3.2.0-4-5kc-malta
12.
13. Both images are 25GiB images in QCOW2 format on which a Debian Squeeze or
14. Wheezy "Standard system" installation has been performed. The other
15. installation options are the following:
16. - Keyboard: US
17. - Locale: en_US
18. - Mirror: ftp.debian.org
19. - Hostname: debian-mips
20. - Root password: root
21. - User account: user
22. - User password: user
23.
24. To use this image, you need to install QEMU 1.1.0 (or later). Start QEMU
25. with the following arguments for a 32-bit machine:
26. - qemu-system-mips -M malta -kernel vmlinux-2.6.32-5-4kc-malta -hda debian_squeeze_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
27. - qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
28.
29. Start QEMU with the following arguments for a 64-bit machine:
30. - qemu-system-mips64 -M malta -kernel vmlinux-2.6.32-5-5kc-malta -hda debian_squeeze_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
31. - qemu-system-mips64 -M malta -kernel vmlinux-3.2.0-4-5kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
32.
33. By default QEMU emulates a machine with 128MiB of RAM. You can use the -m option
34. to increase or decrease the size of the RAM. It is however limited to 256MiB
35. with a 32-bit kernel. With a 64-bit kernel and QEMU >= 1.7, it is possible to
36. use up to 2047MiB of RAM, passing the memory map to the kernel, adding a mem=
37. argument to the append parameters as follow: "mem=256m@0x0 mem=XXXm@0x90000000"
38. where XXX represents the total memory size minus 256MiB. If you don't want to
39. start QEMU in graphic mode, you can use the -nographic option. The image is
40. configured to display a login prompt on the first serial port (ttys0). If you
41. want to switch the boot messages to the serial port, you need to replace
42. "console=tty0" by "console=ttyS0".
这里下载内核文件 vmlinux-2.6.32-5-4kc-malta,磁盘镜像 debian_squeeze_mips_standard.qcow2 作为mips虚拟机的配置文件。
ubuntu下可以使用下面的命令进行mips和mipsel虚拟机镜像配置文件的下载:
1. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2. # Start QEMU with the following arguments for a 32-bit machine:
3. $ qemu-system-mips -M malta -kernel vmlinux-2.6.32-5-4kc-malta -hda debian_squeeze_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
4. $ qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
5.
6. # for MIPS 32bit ###############:
7. # 内核版本为2.6.x
8. $ wget https://people.debian.org/~aurel32/qemu/mips/vmlinux-2.6.32-5-4kc-malta
9. $ wget https://people.debian.org/~aurel32/qemu/mips/debian_squeeze_mips_standard.qcow2
10.
11. # 内核版本为3.2.x
12. $ wget https://people.debian.org/~aurel32/qemu/mips/vmlinux-3.2.0-4-4kc-malta
13. $ wget https://people.debian.org/~aurel32/qemu/mips/debian_wheezy_mips_standard.qcow2
14.
15. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
16. # Start QEMU with the following arguments for a 64-bit machine:
17. $ qemu-system-mips64 -M malta -kernel vmlinux-2.6.32-5-5kc-malta -hda debian_squeeze_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
18. $ qemu-system-mips64 -M malta -kernel vmlinux-3.2.0-4-5kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
19.
20. # for MIPS 64bit ###############:
21. # 内核版本为2.6.x
22. $ wget https://people.debian.org/~aurel32/qemu/mips/vmlinux-2.6.32-5-5kc-malta
23. $ wget https://people.debian.org/~aurel32/qemu/mips/debian_squeeze_mips_standard.qcow2
24.
25. # 内核版本为3.2.x
26. $ wget https://people.debian.org/~aurel32/qemu/mips/vmlinux-3.2.0-4-5kc-malta
27. $ wget https://people.debian.org/~aurel32/qemu/mips/debian_wheezy_mips_standard.qcow2
28.
29.
30. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
31. # Start QEMU with the following arguments for a 32-bit machine:
32. $ qemu-system-mipsel -M malta -kernel vmlinux-2.6.32-5-4kc-malta -hda debian_squeeze_mipsel_standard.qcow2 -append "root=/dev/sda1 console=tty0"
33. $ qemu-system-mipsel -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mipsel_standard.qcow2 -append "root=/dev/sda1 console=tty0"
34.
35. # for MIPSEL 32bit ###############:
36. # 内核版本为2.6.x
37. $ wget https://people.debian.org/~aurel32/qemu/mipsel/vmlinux-2.6.32-5-4kc-malta
38. $ wget https://people.debian.org/~aurel32/qemu/mipsel/debian_squeeze_mipsel_standard.qcow2
39.
40. # 内核版本为3.2.x
41. $ wget https://people.debian.org/~aurel32/qemu/mipsel/vmlinux-3.2.0-4-4kc-malta
42. $ wget https://people.debian.org/~aurel32/qemu/mipsel/debian_wheezy_mipsel_standard.qcow2
43.
44. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
45. # Start QEMU with the following arguments for a 64-bit machine:
46. $ qemu-system-mips64el -M malta -kernel vmlinux-2.6.32-5-5kc-malta -hda debian_squeeze_mipsel_standard.qcow2 -append "root=/dev/sda1 console=tty0"
47. $ qemu-system-mips64el -M malta -kernel vmlinux-3.2.0-4-5kc-malta -hda debian_wheezy_mipsel_standard.qcow2 -append "root=/dev/sda1 console=tty0"
48.
49. # for MIPSEL 64bit ###############:
50. # 内核版本为2.6.x
51. $ wget https://people.debian.org/~aurel32/qemu/mipsel/vmlinux-2.6.32-5-5kc-malta
52. $ wget https://people.debian.org/~aurel32/qemu/mipsel/debian_squeeze_mipsel_standard.qcow2
53.
54. # 内核版本为3.2.x
55. $ wget https://people.debian.org/~aurel32/qemu/mipsel/vmlinux-3.2.0-4-5kc-malta
56. $ wget https://people.debian.org/~aurel32/qemu/mipsel/debian_wheezy_mipsel_standard.qcow2使用 qemu-system-mips 启动内核2.6.x版本MIPS 32bit的QEMU虚拟机镜像,QEMU启动失败,结果如下图:
- $ sudo qemu-system-mips -M malta -kernel vmlinux-2.6.32-5-4kc-malta -hda debian_squeeze_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0" -nographic
以控制台的形式启动QEMU虚拟机成功,结果如图:
QEMU系统者模式下使用的命令行帮助,以 qemu-system-mips 为例,功能挺强大的:
1. fly2016@ubuntu:~$ qemu-system-mips -h
2. QEMU emulator version 2.8.92 (v2.9.0-rc2-42-g6499fd1-dirty)
3. Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
4. usage: qemu-system-mips [options] [disk_image]
5.
6. 'disk_image' is a raw hard disk image for IDE hard disk 0
7.
8. Standard options:
9. -h or -help display this help and exit
10. -version display version information and exit
11. -machine [type=]name[,prop[=value][,...]]
12. selects emulated machine ('-machine help' for list)
13. property accel=accel1[:accel2[:...]] selects accelerator
14. supported accelerators are kvm, xen, tcg (default: tcg)
15. kernel_irqchip=on|off|split controls accelerated irqchip support (default=off)
16. vmport=on|off|auto controls emulation of vmport (default: auto)
17. kvm_shadow_mem=size of KVM shadow MMU in bytes
18. dump-guest-core=on|off include guest memory in a core dump (default=on)
19. mem-merge=on|off controls memory merge support (default: on)
20. igd-passthru=on|off controls IGD GFX passthrough support (default=off)
21. aes-key-wrap=on|off controls support for AES key wrapping (default=on)
22. dea-key-wrap=on|off controls support for DEA key wrapping (default=on)
23. suppress-vmdesc=on|off disables self-describing migration (default=off)
24. nvdimm=on|off controls NVDIMM support (default=off)
25. enforce-config-section=on|off enforce configuration section migration (default=off)
26. -cpu cpu select CPU ('-cpu help' for list)
27. -accel [accel=]accelerator[,thread=single|multi]
28. select accelerator ('-accel help for list')
29. thread=single|multi (enable multi-threaded TCG)-smp [cpus=]n[,maxcpus=cpus][,cores=cores][,threads=threads][,sockets=sockets]
30. set the number of CPUs to 'n' [default=1]
31. maxcpus= maximum number of total cpus, including
32. offline CPUs for hotplug, etc
33. cores= number of CPU cores on one socket
34. threads= number of threads on one CPU core
35. sockets= number of discrete sockets in the system
36. -numa node[,mem=size][,cpus=firstcpu[-lastcpu]][,nodeid=node]
37. -numa node[,memdev=id][,cpus=firstcpu[-lastcpu]][,nodeid=node]
38. -add-fd fd=fd,set=set[,opaque=opaque]
39. Add 'fd' to fd 'set'
40. -set group.id.arg=value
41. set <arg> parameter for item <id> of type <group>
42. i.e. -set drive.$id.file=/path/to/image
43. -global driver.property=value
44. -global driver=driver,property=property,value=value
45. set a global default for a driver property
46. -boot [order=drives][,once=drives][,menu=on|off]
47. [,splash=sp_name][,splash-time=sp_time][,reboot-timeout=rb_time][,strict=on|off]
48. 'drives': floppy (a), hard disk (c), CD-ROM (d), network (n)
49. 'sp_name': the file's name that would be passed to bios as logo picture, if menu=on
50. 'sp_time': the period that splash picture last if menu=on, unit is ms
51. 'rb_timeout': the timeout before guest reboot when boot failed, unit is ms
52. -m [size=]megs[,slots=n,maxmem=size]
53. configure guest RAM
54. size: initial amount of guest memory
55. slots: number of hotplug slots (default: none)
56. maxmem: maximum amount of guest memory (default: none)
57. NOTE: Some architectures might enforce a specific granularity
58. -mem-path FILE provide backing storage for guest RAM
59. -mem-prealloc preallocate guest memory (use with -mem-path)
60. -k language use keyboard layout (for example 'fr' for French)
61. -audio-help print list of audio drivers and their options
62. -soundhw c1,... enable audio support
63. and only specified sound cards (comma separated list)
64. use '-soundhw help' to get the list of supported cards
65. use '-soundhw all' to enable all of them
66. -balloon none disable balloon device
67. -balloon virtio[,addr=str]
68. enable virtio balloon device (default)
69. -device driver[,prop[=value][,...]]
70. add device (based on driver)
71. prop=value,... sets driver properties
72. use '-device help' to print all possible drivers
73. use '-device driver,help' to print all possible properties
74. -name string1[,process=string2][,debug-threads=on|off]
75. set the name of the guest
76. string1 sets the window title and string2 the process name (on Linux)
77. When debug-threads is enabled, individual threads are given a separate name (on Linux)
78. NOTE: The thread names are for debugging and not a stable API.
79. -uuid %08x-%04x-%04x-%04x-%012x
80. specify machine UUID
81. :
82. Block device options:
83. -fda/-fdb file use 'file' as floppy disk 0/1 image
84. -hda/-hdb file use 'file' as IDE hard disk 0/1 image
85. -hdc/-hdd file use 'file' as IDE hard disk 2/3 image
86. -cdrom file use 'file' as IDE cdrom image (cdrom is ide1 master)
87. -blockdev [driver=]driver[,node-name=N][,discard=ignore|unmap]
88. [,cache.direct=on|off][,cache.no-flush=on|off]
89. [,read-only=on|off][,detect-zeroes=on|off|unmap]
90. [,driver specific parameters...]
91. configure a block backend
92. -drive [file=file][,if=type][,bus=n][,unit=m][,media=d][,index=i]
93. [,cyls=c,heads=h,secs=s[,trans=t]][,snapshot=on|off]
94. [,cache=writethrough|writeback|none|directsync|unsafe][,format=f]
95. [,serial=s][,addr=A][,rerror=ignore|stop|report]
96. [,werror=ignore|stop|report|enospc][,id=name][,aio=threads|native]
97. [,readonly=on|off][,copy-on-read=on|off]
98. [,discard=ignore|unmap][,detect-zeroes=on|off|unmap]
99. [[,bps=b]|[[,bps_rd=r][,bps_wr=w]]]
100. [[,iops=i]|[[,iops_rd=r][,iops_wr=w]]]
101. [[,bps_max=bm]|[[,bps_rd_max=rm][,bps_wr_max=wm]]]
102. [[,iops_max=im]|[[,iops_rd_max=irm][,iops_wr_max=iwm]]]
103. [[,iops_size=is]]
104. [[,group=g]]
105. use 'file' as a drive image
106. -mtdblock file use 'file' as on-board Flash memory image
107. -sd file use 'file' as SecureDigital card image
108. -pflash file use 'file' as a parallel flash image
109. -snapshot write to temporary files instead of disk image files
110. -hdachs c,h,s[,t]
111. force hard disk 0 physical geometry and the optional BIOS
112. translation (t=none or lba) (usually QEMU can guess them)
113. -fsdev fsdriver,id=id[,path=path,][security_model={mapped-xattr|mapped-file|passthrough|none}]
114. [,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]
115. [[,throttling.bps-total=b]|[[,throttling.bps-read=r][,throttling.bps-write=w]]]
116. [[,throttling.iops-total=i]|[[,throttling.iops-read=r][,throttling.iops-write=w]]]
117. [[,throttling.bps-total-max=bm]|[[,throttling.bps-read-max=rm][,throttling.bps-write-max=wm]]]
118. [[,throttling.iops-total-max=im]|[[,throttling.iops-read-max=irm][,throttling.iops-write-max=iwm]]]
119. [[,throttling.iops-size=is]]
120. -virtfs local,path=path,mount_tag=tag,security_model=[mapped-xattr|mapped-file|passthrough|none]
121. [,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]
122. -virtfs_synth Create synthetic file system image
123. :
124. USB options:
125. -usb enable the USB driver (will be the default soon)
126. -usbdevice name add the host or guest USB device 'name'
127. :
128. Display options:
129. -display sdl[,frame=on|off][,alt_grab=on|off][,ctrl_grab=on|off]
130. [,window_close=on|off][,gl=on|off]
131. -display gtk[,grab_on_hover=on|off][,gl=on|off]|
132. -display vnc=<display>[,<optargs>]
133. -display curses
134. -display none select display type
135. The default display is equivalent to
136. "-vnc localhost:0,to=99,id=default"
137. -nographic disable graphical output and redirect serial I/Os to console
138. -curses shorthand for -display curses
139. -no-frame open SDL window without a frame and window decorations
140. -alt-grab use Ctrl-Alt-Shift to grab mouse (instead of Ctrl-Alt)
141. -ctrl-grab use Right-Ctrl to grab mouse (instead of Ctrl-Alt)
142. -no-quit disable SDL window close capability
143. -sdl shorthand for -display sdl
144. -spice [port=port][,tls-port=secured-port][,x509-dir=<dir>]
145. [,x509-key-file=<file>][,x509-key-password=<file>]
146. [,x509-cert-file=<file>][,x509-cacert-file=<file>]
147. [,x509-dh-key-file=<file>][,addr=addr][,ipv4|ipv6|unix]
148. [,tls-ciphers=<list>]
149. [,tls-channel=[main|display|cursor|inputs|record|playback]]
150. [,plaintext-channel=[main|display|cursor|inputs|record|playback]]
151. [,sasl][,password=<secret>][,disable-ticketing]
152. [,image-compression=[auto_glz|auto_lz|quic|glz|lz|off]]
153. [,jpeg-wan-compression=[auto|never|always]]
154. [,zlib-glz-wan-compression=[auto|never|always]]
155. [,streaming-video=[off|all|filter]][,disable-copy-paste]
156. [,disable-agent-file-xfer][,agent-mouse=[on|off]]
157. [,playback-compression=[on|off]][,seamless-migration=[on|off]]
158. [,gl=[on|off]][,rendernode=<file>]
159. enable spice
160. at least one of {port, tls-port} is mandatory
161. -portrait rotate graphical output 90 deg left (only PXA LCD)
162. -rotate <deg> rotate graphical output some deg left (only PXA LCD)
163. -vga [std|cirrus|vmware|qxl|xenfb|tcx|cg3|virtio|none]
164. select video card type
165. -full-screen start in full screen
166. -vnc <display> shorthand for -display vnc=<display>
167. :
168. Network options:
169. -netdev user,id=str[,ipv4[=on|off]][,net=addr[/mask]][,host=addr]
170. [,ipv6[=on|off]][,ipv6-net=addr[/int]][,ipv6-host=addr]
171. [,restrict=on|off][,hostname=host][,dhcpstart=addr]
172. [,dns=addr][,ipv6-dns=addr][,dnssearch=domain][,tftp=dir]
173. [,bootfile=f][,hostfwd=rule][,guestfwd=rule][,smb=dir[,smbserver=addr]]
174. configure a user mode network backend with ID 'str',
175. its DHCP server and optional services
176. -netdev tap,id=str[,fd=h][,fds=x:y:...:z][,ifname=name][,script=file][,downscript=dfile]
177. [,br=bridge][,helper=helper][,sndbuf=nbytes][,vnet_hdr=on|off][,vhost=on|off]
178. [,vhostfd=h][,vhostfds=x:y:...:z][,vhostforce=on|off][,queues=n]
179. [,poll-us=n]
180. configure a host TAP network backend with ID 'str'
181. connected to a bridge (default=br0)
182. use network scripts 'file' (default=/etc/qemu-ifup)
183. to configure it and 'dfile' (default=/etc/qemu-ifdown)
184. to deconfigure it
185. use '[down]script=no' to disable script execution
186. use network helper 'helper' (default=/usr/local/libexec/qemu-bridge-helper) to
187. configure it
188. use 'fd=h' to connect to an already opened TAP interface
189. use 'fds=x:y:...:z' to connect to already opened multiqueue capable TAP interfaces
190. use 'sndbuf=nbytes' to limit the size of the send buffer (the
191. default is disabled 'sndbuf=0' to enable flow control set 'sndbuf=1048576')
192. use vnet_hdr=off to avoid enabling the IFF_VNET_HDR tap flag
193. use vnet_hdr=on to make the lack of IFF_VNET_HDR support an error condition
194. use vhost=on to enable experimental in kernel accelerator
195. (only has effect for virtio guests which use MSIX)
196. use vhostforce=on to force vhost on for non-MSIX virtio guests
197. use 'vhostfd=h' to connect to an already opened vhost net device
198. use 'vhostfds=x:y:...:z to connect to multiple already opened vhost net devices
199. use 'queues=n' to specify the number of queues to be created for multiqueue TAP
200. use 'poll-us=n' to speciy the maximum number of microseconds that could be
201. spent on busy polling for vhost net
202. -netdev bridge,id=str[,br=bridge][,helper=helper]
203. configure a host TAP network backend with ID 'str' that is
204. connected to a bridge (default=br0)
205. using the program 'helper (default=/usr/local/libexec/qemu-bridge-helper)
206. -netdev l2tpv3,id=str,src=srcaddr,dst=dstaddr[,srcport=srcport][,dstport=dstport]
207. [,rxsession=rxsession],txsession=txsession[,ipv6=on/off][,udp=on/off]
208. [,cookie64=on/off][,counter][,pincounter][,txcookie=txcookie]
209. [,rxcookie=rxcookie][,offset=offset]
210. configure a network backend with ID 'str' connected to
211. an Ethernet over L2TPv3 pseudowire.
212. Linux kernel 3.3+ as well as most routers can talk
213. L2TPv3. This transport allows connecting a VM to a VM,
214. VM to a router and even VM to Host. It is a nearly-universal
215. standard (RFC3391). Note - this implementation uses static
216. pre-configured tunnels (same as the Linux kernel).
217. use 'src=' to specify source address
218. use 'dst=' to specify destination address
219. use 'udp=on' to specify udp encapsulation
220. use 'srcport=' to specify source udp port
221. use 'dstport=' to specify destination udp port
222. use 'ipv6=on' to force v6
223. L2TPv3 uses cookies to prevent misconfiguration as
224. well as a weak security measure
225. use 'rxcookie=0x012345678' to specify a rxcookie
226. use 'txcookie=0x012345678' to specify a txcookie本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
