[Honeywall] Re: Virtual Honeynet deployment using Linux Host - honeywall 1.3 roo

Fahim Abbasi mailtofahim at gmail.com
Sat Jul 5 08:16:41 EDT 2008

Right, so if i setup the honeypot IP other than the vmnet1 IP subnet then it
should work? Previously i wasnt able to do so using that arrangement.

Just now I retested using subnet, assignment is as follows:
Host eth0:
vmnet1: (same as before)
xp-honeypot: (previously was 2.10)
honeywall IP, Broadcast & CIDR updated to subnet.


netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface     *        U         0 0          0
vmnet1     *        U         0 0          0
eth0   *        U         0 0          0


eth0      Link encap:Ethernet  HWaddr 00:02:3F:D9:87:02
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::202:3fff:fed9:8702/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:759 errors:0 dropped:0 overruns:0 frame:0
          TX packets:207 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:69429 (67.8 KiB)  TX bytes:32156 (31.4 KiB)
          Interrupt:19 Base address:0xc800

vmnet1    Link encap:Ethernet  HWaddr 00:50:56:C0:00:01
          inet addr:

1. Unable to ping from host-honeypot ( -
2. Unable to ping from honeypot to host ( - )
3. host eth0 pingeable from honeywall.
4. Unable to ping honeypot from honeywall

I wasnt having above problems using previous arrangement.

Let me try rephrase the question:
"Will honeynet roo work with a private network subnet at all? or will I have
to use public IPs even for testing purposes :S ?"

Thanks, Fahim

On Sat, Jul 5, 2008 at 10:24 PM, <honeywall-request at public.honeynet.org>

> Date: Sat, 5 Jul 2008 16:24:02 +0600
> From: "Faiz Ahmad Shuja" <faiz.shuja at gmail.com>
> Subject: Re: [Honeywall] Virtual Honeynet deployment using Linux Host
>        -       honeywall 1.3 roo
> To: "Mailing list for users and developers of the Honeywall"
>        <honeywall at public.honeynet.org>
> Message-ID:
>        <46035c660807050324l48edc816t69095ff4d273c83a at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
> Do you have a router in the network to route traffic between virtual
> networks? Why the gateway for the interface on host OS is vmnet1? Both
> should be separate network. All the honeypots are usually connected to
> vmnet1 (host-only) and configured to have external IPs (same network as
> host
> OS eth0). Honeywall will do the bridging.
> Regards,
> Faiz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://public.honeynet.org/pipermail/honeywall/attachments/20080706/f1bf849f/attachment.html

More information about the Honeywall mailing list