I'm trying to set up a lab to demonstrate ipv6 attack and detection mechanism on my Macbook. This is my set up with virtualbox:
-
Host OS: OS X 10.8.2 IPv6 automatically, wireless connection Geust
-
OS: Ubuntu 8.04 IPv6 enable, bridged network
Everything is working. I tested ping6 to see if both host and guest is reachable each other. So I turned on wireshark on host OS, and see if I can capture traffic when guest OS pings to it. Unfortunately, I didn't see any traffic coming from guest OS and not sure why. Since guest OS uses bridged network, it supposes to ask route to find who possess the ipv6 address, thus I believe the physical network card get involved in it. But I'm not sure why wireshark cannot capture any traffic
Best Answer
Apparently, VirtualBox itself can write all packets to or from a guest to a pcap file, so that might be one way to do this.
In Wes Morgan's answer to a similar VirtualBox question, he says that bridged mode is "bypassing the host OS network stack entirely", which may mean that packets between the host and guest aren't seen by BPF on OS X and thus aren't available to Wireshark (which uses libpcap, which uses BPF on OS X).