This is just a page for documenting some tricks I discovered while playing with VirtualBox.


Just download it from their site and install it like this

dpkg -i name_of_the_downloaded_file.deb

Then start VirtualBox and install the guests. Instead of using a CDROM for installing guests, you can also use an ISO file as CDROM. This is faster.

VirtualBox comes with some kernel modules which need to be recompiled each time the kernel is upgraded. So if you upgrade the kernel, use this command to recompile the VirtualBox modules:

/etc/init.d/vboxdrv setup

VirtualBox works best with the "guest additions" installed. After installing the guest, start it up and use the option in the menu bar to install the guest additions.

Screen size

The graphics drivers of VirtualBox allow you to adjust the guest's screen size to the window size automatically. In KDE and Windows you can also set the screen size the same way you normally do. However in KDE I could not set the screen size to 1280x1024. If you would like to get certain fixed screen resolutions in a Ubuntu guest, add the following to the screen section of your /etc/X11/xorg.conf:

SubSection "Display"
Modes "1280x1024" "1152x864" "1024x768" "800x600"


You can copy a hard disk image of a virtual machine, by using this command to copy it:

VBoxManage clonevdi `pwd`/source.vdi `pwd`/dest.vdi

Note that absolute paths are required, hence the pwd commands.

The new vdi gets a unique (different) UUID. You can add the new image in the "virtual media manager", and create a new virtual machine which uses it.

When you cloned an Ubuntu guest, you may want to remove a file called /etc/udev/rules.d/70-persistent-net.rules in order to clear data about the old MAC address. Otherwise your new network card appears as eth1 instead of eth0.


By default Virtualbox uses a kind of NAT with a built-in DHCP server for the guests. I used "a kind of", because all guests actually use the same IP address. They cannot see each other and it is impossible to setup an incoming connection. You can access the host using Instead of NAT you can also use "internal network". Now the guests can see each other, but they cannot access the outside world. Then there is "bridged networking" in which you can share the host interface. Disadvantage of that is the fact that the guest's IP-addresses are visible for the outside world. If you want NAT while keeping the ability to route incoming connections and the ability to communicate between guests, then use the following approach.

First install the software needed to create and setup tap interfaces:

aptitude install uml-utilities

Then create a script called tap to setup a tap interface:


sysctl -w net.ipv4.conf.eth0.arp_ignore=1
sysctl -w net.ipv4.ip_forward=1
tunctl -t tap0 -u your_username
ifconfig tap0 netmask up

exit 0

The first line prevents the host from responding to ARP requests which query IP addresses that happen to be used for internal networking. The second line enables routing. You can also put the sysctl settings in a file called /etc/sysctl.conf. The third line creates the tap interface. Replace your_username by your username. The fourth line sets up the tap interface.

Now we can setup NAT, using another script, called nat:


iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F

iptables -A FORWARD -i eth0 -o tap0 -m state --state ESTABLISHED,RELATED  -j ACCEPT
iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT
iptables -A FORWARD -j LOG
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --dport 53 -i tap0 -j DNAT --to your_dns_server:53
iptables -t nat -A PREROUTING -p udp --dport 53 -i tap0 -j DNAT --to your_dns_server:53

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5800 -j DNAT \
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5900 -j DNAT \
iptables -A FORWARD -i eth0 -o tap0 -p tcp --dport 5800 -j ACCEPT
iptables -A FORWARD -i eth0 -o tap0 -p tcp --dport 5900 -j ACCEPT

exit 0

Replace your_dns_server by the IP address of your DNS server.

You may notice we forward ports 5800 and 5900. This is explained later, when we set up a remote desktop using a web browser.

In the VirtualBox network settings of your guest, use bridged network, and specify tap0 as its interface.

Start and setup the guest to use as IP address and as default gateway and DNS server (the latter being forwarded to the real DNS server).

Remote controlling your guests

You can SSH into your linux box and use the following command to startup a guest remotely:

VBoxManage startvm your_guest_name --type vrdp

Use VBoxManage (without arguments) to see what you can do on the command line.

Remote desktop using a web browser

You may have noticed that VirtualBox has a built-in RDP server, which you can enable and this works very well with the rdesktop client.

By default only one client can connect to the built-in RDP server at a given time. To allow simultaneous connections, use this command:

VBoxManage modifyvm "VM name" --vrdpmulticon on

You can also use the built-in RDP-server some guests (like Windows XP) provide. In that case you need to forward port 3389 in the same way we forwarded ports 5800 and 5900 earlier. The reason for forwarding 5800 and 5900 is the fact that there is no good Java based applet for connecting to RDP servers, so I use VNC instead. You may find some Java based RDP clients, like ProperJavaRDP and Elusiva, but those projects are dead and not working for me.

VNC uses port 5900. Port 5800 is used for the VNC web server.

There are many implementations of VNC, the best ones are RealVNC, TightVNC and UltraVNC. For Windows XP guests I use UltraVNC. Installation is pretty straightforward except for the display hook driver. After UltraVNC is installed, use the explorer to extract "c:\program files\UltraVNC\".  Then double click on "c:\program files\UltraVNC\drivers\driver\XP\install.bat".

Reboot the guest and enable the driver in the UltraVNC settings.

Now to use the Java client, just point a browser to http://your_host:5800/. You may notice the defaults are not good (restriction of 64 colors etc.). You can create the following HTML file, modify it to suit your needs and host it on a web server. This way you can create remote desktop hyperlinks to other VNC hosts as well.

                <applet code="VncViewer.class" width="1024" height="768">
                        <param name="archive" value="http://your_host:5800/VncViewer.jar">
                        <param name="host" value="your_host">
                        <param name="port" value="5900">
                        <param name="Open New Window" value="No">
                        <param name="Show Controls" value="No">
                        <param name="View only" value="No">
                        <param name="JPEG image quality" value="JPEG off">
                        <param name="Restricted colors" value="Full">


USB devices

In Virtualbox there is a setting called USB filters, which determines which USB devices are available in guest systems running in Virtualbox. It's easiest to specify an empty filter which matches all USB devices. In the menu of the guest window you can enable (connect) and disable (disconnect) USB devices. If an USB device is greyed out, it might be a permissions problem. Check if the current user is a member of the vboxusers group with the groups command. If the user is not a member then add this user to the vboxusers group using the following command:

adduser <user> vboxusers