VirtualBox3 iptables routing problem?

Hi leute,

i have the following setup and/or problem:

Virtualization Software: VirtualBox 3
Host: SuSE 11.1 x64
Guest: Vista x64

On the Hostsystem is running Plesk 9.2.1
The suseFirewall is inactive (Plesk did have an own firewall).

ifconfig HOST:


eth0      Link encap:Ethernet  Hardware Adresse 00:xx:xx:xx:xx:xx
          inet Adresse:xxx.xxx.xxx.138  Bcast:xxx.xxx.xxx.xxx  Maske:255.255.255.192
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:663545 errors:0 dropped:0 overruns:0 frame:0
          TX packets:450371 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 Sendewarteschlangenlänge:1000
          RX bytes:815249568 (777.4 Mb)  TX bytes:141576557 (135.0 Mb)
          Interrupt:249 Basisadresse:0xc000

eth0:zusa Link encap:Ethernet  Hardware Adresse 00:xx:xx:xx:xx:xx 
          inet Adresse:xxx.xxx.xxx.183  Bcast:xxx.xxx.xxx.xxx  Maske:255.255.255.192
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          Interrupt:249 Basisadresse:0xc000

lo        Link encap:Lokale Schleife 
          inet Adresse:127.0.0.1  Maske:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:211497 errors:0 dropped:0 overruns:0 frame:0
          TX packets:211497 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 Sendewarteschlangenlänge:0
          RX bytes:33791042 (32.2 Mb)  TX bytes:33791042 (32.2 Mb)

pan0      Link encap:Ethernet  Hardware Adresse DE:F9:9B:80:D1:2B 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 Sendewarteschlangenlänge:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

vboxnet0  Link encap:Ethernet  Hardware Adresse 0A:00:27:00:00:00 
          inet Adresse:192.168.0.1  Bcast:192.168.0.255  Maske:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:864 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 Sendewarteschlangenlänge:1000
          RX bytes:0 (0.0 b)  TX bytes:156552 (152.8 Kb)

ipconfig GUEST:

Windows-IP-Konfiguration

Ethernet-Adapter LAN-Verbindung:

   Verbindungsspezifisches DNS-Suffix:
   Verbindungslokale IPv6-Adresse  . : fe80::5c52:a857:620c:d6f%10
   IPv4-Adresse  . . . . . . . . . . : 192.168.0.101
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Standardgateway . . . . . . . . . :192.168.0.1

Tunneladapter LAN-Verbindung*:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix:

Tunneladapter LAN-Verbindung* 2:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix:

etc/hosts HOST:


# nameserver config
# IPv4

127.0.0.1       localhost
xxx.xxx.xxx.138   bla bla.foo

#
# IPv6

::1             ip6-localhost ip6-loopback
fe00::0         ip6-localnet
ff00::0         ip6-mcastprefix
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters
ff02::3         ip6-allhosts
127.0.0.2       bla.foo bla


iptables HOST:


Chain INPUT (policy DROP)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pcsync-https
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:cddbp-alt
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:submission
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtps
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3s
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imap
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imaps
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:poppassd
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:postgresql
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:9008
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:glrpc
ACCEPT     udp  --  anywhere             anywhere            udp dpt:netbios-ns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:netbios-dgm
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:netbios-ssn
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:microsoft-ds
ACCEPT     udp  --  anywhere             anywhere            udp dpt:openvpn
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     icmp --  anywhere             anywhere            icmp type 8 code 0
ACCEPT     all  --  anywhere             anywhere           

Chain FORWARD (policy DROP)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     tcp  --  anywhere             192.168.0.101       tcp dpt:menandmice-dns
DROP       all  --  anywhere             anywhere           

Chain OUTPUT (policy DROP)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere           

the Guestadapter is configured as Host-Only network with following setup:
Host: 192.168.0.1
Gast: 192.168.0.101

i need the following rules:

The Host only may use IP: xxx.xxx.xxx.138
The Guest only may use IP: xxx.xxx.xxx.183
The Guest must can use the own firewall and it must be transparent networking.

A Bridged Setup is impossible, because i don’t become a DHCP permission of the virtual adapter MAC in the datacenter and must be routed completely over the Hostadapter.

Could you say my what i must make to get it work?

thanks for help ahead.

Regards,
oVI