I have an application that I am testing that is developed using the WinPcap library. I am running the Fusion 1.1rc1 and Leopard. Will Fusion ever support putting the vmnet adapter in promiscuous mode on Leopard?
If I run my Windows VM under Tiger, I can use promiscuous mode, but under Leopard I cannot.
You can easily reproduce the error by running WireShark and trying to capture on the network in promiscuous mode.
The error message I see is:
The virtual machine's operating system has attempted to enable promiscuous mode on adapter Ethernet0.
This is not allowed for security reasons.
Please go to the Web page "http://www.vmware.com/info?id=161" for help enabling promiscuous mode in the virtual machine.
The webpage it references deals with Linux hosts, not Mac hosts.
This happens in both NAT and Bridged modes.
I am also experiencing this problem. I am assuming that if we could change the permissions on the proper virtual nic then we would be home free. The few that I tried didn't get me anywhere.
We're discussing internally ways to solve this.
For now, you can actually work around it by running VMware Fusion as root. To do so:
1) Open Terminal.app from the folder /Applications/Utilities.
2) At the Terminal prompt, type:
sudo "/Applications/VMware Fusion.app/Contents/MacOS/vmware"
3) Enter your password.
Note: VMware Fusion will appear behind the Terminal window, and your list of VMs will be initially empty. This is because root has a separate preferences list from the your normal user account. You can use File -> Open to open a VM.
Note note: If you suspend the VM or take a snapshot, then those files will be owned by root, and you'll need to manually change the permissions from Finder to let your regular user use the VM.
Note note note: We do not suggest you should normally run VMware Fusion as root; this is just a workaround. While we write very secure programs, it's possible for there to be a bug in the Fusion user interface that a malicious VM could exploit to gain privileges on your Mac.
I have to use my NIC in promiscuous mode all the time. However, I also understand the possible security implications of running VMWare as root (which defeats the reason why we chose to use virtualization). Do you have any idea if the next release will have the fix.
Just a side note - I've been trying this, but it doesn't seem to work if you're connected via wifi. Every time that I try it tells me that vmnet0 is not connected.
I'd really like to see a fix for this too... This is a bit of a show-stopper for me as I often give ESX training courses and use the VM to demonstrate the installation of ESX and some of the basic configuration tasks when I'm on a client site where we don't have equipment available to use.
If you have a problem with direct Wifi bridging, I think Fusion will favor a "wired" connection over wireless, so you could try putting Fusion in bridged mode and enable Internet Sharing in OS X, sharing your Airport connection to Built-in Ethernet. This activates en0 on the host without plugging a cable in, as far as VMware Fusion is concerned. Before NAT was available this is how I would "fake" bridging.
Next steps I would take are attempting to restart Fusion networking (boot.sh --restart) or just reboot. If problem persists, check disk permissions in Apple's Disk Utility and re-installing Fusion never hurts.
Have there been any updates on this issue? Is it going to be fixed in a future release? Or has anyone had any success (I am having all the problems above even running fusion as root, which I don't really like doing).
For me, launching vmware with sudo is working, although sort of inconvenient. My guest OS is Ubuntu 7.04, which doesn't seem to have any issues wrt promiscuous mode using this workaround.
However, our company is holding off upgrading to Leopard until this problem is resolved since VMWare Fusion is one of our primary applications. Hopefully there will be an update addressing this issue soon.
I too am very concerned about the resolution to this problem. I'm an IT Engineer and I have multiple instances where I need to put my interface into promiscuous mode (security audits, packet flow testing, application testing, etc).
Thank you so much for the reply, too often new people happen upon an older topic that can be important, but get no response because everyone else has moved on. I appreciate it.
And it is good to see that VMware is still addressing it, as opposed to going with the manual 'sudo' command. In the meantime, I've setup an alias for the primary virtual machine that needs promiscuous mode, and I happily await an official fix by VMware (but don't be too surprised if I ping ya guys again in a month or so) .
Guys - hopefully someone is on the forum today and can lend a hand becuase this workaround is not working on my machine. The application I am running provides a nice log of the interface status when it fires up the record routine and it clearly shows that promiscuouos mode is disabled.
Any other ideas?
Is it just the indication or are you not getting the traffic you're expecting? You can also try /Library/Application Support/VMware Fusion/vmnet-sniffer which produces tcpdump/pcap/wiresharp compatible binary files.
Well, the application is one that will allow the recoridng of commands to help build test procedures - things like telnet, login stepes, etc. This requres promiscuous mode and of course, when I launch VMWare without using the workaround, I get the error message when trying to enable recording in my app. I click OK and verify that promiscuous mode is disabled. So I then restart WinXP but this time as root using the published workaround. This time, I do not get the error message but promiscuous mode is still disabled. Consequently, I am unable to capture anything from that interface.
I thought this might be due to using wirless vs. using a wired interface so I switched to the wired Ethernet but I still get the same results.