more dns-ification work
diff --git a/roles/config-virt/templates/daemon.j2 b/roles/config-virt/templates/daemon.j2
new file mode 100644
index 0000000..c79bf4a
--- /dev/null
+++ b/roles/config-virt/templates/daemon.j2
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+SHELL="/bin/bash"
+
+NIC=$( route|grep default|awk '{print $NF}' )
+
+NAME="${1}"
+OP="${2}"
+SUBOP="${3}"
+ARGS="${4}"
+
+add_port_fwd_rule() {
+ DPORT=$1
+ VMIP=$2
+ TOPORT=$3
+
+ iptables -t nat -C PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT
+ if [ "$?" -ne 0 ]
+ then
+ iptables -t nat -A PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT
+ fi
+}
+
+if [ "$OP" = "start" ] || [ "$OP" = "reload" ]
+then
+ iptables -t nat -F
+
+{% for vm in head_vm_list -%}
+{% if vm.forwarded_ports is defined -%}
+{% for port in vm.forwarded_ports -%}
+ add_port_fwd_rule {{ port.ext }} "{{ mgmtbr_prefix }}.{{ vm.ipv4_last_octet }}" {{ port.int }}
+{% endfor -%}
+{% endif -%}
+{% endfor -%}
+
+ # Also flush the filter table before rules re-added
+ iptables -F
+fi
+