| NIC=$( route|grep default|awk '{print $NF}' ) |
| iptables -t nat -C PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT |
| iptables -t nat -A PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT |
| if [ "$OP" = "start" ] || [ "$OP" = "reload" ] |
| {% for vm in head_vm_list -%} |
| {% if vm.forwarded_ports is defined -%} |
| {% set vm_net = ( virt_nets | selectattr("head_vms", "defined") | first ) %} |
| {% for port in vm.forwarded_ports -%} |
| add_port_fwd_rule {{ port.ext }} "{{ vm_net.ipv4_prefix }}.{{ vm.ipv4_last_octet }}" {{ port.int }} |
| # Also flush the filter table before rules re-added |