Andy Bavier | 9d7c09e | 2016-07-19 20:37:58 -0400 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | |
| 3 | SHELL="/bin/bash" |
| 4 | |
| 5 | NIC=$( route|grep default|awk '{print $NF}' ) |
| 6 | |
| 7 | NAME="${1}" |
| 8 | OP="${2}" |
| 9 | SUBOP="${3}" |
| 10 | ARGS="${4}" |
| 11 | |
| 12 | add_rule() { |
| 13 | TABLE=$1 |
| 14 | CHAIN=$2 |
| 15 | ARGS=$3 |
| 16 | iptables -t $TABLE -C $CHAIN $ARGS |
| 17 | if [ "$?" -ne 0 ] |
| 18 | then |
| 19 | iptables -t $TABLE -I $CHAIN 1 $ARGS |
| 20 | fi |
| 21 | } |
| 22 | |
| 23 | add_port_fwd_rule() { |
| 24 | DPORT=$1 |
| 25 | VMIP=$2 |
| 26 | TOPORT=$3 |
| 27 | |
| 28 | add_rule "nat" "PREROUTING" "-p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT" |
| 29 | } |
| 30 | |
| 31 | if [ "$OP" = "start" ] |
| 32 | then |
| 33 | XOS=$( getent hosts xos | awk '{print $1}' ) |
| 34 | if [ -n "$XOS" ] |
| 35 | then |
| 36 | add_port_fwd_rule 80 $XOS 80 |
| 37 | fi |
| 38 | add_rule "filter" "FORWARD" "-p tcp --dport 80 -j ACCEPT" |
| 39 | fi |
| 40 | |