| Zack Williams | 4bd2dbc | 2016-03-10 12:50:02 -0700 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | |
| 3 | SHELL="/bin/bash" |
| 4 | |
| 5 | NIC=$( route|grep default|awk '{print $NF}' ) |
| 6 | |
| 7 | NAME="${1}" |
| 8 | OP="${2}" |
| 9 | SUBOP="${3}" |
| 10 | ARGS="${4}" |
| 11 | |
| 12 | add_port_fwd_rule() { |
| 13 | DPORT=$1 |
| Zack Williams | 709f11b | 2016-03-17 14:29:51 -0700 | [diff] [blame] | 14 | VMIP=$2 |
| Zack Williams | 4bd2dbc | 2016-03-10 12:50:02 -0700 | [diff] [blame] | 15 | TOPORT=$3 |
| 16 | |
| Zack Williams | 4bd2dbc | 2016-03-10 12:50:02 -0700 | [diff] [blame] | 17 | iptables -t nat -C PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT |
| 18 | if [ "$?" -ne 0 ] |
| 19 | then |
| 20 | iptables -t nat -A PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT |
| 21 | fi |
| 22 | } |
| 23 | |
| 24 | if [ "$OP" = "start" ] || [ "$OP" = "reload" ] |
| 25 | then |
| 26 | iptables -t nat -F |
| 27 | |
| 28 | {% for vm in head_vm_list -%} |
| 29 | {% if vm.forwarded_ports is defined -%} |
| Zack Williams | 81470de | 2016-04-11 12:44:38 -0700 | [diff] [blame] | 30 | {% set vm_net = ( virt_nets | selectattr("head_vms", "defined") | first ) %} |
| Zack Williams | 4bd2dbc | 2016-03-10 12:50:02 -0700 | [diff] [blame] | 31 | {% for port in vm.forwarded_ports -%} |
| Zack Williams | 81470de | 2016-04-11 12:44:38 -0700 | [diff] [blame] | 32 | add_port_fwd_rule {{ port.ext }} "{{ vm_net.ipv4_prefix }}.{{ vm.ipv4_last_octet }}" {{ port.int }} |
| Zack Williams | 4bd2dbc | 2016-03-10 12:50:02 -0700 | [diff] [blame] | 33 | {% endfor -%} |
| 34 | {% endif -%} |
| 35 | {% endfor -%} |
| 36 | |
| 37 | # Also flush the filter table before rules re-added |
| 38 | iptables -F |
| 39 | fi |
| 40 | |