etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

VPC : setup hairpin

This commit is contained in:
anthony 2012-07-02 17:59:40 -07:00
parent 2967ccd0d9
commit 079d7ef1aa
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
View File

@ -87,9 +87,13 @@ create_guest_network() {
sudo iptables -D INPUT -i $dev -p udp -m udp --dport 53 -j ACCEPT
sudo iptables -A INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
sudo iptables -A INPUT -i $dev -p udp -m udp --dport 53 -j ACCEPT
# restore mark from connection mark
local tableName="Table_$dev"
sudo ip route add $subnet/$mask dev $dev table $tableName proto static
sudo iptables -t mangle -A PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
# set up hairpin
sudo iptables -t nat -A POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
setup_usage
setup_dnsmasq
}
@ -101,6 +105,7 @@ destroy_guest_network() {
sudo iptables -D INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
sudo iptables -D INPUT -i $dev -p udp -m udp --dport 53 -j ACCEPT
sudo iptables -t mangle -D PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
sudo iptables -t nat -A POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
desetup_dnsmasq
}