X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=factory%2Fsetup-nat;h=9a0c4f5e2e8f0b26ade91f19a53839179185e1ec;hb=da01b364b3c3e91a120037d2fcf0993bfbd26900;hp=61344a44b061ffa7101b7fb5e34991d7b8285b62;hpb=d3ee8357efd54e74b4f6456c0a3a9d58ed39d58d;p=vsys.git diff --git a/factory/setup-nat b/factory/setup-nat index 61344a4..9a0c4f5 100755 --- a/factory/setup-nat +++ b/factory/setup-nat @@ -1,25 +1,21 @@ #!/bin/sh +x -IP=/sbin/ip - SLICE=$1 SLICEID=`id -u $SLICE` read KEY -modprobe etun - ### Setup etun -ETUN0=vnat0k$KEY -ETUN1=vnat1k$KEY -echo $ETUN0,$ETUN1 > /sys/module/etun/parameters/newif -ifconfig $ETUN1 10.0.$KEY.1 up +ETUN0=nat$KEY +ETUN1=natx$KEY +ip link add name $ETUN0 type veth peer name $ETUN1 +ifconfig $ETUN1 10.0.$KEY.1/24 up -/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE -/sbin/iptables -A FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT -/sbin/iptables -A FORWARD -i $ETUN1 -o eth0 -j ACCEPT +iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +iptables -A FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT +iptables -A FORWARD -i $ETUN1 -o eth0 -j ACCEPT ### Create "grab link" script -GRAB=/vsys/grab-$ETUN0 +GRAB=/vsys/local_grab-$ETUN0 echo $SLICE > $GRAB.acl rm -f $GRAB cat > $GRAB < $GRAB < /sys/class/net/$ETUN0/new_ns_pid +ip link set $ETUN0 netns \$PID EOF chmod +x $GRAB ### Create "delete link" script -DELETE=/vsys/delete-$ETUN0 +DELETE=/vsys/local_delete-$ETUN0 echo $SLICE > $DELETE.acl rm -f $DELETE cat > $DELETE < $DELETE < /sys/module/etun/parameters/delif +ip link delete dev $ETUN1 # Clean up files rm -f $GRAB $GRAB.acl