summaryrefslogtreecommitdiffstats
path: root/foreman/ci/nat_setup.sh
diff options
context:
space:
mode:
Diffstat (limited to 'foreman/ci/nat_setup.sh')
-rwxr-xr-xforeman/ci/nat_setup.sh44
1 files changed, 44 insertions, 0 deletions
diff --git a/foreman/ci/nat_setup.sh b/foreman/ci/nat_setup.sh
new file mode 100755
index 000000000..349e416d6
--- /dev/null
+++ b/foreman/ci/nat_setup.sh
@@ -0,0 +1,44 @@
+#!/usr/bin/env bash
+
+#NAT setup script to setup NAT from Admin -> Public interface
+#on a Vagrant VM
+#Called by Vagrantfile in conjunction with deploy.sh
+#author: Tim Rozet (trozet@redhat.com)
+#
+#Uses Vagrant and VirtualBox
+#VagrantFile uses nat_setup.sh which sets up NAT
+#
+
+##make sure firewalld is stopped and disabled
+if ! systemctl stop firewalld; then
+ printf '%s\n' 'nat_setup.sh: Unable to stop firewalld' >&2
+ exit 1
+fi
+
+systemctl disable firewalld
+
+# Install iptables
+# Major version is pinned to force some consistency for Arno
+if ! yum -y install iptables-services-1*; then
+ printf '%s\n' 'nat_setup.sh: Unable to install iptables-services' >&2
+ exit 1
+fi
+
+##start and enable iptables service
+if ! systemctl start iptables; then
+ printf '%s\n' 'nat_setup.sh: Unable to start iptables-services' >&2
+ exit 1
+fi
+
+systemctl enable iptables
+
+##enable IP forwarding
+echo 1 > /proc/sys/net/ipv4/ip_forward
+
+##Configure iptables
+/sbin/iptables -t nat -I POSTROUTING -o enp0s10 -j MASQUERADE
+/sbin/iptables -I FORWARD 1 -i enp0s10 -o enp0s8 -m state --state RELATED,ESTABLISHED -j ACCEPT
+/sbin/iptables -I FORWARD 1 -i enp0s8 -o enp0s10 -j ACCEPT
+/sbin/iptables -I INPUT 1 -j ACCEPT
+/sbin/iptables -I OUTPUT 1 -j ACCEPT
+