blob: 349e416d609275b2487dd2475ba8bba0f3c6e64e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
#!/usr/bin/env bash
#NAT setup script to setup NAT from Admin -> Public interface
#on a Vagrant VM
#Called by Vagrantfile in conjunction with deploy.sh
#author: Tim Rozet (trozet@redhat.com)
#
#Uses Vagrant and VirtualBox
#VagrantFile uses nat_setup.sh which sets up NAT
#
##make sure firewalld is stopped and disabled
if ! systemctl stop firewalld; then
printf '%s\n' 'nat_setup.sh: Unable to stop firewalld' >&2
exit 1
fi
systemctl disable firewalld
# Install iptables
# Major version is pinned to force some consistency for Arno
if ! yum -y install iptables-services-1*; then
printf '%s\n' 'nat_setup.sh: Unable to install iptables-services' >&2
exit 1
fi
##start and enable iptables service
if ! systemctl start iptables; then
printf '%s\n' 'nat_setup.sh: Unable to start iptables-services' >&2
exit 1
fi
systemctl enable iptables
##enable IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
##Configure iptables
/sbin/iptables -t nat -I POSTROUTING -o enp0s10 -j MASQUERADE
/sbin/iptables -I FORWARD 1 -i enp0s10 -o enp0s8 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -I FORWARD 1 -i enp0s8 -o enp0s10 -j ACCEPT
/sbin/iptables -I INPUT 1 -j ACCEPT
/sbin/iptables -I OUTPUT 1 -j ACCEPT
|
