diff options
| author |   Parker Berberian <pberberian@iol.unh.edu> | 2017-08-21 09:36:53 -0400 |
|---|---|---|
| committer | Parker Berberian <pberberian@iol.unh.edu> | 2017-08-31 13:28:58 -0400 |
| commit | 03b274f3a653a03bc3314d7fe385f7966c5672b2 (patch) | |
| tree | 8b869c91f20907080e91b8cec2efeb830b01b377 /tools/laas-fog/hostScripts/ipnat.sh | |
| parent | 4dcfbc15841367c963a8dd23f75f45f3c1bcb0e3 (diff) | |
Bash scripts for remote host deployment
JIRA: N/A
Adds various scripts into hostscripts/ to make the deployment
easier.
The whole hostscripts directory is copied to the remote host during
deployment.
mkDisks will create needed virtual disks
vncAllow punches a hole in the firewall to allow a vnc connection
(useful for debugging)
ipnat.sh uses iptables to NAT out an isolated virtual machine
to access horizon, for example
Change-Id: I25c23c0c4893838e58ba1cd7baaa5347de4ef47f
Signed-off-by: Parker Berberian <pberberian@iol.unh.edu>
Diffstat (limited to 'tools/laas-fog/hostScripts/ipnat.sh')
| -rwxr-xr-x | tools/laas-fog/hostScripts/ipnat.sh | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/tools/laas-fog/hostScripts/ipnat.sh b/tools/laas-fog/hostScripts/ipnat.sh new file mode 100755 index 00000000..b8d97f0d --- /dev/null +++ b/tools/laas-fog/hostScripts/ipnat.sh @@ -0,0 +1,34 @@ +#!/bin/bash +############################################################################# +#Copyright 2017 Parker Berberian and others # +# # +#Licensed under the Apache License, Version 2.0 (the "License"); # +#you may not use this file except in compliance with the License. # +#You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +#Unless required by applicable law or agreed to in writing, software # +#distributed under the License is distributed on an "AS IS" BASIS, # +#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +#See the License for the specific language governing permissions and # +#limitations under the License. # +############################################################################# + +MYIP=$1 +DESTINATION=10.20.0.2 +MYBRIDGE=10.20.0.1 +DESTNETWORK=10.20.0.0/24 +PORTS=(8000 8443) + +for PORT in "${PORTS[@]}"; do + + iptables -I INPUT 2 -d "$MYIP" -p tcp --dport "$PORT" -j ACCEPT + iptables -t nat -I INPUT 1 -d "$MYIP" -p tcp --dport "$PORT" -j ACCEPT + iptables -I FORWARD -p tcp --dport "$PORT" -j ACCEPT + + iptables -t nat -I PREROUTING -p tcp -d "$MYIP" --dport "$PORT" -j DNAT --to-destination "$DESTINATION:$PORT" + iptables -t nat -I POSTROUTING -p tcp -s "$DESTINATION" ! -d "$DESTNETWORK" -j SNAT --to-source "$MYIP" + + iptables -t nat -I POSTROUTING 2 -d "$DESTINATION" -j SNAT --to-source "$MYBRIDGE" +done |