Statistics
| Branch: | Tag: | Revision:

root / kvm-vif-bridge @ aeaafeb9

History | View | Annotate | Download (1.4 kB)

1
#!/bin/bash
2

    
3
# This is an example of a Ganeti kvm ifup script that configures network
4
# interfaces based on the initial deployment of the Okeanos project
5

    
6
source /etc/default/snf-network
7
source /usr/lib/snf-network/common.sh
8

    
9
FROM=FROM${INTERFACE^^}
10
TO=TO${INTERFACE^^}
11

    
12
try clear_routed_setup_ipv4
13
try clear_routed_setup_ipv6
14
try clear_routed_setup_firewall
15
try clear_ebtables
16
try clear_nfdhcpd
17

    
18
if [ "$MODE" = "routed" ]; then
19
  TABLE=$LINK
20
  ip link set $INTERFACE addr $TAP_CONSTANT_MAC up
21
  INDEV=$INTERFACE
22
  # DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP"
23
elif [ "$MODE" = "bridged" ]; then
24
  ip link set $INTERFACE up
25
  brctl addif $BRIDGE $INTERFACE
26
  INDEV=$BRIDGE
27
  # nfdhcpd creates responses with src mac the mac of indec
28
  INDEV_MAC=$(cat /sys/class/net/$INDEV/address)
29
  # DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"
30
fi
31

    
32

    
33
for tag in $NETWORK_TAGS; do
34
  case $tag in
35
  $IP_LESS_ROUTED_TAG)
36
    try routed_setup_ipv4
37
    try routed_setup_ipv6
38
    try routed_setup_firewall
39
    try send_garp
40
  ;;
41
  $NFDHCPD_TAG)
42
    # Drop unicast BOOTP/DHCP packets
43
    # $DROPDHCPREQCMD
44
    try setup_nfdhcpd
45
  ;;
46
  $MAC_FILTERED_TAG)
47
    try init_ebtables
48
    try setup_ebtables
49
  ;;
50
  $MASQ_TAG)
51
    try setup_masq
52
  ;;
53
  esac
54
done
55

    
56
if [ -x "$IFUP_EXTRA_SCRIPT" ]; then
57
  exec $IFUP_EXTRA_SCRIPT "$@"
58
fi
59

    
60
exit 0