root / kvm-ifdown @ edaf6687
History | View | Annotate | Download (968 Bytes)
| 1 | cf51ea5b | Dimitris Aragiorgis | #!/bin/bash |
|---|---|---|---|
| 2 | cf51ea5b | Dimitris Aragiorgis | |
| 3 | cf51ea5b | Dimitris Aragiorgis | # This is an example of a Ganeti kvm ifup script that configures network |
| 4 | cf51ea5b | Dimitris Aragiorgis | # interfaces based on the initial deployment of the Okeanos project |
| 5 | cf51ea5b | Dimitris Aragiorgis | |
| 6 | 4ae972e7 | Dimitris Aragiorgis | source /etc/default/snf-network |
| 7 | 38305e4c | Dimitris Aragiorgis | source /usr/lib/snf-network/common.sh |
| 8 | d2b16e51 | Dimitris Aragiorgis | |
| 9 | 38305e4c | Dimitris Aragiorgis | FROM=FROM${INTERFACE^^}
|
| 10 | 38305e4c | Dimitris Aragiorgis | TO=TO${INTERFACE^^}
|
| 11 | 673de0e4 | Dimitris Aragiorgis | |
| 12 | cf51ea5b | Dimitris Aragiorgis | if [ "$MODE" = "routed" ]; then |
| 13 | 2e8a73e0 | Dimitris Aragiorgis | TABLE=$LINK |
| 14 | 9bd377b2 | Dimitris Aragiorgis | INDEV=$INTERFACE |
| 15 | edaf6687 | Dimitris Aragiorgis | DROPDHCPREQCMD="iptables -A FORWARD -D $INTERFACE -p udp --dport 67 -j DROP" |
| 16 | cf51ea5b | Dimitris Aragiorgis | elif [ "$MODE" = "bridged" ]; then |
| 17 | edaf6687 | Dimitris Aragiorgis | brctl delif $BRIDGE $INTERFACE |
| 18 | 9bd377b2 | Dimitris Aragiorgis | INDEV=$BRIDGE |
| 19 | edaf6687 | Dimitris Aragiorgis | DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -D $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP" |
| 20 | d2b16e51 | Dimitris Aragiorgis | fi |
| 21 | 9bd377b2 | Dimitris Aragiorgis | |
| 22 | 9bd377b2 | Dimitris Aragiorgis | |
| 23 | 9bd377b2 | Dimitris Aragiorgis | for tag in $NETWORK_TAGS; do |
| 24 | 9bd377b2 | Dimitris Aragiorgis | case $tag in |
| 25 | c0bb4267 | Dimitris Aragiorgis | $IP_LESS_ROUTED_TAG) |
| 26 | edaf6687 | Dimitris Aragiorgis | try clear_routed_setup_ipv4 |
| 27 | edaf6687 | Dimitris Aragiorgis | try clear_routed_setup_ipv6 |
| 28 | edaf6687 | Dimitris Aragiorgis | try clear_routed_setup_firewall |
| 29 | 9bd377b2 | Dimitris Aragiorgis | ;; |
| 30 | c0bb4267 | Dimitris Aragiorgis | $NFDHCPD_TAG) |
| 31 | 9bd377b2 | Dimitris Aragiorgis | # Drop unicast BOOTP/DHCP packets |
| 32 | 38305e4c | Dimitris Aragiorgis | $DROPDHCPREQCMD |
| 33 | edaf6687 | Dimitris Aragiorgis | try clear_nfdhcpd |
| 34 | 9bd377b2 | Dimitris Aragiorgis | ;; |
| 35 | c0bb4267 | Dimitris Aragiorgis | $MAC_FILTERED_TAG) |
| 36 | edaf6687 | Dimitris Aragiorgis | try clear_ebtables |
| 37 | 9bd377b2 | Dimitris Aragiorgis | ;; |
| 38 | 9bd377b2 | Dimitris Aragiorgis | esac |
| 39 | 9bd377b2 | Dimitris Aragiorgis | done |
| 40 | 9bd377b2 | Dimitris Aragiorgis | |
| 41 | af5ded08 | Dimitris Aragiorgis | exit 0 |