Statistics
| Branch: | Tag: | Revision:

root / kvm-ifup @ edaf6687

History | View | Annotate | Download (1.2 kB)

1 cf51ea5b Dimitris Aragiorgis
#!/bin/bash
2 cf51ea5b Dimitris Aragiorgis
3 cf51ea5b Dimitris Aragiorgis
# This is an example of a Ganeti kvm ifup script that configures network
4 cf51ea5b Dimitris Aragiorgis
# interfaces based on the initial deployment of the Okeanos project
5 cf51ea5b Dimitris Aragiorgis
6 4ae972e7 Dimitris Aragiorgis
source /etc/default/snf-network
7 38305e4c Dimitris Aragiorgis
source /usr/lib/snf-network/common.sh
8 d2b16e51 Dimitris Aragiorgis
9 38305e4c Dimitris Aragiorgis
FROM=FROM${INTERFACE^^}
10 38305e4c Dimitris Aragiorgis
TO=TO${INTERFACE^^}
11 673de0e4 Dimitris Aragiorgis
12 38305e4c Dimitris Aragiorgis
try clear_routed_setup_ipv4
13 38305e4c Dimitris Aragiorgis
try clear_routed_setup_ipv6
14 38305e4c Dimitris Aragiorgis
try clear_routed_setup_firewall
15 38305e4c Dimitris Aragiorgis
try clear_ebtables
16 38305e4c Dimitris Aragiorgis
try clear_nfdhcpd
17 2b9e52e1 Dimitris Aragiorgis
18 cf51ea5b Dimitris Aragiorgis
if [ "$MODE" = "routed" ]; then
19 2e8a73e0 Dimitris Aragiorgis
  TABLE=$LINK
20 9bd377b2 Dimitris Aragiorgis
  ip link set $INTERFACE addr $TAP_CONSTANT_MAC up
21 9bd377b2 Dimitris Aragiorgis
  INDEV=$INTERFACE
22 3f384d88 Dimitris Aragiorgis
  DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP"
23 cf51ea5b Dimitris Aragiorgis
elif [ "$MODE" = "bridged" ]; then
24 9bd377b2 Dimitris Aragiorgis
  ip link set $INTERFACE up
25 7ff50e40 Dimitris Aragiorgis
  brctl addif $BRIDGE $INTERFACE
26 9bd377b2 Dimitris Aragiorgis
  INDEV=$BRIDGE
27 38305e4c Dimitris Aragiorgis
  try init_ebtables
28 996a6beb Dimitris Aragiorgis
  DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"
29 d2b16e51 Dimitris Aragiorgis
fi
30 9bd377b2 Dimitris Aragiorgis
31 9bd377b2 Dimitris Aragiorgis
32 9bd377b2 Dimitris Aragiorgis
for tag in $NETWORK_TAGS; do
33 9bd377b2 Dimitris Aragiorgis
  case $tag in
34 c0bb4267 Dimitris Aragiorgis
  $IP_LESS_ROUTED_TAG)
35 38305e4c Dimitris Aragiorgis
    try routed_setup_ipv4
36 38305e4c Dimitris Aragiorgis
    try routed_setup_ipv6
37 38305e4c Dimitris Aragiorgis
    try routed_setup_firewall
38 9bd377b2 Dimitris Aragiorgis
  ;;
39 c0bb4267 Dimitris Aragiorgis
  $NFDHCPD_TAG)
40 9bd377b2 Dimitris Aragiorgis
    # Drop unicast BOOTP/DHCP packets
41 38305e4c Dimitris Aragiorgis
    $DROPDHCPREQCMD
42 38305e4c Dimitris Aragiorgis
    try setup_nfdhcpd
43 9bd377b2 Dimitris Aragiorgis
  ;;
44 c0bb4267 Dimitris Aragiorgis
  $MAC_FILTERED_TAG)
45 38305e4c Dimitris Aragiorgis
    try setup_ebtables
46 9bd377b2 Dimitris Aragiorgis
  ;;
47 c0bb4267 Dimitris Aragiorgis
  $MASQ_TAG)
48 38305e4c Dimitris Aragiorgis
    try setup_masq
49 9bd377b2 Dimitris Aragiorgis
  ;;
50 9bd377b2 Dimitris Aragiorgis
  esac
51 9bd377b2 Dimitris Aragiorgis
done
52 9bd377b2 Dimitris Aragiorgis
53 af5ded08 Dimitris Aragiorgis
exit 0