Revision edaf6687

b/kvm-ifdown
1
#!/bin/bash
2

  
3
# This is an example of a Ganeti kvm ifup script that configures network
4
# interfaces based on the initial deployment of the Okeanos project
5

  
6
source /etc/default/snf-network
7
source /usr/lib/snf-network/common.sh
8

  
9
FROM=FROM${INTERFACE^^}
10
TO=TO${INTERFACE^^}
11

  
12
if [ "$MODE" = "routed" ]; then
13
  TABLE=$LINK
14
  INDEV=$INTERFACE
15
  DROPDHCPREQCMD="iptables -A FORWARD -D $INTERFACE -p udp --dport 67 -j DROP"
16
elif [ "$MODE" = "bridged" ]; then
17
  brctl delif $BRIDGE $INTERFACE
18
  INDEV=$BRIDGE
19
  DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -D $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"
20
fi
21

  
22

  
23
for tag in $NETWORK_TAGS; do
24
  case $tag in
25
  $IP_LESS_ROUTED_TAG)
26
    try clear_routed_setup_ipv4
27
    try clear_routed_setup_ipv6
28
    try clear_routed_setup_firewall
29
  ;;
30
  $NFDHCPD_TAG)
31
    # Drop unicast BOOTP/DHCP packets
32
    $DROPDHCPREQCMD
33
    try clear_nfdhcpd
34
  ;;
35
  $MAC_FILTERED_TAG)
36
    try clear_ebtables
37
  ;;
38
  esac
39
done
40

  
41
exit 0
b/kvm-ifup
1
#!/bin/bash
2

  
3
# This is an example of a Ganeti kvm ifup script that configures network
4
# interfaces based on the initial deployment of the Okeanos project
5

  
6
source /etc/default/snf-network
7
source /usr/lib/snf-network/common.sh
8

  
9
FROM=FROM${INTERFACE^^}
10
TO=TO${INTERFACE^^}
11

  
12
try clear_routed_setup_ipv4
13
try clear_routed_setup_ipv6
14
try clear_routed_setup_firewall
15
try clear_ebtables
16
try clear_nfdhcpd
17

  
18
if [ "$MODE" = "routed" ]; then
19
  TABLE=$LINK
20
  ip link set $INTERFACE addr $TAP_CONSTANT_MAC up
21
  INDEV=$INTERFACE
22
  DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP"
23
elif [ "$MODE" = "bridged" ]; then
24
  ip link set $INTERFACE up
25
  brctl addif $BRIDGE $INTERFACE
26
  INDEV=$BRIDGE
27
  try init_ebtables
28
  DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"
29
fi
30

  
31

  
32
for tag in $NETWORK_TAGS; do
33
  case $tag in
34
  $IP_LESS_ROUTED_TAG)
35
    try routed_setup_ipv4
36
    try routed_setup_ipv6
37
    try routed_setup_firewall
38
  ;;
39
  $NFDHCPD_TAG)
40
    # Drop unicast BOOTP/DHCP packets
41
    $DROPDHCPREQCMD
42
    try setup_nfdhcpd
43
  ;;
44
  $MAC_FILTERED_TAG)
45
    try setup_ebtables
46
  ;;
47
  $MASQ_TAG)
48
    try setup_masq
49
  ;;
50
  esac
51
done
52

  
53
exit 0
/dev/null
1
#!/bin/bash
2

  
3
# This is an example of a Ganeti kvm ifup script that configures network
4
# interfaces based on the initial deployment of the Okeanos project
5

  
6
source /etc/default/snf-network
7
source /usr/lib/snf-network/common.sh
8

  
9
FROM=FROM${INTERFACE^^}
10
TO=TO${INTERFACE^^}
11

  
12
try clear_routed_setup_ipv4
13
try clear_routed_setup_ipv6
14
try clear_routed_setup_firewall
15
try clear_ebtables
16
try clear_nfdhcpd
17

  
18
if [ "$MODE" = "routed" ]; then
19
  TABLE=$LINK
20
  ip link set $INTERFACE addr $TAP_CONSTANT_MAC up
21
  INDEV=$INTERFACE
22
  DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP"
23
elif [ "$MODE" = "bridged" ]; then
24
  ip link set $INTERFACE up
25
  brctl addif $BRIDGE $INTERFACE
26
  INDEV=$BRIDGE
27
  try init_ebtables
28
  DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"
29
fi
30

  
31

  
32
for tag in $NETWORK_TAGS; do
33
  case $tag in
34
  $IP_LESS_ROUTED_TAG)
35
    try routed_setup_ipv4
36
    try routed_setup_ipv6
37
    try routed_setup_firewall
38
  ;;
39
  $NFDHCPD_TAG)
40
    # Drop unicast BOOTP/DHCP packets
41
    $DROPDHCPREQCMD
42
    try setup_nfdhcpd
43
  ;;
44
  $MAC_FILTERED_TAG)
45
    try setup_ebtables
46
  ;;
47
  $MASQ_TAG)
48
    try setup_masq
49
  ;;
50
  esac
51
done
52

  
53
exit 0

Also available in: Unified diff