apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
cloudstack/patches/systemvm/debian/config/opt/cloud/bin/guestnw.sh
anthony c75fe80125 VPC : use routerProxy to call networkUsage.sh 
Conflicts:

	core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
2012-06-15 14:25:21 -07:00

173 lines
4.3 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Copyright 2012 Citrix Systems, Inc. Licensed under the
# Apache License, Version 2.0 (the "License"); you may not use this
# file except in compliance with the License. Citrix Systems, Inc.
# reserves all rights not expressly granted by the License.
# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Automatically generated by addcopyright.py at 04/03/2012
# guestnw.sh -- create/destroy guest network
# @VERSION@
source /root/func.sh
lock="biglock"
locked=$(getLockFile $lock)
if [ "$locked" != "1" ]
then
exit 1
fi
usage() {
printf "Usage:\n %s -A -c <dev> -g <gateway> -m <network mask> -d <dns ip> -r <dhcp ip range> [-f] \n" $(basename $0) >&2
printf " %s -D -c <dev> \n" $(basename $0) >&2
}
setup_dnsmasq() {
loger -t cloud "Setting up dnsmasq for network $ip/$mask "
sed -i -e "/^[#]*dhcp-range=interface:$dev/d" /etc/dnsmasq.d/cloud.conf
echo "dhcp-range=interface:$dev,set:interface-$dev,$ip,static/" >> /etc/dnsmasq.d/cloud.conf
sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,option:router.*$/d" /etc/dnsmasq.d/cloud.conf
if [ -n "$gw" ]
then
echo "dhcp-option=tag:interface-$dev,option:router,$gw" >> /etc/dnsmasq.d/cloud.conf
fi
sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,6.*$/d" /etc/dnsmasq.d/cloud.conf
if [ -n "$NS" ]
then
echo "dhcp-option=tag:interface-$dev,6,$NS" >> /etc/dnsmasq.d/cloud.conf
fi
service dnsmasq restart
sleep 1
}
desetup_dnsmasq() {
loger -t cloud "Setting up dnsmasq for network $ip/$mask "
sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,option:router.*$/d" /etc/dnsmasq.d/cloud.conf
sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,6.*$/d" /etc/dnsmasq.d/cloud.conf
sed -i -e "/^[#]*dhcp-range=interface:$dev/d" /etc/dnsmasq.d/cloud.conf
service dnsmasq restart
sleep 1
}
create_guest_network() {
logger -t cloud " $(basename $0): Create network on interface $dev, gateway $gw, network $ip/$mask "
sudo ip addr add $dev $ip/$mask
# create inbound acl chain
if sudo iptables -N ACL_INBOUND_$ip 2>/dev/null
then
logger -t cloud "$(basename $0): create VPC inbound acl chain for network $ip/$mask"
# policy drop
sudo iptables -A ACL_INBOUND_$ip DROP >/dev/null
sudo iptables -A FORWARD -o $dev -d $ip/$mask -j ACL_INBOUND_$ip
fi
# create outbound acl chain
if sudo iptables -N ACL_OUTBOUND_$ip 2>/dev/null
then
logger -t cloud "$(basename $0): create VPC outbound acl chain for network $ip/$mask"
sudo iptables -A ACL_OUTBOUND_$ip DROP >/dev/null
sudo iptables -A FORWARD -i $dev -s $ip/$mask -j ACL_OUTBOUND_$ip
fi
setup_dnsmasq
}
destroy_guest_network() {
logger -t cloud " $(basename $0): Create network on interface $dev, gateway $gw, network $ip/$mask "
# destroy inbound acl chain
sudo iptables -F ACL_INBOUND_$ip 2>/dev/null
sudo iptables -D FORWARD -o $dev -d $ip/$mask -j ACL_INBOUND_$ip 2>/dev/null
sudo iptables -X ACL_INBOUND_$ip 2>/dev/null
# destroy outbound acl chain
sudo iptables -F ACL_OUTBOUND_$ip 2>/dev/null
sudo iptables -D FORWARD -i $dev -s $ip/$mask -j ACL_OUTBOUND_$ip 2>/dev/null
sudo iptables -X ACL_OUTBOUND_$ip 2>/dev/null
desetup_dnsmasq
}
#set -x
nflag=0
dflag=
cflag=
gflag=
Cflag=
Dflag=
op=""
while getopts 'CDg:n:m:c:v' OPTION
do
case $OPTION in
C) Cflag=1
op="-C"
;;
D) Dflag=1
op="-D"
;;
n) nflag=1
network="$OPTAGR"
;;
c) mflag=1
mask="$OPTARG"
;;
d) dflag=1
dev="$OPTARG"
;;
v) iflag=1
ip="$OPTARG"
;;
g) gflag=1
gw="$OPTARG"
;;
s) sflag=1
DNS="$OPTARG"
;;
?) usage
unlock_exit 2 $lock $locked
;;
esac
done
if [ "$Cflag$Dflag$cflag" != "11" ]
then
usage
unlock_exit 2 $lock $locked
fi
if [ "$Cflag" == "1" ] && ["$dflag$iflag$gflag$mflag" != "1111" ]
then
usage
unlock_exit 2 $lock $locked
fi
if [ "$Cflag" == "1" ]
then
create_guest_network
fi
if [ "$Dflag" == "1" ]
then
destroy_guest_network
fi
unlock_exit 0 $lock $locked
Reference in New Issue View Git Blame Copy Permalink