Commit d7e2a3c5 authored by Guillaume Hervier's avatar Guillaume Hervier

software/kvm: Allow UDP port forward in NAT rules

/reviewed-on nexedi/slapos!380
parent 0a31967f
...@@ -284,7 +284,7 @@ ...@@ -284,7 +284,7 @@
}, },
"nat-rules": { "nat-rules": {
"title": "List of rules for NAT of QEMU user mode network stack.", "title": "List of rules for NAT of QEMU user mode network stack.",
"description": "List of rules for NAT of QEMU user mode network stack, as comma-separated list of ports. For each port specified, it will redirect port x of the VM (example: 80) to the port x + 10000 of the public IPv6 (example: 10080). Defaults to \"22 80 443\". Ignored if \"use-tap\" parameter is enabled.", "description": "List of rules for NAT of QEMU user mode network stack, as comma-separated list of ports (with optional protocol). For each port specified, it will redirect port x of the VM (example: 80, udp:53) to the port x + 10000 of the public IPv6 (example: 10080, udp:10053). Defaults to \"22 80 443\". Ignored if \"use-tap\" parameter is enabled.",
"type": "string" "type": "string"
}, },
"nat-restrict-mode": { "nat-restrict-mode": {
......
...@@ -186,7 +186,7 @@ ignore-existing = true ...@@ -186,7 +186,7 @@ ignore-existing = true
url = ${:_profile_base_location_}/template/template-kvm-run.in url = ${:_profile_base_location_}/template/template-kvm-run.in
mode = 644 mode = 644
filename = template-kvm-run.in filename = template-kvm-run.in
md5sum = 887585f23359d136093de42b1ad1d777 md5sum = 0a076a9338ea0c25fa4e7c9369473d8a
download-only = true download-only = true
on-update = true on-update = true
......
...@@ -248,9 +248,21 @@ number = -1 ...@@ -248,9 +248,21 @@ number = -1
if use_nat == 'true': if use_nat == 'true':
number += 1 number += 1
rules = 'user,id=lan%s' % number rules = 'user,id=lan%s' % number
if nat_rules: for rule in nat_rules.split():
rules += ',' + ','.join('hostfwd=tcp:%s:%s-:%s' % (listen_ip, proto = 'tcp'
int(port) + 10000, port) for port in nat_rules.split()) rule = rule.split(':')
if len(rule) == 1:
port = int(rule[0])
elif len(rule) == 2:
proto = rule[0]
port = int(rule[1])
rules += ',hostfwd={proto}:{hostaddr}:{hostport}-:{guestport}'.format(
proto=proto,
hostaddr=listen_ip,
hostport=port + 10000,
guestport=port
)
if httpd_port > 0: if httpd_port > 0:
rules += ',guestfwd=tcp:10.0.2.100:80-cmd:%s %s %s' % (netcat_bin, rules += ',guestfwd=tcp:10.0.2.100:80-cmd:%s %s %s' % (netcat_bin,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment