Commit d7e2a3c5 authored by Guillaume Hervier's avatar Guillaume Hervier

software/kvm: Allow UDP port forward in NAT rules

/reviewed-on nexedi/slapos!380
parent 0a31967f
...@@ -284,7 +284,7 @@ ...@@ -284,7 +284,7 @@
}, },
"nat-rules": { "nat-rules": {
"title": "List of rules for NAT of QEMU user mode network stack.", "title": "List of rules for NAT of QEMU user mode network stack.",
"description": "List of rules for NAT of QEMU user mode network stack, as comma-separated list of ports. For each port specified, it will redirect port x of the VM (example: 80) to the port x + 10000 of the public IPv6 (example: 10080). Defaults to \"22 80 443\". Ignored if \"use-tap\" parameter is enabled.", "description": "List of rules for NAT of QEMU user mode network stack, as comma-separated list of ports (with optional protocol). For each port specified, it will redirect port x of the VM (example: 80, udp:53) to the port x + 10000 of the public IPv6 (example: 10080, udp:10053). Defaults to \"22 80 443\". Ignored if \"use-tap\" parameter is enabled.",
"type": "string" "type": "string"
}, },
"nat-restrict-mode": { "nat-restrict-mode": {
......
...@@ -90,7 +90,7 @@ command = ...@@ -90,7 +90,7 @@ command =
[template] [template]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in url = ${:_profile_base_location_}/instance.cfg.in
md5sum = 5a17fc127190bbc19361c5ffb10711b3 md5sum = 5a17fc127190bbc19361c5ffb10711b3
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
...@@ -99,7 +99,7 @@ recipe = hexagonit.recipe.download ...@@ -99,7 +99,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2 url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2
mode = 644 mode = 644
md5sum = dbf43756c605144f0a3cd829b588d931 md5sum = dbf43756c605144f0a3cd829b588d931
download-only = true download-only = true
on-update = true on-update = true
...@@ -108,7 +108,7 @@ recipe = hexagonit.recipe.download ...@@ -108,7 +108,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in
mode = 644 mode = 644
md5sum = cccabafc001c6df35da95af6bf2ae28e md5sum = cccabafc001c6df35da95af6bf2ae28e
download-only = true download-only = true
on-update = true on-update = true
...@@ -186,7 +186,7 @@ ignore-existing = true ...@@ -186,7 +186,7 @@ ignore-existing = true
url = ${:_profile_base_location_}/template/template-kvm-run.in url = ${:_profile_base_location_}/template/template-kvm-run.in
mode = 644 mode = 644
filename = template-kvm-run.in filename = template-kvm-run.in
md5sum = 887585f23359d136093de42b1ad1d777 md5sum = 0a076a9338ea0c25fa4e7c9369473d8a
download-only = true download-only = true
on-update = true on-update = true
......
...@@ -248,9 +248,21 @@ number = -1 ...@@ -248,9 +248,21 @@ number = -1
if use_nat == 'true': if use_nat == 'true':
number += 1 number += 1
rules = 'user,id=lan%s' % number rules = 'user,id=lan%s' % number
if nat_rules: for rule in nat_rules.split():
rules += ',' + ','.join('hostfwd=tcp:%s:%s-:%s' % (listen_ip, proto = 'tcp'
int(port) + 10000, port) for port in nat_rules.split()) rule = rule.split(':')
if len(rule) == 1:
port = int(rule[0])
elif len(rule) == 2:
proto = rule[0]
port = int(rule[1])
rules += ',hostfwd={proto}:{hostaddr}:{hostport}-:{guestport}'.format(
proto=proto,
hostaddr=listen_ip,
hostport=port + 10000,
guestport=port
)
if httpd_port > 0: if httpd_port > 0:
rules += ',guestfwd=tcp:10.0.2.100:80-cmd:%s %s %s' % (netcat_bin, rules += ',guestfwd=tcp:10.0.2.100:80-cmd:%s %s %s' % (netcat_bin,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment