Commit d7e2a3c5 authored by Guillaume Hervier's avatar Guillaume Hervier

software/kvm: Allow UDP port forward in NAT rules

/reviewed-on nexedi/slapos!380
parent 0a31967f
......@@ -284,7 +284,7 @@
},
"nat-rules": {
"title": "List of rules for NAT of QEMU user mode network stack.",
"description": "List of rules for NAT of QEMU user mode network stack, as comma-separated list of ports. For each port specified, it will redirect port x of the VM (example: 80) to the port x + 10000 of the public IPv6 (example: 10080). Defaults to \"22 80 443\". Ignored if \"use-tap\" parameter is enabled.",
"description": "List of rules for NAT of QEMU user mode network stack, as comma-separated list of ports (with optional protocol). For each port specified, it will redirect port x of the VM (example: 80, udp:53) to the port x + 10000 of the public IPv6 (example: 10080, udp:10053). Defaults to \"22 80 443\". Ignored if \"use-tap\" parameter is enabled.",
"type": "string"
},
"nat-restrict-mode": {
......
......@@ -90,7 +90,7 @@ command =
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
md5sum = 5a17fc127190bbc19361c5ffb10711b3
md5sum = 5a17fc127190bbc19361c5ffb10711b3
output = ${buildout:directory}/template.cfg
mode = 0644
......@@ -99,7 +99,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2
mode = 644
md5sum = dbf43756c605144f0a3cd829b588d931
md5sum = dbf43756c605144f0a3cd829b588d931
download-only = true
on-update = true
......@@ -108,7 +108,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in
mode = 644
md5sum = cccabafc001c6df35da95af6bf2ae28e
md5sum = cccabafc001c6df35da95af6bf2ae28e
download-only = true
on-update = true
......@@ -186,7 +186,7 @@ ignore-existing = true
url = ${:_profile_base_location_}/template/template-kvm-run.in
mode = 644
filename = template-kvm-run.in
md5sum = 887585f23359d136093de42b1ad1d777
md5sum = 0a076a9338ea0c25fa4e7c9369473d8a
download-only = true
on-update = true
......
......@@ -248,9 +248,21 @@ number = -1
if use_nat == 'true':
number += 1
rules = 'user,id=lan%s' % number
if nat_rules:
rules += ',' + ','.join('hostfwd=tcp:%s:%s-:%s' % (listen_ip,
int(port) + 10000, port) for port in nat_rules.split())
for rule in nat_rules.split():
proto = 'tcp'
rule = rule.split(':')
if len(rule) == 1:
port = int(rule[0])
elif len(rule) == 2:
proto = rule[0]
port = int(rule[1])
rules += ',hostfwd={proto}:{hostaddr}:{hostport}-:{guestport}'.format(
proto=proto,
hostaddr=listen_ip,
hostport=port + 10000,
guestport=port
)
if httpd_port > 0:
rules += ',guestfwd=tcp:10.0.2.100:80-cmd:%s %s %s' % (netcat_bin,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment