Annotation of /trunk/qemu-networking/qemu-networking.in
Parent Directory
| 
Revision Log
Revision 2595 -
(hide annotations)
(download)
Tue Mar 4 10:15:02 2014 UTC (10 years, 2 months ago) by niro
File size: 2082 byte(s)
Tue Mar 4 10:15:02 2014 UTC (10 years, 2 months ago) by niro
File size: 2082 byte(s)
-honor systems with firewalld enabled
| 1 | niro | 1822 | #!/bin/sh |
| 2 | |||
| 3 | source @@confddir@@/qemu-networking | ||
| 4 | |||
| 5 | checkconfig() | ||
| 6 | { | ||
| 7 | if [ -z "${VMNETWORK}" ] || | ||
| 8 | [ -z "${VMROUTERIP}" ] || | ||
| 9 | [ -z "${BRIDGEDEV}" ] || | ||
| 10 | [ -z "${TAPDEV}" ] | ||
| 11 | then | ||
| 12 | logger -s -p daemon.err -t qemu-networking.service \ | ||
| 13 | "Qemu Networking not set up, please edit /etc/conf.d/qemu-networking" | ||
| 14 | return 1 | ||
| 15 | fi | ||
| 16 | |||
| 17 | niro | 2202 | if [ ! -x $(type -P iptables) ] |
| 18 | niro | 1822 | then |
| 19 | logger -s -p daemon.err -t qemu-networking.service \ | ||
| 20 | "No 'iptables' executable found, please install 'net-misc/iptables'" | ||
| 21 | return 1 | ||
| 22 | fi | ||
| 23 | |||
| 24 | niro | 2202 | if [ ! -x $(type -P vde_switch) ] |
| 25 | niro | 1822 | then |
| 26 | logger -s -p daemon.err -t qemu-networking.service \ | ||
| 27 | "No 'vde_switch' executable found, please install 'net-misc/vde2'" | ||
| 28 | return 1 | ||
| 29 | fi | ||
| 30 | |||
| 31 | niro | 2202 | if [ ! -x $(type -P sysctl) ] |
| 32 | niro | 1822 | then |
| 33 | logger -s -p daemon.err -t qemu-networking.service \ | ||
| 34 | "No 'sysctl' executable found, please install 'sys-apps/procps'" | ||
| 35 | return 1 | ||
| 36 | fi | ||
| 37 | |||
| 38 | niro | 2595 | if systemctl --quiet is-active firewalld |
| 39 | then | ||
| 40 | if [ ! -x $(type -P firewall-cmd) ] | ||
| 41 | then | ||
| 42 | logger -s -p daemon.err -t qemu-networking.service \ | ||
| 43 | "No 'firewall-cmd' executable found, please install 'net-misc/firewalld'" | ||
| 44 | return 1 | ||
| 45 | fi | ||
| 46 | fi | ||
| 47 | |||
| 48 | niro | 1822 | return 0 |
| 49 | } | ||
| 50 | |||
| 51 | case $1 in | ||
| 52 | start) | ||
| 53 | checkconfig || exit 6 | ||
| 54 | |||
| 55 | # create interface | ||
| 56 | vde_switch -tap ${TAPDEV} -daemon -mod 660 -group kvm -p /var/run/vde-qemu.pid | ||
| 57 | ifconfig ${TAPDEV} ${VMROUTERIP} up | ||
| 58 | |||
| 59 | # maquerade and forward | ||
| 60 | niro | 2595 | if systemctl --quiet is-active firewalld |
| 61 | then | ||
| 62 | zone="$(firewall-cmd --get-zone-of-interface ${BRIDGEDEV})" | ||
| 63 | firewall-cmd --quiet --zone="${zone}" --add-masquerade | ||
| 64 | else | ||
| 65 | sysctl -q -w net.ipv4.ip_forward=1 | ||
| 66 | iptables -t nat -A POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE | ||
| 67 | fi | ||
| 68 | niro | 1822 | ;; |
| 69 | |||
| 70 | stop) | ||
| 71 | checkconfig || exit 6 | ||
| 72 | |||
| 73 | niro | 2201 | # masquerade and forward |
| 74 | niro | 2595 | if systemctl --quiet is-active firewalld |
| 75 | then | ||
| 76 | zone="$(firewall-cmd --get-zone-of-interface ${BRIDGEDEV})" | ||
| 77 | firewall-cmd --quiet --zone="${zone}" --remove-masquerade | ||
| 78 | else | ||
| 79 | iptables -t nat -D POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE | ||
| 80 | fi | ||
| 81 | niro | 1822 | |
| 82 | # destroy interface | ||
| 83 | ifconfig ${TAPDEV} down | ||
| 84 | niro | 2594 | pgrep -f vde_switch | xargs --no-run-if-empty kill -TERM |
| 85 | niro | 1822 | ;; |
| 86 | esac |