35 |
return 1 |
return 1 |
36 |
fi |
fi |
37 |
|
|
38 |
|
if systemctl --quiet is-active firewalld |
39 |
|
then |
40 |
|
if [ ! -x $(type -P firewall-cmd) ] |
41 |
|
then |
42 |
|
logger -s -p daemon.err -t qemu-networking.service \ |
43 |
|
"No 'firewall-cmd' executable found, please install 'net-misc/firewalld'" |
44 |
|
return 1 |
45 |
|
fi |
46 |
|
fi |
47 |
|
|
48 |
return 0 |
return 0 |
49 |
} |
} |
50 |
|
|
57 |
ifconfig ${TAPDEV} ${VMROUTERIP} up |
ifconfig ${TAPDEV} ${VMROUTERIP} up |
58 |
|
|
59 |
# maquerade and forward |
# maquerade and forward |
60 |
sysctl -q -w net.ipv4.ip_forward=1 |
if systemctl --quiet is-active firewalld |
61 |
iptables -t nat -A POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE |
then |
62 |
|
zone="$(firewall-cmd --get-zone-of-interface ${BRIDGEDEV})" |
63 |
|
firewall-cmd --quiet --zone="${zone}" --add-masquerade |
64 |
|
else |
65 |
|
sysctl -q -w net.ipv4.ip_forward=1 |
66 |
|
iptables -t nat -A POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE |
67 |
|
fi |
68 |
;; |
;; |
69 |
|
|
70 |
stop) |
stop) |
71 |
checkconfig || exit 6 |
checkconfig || exit 6 |
72 |
|
|
73 |
# masquerade and forward |
# masquerade and forward |
74 |
iptables -t nat -D POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE |
if systemctl --quiet is-active firewalld |
75 |
|
then |
76 |
|
zone="$(firewall-cmd --get-zone-of-interface ${BRIDGEDEV})" |
77 |
|
firewall-cmd --quiet --zone="${zone}" --remove-masquerade |
78 |
|
else |
79 |
|
iptables -t nat -D POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE |
80 |
|
fi |
81 |
|
|
82 |
# destroy interface |
# destroy interface |
83 |
ifconfig ${TAPDEV} down |
ifconfig ${TAPDEV} down |
84 |
kill -15 $(< /var/run/vde-qemu.pid) |
pgrep -f vde_switch | xargs --no-run-if-empty kill -TERM |
85 |
;; |
;; |
86 |
esac |
esac |