Contents of /trunk/qemu-networking/qemu-networking.in
Parent Directory | Revision Log
Revision 2595 -
(show annotations)
(download)
Tue Mar 4 10:15:02 2014 UTC (10 years, 6 months ago) by niro
File size: 2082 byte(s)
Tue Mar 4 10:15:02 2014 UTC (10 years, 6 months ago) by niro
File size: 2082 byte(s)
-honor systems with firewalld enabled
1 | #!/bin/sh |
2 | |
3 | source @@confddir@@/qemu-networking |
4 | |
5 | checkconfig() |
6 | { |
7 | if [ -z "${VMNETWORK}" ] || |
8 | [ -z "${VMROUTERIP}" ] || |
9 | [ -z "${BRIDGEDEV}" ] || |
10 | [ -z "${TAPDEV}" ] |
11 | then |
12 | logger -s -p daemon.err -t qemu-networking.service \ |
13 | "Qemu Networking not set up, please edit /etc/conf.d/qemu-networking" |
14 | return 1 |
15 | fi |
16 | |
17 | if [ ! -x $(type -P iptables) ] |
18 | then |
19 | logger -s -p daemon.err -t qemu-networking.service \ |
20 | "No 'iptables' executable found, please install 'net-misc/iptables'" |
21 | return 1 |
22 | fi |
23 | |
24 | if [ ! -x $(type -P vde_switch) ] |
25 | then |
26 | logger -s -p daemon.err -t qemu-networking.service \ |
27 | "No 'vde_switch' executable found, please install 'net-misc/vde2'" |
28 | return 1 |
29 | fi |
30 | |
31 | if [ ! -x $(type -P sysctl) ] |
32 | then |
33 | logger -s -p daemon.err -t qemu-networking.service \ |
34 | "No 'sysctl' executable found, please install 'sys-apps/procps'" |
35 | return 1 |
36 | fi |
37 | |
38 | if systemctl --quiet is-active firewalld |
39 | then |
40 | if [ ! -x $(type -P firewall-cmd) ] |
41 | then |
42 | logger -s -p daemon.err -t qemu-networking.service \ |
43 | "No 'firewall-cmd' executable found, please install 'net-misc/firewalld'" |
44 | return 1 |
45 | fi |
46 | fi |
47 | |
48 | return 0 |
49 | } |
50 | |
51 | case $1 in |
52 | start) |
53 | checkconfig || exit 6 |
54 | |
55 | # create interface |
56 | vde_switch -tap ${TAPDEV} -daemon -mod 660 -group kvm -p /var/run/vde-qemu.pid |
57 | ifconfig ${TAPDEV} ${VMROUTERIP} up |
58 | |
59 | # maquerade and forward |
60 | if systemctl --quiet is-active firewalld |
61 | then |
62 | zone="$(firewall-cmd --get-zone-of-interface ${BRIDGEDEV})" |
63 | firewall-cmd --quiet --zone="${zone}" --add-masquerade |
64 | else |
65 | sysctl -q -w net.ipv4.ip_forward=1 |
66 | iptables -t nat -A POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE |
67 | fi |
68 | ;; |
69 | |
70 | stop) |
71 | checkconfig || exit 6 |
72 | |
73 | # masquerade and forward |
74 | if systemctl --quiet is-active firewalld |
75 | then |
76 | zone="$(firewall-cmd --get-zone-of-interface ${BRIDGEDEV})" |
77 | firewall-cmd --quiet --zone="${zone}" --remove-masquerade |
78 | else |
79 | iptables -t nat -D POSTROUTING -s ${VMNETWORK} -o ${BRIDGEDEV} -j MASQUERADE |
80 | fi |
81 | |
82 | # destroy interface |
83 | ifconfig ${TAPDEV} down |
84 | pgrep -f vde_switch | xargs --no-run-if-empty kill -TERM |
85 | ;; |
86 | esac |