zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-05 16:57:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
cc8037c921823f562a4078d0a7bf303f117e145f
netmaker/serverctl/iptables.go
afeiszli cc8037c921 initial commit of iptables functionality
2022-01-25 11:58:51 -05:00

61 lines
1.3 KiB
Go
Raw Blame History

package serverctl
import (
"net"
"os/exec"
"strings"
"github.com/gravitl/netmaker/netclient/ncutils"
"github.com/gravitl/netmaker/servercfg"
)
// InitServerNetclient - intializes the server netclient
func InitIPTables() error {
_, err := exec.LookPath("iptables")
if err != nil {
return err
}
setForwardPolicy()
portForwardServices()
return nil
}
func portForwardServices() {
services := servercfg.GetPortForwardServiceList()
for _, service := range services {
switch service {
case "mq":
iptablesPortForward("mq", "1883", false)
case "dns":
iptablesPortForward("mq", "1883", false)
case "ssh":
iptablesPortForward("127.0.0.1", "22", true)
default:
params := strings.Split(service, ":")
iptablesPortForward(params[0], params[1], true)
}
}
}
func setForwardPolicy() {
ncutils.RunCmd("iptables --policy FORWARD ACCEPT", true)
}
func iptablesPortForward(entry string, port string, isIP bool) {
var address string
if !isIP {
ips, _ := net.LookupIP(entry)
for _, ip := range ips {
if ipv4 := ip.To4(); ipv4 != nil {
address = ip.String()
break
}
}
} else {
address = entry
}
ncutils.RunCmd("iptables -t nat -A PREROUTING -p tcp --dport "+port+" -j DNAT --to-destination "+address+":"+port, true)
ncutils.RunCmd("iptables -t nat -A POSTROUTING -j MASQUERADE", true)
}
Reference in New Issue View Git Blame Copy Permalink