|
Last change
on this file since 1255 was
1255,
checked in by price, 16 years ago
|
|
sipb-xen-iptables -> invirt-web-iptables
|
|
File size:
656 bytes
|
| Line | |
|---|
| 1 | <% |
|---|
| 2 | |
|---|
| 3 | from invirt.config import structs as cfg |
|---|
| 4 | h_port = cfg.vnc.base_port |
|---|
| 5 | port = cfg.vnc.base_port |
|---|
| 6 | |
|---|
| 7 | %>\ |
|---|
| 8 | *nat |
|---|
| 9 | :PREROUTING ACCEPT [5:300] |
|---|
| 10 | :POSTROUTING ACCEPT [8:674] |
|---|
| 11 | :OUTPUT ACCEPT [8:674] |
|---|
| 12 | % for h in cfg.hosts: |
|---|
| 13 | -A PREROUTING -s ! ${h.ip} -i eth0 -p tcp -m tcp --dport ${port} -j DNAT --to-destination ${h.ip}:${h_port} |
|---|
| 14 | -A POSTROUTING -d ${h.ip} -o eth0 -p tcp -m tcp --dport ${h_port} -j SNAT --to-source ${cfg.vnc.proxy_ip} |
|---|
| 15 | <% port += 1 %> |
|---|
| 16 | % endfor |
|---|
| 17 | COMMIT |
|---|
| 18 | |
|---|
| 19 | *filter |
|---|
| 20 | :INPUT ACCEPT [366:44912] |
|---|
| 21 | :FORWARD ACCEPT [0:0] |
|---|
| 22 | :OUTPUT ACCEPT [292:53151] |
|---|
| 23 | % for h in cfg.hosts: |
|---|
| 24 | -A FORWARD -d ${h.ip} -i eth0 -o eth0 -p tcp -m tcp --dport ${h_port} -j ACCEPT |
|---|
| 25 | % endfor |
|---|
| 26 | COMMIT |
|---|
Note: See
TracBrowser
for help on using the repository browser.
