Changeset 2874 for trunk/packages/invirt-web/files/etc/invirt-iptables
- Timestamp:
- Jan 14, 2010, 2:35:11 PM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/packages/invirt-web/files/etc/invirt-iptables/rules.d/50-invirt-web.mako
r2863 r2874 2 2 3 3 from invirt.config import structs as cfg 4 h _port = cfg.vnc.base_port5 port = cfg.vnc.base_port4 host_port = cfg.vnc.base_port 5 server_port = host_port 6 6 7 7 %>\ … … 11 11 :OUTPUT ACCEPT [8:674] 12 12 % for h in cfg.hosts: 13 -A PREROUTING -s ! ${h.ip} -i eth0 -p tcp -m tcp --dport ${ port} -j DNAT --to-destination ${h.ip}:${h_port}14 -A POSTROUTING -d ${h.ip} -o eth0 -p tcp -m tcp --dport ${h _port} -j SNAT --to-source ${cfg.vnc.proxy_ip}15 <% port += 1 %>13 -A PREROUTING -s ! ${h.ip} -i eth0 -p tcp -m tcp --dport ${server_port} -j DNAT --to-destination ${h.ip}:${host_port} 14 -A POSTROUTING -d ${h.ip} -o eth0 -p tcp -m tcp --dport ${host_port} -j SNAT --to-source ${cfg.vnc.proxy_ip} 15 <% server_port += 1 %>\ 16 16 % endfor 17 17 COMMIT … … 22 22 :OUTPUT ACCEPT [292:53151] 23 23 % for h in cfg.hosts: 24 -A FORWARD -d ${h.ip} -i eth0 -o eth0 -p tcp -m tcp --dport ${h _port} -j ACCEPT24 -A FORWARD -d ${h.ip} -i eth0 -o eth0 -p tcp -m tcp --dport ${host_port} -j ACCEPT 25 25 % endfor 26 26 COMMIT
Note: See TracChangeset
for help on using the changeset viewer.