-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathnat-vm
More file actions
executable file
·60 lines (53 loc) · 1.52 KB
/
nat-vm
File metadata and controls
executable file
·60 lines (53 loc) · 1.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/bin/bash
function show_usage() {
echo "Basic usage: $0 [-i <iface>] [-d] <vm_ip>"
echo "Example: $0 -i eth0 192.168.56.10"
echo "default interface: eth0"
echo "-d = remove configuration"
exit 0
}
remove="0"
# argument parsing
# see: https://stackoverflow.com/questions/192249/how-do-i-parse-command-line-arguments-in-bash
POSITIONAL=()
while [[ $# -gt 0 ]] ; do
key="$1"
case $key in
-h)
show_usage
;;
-i)
argiface="$2"
shift # past argument
shift # past value
;;
-d)
remove="1"
shift # past argument
;;
*) # unknown option
POSITIONAL+=("$1") # save it in an array for later
shift # past argument
;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters
iface=eth0
if [[ "x$argiface" != "x" ]]; then
iface="$argiface"
fi
vm_ip="${POSITIONAL[0]}"
[[ -z $vm_ip ]] && show_usage
if [[ "x$remove" == "x0" ]] ; then
sudo bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
sudo iptables -I FORWARD -s "$vm_ip" -j ACCEPT
sudo iptables -I FORWARD -d "$vm_ip" -j ACCEPT
sudo iptables -A POSTROUTING -t nat -o "$iface" -j MASQUERADE
else
sudo iptables -D POSTROUTING -t nat -o "$iface" -j MASQUERADE
sudo iptables -D FORWARD -d "$vm_ip" -j ACCEPT
sudo iptables -D FORWARD -s "$vm_ip" -j ACCEPT
# do not remove forwading by default
# just in case it is used for something else
#sudo bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
fi