Gitiles
Code Review Sign In
osm.etsi.org / osm / devops / 56b568b5d9ead632235a2a3b312b9abd283cffc8 / . / installers / nat_osm
blob: cacec22cc4f24d9040e61eaeb872e22fa62261b6 [file] [log] [blame]
garciadeblas93c61312016-09-28 15:12:48 +0200[diff] [blame]1#!/bin/bash
2# Copyright 2016 Telefónica Investigación y Desarrollo S.A.U.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16############
17# Functions
18############
19usage(){
20 echo -e "usage: $0 [OPTIONS]"
21 echo -e "Install NAT rules for OSM"
22 echo -e " OPTIONS"
23 echo -e " -u: UI/SO (rift) IP address"
24 echo -e " -r: RO (openmano) IP address"
25 echo -e " -v: VCA (juju) IP address"
26 echo -e " -h: show this help"
27}
28
29###################
30# End of functions
31###################
32
33#Check root privileges
34[ "$USER" != "root" ] && echo "Needed root privileges (run with sudo)" >&2 && exit 1
35
36HERE=$(realpath $(dirname $0))
37OSM_DEVOPS=$(dirname $HERE)
38. $OSM_DEVOPS/jenkins/common/all_funcs
39
40#Get default IP address
41. $OSM_DEVOPS/installers/export_ips
42
43UI_IP=$DEFAULT_IP
44RO_IP=$DEFAULT_IP
45VCA_IP=$DEFAULT_IP
46
47#read input options
48while getopts ":u:r:v:h-:" o; do
49 case "${o}" in
50 u)
51 export UI_IP="$OPTARG"
52 ;;
53 r)
54 export RO_IP="$OPTARG"
55 ;;
56 v)
57 export VCA_IP="$OPTARG"
58 ;;
59 h)
60 usage && exit 0
61 ;;
62 -)
63 [ "${OPTARG}" == "help" ] && usage && exit 0
64 echo -e "Invalid option: '--$OPTARG'\nTry $0 --help for more information" >&2
65 exit 1
66 ;;
67 \?)
68 echo -e "Invalid option: '-$OPTARG'\nTry $0 --help for more information" >&2
69 exit 1
70 ;;
71 :)
72 echo -e "Option '-$OPTARG' requires an argument\nTry $0 --help for more information" >&2
73 exit 1
74 ;;
75 *)
76 usage >&2
77 exit -1
78 ;;
79 esac
80done
81
82#############
83# NAT port forwarding configuration
84#############
85echo
86echo "*** Configuring iptables rules ***"
87
88awk -v RO_IP="$RO_IP" -v VCA_IP="$VCA_IP" -v UI_IP="$UI_IP" -v openmano_ip="$RO_CONTAINER_IP" -v rift_ip="$SO_CONTAINER_IP" -v juju_ip="$VCA_CONTAINER_IP" '
89BEGIN {innat=0; innatpre=0; osmpre=0; donepre=0; innatpost=0; osmpost=0; donepost=0}
90/^\*nat/ {
91 innat=1;
92 print;
93 next
94}
95innat==1 && /\:PREROUTING/ {
96 innatpre=1;
97 print;
98 next;
99}
100innatpre==1 && /\#Autogenerated by nat_osm/ {
101 osmpre=1;
102 next;
103}
104osmpre==1 && /#End autogeneration by nat_osm/ {
105 print "#Autogenerated by nat_osm"
106 print "-A PREROUTING -d "RO_IP" -p tcp -m tcp --dport 9090 -j DNAT --to-destination "openmano_ip
107 print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8000 -j DNAT --to-destination "rift_ip
108 print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 4567 -j DNAT --to-destination "rift_ip
109 print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8443 -j DNAT --to-destination "rift_ip
110 #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 443 -j DNAT --to-destination "juju_ip
111 #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 17070 -j DNAT --to-destination "juju_ip
112 print "#End autogeneration by nat_osm"
113 osmpre=0;
114 donepre=1;
115 next;
116}
117osmpre==1 {next;}
118innatpre==1 && /\:INPUT/ {
119 innatpre=0;
120 if (donepre==0) {
121 print "#Autogenerated by nat_osm"
122 print "-A PREROUTING -d "RO_IP" -p tcp -m tcp --dport 9090 -j DNAT --to-destination "openmano_ip
123 print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8000 -j DNAT --to-destination "rift_ip
124 print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 4567 -j DNAT --to-destination "rift_ip
125 print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8443 -j DNAT --to-destination "rift_ip
126 #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 443 -j DNAT --to-destination "juju_ip
127 #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 17070 -j DNAT --to-destination "juju_ip
128 print "#End autogeneration by nat_osm"
129 donepre=1;
130 }
131 print;
132 next;
133}
134
135innat==1 && /\:POSTROUTING/ {
136 innatpost=1;
137 print;
138 next;
139}
140innatpost==1 && /\#Autogenerated by nat_osm/ {
141 osmpost=1;
142 next;
143}
144osmpost==1 && /#End autogeneration by nat_osm/ {
145 #print "#Autogenerated by nat_osm"
146 #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 9090 -d "openmano_ip" -j SNAT --to "UI_IP
147 #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 17070 -d "juju_ip" -j SNAT --to "UI_IP
148 #print "#End autogeneration by nat_osm"
149 osmpost=0;
150 donepost=1;
151 next;
152}
153osmpost==1 {next;}
154innatpost==1 && /COMMIT/ {
155 innatpost=0;
156 innat=0;
157 if (donepost==0) {
158 #print "#Autogenerated by nat_osm"
159 #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 9090 -d "openmano_ip" -j SNAT --to "UI_IP
160 #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 17070 -d "juju_ip" -j SNAT --to "UI_IP
161 #print "#End autogeneration by nat_osm"
162 donepost=1;
163 }
164 print;
165 next;
166}
167{
168 print
169}
170' /etc/iptables/rules.v4 > testfile.tmp && mv testfile.tmp /etc/iptables/rules.v4
171
172service netfilter-persistent restart
173