| peusterm | f165242 | 2016-06-21 08:48:17 +0200 | [diff] [blame] | 1 | #! /bin/bash |
| 2 | |
| 3 | #This gives time to the Dockernet to configure the network namespace of the container |
| 4 | sleep 3 |
| 5 | |
| 6 | echo "Ubuntu started" |
| 7 | echo "start ovs" |
| 8 | service openvswitch-switch start |
| 9 | |
| 10 | NAME='fw' |
| 11 | |
| 12 | #echo "setup ovs bridge" |
| 13 | ovs-vsctl add-br $NAME |
| 14 | #ovs-vsctl set bridge $NAME datapath_type=netdev |
| 15 | ovs-vsctl set bridge $NAME protocols=OpenFlow10,OpenFlow12,OpenFlow13 |
| 16 | #ovs-vsctl set-fail-mode $NAME secure |
| 17 | #ovs-vsctl set bridge $NAME other_config:disable-in-band=true |
| 18 | |
| 19 | ovs-vsctl add-port $NAME ${NAME}-eth0 |
| 20 | |
| 21 | #send out through same interface, on single port |
| 22 | ovs-ofctl add-flow $NAME 'in_port=1,action=in_port' |
| 23 | |
| 24 | # iptables -I FORWARD -m physdev --physdev-in eth0 --physdev-out eth1 -d 8.8.8.8 -j DROP |
| 25 | |
| 26 | echo "Firewall started" |