X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Fnat_osm;h=e12a123f95e372af36bf4685ee6f1d1c85ec5017;hb=HEAD;hp=c0aac904185b5ee86f9ec20ea73f437a0e16ef74;hpb=0a4caa0c40662a6ef277a8547e711d321dd883d9;p=osm%2Fdevops.git diff --git a/installers/nat_osm b/installers/nat_osm index c0aac904..e12a123f 100755 --- a/installers/nat_osm +++ b/installers/nat_osm @@ -23,6 +23,7 @@ usage(){ echo -e " -u: UI/SO (rift) IP address" echo -e " -r: RO (openmano) IP address" echo -e " -v: VCA (juju) IP address" + echo -e " -m: MON IP address" echo -e " -h: show this help" } @@ -35,8 +36,7 @@ usage(){ HERE=$(realpath $(dirname $0)) OSM_DEVOPS=$(dirname $HERE) -OSM_JENKINS="$OSM_DEVOPS/jenkins" -. $OSM_JENKINS/common/all_funcs +. $OSM_DEVOPS/common/all_funcs #Get default IP address . $OSM_DEVOPS/installers/export_ips @@ -44,6 +44,7 @@ OSM_JENKINS="$OSM_DEVOPS/jenkins" UI_IP=$DEFAULT_IP RO_IP=$DEFAULT_IP VCA_IP=$DEFAULT_IP +MON_IP=$DEFAULT_IP #read input options while getopts ":u:r:v:h-:" o; do @@ -86,7 +87,7 @@ done echo echo "*** Configuring iptables rules ***" -awk -v RO_IP="$RO_IP" -v VCA_IP="$VCA_IP" -v UI_IP="$UI_IP" -v openmano_ip="$RO_CONTAINER_IP" -v rift_ip="$SO_CONTAINER_IP" -v juju_ip="$VCA_CONTAINER_IP" ' +awk -v RO_IP="$RO_IP" -v VCA_IP="$VCA_IP" -v UI_IP="$UI_IP" -v openmano_ip="$RO_CONTAINER_IP" -v MON_IP="$MON_IP" -v rift_ip="$SO_CONTAINER_IP" -v juju_ip="$VCA_CONTAINER_IP" ' BEGIN {innat=0; innatpre=0; osmpre=0; donepre=0; innatpost=0; osmpost=0; donepost=0} /^\*nat/ { innat=1; @@ -106,8 +107,10 @@ osmpre==1 && /#End autogeneration by nat_osm/ { print "#Autogenerated by nat_osm" print "-A PREROUTING -d "RO_IP" -p tcp -m tcp --dport 9090 -j DNAT --to-destination "openmano_ip print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8000 -j DNAT --to-destination "rift_ip - print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 4567 -j DNAT --to-destination "rift_ip print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8443 -j DNAT --to-destination "rift_ip + print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8008 -j DNAT --to-destination "rift_ip + print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8009 -j DNAT --to-destination "rift_ip + print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 80 -j DNAT --to-destination "rift_ip #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 443 -j DNAT --to-destination "juju_ip #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 17070 -j DNAT --to-destination "juju_ip print "#End autogeneration by nat_osm" @@ -122,8 +125,10 @@ innatpre==1 && /\:INPUT/ { print "#Autogenerated by nat_osm" print "-A PREROUTING -d "RO_IP" -p tcp -m tcp --dport 9090 -j DNAT --to-destination "openmano_ip print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8000 -j DNAT --to-destination "rift_ip - print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 4567 -j DNAT --to-destination "rift_ip print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8443 -j DNAT --to-destination "rift_ip + print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8008 -j DNAT --to-destination "rift_ip + print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 8009 -j DNAT --to-destination "rift_ip + print "-A PREROUTING -d "UI_IP" -p tcp -m tcp --dport 80 -j DNAT --to-destination "rift_ip #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 443 -j DNAT --to-destination "juju_ip #print "-A PREROUTING -d "VCA_IP" -p tcp -m tcp --dport 17070 -j DNAT --to-destination "juju_ip print "#End autogeneration by nat_osm" @@ -133,6 +138,39 @@ innatpre==1 && /\:INPUT/ { next; } +innat==1 && /\:OUTPUT/ { + innatoutput=1; + print; + next; +} +innatoutput==1 && /\#Autogenerated by nat_osm/ { + osmoutput=1; + next; +} +osmoutput==1 && /#End autogeneration by nat_osm/ { + print "#Autogenerated by nat_osm" + print "-A OUTPUT -p tcp -o lo --dport 8009 -j DNAT --to "rift_ip":8009" + print "-A OUTPUT -p tcp -o lo --dport 8443 -j DNAT --to "rift_ip":8443" + print "#End autogeneration by nat_osm" + osmoutput=0; + doneoutput=1; + next; +} +osmoutput==1 {next;} +innatoutput==1 && /\:POSTROUTING/ { + innatoutput=0; + if (doneoutput==0) { + print "#Autogenerated by nat_osm" + print "-A OUTPUT -p tcp -o lo --dport 8009 -j DNAT --to "rift_ip":8009" + print "-A OUTPUT -p tcp -o lo --dport 8443 -j DNAT --to "rift_ip":8443" + print "#End autogeneration by nat_osm" + doneoutput=1; + } + innatpost=1; + print; + next; +} + innat==1 && /\:POSTROUTING/ { innatpost=1; print; @@ -143,10 +181,13 @@ innatpost==1 && /\#Autogenerated by nat_osm/ { next; } osmpost==1 && /#End autogeneration by nat_osm/ { - #print "#Autogenerated by nat_osm" + print "#Autogenerated by nat_osm" + print "-A POSTROUTING -s "rift_ip"/24 -d "rift_ip" -p tcp --dport 8443 -j MASQUERADE" + print "-A POSTROUTING -s "UI_IP"/32 -d "rift_ip" -p tcp --dport 8009 -j MASQUERADE" + print "-A POSTROUTING -s "UI_IP"/32 -d "rift_ip" -p tcp --dport 8443 -j MASQUERADE" #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 9090 -d "openmano_ip" -j SNAT --to "UI_IP #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 17070 -d "juju_ip" -j SNAT --to "UI_IP - #print "#End autogeneration by nat_osm" + print "#End autogeneration by nat_osm" osmpost=0; donepost=1; next; @@ -156,10 +197,13 @@ innatpost==1 && /COMMIT/ { innatpost=0; innat=0; if (donepost==0) { - #print "#Autogenerated by nat_osm" + print "#Autogenerated by nat_osm" + print "-A POSTROUTING -s "rift_ip"/24 -d "rift_ip" -p tcp --dport 8443 -j MASQUERADE" + print "-A POSTROUTING -s "UI_IP"/32 -d "rift_ip" -p tcp --dport 8009 -j MASQUERADE" + print "-A POSTROUTING -s "UI_IP"/32 -d "rift_ip" -p tcp --dport 8443 -j MASQUERADE" #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 9090 -d "openmano_ip" -j SNAT --to "UI_IP #print "-A POSTROUTING -s "rift_ip" -p tcp -m tcp --dport 17070 -d "juju_ip" -j SNAT --to "UI_IP - #print "#End autogeneration by nat_osm" + print "#End autogeneration by nat_osm" donepost=1; } print;