ia64/xen-unstable

view tools/misc/xen_nat_enable @ 733:7192aa19b83c

bitkeeper revision 1.435 (3f69af50wevcD9qxxa6gtfBJnXEBEw)

Merge labyrinth.cl.cam.ac.uk:/auto/groups/xeno/BK/xeno.bk
into labyrinth.cl.cam.ac.uk:/auto/anfs/scratch/labyrinth/iap10/xeno-clone/xeno.bk
author iap10@labyrinth.cl.cam.ac.uk
date Thu Sep 18 13:12:48 2003 +0000 (2003-09-18)
parents 63f8f6b56437
children 21edd206e08a
line source
1 #!/bin/sh
3 run_iptables() {
4 if ! iptables $@ ; then
5 echo "iptables returned error; have you built netfilter?"; exit 1
6 fi
7 }
9 ifconfig eth0:0 169.254.1.0 up
10 run_iptables -t filter -F
11 run_iptables -t nat -F
12 run_iptables -t filter -X
13 run_iptables -t nat -X
14 run_iptables -t filter -P FORWARD DROP
15 run_iptables -t filter -A FORWARD -i eth0 -o eth0 -s 169.254.0.0/16 -j ACCEPT
16 run_iptables -t filter -A FORWARD -i eth0 -o eth0 -d 169.254.0.0/16 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
17 run_iptables -t nat -A POSTROUTING -o eth0 -s 169.254.1.0 -j RETURN
18 run_iptables -t nat -A POSTROUTING -o eth0 -s 169.254.0.0/16 -j MASQUERADE
19 echo 1 > /proc/sys/net/ipv4/ip_forward
21 #set up some port redirects for ssh
22 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2201 -j DNAT --to 169.254.1.1:22
23 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2202 -j DNAT --to 169.254.1.2:22
24 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2203 -j DNAT --to 169.254.1.3:22
25 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2204 -j DNAT --to 169.254.1.4:22
26 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2205 -j DNAT --to 169.254.1.5:22
27 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2206 -j DNAT --to 169.254.1.6:22
28 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2207 -j DNAT --to 169.254.1.7:22
29 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2208 -j DNAT --to 169.254.1.8:22
30 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2209 -j DNAT --to 169.254.1.9:22
31 run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2210 -j DNAT --to 169.254.1.10:22