ia64/xen-unstable

changeset 721:2c22db3e819b

bitkeeper revision 1.427 (3f677444W1iVSBCd44M-cSsiZXgCsg)

rename xen_enable_nat and xen_read_console
author iap10@labyrinth.cl.cam.ac.uk
date Tue Sep 16 20:36:20 2003 +0000 (2003-09-16)
parents 017595b44310
children 7a9d47fea66c
files .rootkeys tools/misc/enable_nat tools/misc/enable_nat.README tools/misc/read_console_udp.c tools/misc/xen_enable_nat tools/misc/xen_enable_nat.README tools/misc/xen_read_console.c
line diff
     1.1 --- a/.rootkeys	Tue Sep 16 20:32:26 2003 +0000
     1.2 +++ b/.rootkeys	Tue Sep 16 20:36:20 2003 +0000
     1.3 @@ -141,12 +141,12 @@ 3eb781fd8oRfPgH7qTh7xvgmwD6NgA tools/int
     1.4  3eb781fd0Eo9K1jEFCSAVzO51i_ngg tools/internal/xi_stop.c
     1.5  3f108ae2to5nHRRXfvUK7oxgjcW_yA tools/internal/xi_usage.c
     1.6  3eb781fd7211MZsLxJSiuy7W4KnJXg tools/internal/xi_vifinit
     1.7 -3f13d81eQ9Vz-h-6RDGFkNR9CRP95g tools/misc/enable_nat
     1.8 -3f13d81e6Z6806ihYYUw8GVKNkYnuw tools/misc/enable_nat.README
     1.9  3f1668d4-FUY6Enc7MB3GcwUtfJ5HA tools/misc/mkdevnodes
    1.10 -3f1668d4F29Jsw0aC0bJEIkOBiagiQ tools/misc/read_console_udp.c
    1.11  3f5ef5a2ir1kVAthS14Dc5QIRCEFWg tools/misc/xen-clone
    1.12  3f5ef5a2dTZP0nnsFoeq2jRf3mWDDg tools/misc/xen-clone.README
    1.13 +3f13d81eQ9Vz-h-6RDGFkNR9CRP95g tools/misc/xen_enable_nat
    1.14 +3f13d81e6Z6806ihYYUw8GVKNkYnuw tools/misc/xen_enable_nat.README
    1.15 +3f1668d4F29Jsw0aC0bJEIkOBiagiQ tools/misc/xen_read_console.c
    1.16  3ddb79bcbOVHh38VJzc97-JEGD4dJQ xen/Makefile
    1.17  3f5ef5a2Qtt8AshYs-KXFFNhKALeIg xen/README
    1.18  3ddb79bcWnTwYsQRWl_PaneJfa6p0w xen/Rules.mk
     2.1 --- a/tools/misc/enable_nat	Tue Sep 16 20:32:26 2003 +0000
     2.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.3 @@ -1,20 +0,0 @@
     2.4 -#!/bin/sh
     2.5 -
     2.6 -run_iptables() {
     2.7 -    if ! iptables $@ ; then
     2.8 -	echo "iptables returned error; have you built netfilter?"; exit 1
     2.9 -    fi
    2.10 -}
    2.11 -
    2.12 -ifconfig eth0:0 169.254.1.0 up
    2.13 -run_iptables -t filter -F
    2.14 -run_iptables -t nat -F
    2.15 -run_iptables -t filter -X
    2.16 -run_iptables -t nat -X
    2.17 -run_iptables -t filter -P FORWARD DROP
    2.18 -run_iptables -t filter -A FORWARD -i eth0 -o eth0 -s 169.254.0.0/16 -j ACCEPT
    2.19 -run_iptables -t filter -A FORWARD -i eth0 -o eth0 -d 169.254.0.0/16 -m state --state ESTABLISHED,RELATED -j ACCEPT
    2.20 -run_iptables -t nat -A POSTROUTING -o eth0 -s 169.254.1.0 -j RETURN
    2.21 -run_iptables -t nat -A POSTROUTING -o eth0 -s 169.254.0.0/16 -j MASQUERADE
    2.22 -echo 1 > /proc/sys/net/ipv4/ip_forward
    2.23 -
     3.1 --- a/tools/misc/enable_nat.README	Tue Sep 16 20:32:26 2003 +0000
     3.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.3 @@ -1,24 +0,0 @@
     3.4 -To use NAT in domain 0 to give access for other domains:
     3.5 -1) Make sure domain 0's kernel contains at least the following options:
     3.6 -   (other domains don't need this)
     3.7 -
     3.8 -CONFIG_NETFILTER=y
     3.9 -CONFIG_IP_NF_CONNTRACK=y
    3.10 -CONFIG_IP_NF_FTP=y
    3.11 -CONFIG_IP_NF_IPTABLES=y
    3.12 -CONFIG_IP_NF_MATCH_STATE=y
    3.13 -CONFIG_IP_NF_FILTER=y
    3.14 -CONFIG_IP_NF_NAT=y
    3.15 -CONFIG_IP_NF_NAT_NEEDED=y
    3.16 -CONFIG_IP_NF_TARGET_MASQUERADE=y
    3.17 -CONFIG_IP_NF_NAT_FTP=y
    3.18 -
    3.19 -2) Run the enable_nat script on domain 0 startup. This will bind
    3.20 -   169.254.1.0 to domain 0 and set up iptables for NAT. Make sure
    3.21 -   that the real IP address for eth0 has been set before running the
    3.22 -   script.
    3.23 -3) Give the other domains IP addresses in 169.254.0.0/16 and a default
    3.24 -   gateway of 169.254.1.0.
    3.25 -4) It should now work. Domains 1 and higher should be able to make
    3.26 -   outgoing connections through NAT. FTP active or passive should both
    3.27 -   work thanks to FTP connection tracking
     4.1 --- a/tools/misc/read_console_udp.c	Tue Sep 16 20:32:26 2003 +0000
     4.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.3 @@ -1,53 +0,0 @@
     4.4 -/******************************************************************************
     4.5 - * Test program for reading console lines from DOM0 port 666.
     4.6 - */
     4.7 -
     4.8 -#include <arpa/inet.h>
     4.9 -#include <sys/types.h>
    4.10 -#include <sys/socket.h>
    4.11 -#include <stdio.h>
    4.12 -#include <stdlib.h>
    4.13 -#include <string.h>
    4.14 -
    4.15 -int main(void)
    4.16 -{
    4.17 -    unsigned char buf[208], abuf[32];
    4.18 -    struct sockaddr_in addr, from;
    4.19 -    int fromlen = sizeof(from);
    4.20 -    int len, fd = socket(PF_INET, SOCK_DGRAM, 0);
    4.21 -    
    4.22 -    if ( fd < 0 )
    4.23 -    {
    4.24 -        fprintf(stderr, "could not open datagram socket\n");
    4.25 -        return -1;
    4.26 -    }
    4.27 -
    4.28 -    memset(&addr, 0, sizeof(addr));
    4.29 -    addr.sin_addr.s_addr = htonl(0xa9fe0100); /* 169.254.1.0 */
    4.30 -    addr.sin_port = htons(666);
    4.31 -    addr.sin_family = AF_INET;
    4.32 -    if ( bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0 )
    4.33 -    {
    4.34 -        fprintf(stderr, "could not bind to local address and port\n");
    4.35 -        return -1;
    4.36 -    }
    4.37 -
    4.38 -    while ( (len = recvfrom(fd, buf, sizeof(buf), 0, 
    4.39 -                            (struct sockaddr *)&from, &fromlen)) 
    4.40 -            >= 0 )
    4.41 -    {
    4.42 -        printf("%d-byte message from %s:%d --\n", len,
    4.43 -               inet_ntop(AF_INET, &from.sin_addr, abuf, sizeof(abuf)),
    4.44 -               ntohs(from.sin_port));
    4.45 -
    4.46 -        /* For sanity, clean up the string's tail. */
    4.47 -        if ( buf[len-1] != '\n' ) { buf[len] = '\n'; len++; }
    4.48 -        buf[len] = '\0';
    4.49 -
    4.50 -        printf("%s", buf);
    4.51 -
    4.52 -        fromlen = sizeof(from);
    4.53 -    }
    4.54 -
    4.55 -    return 0;
    4.56 -}
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/tools/misc/xen_enable_nat	Tue Sep 16 20:36:20 2003 +0000
     5.3 @@ -0,0 +1,20 @@
     5.4 +#!/bin/sh
     5.5 +
     5.6 +run_iptables() {
     5.7 +    if ! iptables $@ ; then
     5.8 +	echo "iptables returned error; have you built netfilter?"; exit 1
     5.9 +    fi
    5.10 +}
    5.11 +
    5.12 +ifconfig eth0:0 169.254.1.0 up
    5.13 +run_iptables -t filter -F
    5.14 +run_iptables -t nat -F
    5.15 +run_iptables -t filter -X
    5.16 +run_iptables -t nat -X
    5.17 +run_iptables -t filter -P FORWARD DROP
    5.18 +run_iptables -t filter -A FORWARD -i eth0 -o eth0 -s 169.254.0.0/16 -j ACCEPT
    5.19 +run_iptables -t filter -A FORWARD -i eth0 -o eth0 -d 169.254.0.0/16 -m state --state ESTABLISHED,RELATED -j ACCEPT
    5.20 +run_iptables -t nat -A POSTROUTING -o eth0 -s 169.254.1.0 -j RETURN
    5.21 +run_iptables -t nat -A POSTROUTING -o eth0 -s 169.254.0.0/16 -j MASQUERADE
    5.22 +echo 1 > /proc/sys/net/ipv4/ip_forward
    5.23 +
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/tools/misc/xen_enable_nat.README	Tue Sep 16 20:36:20 2003 +0000
     6.3 @@ -0,0 +1,24 @@
     6.4 +To use NAT in domain 0 to give access for other domains:
     6.5 +1) Make sure domain 0's kernel contains at least the following options:
     6.6 +   (other domains don't need this)
     6.7 +
     6.8 +CONFIG_NETFILTER=y
     6.9 +CONFIG_IP_NF_CONNTRACK=y
    6.10 +CONFIG_IP_NF_FTP=y
    6.11 +CONFIG_IP_NF_IPTABLES=y
    6.12 +CONFIG_IP_NF_MATCH_STATE=y
    6.13 +CONFIG_IP_NF_FILTER=y
    6.14 +CONFIG_IP_NF_NAT=y
    6.15 +CONFIG_IP_NF_NAT_NEEDED=y
    6.16 +CONFIG_IP_NF_TARGET_MASQUERADE=y
    6.17 +CONFIG_IP_NF_NAT_FTP=y
    6.18 +
    6.19 +2) Run the enable_nat script on domain 0 startup. This will bind
    6.20 +   169.254.1.0 to domain 0 and set up iptables for NAT. Make sure
    6.21 +   that the real IP address for eth0 has been set before running the
    6.22 +   script.
    6.23 +3) Give the other domains IP addresses in 169.254.0.0/16 and a default
    6.24 +   gateway of 169.254.1.0.
    6.25 +4) It should now work. Domains 1 and higher should be able to make
    6.26 +   outgoing connections through NAT. FTP active or passive should both
    6.27 +   work thanks to FTP connection tracking
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/tools/misc/xen_read_console.c	Tue Sep 16 20:36:20 2003 +0000
     7.3 @@ -0,0 +1,53 @@
     7.4 +/******************************************************************************
     7.5 + * Test program for reading console lines from DOM0 port 666.
     7.6 + */
     7.7 +
     7.8 +#include <arpa/inet.h>
     7.9 +#include <sys/types.h>
    7.10 +#include <sys/socket.h>
    7.11 +#include <stdio.h>
    7.12 +#include <stdlib.h>
    7.13 +#include <string.h>
    7.14 +
    7.15 +int main(void)
    7.16 +{
    7.17 +    unsigned char buf[208], abuf[32];
    7.18 +    struct sockaddr_in addr, from;
    7.19 +    int fromlen = sizeof(from);
    7.20 +    int len, fd = socket(PF_INET, SOCK_DGRAM, 0);
    7.21 +    
    7.22 +    if ( fd < 0 )
    7.23 +    {
    7.24 +        fprintf(stderr, "could not open datagram socket\n");
    7.25 +        return -1;
    7.26 +    }
    7.27 +
    7.28 +    memset(&addr, 0, sizeof(addr));
    7.29 +    addr.sin_addr.s_addr = htonl(0xa9fe0100); /* 169.254.1.0 */
    7.30 +    addr.sin_port = htons(666);
    7.31 +    addr.sin_family = AF_INET;
    7.32 +    if ( bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0 )
    7.33 +    {
    7.34 +        fprintf(stderr, "could not bind to local address and port\n");
    7.35 +        return -1;
    7.36 +    }
    7.37 +
    7.38 +    while ( (len = recvfrom(fd, buf, sizeof(buf), 0, 
    7.39 +                            (struct sockaddr *)&from, &fromlen)) 
    7.40 +            >= 0 )
    7.41 +    {
    7.42 +        printf("%d-byte message from %s:%d --\n", len,
    7.43 +               inet_ntop(AF_INET, &from.sin_addr, abuf, sizeof(abuf)),
    7.44 +               ntohs(from.sin_port));
    7.45 +
    7.46 +        /* For sanity, clean up the string's tail. */
    7.47 +        if ( buf[len-1] != '\n' ) { buf[len] = '\n'; len++; }
    7.48 +        buf[len] = '\0';
    7.49 +
    7.50 +        printf("%s", buf);
    7.51 +
    7.52 +        fromlen = sizeof(from);
    7.53 +    }
    7.54 +
    7.55 +    return 0;
    7.56 +}