gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2024-09-20 15:26:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

added option to make iptables change

Browse source
This commit is contained in:
0xdcarns 2022-03-28 10:36:23 -04:00
parent ffdc3daed4
commit 7ca2c259ed
3 changed files with 11 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
main.go
View file

@ -109,7 +109,7 @@ func initialize() { // Client Mode Prereq Check
}
// initialize iptables to ensure gateways work correctly and mq is forwarded if containerized
if servercfg.ManageIPTables() != "off" {
if err = serverctl.InitIPTables(); err != nil {
if err = serverctl.InitIPTables(true); err != nil {
logger.FatalLog("Unable to initialize iptables on host:", err.Error())
}
}

2
mq/publishers.go
View file

@ -103,7 +103,7 @@ func sendPeers() {
// run iptables update to ensure gateways work correctly and mq is forwarded if containerized
if servercfg.ManageIPTables() != "off" {
serverctl.InitIPTables()
serverctl.InitIPTables(false)
}
force = true

18
serverctl/iptables.go
View file

@ -16,7 +16,7 @@ import (
const netmakerProcessName = "netmaker"
// InitIPTables - intializes the server iptables
func InitIPTables() error {
func InitIPTables(force bool) error {
_, err := exec.LookPath("iptables")
if err != nil {
return err
@ -26,7 +26,7 @@ func InitIPTables() error {
logger.Log(0, "error setting iptables forward policy: "+err.Error())
}
err = portForwardServices()
err = portForwardServices(force)
if err != nil {
return err
}
@ -37,7 +37,7 @@ func InitIPTables() error {
}
// set up port forwarding for services listed in config
func portForwardServices() error {
func portForwardServices(force bool) error {
var err error
services := servercfg.GetPortForwardServiceList()
if len(services) == 0 || services[0] == "" {
@ -46,15 +46,15 @@ func portForwardServices() error {
for _, service := range services {
switch service {
case "mq":
err = iptablesPortForward("mq", "1883", "1883", false)
err = iptablesPortForward("mq", "1883", "1883", false, force)
case "dns":
err = iptablesPortForward("coredns", "53", "53", false)
err = iptablesPortForward("coredns", "53", "53", false, force)
case "ssh":
err = iptablesPortForward("netmaker", "22", "22", false)
err = iptablesPortForward("netmaker", "22", "22", false, force)
default:
params := strings.Split(service, ":")
if len(params) == 3 {
err = iptablesPortForward(params[0], params[1], params[2], true)
err = iptablesPortForward(params[0], params[1], params[2], true, force)
}
}
if err != nil {
@ -83,7 +83,7 @@ func setForwardPolicy() error {
}
// port forward from an entry, can contain a dns name for lookup
func iptablesPortForward(entry string, inport string, outport string, isIP bool) error {
func iptablesPortForward(entry string, inport string, outport string, isIP, force bool) error {
var address string
if !isIP {
@ -110,7 +110,7 @@ func iptablesPortForward(entry string, inport string, outport string, isIP bool)
return errors.New("could not locate ip for " + entry)
}
if output, err := ncutils.RunCmd("iptables -t nat -C PREROUTING -p tcp --dport "+inport+" -j DNAT --to-destination "+address+":"+outport, false); output != "" || err != nil {
if output, err := ncutils.RunCmd("iptables -t nat -C PREROUTING -p tcp --dport "+inport+" -j DNAT --to-destination "+address+":"+outport, false); output != "" || err != nil || force {
_, err := ncutils.RunCmd("iptables -t nat -A PREROUTING -p tcp --dport "+inport+" -j DNAT --to-destination "+address+":"+outport, false)
if err != nil {
return err