parent
d4021d0854
commit
e0a96fe191
@ -1,17 +1,17 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5agZHGd6YW11ZGlv
|
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5lkZHGd6YW11ZGlv
|
||||||
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV6C5D/4gkeUb0hxrZrElL7xB5Xd6
|
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV+swD/9ASPlt4BF/QeiHwWs+b41V
|
||||||
C2aA68a6mXJvPI3bCIsbj6tudQAlNOX9McrPGgjm+C0Tf0d9pbPNUKL30BlWEwEl
|
XBioUm4dqv1b9wNHSlIBCJJ77TVgqa/1txBl7dI01H4kip0VuI3/IMob4ol3rRKb
|
||||||
ct+tqtD8kHfkbCt/50QiatyaMsWJhZVwaByyRXb9nLILHfCCVqMPyeBfbBeqBYuV
|
FJhM6PytcOqzAx/uI0a08Sy1ezxZCnoJNbyT5vpT09t+UFhmpnaMHsDF1T9oXxf4
|
||||||
PSdn5PE6+QuTOhuY/8I+fgH/J78ZPwbYAhmgnn9os+GWgyJ7VxZU2JIrp2lwAqg1
|
kpPDQksCbo//apq+kDHVueA/Sy8uXKlc9yDfROKhG3LodqvNRmSxwUJqm2BAVDi8
|
||||||
yFufJ1+Fr2hVO58bEaW5avy0csZmJcKhHJk0janRfHJni3rgKhEQ5JJ60Z4BEKkn
|
1/yqyF6tFDXTxmDafxB9fwzVt1QoKji1PJwVD9Gv+2ugqBcNNvqI3tCnUw3a1gKE
|
||||||
KL+nUaPSsqVxDSDQS2Auhip4Esk+YUx2vf34vn1aJ8cPDEShd9EavkLRRvlyLqC/
|
qzxtmfEzaebwyXR3Mc96hykc7Cj7zxf5QAJQX3x+PTLmUU7thmgFDIP7iW7197NQ
|
||||||
ajyFWug+mQQ8zw03WGpC1Z6RMeqkh9cuey0SsVWSh//2KJjZt1dqwf90BEj0+LX3
|
i7xmv8yuo15W3YdLuA+ChfUAba2+7J7F/N/4JMBJaaa888cyvzlYruVUdaziaNTT
|
||||||
PkToX4zAbYGWyzfhRE/DcnIwWHTr/y1ds/wtCh0losi4ZIMHR0p1baHXjUtjsyQe
|
1ll0r9yYRzYYG2LN9u6aPUTezvXOKF9+7sZZXdS4eIwX3zlh/LjGYadAJVksLoEh
|
||||||
82Q3VTcoE8lxKSV97OTbPV+XBAsO/ggJBh2iwerlq65F9XFi8NxDKBIxVvM5Xrdh
|
y0W6HhbOj+YqtA9ZjeDbhrkmTmVqqpM64djwyQ2pxdtn8cvJvuWO9vkKwiAHW99u
|
||||||
IaZcfOsFMfO0z6m0k35QpgROCRDj1PLBSM4/IGF5HovMTNlCs59iArWbnNdiMrWq
|
oNKJZS8pPHhZgtRVZulFLY8CmkkrMLVbJvT+qjbG3/OyyB0wI0l2XYLpazHdSHVS
|
||||||
Ie98YUcFbpySCLRR0lTfZIpHokeMNq7l5u0TGDvKvPBIRAdrHLT/rrqKAVvXKBXo
|
TXueah+iJjm652ed+Cegt5V5BQz4jGbIBDr+1sStcDdSWBsJLLnpEghf8ZGf6gRF
|
||||||
YUuGTiwpP9rwu3teCowB6A==
|
vCVh1dTl2SNyIXwaHdtaeQ==
|
||||||
=uUtv
|
=/sQH
|
||||||
-----END PGP SIGNATURE-----
|
-----END PGP SIGNATURE-----
|
||||||
|
Binary file not shown.
@ -1,17 +1,17 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5agZHGd6YW11ZGlv
|
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5lkZHGd6YW11ZGlv
|
||||||
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV2ukEACMecSr/qLracJtPr0vTyOL
|
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV6QGD/wMf1X7VXI1Xbsya0Jol8mP
|
||||||
PQqspzMDFI6o0RvURXslCrhRdX4HnTNEQpebyBWHQKeR/Boenxrri6d4jjljA3+1
|
w1GMtv4/6sGsifLpRMXu6rQahlgvjsl60kkwSZcDkHVCsC2+i3y2yw/Txl2VoWK1
|
||||||
ObuomVnrqGFt5vkoa2EukxcFIW9VUHHbL/MTSKffr+pyDW9ryy2HRN7ygCACKwCU
|
k/ewZm/gdJLSykSZNmQF6/VsS/z7yltp4k9S6xCTfQQdsR0Ni55AEOrOz6aGU3j7
|
||||||
f7yTeQqDIETozFkG1XVNHV8CpstgzTMbYKY70aImRIepVdUjnCZw0s4xF9H+91dx
|
ChEI7IWlDxFJ42rQb1dXQPp4kZPmhdgOQbRT3h4MSRYHmscBF9KCOn+Q/PFlhhOH
|
||||||
hnzbn4Gt4n7Jym4hIRRdcMPSrjSOjN+hhCg6CDhs5o4o8uI8UcLoobV3CfyojjDJ
|
aS81TTPeAq7nXaXjjYfm/CAo1SAf7WSJ8CHdwpERGrnTOgaKaDTU9Rk/URp1Vh2z
|
||||||
B1JUdFHhkNE/71U+NBbRshmCW5fZIAgsSagBQ2QPcm8KteecFtCqtpuJjVQRJylu
|
/uuV47KVQPRrUmrJzLGyRghbE2Y7xNwrxhKyMnp47KP5gQez2osvIulzoh7pd9qu
|
||||||
AYLWeKHnnZh7LdUvkjAwsQMbX3dLCQpt/gwOM51e2Fy0xPDtQcEI4j0j3QagStcL
|
fn3CGnF6WemgSM/3KiHBqUh4XinARNMzYUMRkUOfaMrz0a6jqP3IOnKw1fAxbHhF
|
||||||
rglSj2DK1kb9CWkN3qRa2EI0IlanPDvC7Ql4YteeWacrechuqLPvFI96xNoNYCSf
|
1ugaJ2gWnJrdxhyVM6R/ykVtd7RRsv+RACIIsCOYBZWrpE7AMjbiuqRIUYbwljXe
|
||||||
/7GsX/55+UavFRyeOgLYeJZPKjcKPb+gcs5XgRaYDD2gRHqIrfjzeyPw64aay2w/
|
hXZY9Mm9tx/XV7AMYiWGtzEJ+1c77+FbB0eLCja9cPRcpxA5DQy5s3JuNkH2xGn9
|
||||||
07Noz6FHk7GPn1MxHwyd5ZgELWHO8DWaHFYKPsAcFpxH9Oe7SvsWR6/4kR31HuQE
|
Z0m7QsDxMkcTGQELriYqpgAD0xkVYoFNNtgyOPvV2KduO8gKSWgEePPxywnA0k3+
|
||||||
L6oRwuCasMWTDMWjpbcDBgGSXk23UK+iSDYMQN/WLy2fjrJuCr5wTqkyF+EWavIe
|
WOgRp6iykVei5teIirdXOpGl7/3V2JDUsFZebsSty+i8e8ZXJWwc2DQ7HRLG1HZk
|
||||||
50oJZes2AiE+SRFJpklPIg==
|
vBNk79M33o/1yBv3lJC0ow==
|
||||||
=NG21
|
=fCdQ
|
||||||
-----END PGP SIGNATURE-----
|
-----END PGP SIGNATURE-----
|
||||||
|
Binary file not shown.
Binary file not shown.
@ -1,74 +1,204 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
# $Id: rc.vdenetwork,v 1.7 2011/12/06 14:18:08 root Exp root $
|
||||||
|
# Qemu environment preparation script
|
||||||
|
|
||||||
#=========================== EDIT THE FOLLOWING VARIABLES ==========================
|
# ---------------------------------------------------------------------------
|
||||||
# _________________________________________________________________________________
|
|
||||||
# | |
|
|
||||||
# | Interface name to use for the TAP device |
|
|
||||||
# | |
|
|
||||||
TAP_IF="tap0"
|
|
||||||
# |_________________________________________________________________________________|
|
|
||||||
# | |
|
|
||||||
# | IP Address/Subnet in CIDR Notation for the Virtual Network |
|
|
||||||
# | |
|
|
||||||
TAP_NET="10.10.10.1/24"
|
|
||||||
# |_________________________________________________________________________________|
|
|
||||||
#
|
#
|
||||||
#=========================== DO NOT EDIT BELOW THIS LINE ============================
|
# After running this startup script, run a QEMU virtual machine in this way:
|
||||||
|
#
|
||||||
|
# qemu-system-x86_64 \
|
||||||
|
# -net vde,sock=/var/run/kvm0.ctl,vlan=0 -net nic,vlan=0 \
|
||||||
|
# [qemu_option [qemu_option], ...]
|
||||||
|
#
|
||||||
|
# This will automatically connect the QEMU virtual machine to the VDE switch.
|
||||||
|
#
|
||||||
|
# ---------------------------------------------------------------------------
|
||||||
|
#
|
||||||
|
# Network type can be one of "route" "bridge" or "nat":
|
||||||
|
# - In "route" mode, the script will expect that the 'routed' daemon is running
|
||||||
|
# on the host (see /etc/rc.d/rc.inet2 to start 'routed'), and will not
|
||||||
|
# create iptables NAT rules.
|
||||||
|
# The virtual network will be routed on the LAN and will be accessible as a
|
||||||
|
# separate network segment (make sure the IP range defined below does not
|
||||||
|
# conflict with existing parts of your network!). The guests will use our
|
||||||
|
# private dnsmasq server to obtain IP addresses.
|
||||||
|
# - In "bridge" mode, the script will try to add the tap device to an existing
|
||||||
|
# network bridge, and will not create iptables NAT rules.
|
||||||
|
# The guests will be seen on the LAN as part of the network.
|
||||||
|
# - In "nat" mode, the script will create iptables NAT rules. These hide the
|
||||||
|
# virtual network behind an internal NAT router. The guests will have full
|
||||||
|
# network access, but will be accessible only from the host.
|
||||||
|
#
|
||||||
|
# ---------------------------------------------------------------------------
|
||||||
|
|
||||||
start(){
|
#NETWORKTYPE="route"
|
||||||
echo -n "Starting VDE Switch..."
|
#NETWORKTYPE="bridge"
|
||||||
|
NETWORKTYPE="nat"
|
||||||
|
|
||||||
# Load tun module
|
# Host interfaces that need to be NAT-ed (in case we're not bridging/routing):
|
||||||
modprobe tun || { echo "Error, cannot load 'tun' module. Exiting..." ; exit 1 ; }
|
# Add more interfaces space-separated, like "eth+ wlan+"
|
||||||
sleep 1
|
NAT_IFS="eth+"
|
||||||
|
|
||||||
# Start tap switch
|
# What is the bridge interface called if we are bridging?
|
||||||
vde_switch -tap ${TAP_IF} -daemon || { echo "Error, cannot assign IP to ${TAP_IF}. Exiting..." ; exit 1 ; }
|
BR_DEV=br0
|
||||||
|
|
||||||
# Bring tap interface up
|
# What is the name of the tun/tap device we will be using?
|
||||||
ip addr add ${TAP_NET} dev ${TAP_IF}
|
TAP_DEV=kvm0
|
||||||
ip link set ${TAP_IF} up
|
|
||||||
|
|
||||||
#chmod 666 /tmp/vde.ctl
|
|
||||||
chmod -R a+rwx /var/run/vde.ctl
|
|
||||||
|
|
||||||
# Apply workaround
|
start_tap() {
|
||||||
echo 1024 > /proc/sys/dev/rtc/max-user-freq
|
# Load tun module
|
||||||
echo
|
/sbin/modprobe tun 2>/dev/null
|
||||||
}
|
# Wait for the module to be loaded
|
||||||
|
while ! /bin/lsmod |grep -q "^tun"; do echo Waiting for tun device;sleep 1; done
|
||||||
|
|
||||||
|
# Start tap switch
|
||||||
|
vde_switch --tap ${TAP_DEV} --daemon --group kvm \
|
||||||
|
--sock /var/run/${TAP_DEV}.ctl --pidfile /var/run/${TAP_DEV}_vde.pid \
|
||||||
|
--mod 775 --mgmtmode 770 --mgmt /var/run/${TAP_DEV}-manage
|
||||||
|
|
||||||
|
sleep 1
|
||||||
|
|
||||||
|
# Change pipe permission:
|
||||||
|
#chmod -R a+rwx /var/run/vde.ctl
|
||||||
|
} # End start_tap
|
||||||
|
|
||||||
|
stop_tap() {
|
||||||
|
# Bring tap interface down:
|
||||||
|
ifconfig ${TAP_DEV} down
|
||||||
|
|
||||||
|
# Kill VDE switch:
|
||||||
|
#pgrep -f vde_switch | xargs kill -TERM
|
||||||
|
kill -HUP $(cat /var/run/${TAP_DEV}_vde.pid)
|
||||||
|
|
||||||
|
# Remove the control socket:
|
||||||
|
#rmdir /var/run/vde.ctl
|
||||||
|
} # End stop_tap
|
||||||
|
|
||||||
|
start_localdhcp() {
|
||||||
|
# The IP configuration for the tap device that will be used for
|
||||||
|
# the virtual machine network:
|
||||||
|
|
||||||
|
TAP_IP=10.111.111.254
|
||||||
|
TAP_MASK=255.255.255.0
|
||||||
|
TAP_BCAST=$(/bin/ipmask ${TAP_MASK} ${TAP_IP} | cut -f 1 -d ' ')
|
||||||
|
|
||||||
|
# Definitions for the LAN segment the Qemu virtual machines will be in.
|
||||||
|
# These definitions will be fed to dnsmasq - this program will provide DNS
|
||||||
|
# and DHCP to the Qemu LAN.
|
||||||
|
|
||||||
|
# The VM_IPLOW and VM_IPHIGH addresses must agree with the definitions for
|
||||||
|
# the tap0 device above. These 'low' and 'high' values are the IP address
|
||||||
|
# range for the DHCP server to use.
|
||||||
|
|
||||||
stop(){
|
VM_DOMAIN=qemu.lan
|
||||||
echo -n "Stopping VDE Switch..."
|
VM_IPLOW=10.111.111.128
|
||||||
|
VM_IPHIGH=10.111.111.199
|
||||||
|
VM_BCAST=${TAP_BCAST}
|
||||||
|
VM_MASK=${TAP_MASK}
|
||||||
|
|
||||||
# Bring tap interface down
|
# For additional options to dnsmasq - the commented example specifies that
|
||||||
ip addr flush dev ${TAP_IF}
|
# all DNS lookups for 'my.net' should go to 192.168.1.1;
|
||||||
ip link set ${TAP_IF} down
|
# On the second line you find a configuration for supporting network boot:
|
||||||
|
#DNSMASQ_OPTIONS="--server /my.net/192.168.1.1 \
|
||||||
|
# --dhcp-boot=/pxelinux.0,\"192.168.1.1\",192.168.1.1"
|
||||||
|
DNSMASQ_OPTIONS=""
|
||||||
|
|
||||||
# Kill VDE switch
|
# Bring tap interface up
|
||||||
kill $(pgrep vde_switch)
|
ifconfig ${TAP_DEV} ${TAP_IP} broadcast ${TAP_BCAST} netmask ${TAP_MASK}
|
||||||
sleep 1
|
|
||||||
|
|
||||||
# Remove tun module
|
# Start dnsmasq, the DNS/DHCP server
|
||||||
modprobe -r tun
|
# for our Virtual Machines behind the tap0 interface.
|
||||||
echo
|
# The '--conf-file' option prevents this instance from reading the default
|
||||||
|
# /etc/dnsmasq.conf settings. Also, binds to the tun interface, to keep it
|
||||||
|
# from interfering with other dnsmasq/named processes running on the host's
|
||||||
|
# primary interfaces.
|
||||||
|
/usr/sbin/dnsmasq \
|
||||||
|
--log-queries \
|
||||||
|
--user=daemon \
|
||||||
|
--dhcp-leasefile=/var/state/dhcp/qemu-dhcpd.leases \
|
||||||
|
--dhcp-range=${VM_IPLOW},${VM_IPHIGH},${VM_MASK},${VM_BCAST},8h \
|
||||||
|
--interface=${TAP_DEV} --except-interface=lo --bind-interfaces \
|
||||||
|
--pid-file=/var/run/${TAP_DEV}_dnsmasq.pid --conf-file \
|
||||||
|
--domain=${VM_DOMAIN} \
|
||||||
|
$DNSMASQ_OPTIONS
|
||||||
|
|
||||||
|
} # End start_localdhcp
|
||||||
|
|
||||||
|
stop_localdhcp() {
|
||||||
|
# Stop dnsmasq
|
||||||
|
#pgrep -f dnsmasq | xargs kill -TERM
|
||||||
|
kill -TERM $(cat /var/run/${TAP_DEV}_dnsmasq.pid) \
|
||||||
|
&& rm -f /var/run/${TAP_DEV}_dnsmasq.pid
|
||||||
|
} # End stop_localdhcp
|
||||||
|
|
||||||
|
start_route() {
|
||||||
|
# We need a private dnsmasq instance in a routed configuration:
|
||||||
|
start_localdhcp
|
||||||
|
} # End start_route
|
||||||
|
|
||||||
|
stop_route() {
|
||||||
|
# We need to stop our private dnsmasq instance in a routed configuration:
|
||||||
|
stop_localdhcp
|
||||||
|
} # End stop_route
|
||||||
|
|
||||||
|
start_nat() {
|
||||||
|
# Start IP Forwarding
|
||||||
|
echo "1" > /proc/sys/net/ipv4/ip_forward
|
||||||
|
for NIC in ${NAT_IFS}; do
|
||||||
|
iptables -t nat -A POSTROUTING -o ${NIC} -j MASQUERADE
|
||||||
|
done
|
||||||
|
|
||||||
|
# We need a private dnsmasq instance in a NAT configuration:
|
||||||
|
start_localdhcp
|
||||||
|
|
||||||
|
} # End start_nat
|
||||||
|
|
||||||
|
stop_nat() {
|
||||||
|
# We need to stop our private dnsmasq in a NAT configuration:
|
||||||
|
stop_localdhcp
|
||||||
|
|
||||||
|
# Delete the NAT rules
|
||||||
|
for NIC in ${NAT_IFS}; do
|
||||||
|
iptables -t nat -D POSTROUTING -o ${NIC} -j MASQUERADE
|
||||||
|
done
|
||||||
|
# Stop IP Forwarding
|
||||||
|
echo "0" > /proc/sys/net/ipv4/ip_forward
|
||||||
}
|
}
|
||||||
|
|
||||||
|
start_bridge() {
|
||||||
|
# Connect our tap device from the bridge:
|
||||||
|
/sbin/ifconfig $TAP_DEV down
|
||||||
|
/sbin/ifconfig $TAP_DEV 0.0.0.0 promisc up
|
||||||
|
/sbin/brctl addif $BR_DEV $TAP_DEV
|
||||||
|
}
|
||||||
|
|
||||||
|
stop_bridge() {
|
||||||
|
# Disconnect our tap device from the bridge:
|
||||||
|
/sbin/brctl delif $BR_DEV $TAP_DEV
|
||||||
|
}
|
||||||
|
|
||||||
|
# See how we were called.
|
||||||
|
|
||||||
case "$1" in
|
case "$1" in
|
||||||
start)
|
start)
|
||||||
start
|
echo -n "Starting VDE network for QEMU: "
|
||||||
;;
|
|
||||||
|
start_tap
|
||||||
stop)
|
start_$NETWORKTYPE
|
||||||
stop
|
echo
|
||||||
;;
|
;;
|
||||||
|
stop)
|
||||||
restart)
|
echo -n "Stopping VDE network for QEMU: "
|
||||||
stop
|
stop_$NETWORKTYPE
|
||||||
start
|
stop_tap
|
||||||
;;
|
echo
|
||||||
*)
|
;;
|
||||||
echo "Usage: $0 {start|stop|restart}"
|
restart|reload)
|
||||||
;;
|
$0 stop
|
||||||
|
sleep 1
|
||||||
|
$0 start
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Usage: $0 {start|stop|restart|reload}"
|
||||||
|
exit 1
|
||||||
esac
|
esac
|
||||||
|
Loading…
Reference in new issue