parent
d4021d0854
commit
e0a96fe191
@ -1,17 +1,17 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5agZHGd6YW11ZGlv
|
||||
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV6C5D/4gkeUb0hxrZrElL7xB5Xd6
|
||||
C2aA68a6mXJvPI3bCIsbj6tudQAlNOX9McrPGgjm+C0Tf0d9pbPNUKL30BlWEwEl
|
||||
ct+tqtD8kHfkbCt/50QiatyaMsWJhZVwaByyRXb9nLILHfCCVqMPyeBfbBeqBYuV
|
||||
PSdn5PE6+QuTOhuY/8I+fgH/J78ZPwbYAhmgnn9os+GWgyJ7VxZU2JIrp2lwAqg1
|
||||
yFufJ1+Fr2hVO58bEaW5avy0csZmJcKhHJk0janRfHJni3rgKhEQ5JJ60Z4BEKkn
|
||||
KL+nUaPSsqVxDSDQS2Auhip4Esk+YUx2vf34vn1aJ8cPDEShd9EavkLRRvlyLqC/
|
||||
ajyFWug+mQQ8zw03WGpC1Z6RMeqkh9cuey0SsVWSh//2KJjZt1dqwf90BEj0+LX3
|
||||
PkToX4zAbYGWyzfhRE/DcnIwWHTr/y1ds/wtCh0losi4ZIMHR0p1baHXjUtjsyQe
|
||||
82Q3VTcoE8lxKSV97OTbPV+XBAsO/ggJBh2iwerlq65F9XFi8NxDKBIxVvM5Xrdh
|
||||
IaZcfOsFMfO0z6m0k35QpgROCRDj1PLBSM4/IGF5HovMTNlCs59iArWbnNdiMrWq
|
||||
Ie98YUcFbpySCLRR0lTfZIpHokeMNq7l5u0TGDvKvPBIRAdrHLT/rrqKAVvXKBXo
|
||||
YUuGTiwpP9rwu3teCowB6A==
|
||||
=uUtv
|
||||
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5lkZHGd6YW11ZGlv
|
||||
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV+swD/9ASPlt4BF/QeiHwWs+b41V
|
||||
XBioUm4dqv1b9wNHSlIBCJJ77TVgqa/1txBl7dI01H4kip0VuI3/IMob4ol3rRKb
|
||||
FJhM6PytcOqzAx/uI0a08Sy1ezxZCnoJNbyT5vpT09t+UFhmpnaMHsDF1T9oXxf4
|
||||
kpPDQksCbo//apq+kDHVueA/Sy8uXKlc9yDfROKhG3LodqvNRmSxwUJqm2BAVDi8
|
||||
1/yqyF6tFDXTxmDafxB9fwzVt1QoKji1PJwVD9Gv+2ugqBcNNvqI3tCnUw3a1gKE
|
||||
qzxtmfEzaebwyXR3Mc96hykc7Cj7zxf5QAJQX3x+PTLmUU7thmgFDIP7iW7197NQ
|
||||
i7xmv8yuo15W3YdLuA+ChfUAba2+7J7F/N/4JMBJaaa888cyvzlYruVUdaziaNTT
|
||||
1ll0r9yYRzYYG2LN9u6aPUTezvXOKF9+7sZZXdS4eIwX3zlh/LjGYadAJVksLoEh
|
||||
y0W6HhbOj+YqtA9ZjeDbhrkmTmVqqpM64djwyQ2pxdtn8cvJvuWO9vkKwiAHW99u
|
||||
oNKJZS8pPHhZgtRVZulFLY8CmkkrMLVbJvT+qjbG3/OyyB0wI0l2XYLpazHdSHVS
|
||||
TXueah+iJjm652ed+Cegt5V5BQz4jGbIBDr+1sStcDdSWBsJLLnpEghf8ZGf6gRF
|
||||
vCVh1dTl2SNyIXwaHdtaeQ==
|
||||
=/sQH
|
||||
-----END PGP SIGNATURE-----
|
||||
|
Binary file not shown.
@ -1,17 +1,17 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5agZHGd6YW11ZGlv
|
||||
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV2ukEACMecSr/qLracJtPr0vTyOL
|
||||
PQqspzMDFI6o0RvURXslCrhRdX4HnTNEQpebyBWHQKeR/Boenxrri6d4jjljA3+1
|
||||
ObuomVnrqGFt5vkoa2EukxcFIW9VUHHbL/MTSKffr+pyDW9ryy2HRN7ygCACKwCU
|
||||
f7yTeQqDIETozFkG1XVNHV8CpstgzTMbYKY70aImRIepVdUjnCZw0s4xF9H+91dx
|
||||
hnzbn4Gt4n7Jym4hIRRdcMPSrjSOjN+hhCg6CDhs5o4o8uI8UcLoobV3CfyojjDJ
|
||||
B1JUdFHhkNE/71U+NBbRshmCW5fZIAgsSagBQ2QPcm8KteecFtCqtpuJjVQRJylu
|
||||
AYLWeKHnnZh7LdUvkjAwsQMbX3dLCQpt/gwOM51e2Fy0xPDtQcEI4j0j3QagStcL
|
||||
rglSj2DK1kb9CWkN3qRa2EI0IlanPDvC7Ql4YteeWacrechuqLPvFI96xNoNYCSf
|
||||
/7GsX/55+UavFRyeOgLYeJZPKjcKPb+gcs5XgRaYDD2gRHqIrfjzeyPw64aay2w/
|
||||
07Noz6FHk7GPn1MxHwyd5ZgELWHO8DWaHFYKPsAcFpxH9Oe7SvsWR6/4kR31HuQE
|
||||
L6oRwuCasMWTDMWjpbcDBgGSXk23UK+iSDYMQN/WLy2fjrJuCr5wTqkyF+EWavIe
|
||||
50oJZes2AiE+SRFJpklPIg==
|
||||
=NG21
|
||||
iQJNBAABCgA3FiEEm8dazQnvu0U1Gdmc9s+lqZ57WVcFAmCW5lkZHGd6YW11ZGlv
|
||||
QGxpYnJlbWV4Lm9yZy5teAAKCRD2z6WpnntZV6QGD/wMf1X7VXI1Xbsya0Jol8mP
|
||||
w1GMtv4/6sGsifLpRMXu6rQahlgvjsl60kkwSZcDkHVCsC2+i3y2yw/Txl2VoWK1
|
||||
k/ewZm/gdJLSykSZNmQF6/VsS/z7yltp4k9S6xCTfQQdsR0Ni55AEOrOz6aGU3j7
|
||||
ChEI7IWlDxFJ42rQb1dXQPp4kZPmhdgOQbRT3h4MSRYHmscBF9KCOn+Q/PFlhhOH
|
||||
aS81TTPeAq7nXaXjjYfm/CAo1SAf7WSJ8CHdwpERGrnTOgaKaDTU9Rk/URp1Vh2z
|
||||
/uuV47KVQPRrUmrJzLGyRghbE2Y7xNwrxhKyMnp47KP5gQez2osvIulzoh7pd9qu
|
||||
fn3CGnF6WemgSM/3KiHBqUh4XinARNMzYUMRkUOfaMrz0a6jqP3IOnKw1fAxbHhF
|
||||
1ugaJ2gWnJrdxhyVM6R/ykVtd7RRsv+RACIIsCOYBZWrpE7AMjbiuqRIUYbwljXe
|
||||
hXZY9Mm9tx/XV7AMYiWGtzEJ+1c77+FbB0eLCja9cPRcpxA5DQy5s3JuNkH2xGn9
|
||||
Z0m7QsDxMkcTGQELriYqpgAD0xkVYoFNNtgyOPvV2KduO8gKSWgEePPxywnA0k3+
|
||||
WOgRp6iykVei5teIirdXOpGl7/3V2JDUsFZebsSty+i8e8ZXJWwc2DQ7HRLG1HZk
|
||||
vBNk79M33o/1yBv3lJC0ow==
|
||||
=fCdQ
|
||||
-----END PGP SIGNATURE-----
|
||||
|
Binary file not shown.
Binary file not shown.
@ -1,74 +1,204 @@
|
||||
#!/bin/sh
|
||||
# $Id: rc.vdenetwork,v 1.7 2011/12/06 14:18:08 root Exp root $
|
||||
# Qemu environment preparation script
|
||||
|
||||
#=========================== EDIT THE FOLLOWING VARIABLES ==========================
|
||||
# _________________________________________________________________________________
|
||||
# | |
|
||||
# | Interface name to use for the TAP device |
|
||||
# | |
|
||||
TAP_IF="tap0"
|
||||
# |_________________________________________________________________________________|
|
||||
# | |
|
||||
# | IP Address/Subnet in CIDR Notation for the Virtual Network |
|
||||
# | |
|
||||
TAP_NET="10.10.10.1/24"
|
||||
# |_________________________________________________________________________________|
|
||||
# ---------------------------------------------------------------------------
|
||||
#
|
||||
#=========================== DO NOT EDIT BELOW THIS LINE ============================
|
||||
# After running this startup script, run a QEMU virtual machine in this way:
|
||||
#
|
||||
# qemu-system-x86_64 \
|
||||
# -net vde,sock=/var/run/kvm0.ctl,vlan=0 -net nic,vlan=0 \
|
||||
# [qemu_option [qemu_option], ...]
|
||||
#
|
||||
# This will automatically connect the QEMU virtual machine to the VDE switch.
|
||||
#
|
||||
# ---------------------------------------------------------------------------
|
||||
#
|
||||
# Network type can be one of "route" "bridge" or "nat":
|
||||
# - In "route" mode, the script will expect that the 'routed' daemon is running
|
||||
# on the host (see /etc/rc.d/rc.inet2 to start 'routed'), and will not
|
||||
# create iptables NAT rules.
|
||||
# The virtual network will be routed on the LAN and will be accessible as a
|
||||
# separate network segment (make sure the IP range defined below does not
|
||||
# conflict with existing parts of your network!). The guests will use our
|
||||
# private dnsmasq server to obtain IP addresses.
|
||||
# - In "bridge" mode, the script will try to add the tap device to an existing
|
||||
# network bridge, and will not create iptables NAT rules.
|
||||
# The guests will be seen on the LAN as part of the network.
|
||||
# - In "nat" mode, the script will create iptables NAT rules. These hide the
|
||||
# virtual network behind an internal NAT router. The guests will have full
|
||||
# network access, but will be accessible only from the host.
|
||||
#
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
#NETWORKTYPE="route"
|
||||
#NETWORKTYPE="bridge"
|
||||
NETWORKTYPE="nat"
|
||||
|
||||
# Host interfaces that need to be NAT-ed (in case we're not bridging/routing):
|
||||
# Add more interfaces space-separated, like "eth+ wlan+"
|
||||
NAT_IFS="eth+"
|
||||
|
||||
# What is the bridge interface called if we are bridging?
|
||||
BR_DEV=br0
|
||||
|
||||
start(){
|
||||
echo -n "Starting VDE Switch..."
|
||||
# What is the name of the tun/tap device we will be using?
|
||||
TAP_DEV=kvm0
|
||||
|
||||
start_tap() {
|
||||
# Load tun module
|
||||
modprobe tun || { echo "Error, cannot load 'tun' module. Exiting..." ; exit 1 ; }
|
||||
sleep 1
|
||||
/sbin/modprobe tun 2>/dev/null
|
||||
# Wait for the module to be loaded
|
||||
while ! /bin/lsmod |grep -q "^tun"; do echo Waiting for tun device;sleep 1; done
|
||||
|
||||
# Start tap switch
|
||||
vde_switch -tap ${TAP_IF} -daemon || { echo "Error, cannot assign IP to ${TAP_IF}. Exiting..." ; exit 1 ; }
|
||||
vde_switch --tap ${TAP_DEV} --daemon --group kvm \
|
||||
--sock /var/run/${TAP_DEV}.ctl --pidfile /var/run/${TAP_DEV}_vde.pid \
|
||||
--mod 775 --mgmtmode 770 --mgmt /var/run/${TAP_DEV}-manage
|
||||
|
||||
# Bring tap interface up
|
||||
ip addr add ${TAP_NET} dev ${TAP_IF}
|
||||
ip link set ${TAP_IF} up
|
||||
sleep 1
|
||||
|
||||
#chmod 666 /tmp/vde.ctl
|
||||
chmod -R a+rwx /var/run/vde.ctl
|
||||
# Change pipe permission:
|
||||
#chmod -R a+rwx /var/run/vde.ctl
|
||||
} # End start_tap
|
||||
|
||||
# Apply workaround
|
||||
echo 1024 > /proc/sys/dev/rtc/max-user-freq
|
||||
echo
|
||||
}
|
||||
stop_tap() {
|
||||
# Bring tap interface down:
|
||||
ifconfig ${TAP_DEV} down
|
||||
|
||||
# Kill VDE switch:
|
||||
#pgrep -f vde_switch | xargs kill -TERM
|
||||
kill -HUP $(cat /var/run/${TAP_DEV}_vde.pid)
|
||||
|
||||
stop(){
|
||||
echo -n "Stopping VDE Switch..."
|
||||
# Remove the control socket:
|
||||
#rmdir /var/run/vde.ctl
|
||||
} # End stop_tap
|
||||
|
||||
# Bring tap interface down
|
||||
ip addr flush dev ${TAP_IF}
|
||||
ip link set ${TAP_IF} down
|
||||
start_localdhcp() {
|
||||
# The IP configuration for the tap device that will be used for
|
||||
# the virtual machine network:
|
||||
|
||||
# Kill VDE switch
|
||||
kill $(pgrep vde_switch)
|
||||
sleep 1
|
||||
TAP_IP=10.111.111.254
|
||||
TAP_MASK=255.255.255.0
|
||||
TAP_BCAST=$(/bin/ipmask ${TAP_MASK} ${TAP_IP} | cut -f 1 -d ' ')
|
||||
|
||||
# Remove tun module
|
||||
modprobe -r tun
|
||||
echo
|
||||
# Definitions for the LAN segment the Qemu virtual machines will be in.
|
||||
# These definitions will be fed to dnsmasq - this program will provide DNS
|
||||
# and DHCP to the Qemu LAN.
|
||||
|
||||
# The VM_IPLOW and VM_IPHIGH addresses must agree with the definitions for
|
||||
# the tap0 device above. These 'low' and 'high' values are the IP address
|
||||
# range for the DHCP server to use.
|
||||
|
||||
VM_DOMAIN=qemu.lan
|
||||
VM_IPLOW=10.111.111.128
|
||||
VM_IPHIGH=10.111.111.199
|
||||
VM_BCAST=${TAP_BCAST}
|
||||
VM_MASK=${TAP_MASK}
|
||||
|
||||
# For additional options to dnsmasq - the commented example specifies that
|
||||
# all DNS lookups for 'my.net' should go to 192.168.1.1;
|
||||
# On the second line you find a configuration for supporting network boot:
|
||||
#DNSMASQ_OPTIONS="--server /my.net/192.168.1.1 \
|
||||
# --dhcp-boot=/pxelinux.0,\"192.168.1.1\",192.168.1.1"
|
||||
DNSMASQ_OPTIONS=""
|
||||
|
||||
# Bring tap interface up
|
||||
ifconfig ${TAP_DEV} ${TAP_IP} broadcast ${TAP_BCAST} netmask ${TAP_MASK}
|
||||
|
||||
# Start dnsmasq, the DNS/DHCP server
|
||||
# for our Virtual Machines behind the tap0 interface.
|
||||
# The '--conf-file' option prevents this instance from reading the default
|
||||
# /etc/dnsmasq.conf settings. Also, binds to the tun interface, to keep it
|
||||
# from interfering with other dnsmasq/named processes running on the host's
|
||||
# primary interfaces.
|
||||
/usr/sbin/dnsmasq \
|
||||
--log-queries \
|
||||
--user=daemon \
|
||||
--dhcp-leasefile=/var/state/dhcp/qemu-dhcpd.leases \
|
||||
--dhcp-range=${VM_IPLOW},${VM_IPHIGH},${VM_MASK},${VM_BCAST},8h \
|
||||
--interface=${TAP_DEV} --except-interface=lo --bind-interfaces \
|
||||
--pid-file=/var/run/${TAP_DEV}_dnsmasq.pid --conf-file \
|
||||
--domain=${VM_DOMAIN} \
|
||||
$DNSMASQ_OPTIONS
|
||||
|
||||
} # End start_localdhcp
|
||||
|
||||
stop_localdhcp() {
|
||||
# Stop dnsmasq
|
||||
#pgrep -f dnsmasq | xargs kill -TERM
|
||||
kill -TERM $(cat /var/run/${TAP_DEV}_dnsmasq.pid) \
|
||||
&& rm -f /var/run/${TAP_DEV}_dnsmasq.pid
|
||||
} # End stop_localdhcp
|
||||
|
||||
start_route() {
|
||||
# We need a private dnsmasq instance in a routed configuration:
|
||||
start_localdhcp
|
||||
} # End start_route
|
||||
|
||||
stop_route() {
|
||||
# We need to stop our private dnsmasq instance in a routed configuration:
|
||||
stop_localdhcp
|
||||
} # End stop_route
|
||||
|
||||
start_nat() {
|
||||
# Start IP Forwarding
|
||||
echo "1" > /proc/sys/net/ipv4/ip_forward
|
||||
for NIC in ${NAT_IFS}; do
|
||||
iptables -t nat -A POSTROUTING -o ${NIC} -j MASQUERADE
|
||||
done
|
||||
|
||||
# We need a private dnsmasq instance in a NAT configuration:
|
||||
start_localdhcp
|
||||
|
||||
} # End start_nat
|
||||
|
||||
stop_nat() {
|
||||
# We need to stop our private dnsmasq in a NAT configuration:
|
||||
stop_localdhcp
|
||||
|
||||
# Delete the NAT rules
|
||||
for NIC in ${NAT_IFS}; do
|
||||
iptables -t nat -D POSTROUTING -o ${NIC} -j MASQUERADE
|
||||
done
|
||||
# Stop IP Forwarding
|
||||
echo "0" > /proc/sys/net/ipv4/ip_forward
|
||||
}
|
||||
|
||||
start_bridge() {
|
||||
# Connect our tap device from the bridge:
|
||||
/sbin/ifconfig $TAP_DEV down
|
||||
/sbin/ifconfig $TAP_DEV 0.0.0.0 promisc up
|
||||
/sbin/brctl addif $BR_DEV $TAP_DEV
|
||||
}
|
||||
|
||||
stop_bridge() {
|
||||
# Disconnect our tap device from the bridge:
|
||||
/sbin/brctl delif $BR_DEV $TAP_DEV
|
||||
}
|
||||
|
||||
# See how we were called.
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
;;
|
||||
echo -n "Starting VDE network for QEMU: "
|
||||
|
||||
start_tap
|
||||
start_$NETWORKTYPE
|
||||
echo
|
||||
;;
|
||||
stop)
|
||||
stop
|
||||
echo -n "Stopping VDE network for QEMU: "
|
||||
stop_$NETWORKTYPE
|
||||
stop_tap
|
||||
echo
|
||||
;;
|
||||
|
||||
restart)
|
||||
stop
|
||||
start
|
||||
restart|reload)
|
||||
$0 stop
|
||||
sleep 1
|
||||
$0 start
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart}"
|
||||
;;
|
||||
echo "Usage: $0 {start|stop|restart|reload}"
|
||||
exit 1
|
||||
esac
|
||||
|
Loading…
Reference in new issue