Add iptables modules to the default xen0 kernel, and add example configuration files for a NAT setup.
405ff55dawQyCHFEnJ067ChPRoXBBA tools/examples/init.d/xend
40278d94cIUWl2eRgnwZtr4hTyWT1Q tools/examples/init.d/xendomains
40ee75a9xFz6S05sDKu-JCLqyVTkDA tools/examples/network
+41fc0c18hVgK5rKJyZUsqybux9D9Dg tools/examples/network-nat
41e661e1giIEKbJ25qfiP-ke8u8hFA tools/examples/network-route
40ee75a967sxgcRY4Q7zXoVUaJ4flA tools/examples/vif-bridge
+41fc0c18AFAVXA1uGm1JFWHMeeznVw tools/examples/vif-nat
41e661e1ooiRKlOfwumG6wwzc0PdhQ tools/examples/vif-route
40ee75a93cqxHp6MiYXxxwR5j2_8QQ tools/examples/xend-config.sxp
41090ec8Pj_bkgCBpg2W7WfmNkumEA tools/examples/xmexample1
40cf2937oKlROYOJTN8GWwWM5AmjBg tools/examples/xmexample2
+41fc0c18_k4iL81hu4pMIWQu9dKpKA tools/examples/xmexample3
3fbba6dbDfYvJSsw9500b4SZyUhxjQ tools/libxc/Makefile
41cc934abX-QLXJXW_clV_wRjM0zYg tools/libxc/plan9a.out.h
3fbba6dc1uU7U3IFeF6A-XEOYF2MkQ tools/libxc/rpm.spec
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
# CONFIG_IP_NF_MATCH_LIMIT is not set
-# CONFIG_IP_NF_MATCH_IPRANGE is not set
+CONFIG_IP_NF_MATCH_IPRANGE=m
# CONFIG_IP_NF_MATCH_MAC is not set
# CONFIG_IP_NF_MATCH_PKTTYPE is not set
# CONFIG_IP_NF_MATCH_MARK is not set
# CONFIG_IP_NF_MATCH_SCTP is not set
# CONFIG_IP_NF_MATCH_COMMENT is not set
# CONFIG_IP_NF_MATCH_HASHLIMIT is not set
-# CONFIG_IP_NF_FILTER is not set
+CONFIG_IP_NF_FILTER=m
+CONFIG_IP_NF_TARGET_REJECT=m
# CONFIG_IP_NF_TARGET_LOG is not set
# CONFIG_IP_NF_TARGET_ULOG is not set
# CONFIG_IP_NF_TARGET_TCPMSS is not set
-# CONFIG_IP_NF_NAT is not set
+CONFIG_IP_NF_NAT=m
+CONFIG_IP_NF_NAT_NEEDED=y
+CONFIG_IP_NF_TARGET_MASQUERADE=m
+# CONFIG_IP_NF_TARGET_REDIRECT is not set
+# CONFIG_IP_NF_TARGET_NETMAP is not set
+# CONFIG_IP_NF_TARGET_SAME is not set
+# CONFIG_IP_NF_NAT_LOCAL is not set
+# CONFIG_IP_NF_NAT_SNMP_BASIC is not set
+CONFIG_IP_NF_NAT_FTP=m
# CONFIG_IP_NF_MANGLE is not set
# CONFIG_IP_NF_RAW is not set
# CONFIG_IP_NF_ARPTABLES is not set
--- /dev/null
+#!/bin/sh
+#============================================================================
+# Default Xen network start/stop script.
+# Xend calls a network script when it starts.
+# The script name to use is defined in /etc/xen/xend-config.sxp
+# in the network-script field.
+#
+# Usage:
+#
+# network-route (start|stop|status) {VAR=VAL}*
+#
+# Vars:
+#
+# netdev The gateway interface (default eth0).
+# antispoof Whether to use iptables to prevent spoofing (default yes).
+#
+#============================================================================
+
+
+
+# Exit if anything goes wrong.
+set -e
+
+# First arg is the operation.
+OP=$1
+shift
+
+# Pull variables in args in to environment.
+for arg ; do export "${arg}" ; done
+
+netdev=${netdev:-eth0}
+# antispoofing not yet implemented
+antispoof=${antispoof:-yes}
+
+echo "network-nat $OP netdev=$netdev antispoof=$antispoof"
+
+
+op_start() {
+ echo 1 >/proc/sys/net/ipv4/ip_forward
+ iptables -t nat -A POSTROUTING -o ${netdev} -j MASQUERADE
+}
+
+
+op_stop() {
+ iptables -t nat -D POSTROUTING -o ${netdev} -j MASQUERADE
+}
+
+
+show_status() {
+ echo '============================================================'
+ ifconfig
+ echo ' '
+ ip route list
+ echo ' '
+ route -n
+ echo '============================================================'
+
+}
+
+case ${OP} in
+ start)
+ op_start
+ ;;
+
+ stop)
+ op_stop
+ ;;
+
+ status)
+ show_status
+ ;;
+
+ *)
+ echo 'Unknown command: ' ${OP}
+ echo 'Valid commands are: start, stop, status'
+ exit 1
+esac
--- /dev/null
+#!/bin/sh
+#============================================================================
+# /etc/xen/vif-nat
+#
+# Script for configuring a vif in routed-nat mode.
+# Xend calls a vif script when bringing a vif up or down.
+# This script is the default - but it can be configured for each vif.
+#
+# Example invocation:
+#
+# vif-nat up domain=VM1 vif=vif1.0 ip="192.168.0.10/31"
+#
+# Usage:
+# vif-nat (up|down) {VAR=VAL}*
+#
+# Vars:
+#
+# domain name of the domain the interface is on (required).
+# vif vif interface name (required).
+# ip list of IP networks for the vif, space-separated (required).
+#============================================================================
+
+# Exit if anything goes wrong
+set -e
+
+echo "vif-nat $*"
+
+# Operation name.
+OP=$1
+shift
+
+# Pull variables in args into environment
+for arg ; do export "${arg}" ; done
+
+# Required parameters. Fail if not set.
+domain=${domain:?}
+vif=${vif:?}
+ip=${ip:?}
+
+# better way to strip /netmask from the ip?
+vif_ip=`echo ${ip} | awk -F. '{print $1"."$2"."$3"."$4}'`
+
+main_ip=`ifconfig eth0 | grep "inet addr:" | sed -e 's/.*inet addr:\(\w\w*\.\w\w*\.\w\w*\.\w\w*\).*/\1/'`
+
+# Are we going up or down?
+case $OP in
+ up)
+ ifconfig ${vif} ${vif_ip} netmask 255.255.255.0 up
+ echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp
+ iptcmd='-A'
+ ipcmd='a'
+ ;;
+ down)
+ ifconfig ${vif} down
+ iptcmd='-D'
+ ipcmd='d'
+ ;;
+ *)
+ echo 'Invalid command: ' $OP
+ echo 'Valid commands are: up, down'
+ exit 1
+ ;;
+esac
+
+ip r ${ipcmd} ${ip} dev ${vif} src ${main_ip}
+# iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -p udp --sport 68 --dport 67 -j ACCEPT
--- /dev/null
+# -*- mode: python; -*-
+#============================================================================
+# Example Python setup script for 'xm create'.
+# This script sets the parameters used when a domain is created using 'xm create'.
+#
+# This is a relatively advanced script that uses a parameter, vmid, to control
+# the settings. So this script can be used to start a set of domains by
+# setting the vmid parameter on the 'xm create' command line. For example:
+#
+# xm create vmid=1
+# xm create vmid=2
+# xm create vmid=3
+#
+# The vmid is purely a script variable, and has no effect on the the domain
+# id assigned to the new domain.
+#============================================================================
+
+# Define script variables here.
+# xm_vars is defined automatically, use xm_vars.var() to define a variable.
+
+# This function checks that 'vmid' has been given a valid value.
+# It is called automatically by 'xm create'.
+def vmid_check(var, val):
+ val = int(val)
+ if val <= 0:
+ raise ValueError
+ return val
+
+# Define the 'vmid' variable so that 'xm create' knows about it.
+xm_vars.var('vmid',
+ use="Virtual machine id. Integer greater than 0.",
+ check=vmid_check)
+
+# Check the defined variables have valid values..
+xm_vars.check()
+
+#----------------------------------------------------------------------------
+# Kernel image file.
+kernel = "/path/to/domU/kernel"
+
+# Optional ramdisk.
+#ramdisk = "/boot/initrd.gz"
+
+# The domain build function. Default is 'linux'.
+#builder='linux'
+
+# Initial memory allocation (in megabytes) for the new domain.
+memory = 64
+
+# A name for the new domain. All domains have to have different names,
+# so we use the vmid to create a name.
+name = "VM%d" % vmid
+
+# Which CPU to start domain on?
+#cpu = -1 # leave to Xen to pick
+cpu = vmid # set based on vmid (mod number of CPUs)
+
+#----------------------------------------------------------------------------
+# Define network interfaces.
+
+# Number of network interfaces. Default is 1.
+#nics=1
+
+# Optionally define mac and/or bridge for the network interfaces.
+# Random MACs are assigned if not given.
+
+vif = [ 'ip=192.168.%d.1/24' % (vmid)]
+
+#----------------------------------------------------------------------------
+# Define the disk devices you want the domain to have access to, and
+# what you want them accessible as.
+# Each disk entry is of the form phy:UNAME,DEV,MODE
+# where UNAME is the device, DEV is the device name the domain will see,
+# and MODE is r for read-only, w for read-write.
+
+# This makes the disk device depend on the vmid - assuming
+# tHat devices sda7, sda8 etc. exist. The device is exported
+# to all domains as sda1.
+# All domains get sda6 read-only (to use for /usr, see below).
+disk = [ 'phy:hda%d,hda1,w' % (vmid)]
+
+#----------------------------------------------------------------------------
+# Set the kernel command line for the new domain.
+# You only need to define the IP parameters and hostname if the domain's
+# IP config doesn't, e.g. in ifcfg-eth0 or via DHCP.
+# You can use 'extra' to set the runlevel and custom environment
+# variables used by custom rc scripts (e.g. VMID=, usr= ).
+
+# Set if you want dhcp to allocate the IP address.
+dhcp="off"
+ip="192.168.%d.2" % (vmid)
+# Set netmask.
+netmask="255.255.255.0"
+# Set default gateway.
+gateway="192.168.%d.1" % (vmid)
+# Set the hostname.
+hostname= "domain-%d.xeno" % vmid
+
+# Set root device.
+root = "/dev/hda1 ro"
+
+# Root device for nfs.
+#root = "/dev/nfs"
+# The nfs server.
+#nfs_server = "10.212.4.103"
+# Root directory on the nfs server.
+#nfs_root = "/path/to/root/filesystem"
+
+# Sets runlevel 4 and the device for /usr.
+extra = "4 VMID=%d" % vmid
+
+#----------------------------------------------------------------------------
+# Set according to whether you want the domain restarted when it exits.
+# The default is 'onreboot', which restarts the domain when it shuts down
+# with exit code reboot.
+# Other values are 'always', and 'never'.
+
+#restart = 'onreboot'
+
+#============================================================================
projects / xen.git / commitdiff