AuxXxilium/arv-v-dsm
1
0
Fork 0
mirror of https://github.com/AuxXxilium/arv-v-dsm.git synced 2025-02-20 08:38:24 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity

network in NAT mode, processing packets only with the destination (dst) set to the container IP can prevent packets coming out of the QEMU virtual machine through eth0 from being incorrectly DNAT

Browse Source
This commit is contained in:
tong min 2023-10-08 19:48:00 +08:00 committed by GitHub
parent 06829aac67
commit 8c6f7e49ef
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
run/network.sh
View File

@ -146,10 +146,13 @@ configureNAT () {
ip link set dev "${VM_NET_TAP}" master dockerbridge
# Add internet connection to the VM
IP=$(ip address show dev "${VM_NET_DEV}" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
iptables -t nat -A POSTROUTING -o "${VM_NET_DEV}" -j MASQUERADE
iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -p tcp -j DNAT --to $VM_NET_IP
iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -p udp -j DNAT --to $VM_NET_IP
iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -d "${IP}" -p tcp -j DNAT --to $VM_NET_IP
iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -d "${IP}" -p udp -j DNAT --to $VM_NET_IP
if (( KERNEL > 4 )); then
# Hack for guest VMs complaining about "bad udp checksums in 5 packets"