Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

added option to make iptables change

0xdcarns 3 years ago
parent
ffdc3daed4
commit
7ca2c259ed
3 changed files with 11 additions and 11 deletions
Split View Show Diff Stats
  1. 1 1
      main.go
  2. 1 1
      mq/publishers.go
  3. 9 9
      serverctl/iptables.go

+ 1 - 1
main.go
View File 

@@ -109,7 +109,7 @@ func initialize() { // Client Mode Prereq Check
 
 	}
 
 	// initialize iptables to ensure gateways work correctly and mq is forwarded if containerized
 
 	if servercfg.ManageIPTables() != "off" {
 
-		if err = serverctl.InitIPTables(); err != nil {
 
+		if err = serverctl.InitIPTables(true); err != nil {
 
 			logger.FatalLog("Unable to initialize iptables on host:", err.Error())
 
 		}
 
 	}

+ 1 - 1
mq/publishers.go
View File 

@@ -103,7 +103,7 @@ func sendPeers() {
 
 
 		// run iptables update to ensure gateways work correctly and mq is forwarded if containerized
 
 		if servercfg.ManageIPTables() != "off" {
 
-			serverctl.InitIPTables()
 
+			serverctl.InitIPTables(false)
 
 		}
 
 
 		force = true

+ 9 - 9
serverctl/iptables.go
View File 

@@ -16,7 +16,7 @@ import (
 
 const netmakerProcessName = "netmaker"
 
 
 // InitIPTables - intializes the server iptables
 
-func InitIPTables() error {
 
+func InitIPTables(force bool) error {
 
 	_, err := exec.LookPath("iptables")
 
 	if err != nil {
 
 		return err
 
@@ -26,7 +26,7 @@ func InitIPTables() error {
 
 		logger.Log(0, "error setting iptables forward policy: "+err.Error())
 
 	}
 
 
-	err = portForwardServices()
 
+	err = portForwardServices(force)
 
 	if err != nil {
 
 		return err
 
 	}
 
@@ -37,7 +37,7 @@ func InitIPTables() error {
 
 }
 
 
 // set up port forwarding for services listed in config
 
-func portForwardServices() error {
 
+func portForwardServices(force bool) error {
 
 	var err error
 
 	services := servercfg.GetPortForwardServiceList()
 
 	if len(services) == 0 || services[0] == "" {
 
@@ -46,15 +46,15 @@ func portForwardServices() error {
 
 	for _, service := range services {
 
 		switch service {
 
 		case "mq":
 
-			err = iptablesPortForward("mq", "1883", "1883", false)
 
+			err = iptablesPortForward("mq", "1883", "1883", false, force)
 
 		case "dns":
 
-			err = iptablesPortForward("coredns", "53", "53", false)
 
+			err = iptablesPortForward("coredns", "53", "53", false, force)
 
 		case "ssh":
 
-			err = iptablesPortForward("netmaker", "22", "22", false)
 
+			err = iptablesPortForward("netmaker", "22", "22", false, force)
 
 		default:
 
 			params := strings.Split(service, ":")
 
 			if len(params) == 3 {
 
-				err = iptablesPortForward(params[0], params[1], params[2], true)
 
+				err = iptablesPortForward(params[0], params[1], params[2], true, force)
 
 			}
 
 		}
 
 		if err != nil {
 
@@ -83,7 +83,7 @@ func setForwardPolicy() error {
 
 }
 
 
 // port forward from an entry, can contain a dns name for lookup
 
-func iptablesPortForward(entry string, inport string, outport string, isIP bool) error {
 
+func iptablesPortForward(entry string, inport string, outport string, isIP, force bool) error {
 
 
 	var address string
 
 	if !isIP {
 
@@ -110,7 +110,7 @@ func iptablesPortForward(entry string, inport string, outport string, isIP bool)
 
 		return errors.New("could not locate ip for " + entry)
 
 	}
 
 
-	if output, err := ncutils.RunCmd("iptables -t nat -C PREROUTING -p tcp --dport "+inport+" -j DNAT --to-destination "+address+":"+outport, false); output != "" || err != nil {
 
+	if output, err := ncutils.RunCmd("iptables -t nat -C PREROUTING -p tcp --dport "+inport+" -j DNAT --to-destination "+address+":"+outport, false); output != "" || err != nil || force {
 
 		_, err := ncutils.RunCmd("iptables -t nat -A PREROUTING -p tcp --dport "+inport+" -j DNAT --to-destination "+address+":"+outport, false)
 
 		if err != nil {
 
 			return err