Merge pull request #6810 from phemmer/4442-hairpin-nat
Support hairpin NAT
This commit is contained in:
Arnaud Porterie
commit
828dd345d4
1 changed files with 11 additions and 1 deletions
|
|
@ -73,7 +73,6 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str
|
|||
"-p", proto,
|
||||
"-d", daddr,
|
||||
"--dport", strconv.Itoa(port),
|
||||
"!", "-i", c.Bridge,
|
||||
"-j", "DNAT",
|
||||
"--to-destination", net.JoinHostPort(dest_addr, strconv.Itoa(dest_port))); err != nil {
|
||||
return err
|
||||
|
|
@ -97,6 +96,17 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str
|
|||
return fmt.Errorf("Error iptables forward: %s", output)
|
||||
}
|
||||
|
||||
if output, err := Raw("-t", "nat", string(fAction), "POSTROUTING",
|
||||
"-p", proto,
|
||||
"-s", dest_addr,
|
||||
"-d", dest_addr,
|
||||
"--dport", strconv.Itoa(dest_port),
|
||||
"-j", "MASQUERADE"); err != nil {
|
||||
return err
|
||||
} else if len(output) != 0 {
|
||||
return fmt.Errorf("Error iptables forward: %s", output)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue