vbatts/pkg
1
0
Fork 0
Code Pull requests Releases Activity

Merge pull request #6810 from phemmer/4442-hairpin-nat

Browse source 
Support hairpin NAT
This commit is contained in:
Arnaud Porterie 2014-11-10 08:53:01 -08:00
commit 828dd345d4
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
iptables/iptables.go
View file

@ -73,7 +73,6 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str
"-p", proto, "-p", proto,
"-d", daddr, "-d", daddr,
"--dport", strconv.Itoa(port), "--dport", strconv.Itoa(port),
"!", "-i", c.Bridge,
"-j", "DNAT", "-j", "DNAT",
"--to-destination", net.JoinHostPort(dest_addr, strconv.Itoa(dest_port))); err != nil { "--to-destination", net.JoinHostPort(dest_addr, strconv.Itoa(dest_port))); err != nil {
return err return err
@ -97,6 +96,17 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str
return fmt.Errorf("Error iptables forward: %s", output) return fmt.Errorf("Error iptables forward: %s", output)
} }
if output, err := Raw("-t", "nat", string(fAction), "POSTROUTING",
"-p", proto,
"-s", dest_addr,
"-d", dest_addr,
"--dport", strconv.Itoa(dest_port),
"-j", "MASQUERADE"); err != nil {
return err
} else if len(output) != 0 {
return fmt.Errorf("Error iptables forward: %s", output)
}
return nil return nil
} }