Revert "Support hairpin NAT"
This reverts commit 95a400e6e1a3b5da68431e64f9902a3fac218360. Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This commit is contained in:
parent
bfe8d7af74
commit
869842478e
1 changed files with 1 additions and 11 deletions
|
@ -73,6 +73,7 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str
|
||||||
"-p", proto,
|
"-p", proto,
|
||||||
"-d", daddr,
|
"-d", daddr,
|
||||||
"--dport", strconv.Itoa(port),
|
"--dport", strconv.Itoa(port),
|
||||||
|
"!", "-i", c.Bridge,
|
||||||
"-j", "DNAT",
|
"-j", "DNAT",
|
||||||
"--to-destination", net.JoinHostPort(dest_addr, strconv.Itoa(dest_port))); err != nil {
|
"--to-destination", net.JoinHostPort(dest_addr, strconv.Itoa(dest_port))); err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -96,17 +97,6 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str
|
||||||
return fmt.Errorf("Error iptables forward: %s", output)
|
return fmt.Errorf("Error iptables forward: %s", output)
|
||||||
}
|
}
|
||||||
|
|
||||||
if output, err := Raw("-t", "nat", string(fAction), "POSTROUTING",
|
|
||||||
"-p", proto,
|
|
||||||
"-s", dest_addr,
|
|
||||||
"-d", dest_addr,
|
|
||||||
"--dport", strconv.Itoa(dest_port),
|
|
||||||
"-j", "MASQUERADE"); err != nil {
|
|
||||||
return err
|
|
||||||
} else if len(output) != 0 {
|
|
||||||
return fmt.Errorf("Error iptables forward: %s", output)
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue