implement Add-IptablesRule

master
lub 5 years ago
parent e4a4c91471
commit cdf3653658

@ -52,11 +52,40 @@ function Test-IptablesRule {
Write-Output ($check.ExitCode -eq 0)
}
function Add-IptablesRule {
param (
[string]$Chain,
[string]$Table = 'nat',
[array]$Rule
)
$argument_list = @(
'-t'
$Table
'-A'
$Chain
)+$Rule
$add_splat = @{
FilePath = 'iptables'
ArgumentList = $argument_list
Wait = $true
PassThru = $true
}
if(-not (Test-IptablesRule -Chain $Chain -Rule $Rule)) {
$add = Start-Process @add_splat
if(0 -ne $add.ExitCode) {
Write-Error 'Adding iptables rule failed'
}
}
}
# setup SWARM-NAT chain
$chain = 'SWARM-NAT'
Write-Output ('Create chain {0}' -f $chain)
Add-IptablesChain -Chain $chain
Add-IptablesRule -Chain 'PREROUTING' -Rule '-m','addrtype','--dst-type','LOCAL','-j',$chain
foreach($yaml in (Get-ChildItem -Filter '*.yml')) {
@ -116,11 +145,6 @@ foreach($yaml in (Get-ChildItem -Filter '*.yml')) {
#TODO: port from bash
chain_rule='-m addrtype --dst-type LOCAL -j SWARM-NAT'
if ! iptables -t nat -C PREROUTING $chain_rule; then
Write-Output 'Add jump rule for SWARM-NAT'
iptables -t nat -A PREROUTING $chain_rule
fi
bridge=$(

Loading…
Cancel
Save