Revision 4015e066

View differences:

examples/natnet.py
20 20

  
21 21
from mininet.topo import Topo
22 22
from mininet.net import Mininet
23
from mininet.node import NAT
23
from mininet.nodelib import NAT
24 24
from mininet.log import setLogLevel
25 25
from mininet.cli import CLI
26 26
from mininet.util import irange
mininet/net.py
96 96

  
97 97
from mininet.cli import CLI
98 98
from mininet.log import info, error, debug, output, warn
99
from mininet.node import Host, OVSKernelSwitch, DefaultController, Controller, NAT
99
from mininet.node import Host, OVSKernelSwitch, DefaultController, Controller
100
from mininet.nodelib import NAT
100 101
from mininet.link import Link, Intf
101 102
from mininet.util import quietRun, fixLimits, numCores, ensureRoot
102 103
from mininet.util import macColonHex, ipStr, ipParse, netParse, ipAdd
mininet/node.py
41 41
    arbitrary OpenFlow-compatible controller, and which is not
42 42
    created or managed by mininet.
43 43

  
44
TODO: NAT
45

  
46 44
Future enhancements:
47 45

  
48 46
- Possibly make Node, Switch and Controller more abstract so that
......
1362 1360
    for controller in order:
1363 1361
        if controller.isAvailable():
1364 1362
            return controller( name, **kwargs )
1365

  
1366
class NAT( Node ):
1367
    """NAT: Provides connectivity to external network"""
1368

  
1369
    def __init__( self, name, inetIntf='eth0', subnet='10.0/8', localIntf=None, **params):
1370
        super( NAT, self ).__init__( name, **params )
1371

  
1372
        """Start NAT/forwarding between Mininet and external network
1373
        inetIntf: interface for internet access
1374
        subnet: Mininet subnet (default 10.0/8)="""
1375
        self.inetIntf = inetIntf
1376
        self.subnet = subnet
1377
        self.localIntf = localIntf
1378

  
1379
    def config( self, **params ):
1380
        super( NAT, self).config( **params )
1381
        """Configure the NAT and iptables"""
1382

  
1383
        if not self.localIntf:
1384
            self.localIntf =  self.defaultIntf()
1385

  
1386
        self.cmd( 'sysctl net.ipv4.ip_forward=0' )
1387

  
1388
        # Flush any currently active rules
1389
        # TODO: is this safe?
1390
        self.cmd( 'iptables -F' )
1391
        self.cmd( 'iptables -t nat -F' )
1392

  
1393
        # Create default entries for unmatched traffic
1394
        self.cmd( 'iptables -P INPUT ACCEPT' )
1395
        self.cmd( 'iptables -P OUTPUT ACCEPT' )
1396
        self.cmd( 'iptables -P FORWARD DROP' )
1397

  
1398
        # Configure NAT
1399
        self.cmd( 'iptables -I FORWARD -i', self.localIntf, '-d', self.subnet, '-j DROP' )
1400
        self.cmd( 'iptables -A FORWARD -i', self.localIntf, '-s', self.subnet, '-j ACCEPT' )
1401
        self.cmd( 'iptables -A FORWARD -i', self.inetIntf, '-d', self.subnet, '-j ACCEPT' )
1402
        self.cmd( 'iptables -t nat -A POSTROUTING -o ', self.inetIntf, '-j MASQUERADE' )
1403

  
1404
        # Instruct the kernel to perform forwarding
1405
        self.cmd( 'sysctl net.ipv4.ip_forward=1' )
1406

  
1407
        # Prevent network-manager from messing with our interface
1408
        # by specifying manual configuration in /etc/network/interfaces
1409
        intf = self.localIntf
1410
        cfile = '/etc/network/interfaces'
1411
        line = '\niface %s inet manual\n' % intf
1412
        config = open( cfile ).read()
1413
        if ( line ) not in config:
1414
            info( '*** Adding "' + line.strip() + '" to ' + cfile )
1415
            with open( cfile, 'a' ) as f:
1416
                f.write( line )
1417
        # Probably need to restart network-manager to be safe -
1418
        # hopefully this won't disconnect you
1419
        self.cmd( 'service network-manager restart' )
1420

  
1421
    def terminate( self ):
1422
        """Stop NAT/forwarding between Mininet and external network"""
1423
        # Flush any currently active rules
1424
        # TODO: is this safe?
1425
        self.cmd( 'iptables -F' )
1426
        self.cmd( 'iptables -t nat -F' )
1427

  
1428
        # Instruct the kernel to stop forwarding
1429
        self.cmd( 'sysctl net.ipv4.ip_forward=0' )
1430

  
1431
        super( NAT, self ).terminate()
1432

  
mininet/nodelib.py
1 1
"""
2 2
Node Library for Mininet
3 3

  
4
This contains additional Node types which you may find to be useful
4
This contains additional Node types which you may find to be useful.
5 5
"""
6 6

  
7
from mininet.net import Mininet
8
from mininet.topo import Topo
9
from mininet.node import Switch
7
from mininet.node import Node, Switch
10 8
from mininet.log import setLogLevel, info
11 9

  
12

  
13 10
class LinuxBridge( Switch ):
14 11
    "Linux Bridge (with optional spanning tree)"
15 12

  
......
49 46
        self.cmd( 'ifconfig', self, 'down' )
50 47
        self.cmd( 'brctl delbr', self )
51 48

  
49
class NAT( Node ):
50
    """NAT: Provides connectivity to external network"""
51

  
52
    def __init__( self, name, inetIntf='eth0', subnet='10.0/8', localIntf=None, **params):
53
        super( NAT, self ).__init__( name, **params )
54

  
55
        """Start NAT/forwarding between Mininet and external network
56
        inetIntf: interface for internet access
57
        subnet: Mininet subnet (default 10.0/8)="""
58
        self.inetIntf = inetIntf
59
        self.subnet = subnet
60
        self.localIntf = localIntf
61

  
62
    def config( self, **params ):
63
        super( NAT, self).config( **params )
64
        """Configure the NAT and iptables"""
65

  
66
        if not self.localIntf:
67
            self.localIntf =  self.defaultIntf()
68

  
69
        self.cmd( 'sysctl net.ipv4.ip_forward=0' )
70

  
71
        # Flush any currently active rules
72
        # TODO: is this safe?
73
        self.cmd( 'iptables -F' )
74
        self.cmd( 'iptables -t nat -F' )
75

  
76
        # Create default entries for unmatched traffic
77
        self.cmd( 'iptables -P INPUT ACCEPT' )
78
        self.cmd( 'iptables -P OUTPUT ACCEPT' )
79
        self.cmd( 'iptables -P FORWARD DROP' )
80

  
81
        # Configure NAT
82
        self.cmd( 'iptables -I FORWARD -i', self.localIntf, '-d', self.subnet, '-j DROP' )
83
        self.cmd( 'iptables -A FORWARD -i', self.localIntf, '-s', self.subnet, '-j ACCEPT' )
84
        self.cmd( 'iptables -A FORWARD -i', self.inetIntf, '-d', self.subnet, '-j ACCEPT' )
85
        self.cmd( 'iptables -t nat -A POSTROUTING -o ', self.inetIntf, '-j MASQUERADE' )
86

  
87
        # Instruct the kernel to perform forwarding
88
        self.cmd( 'sysctl net.ipv4.ip_forward=1' )
89

  
90
        # Prevent network-manager from messing with our interface
91
        # by specifying manual configuration in /etc/network/interfaces
92
        intf = self.localIntf
93
        cfile = '/etc/network/interfaces'
94
        line = '\niface %s inet manual\n' % intf
95
        config = open( cfile ).read()
96
        if ( line ) not in config:
97
            info( '*** Adding "' + line.strip() + '" to ' + cfile )
98
            with open( cfile, 'a' ) as f:
99
                f.write( line )
100
        # Probably need to restart network-manager to be safe -
101
        # hopefully this won't disconnect you
102
        self.cmd( 'service network-manager restart' )
103

  
104
    def terminate( self ):
105
        """Stop NAT/forwarding between Mininet and external network"""
106
        # Flush any currently active rules
107
        # TODO: is this safe?
108
        self.cmd( 'iptables -F' )
109
        self.cmd( 'iptables -t nat -F' )
110

  
111
        # Instruct the kernel to stop forwarding
112
        self.cmd( 'sysctl net.ipv4.ip_forward=0' )
113

  
114
        super( NAT, self ).terminate()
115

  

Also available in: Unified diff