Revision 4015e066 mininet/node.py
| mininet/node.py | ||
|---|---|---|
| 41 | 41 |
arbitrary OpenFlow-compatible controller, and which is not |
| 42 | 42 |
created or managed by mininet. |
| 43 | 43 |
|
| 44 |
TODO: NAT |
|
| 45 |
|
|
| 46 | 44 |
Future enhancements: |
| 47 | 45 |
|
| 48 | 46 |
- Possibly make Node, Switch and Controller more abstract so that |
| ... | ... | |
| 1362 | 1360 |
for controller in order: |
| 1363 | 1361 |
if controller.isAvailable(): |
| 1364 | 1362 |
return controller( name, **kwargs ) |
| 1365 |
|
|
| 1366 |
class NAT( Node ): |
|
| 1367 |
"""NAT: Provides connectivity to external network""" |
|
| 1368 |
|
|
| 1369 |
def __init__( self, name, inetIntf='eth0', subnet='10.0/8', localIntf=None, **params): |
|
| 1370 |
super( NAT, self ).__init__( name, **params ) |
|
| 1371 |
|
|
| 1372 |
"""Start NAT/forwarding between Mininet and external network |
|
| 1373 |
inetIntf: interface for internet access |
|
| 1374 |
subnet: Mininet subnet (default 10.0/8)=""" |
|
| 1375 |
self.inetIntf = inetIntf |
|
| 1376 |
self.subnet = subnet |
|
| 1377 |
self.localIntf = localIntf |
|
| 1378 |
|
|
| 1379 |
def config( self, **params ): |
|
| 1380 |
super( NAT, self).config( **params ) |
|
| 1381 |
"""Configure the NAT and iptables""" |
|
| 1382 |
|
|
| 1383 |
if not self.localIntf: |
|
| 1384 |
self.localIntf = self.defaultIntf() |
|
| 1385 |
|
|
| 1386 |
self.cmd( 'sysctl net.ipv4.ip_forward=0' ) |
|
| 1387 |
|
|
| 1388 |
# Flush any currently active rules |
|
| 1389 |
# TODO: is this safe? |
|
| 1390 |
self.cmd( 'iptables -F' ) |
|
| 1391 |
self.cmd( 'iptables -t nat -F' ) |
|
| 1392 |
|
|
| 1393 |
# Create default entries for unmatched traffic |
|
| 1394 |
self.cmd( 'iptables -P INPUT ACCEPT' ) |
|
| 1395 |
self.cmd( 'iptables -P OUTPUT ACCEPT' ) |
|
| 1396 |
self.cmd( 'iptables -P FORWARD DROP' ) |
|
| 1397 |
|
|
| 1398 |
# Configure NAT |
|
| 1399 |
self.cmd( 'iptables -I FORWARD -i', self.localIntf, '-d', self.subnet, '-j DROP' ) |
|
| 1400 |
self.cmd( 'iptables -A FORWARD -i', self.localIntf, '-s', self.subnet, '-j ACCEPT' ) |
|
| 1401 |
self.cmd( 'iptables -A FORWARD -i', self.inetIntf, '-d', self.subnet, '-j ACCEPT' ) |
|
| 1402 |
self.cmd( 'iptables -t nat -A POSTROUTING -o ', self.inetIntf, '-j MASQUERADE' ) |
|
| 1403 |
|
|
| 1404 |
# Instruct the kernel to perform forwarding |
|
| 1405 |
self.cmd( 'sysctl net.ipv4.ip_forward=1' ) |
|
| 1406 |
|
|
| 1407 |
# Prevent network-manager from messing with our interface |
|
| 1408 |
# by specifying manual configuration in /etc/network/interfaces |
|
| 1409 |
intf = self.localIntf |
|
| 1410 |
cfile = '/etc/network/interfaces' |
|
| 1411 |
line = '\niface %s inet manual\n' % intf |
|
| 1412 |
config = open( cfile ).read() |
|
| 1413 |
if ( line ) not in config: |
|
| 1414 |
info( '*** Adding "' + line.strip() + '" to ' + cfile ) |
|
| 1415 |
with open( cfile, 'a' ) as f: |
|
| 1416 |
f.write( line ) |
|
| 1417 |
# Probably need to restart network-manager to be safe - |
|
| 1418 |
# hopefully this won't disconnect you |
|
| 1419 |
self.cmd( 'service network-manager restart' ) |
|
| 1420 |
|
|
| 1421 |
def terminate( self ): |
|
| 1422 |
"""Stop NAT/forwarding between Mininet and external network""" |
|
| 1423 |
# Flush any currently active rules |
|
| 1424 |
# TODO: is this safe? |
|
| 1425 |
self.cmd( 'iptables -F' ) |
|
| 1426 |
self.cmd( 'iptables -t nat -F' ) |
|
| 1427 |
|
|
| 1428 |
# Instruct the kernel to stop forwarding |
|
| 1429 |
self.cmd( 'sysctl net.ipv4.ip_forward=0' ) |
|
| 1430 |
|
|
| 1431 |
super( NAT, self ).terminate() |
|
| 1432 |
|
|
Also available in: Unified diff