Revision 4015e066 mininet/node.py
mininet/node.py | ||
---|---|---|
41 | 41 |
arbitrary OpenFlow-compatible controller, and which is not |
42 | 42 |
created or managed by mininet. |
43 | 43 |
|
44 |
TODO: NAT |
|
45 |
|
|
46 | 44 |
Future enhancements: |
47 | 45 |
|
48 | 46 |
- Possibly make Node, Switch and Controller more abstract so that |
... | ... | |
1362 | 1360 |
for controller in order: |
1363 | 1361 |
if controller.isAvailable(): |
1364 | 1362 |
return controller( name, **kwargs ) |
1365 |
|
|
1366 |
class NAT( Node ): |
|
1367 |
"""NAT: Provides connectivity to external network""" |
|
1368 |
|
|
1369 |
def __init__( self, name, inetIntf='eth0', subnet='10.0/8', localIntf=None, **params): |
|
1370 |
super( NAT, self ).__init__( name, **params ) |
|
1371 |
|
|
1372 |
"""Start NAT/forwarding between Mininet and external network |
|
1373 |
inetIntf: interface for internet access |
|
1374 |
subnet: Mininet subnet (default 10.0/8)=""" |
|
1375 |
self.inetIntf = inetIntf |
|
1376 |
self.subnet = subnet |
|
1377 |
self.localIntf = localIntf |
|
1378 |
|
|
1379 |
def config( self, **params ): |
|
1380 |
super( NAT, self).config( **params ) |
|
1381 |
"""Configure the NAT and iptables""" |
|
1382 |
|
|
1383 |
if not self.localIntf: |
|
1384 |
self.localIntf = self.defaultIntf() |
|
1385 |
|
|
1386 |
self.cmd( 'sysctl net.ipv4.ip_forward=0' ) |
|
1387 |
|
|
1388 |
# Flush any currently active rules |
|
1389 |
# TODO: is this safe? |
|
1390 |
self.cmd( 'iptables -F' ) |
|
1391 |
self.cmd( 'iptables -t nat -F' ) |
|
1392 |
|
|
1393 |
# Create default entries for unmatched traffic |
|
1394 |
self.cmd( 'iptables -P INPUT ACCEPT' ) |
|
1395 |
self.cmd( 'iptables -P OUTPUT ACCEPT' ) |
|
1396 |
self.cmd( 'iptables -P FORWARD DROP' ) |
|
1397 |
|
|
1398 |
# Configure NAT |
|
1399 |
self.cmd( 'iptables -I FORWARD -i', self.localIntf, '-d', self.subnet, '-j DROP' ) |
|
1400 |
self.cmd( 'iptables -A FORWARD -i', self.localIntf, '-s', self.subnet, '-j ACCEPT' ) |
|
1401 |
self.cmd( 'iptables -A FORWARD -i', self.inetIntf, '-d', self.subnet, '-j ACCEPT' ) |
|
1402 |
self.cmd( 'iptables -t nat -A POSTROUTING -o ', self.inetIntf, '-j MASQUERADE' ) |
|
1403 |
|
|
1404 |
# Instruct the kernel to perform forwarding |
|
1405 |
self.cmd( 'sysctl net.ipv4.ip_forward=1' ) |
|
1406 |
|
|
1407 |
# Prevent network-manager from messing with our interface |
|
1408 |
# by specifying manual configuration in /etc/network/interfaces |
|
1409 |
intf = self.localIntf |
|
1410 |
cfile = '/etc/network/interfaces' |
|
1411 |
line = '\niface %s inet manual\n' % intf |
|
1412 |
config = open( cfile ).read() |
|
1413 |
if ( line ) not in config: |
|
1414 |
info( '*** Adding "' + line.strip() + '" to ' + cfile ) |
|
1415 |
with open( cfile, 'a' ) as f: |
|
1416 |
f.write( line ) |
|
1417 |
# Probably need to restart network-manager to be safe - |
|
1418 |
# hopefully this won't disconnect you |
|
1419 |
self.cmd( 'service network-manager restart' ) |
|
1420 |
|
|
1421 |
def terminate( self ): |
|
1422 |
"""Stop NAT/forwarding between Mininet and external network""" |
|
1423 |
# Flush any currently active rules |
|
1424 |
# TODO: is this safe? |
|
1425 |
self.cmd( 'iptables -F' ) |
|
1426 |
self.cmd( 'iptables -t nat -F' ) |
|
1427 |
|
|
1428 |
# Instruct the kernel to stop forwarding |
|
1429 |
self.cmd( 'sysctl net.ipv4.ip_forward=0' ) |
|
1430 |
|
|
1431 |
super( NAT, self ).terminate() |
|
1432 |
|
Also available in: Unified diff