Revision 4015e066 mininet/node.py

View differences:

mininet/node.py
41 41
    arbitrary OpenFlow-compatible controller, and which is not
42 42
    created or managed by mininet.
43 43

  
44
TODO: NAT
45

  
46 44
Future enhancements:
47 45

  
48 46
- Possibly make Node, Switch and Controller more abstract so that
......
1362 1360
    for controller in order:
1363 1361
        if controller.isAvailable():
1364 1362
            return controller( name, **kwargs )
1365

  
1366
class NAT( Node ):
1367
    """NAT: Provides connectivity to external network"""
1368

  
1369
    def __init__( self, name, inetIntf='eth0', subnet='10.0/8', localIntf=None, **params):
1370
        super( NAT, self ).__init__( name, **params )
1371

  
1372
        """Start NAT/forwarding between Mininet and external network
1373
        inetIntf: interface for internet access
1374
        subnet: Mininet subnet (default 10.0/8)="""
1375
        self.inetIntf = inetIntf
1376
        self.subnet = subnet
1377
        self.localIntf = localIntf
1378

  
1379
    def config( self, **params ):
1380
        super( NAT, self).config( **params )
1381
        """Configure the NAT and iptables"""
1382

  
1383
        if not self.localIntf:
1384
            self.localIntf =  self.defaultIntf()
1385

  
1386
        self.cmd( 'sysctl net.ipv4.ip_forward=0' )
1387

  
1388
        # Flush any currently active rules
1389
        # TODO: is this safe?
1390
        self.cmd( 'iptables -F' )
1391
        self.cmd( 'iptables -t nat -F' )
1392

  
1393
        # Create default entries for unmatched traffic
1394
        self.cmd( 'iptables -P INPUT ACCEPT' )
1395
        self.cmd( 'iptables -P OUTPUT ACCEPT' )
1396
        self.cmd( 'iptables -P FORWARD DROP' )
1397

  
1398
        # Configure NAT
1399
        self.cmd( 'iptables -I FORWARD -i', self.localIntf, '-d', self.subnet, '-j DROP' )
1400
        self.cmd( 'iptables -A FORWARD -i', self.localIntf, '-s', self.subnet, '-j ACCEPT' )
1401
        self.cmd( 'iptables -A FORWARD -i', self.inetIntf, '-d', self.subnet, '-j ACCEPT' )
1402
        self.cmd( 'iptables -t nat -A POSTROUTING -o ', self.inetIntf, '-j MASQUERADE' )
1403

  
1404
        # Instruct the kernel to perform forwarding
1405
        self.cmd( 'sysctl net.ipv4.ip_forward=1' )
1406

  
1407
        # Prevent network-manager from messing with our interface
1408
        # by specifying manual configuration in /etc/network/interfaces
1409
        intf = self.localIntf
1410
        cfile = '/etc/network/interfaces'
1411
        line = '\niface %s inet manual\n' % intf
1412
        config = open( cfile ).read()
1413
        if ( line ) not in config:
1414
            info( '*** Adding "' + line.strip() + '" to ' + cfile )
1415
            with open( cfile, 'a' ) as f:
1416
                f.write( line )
1417
        # Probably need to restart network-manager to be safe -
1418
        # hopefully this won't disconnect you
1419
        self.cmd( 'service network-manager restart' )
1420

  
1421
    def terminate( self ):
1422
        """Stop NAT/forwarding between Mininet and external network"""
1423
        # Flush any currently active rules
1424
        # TODO: is this safe?
1425
        self.cmd( 'iptables -F' )
1426
        self.cmd( 'iptables -t nat -F' )
1427

  
1428
        # Instruct the kernel to stop forwarding
1429
        self.cmd( 'sysctl net.ipv4.ip_forward=0' )
1430

  
1431
        super( NAT, self ).terminate()
1432

  

Also available in: Unified diff