Skip to content
Snippets Groups Projects
Commit 609bf4a1 authored by NGUYEN Do Duc Anh's avatar NGUYEN Do Duc Anh
Browse files

need NAT for U server

parent 3861b8e3
No related branches found
No related tags found
No related merge requests found
...@@ -144,7 +144,9 @@ def drop_internet_and_allow_VC_server_rule(inf_to_internet, server_port): ...@@ -144,7 +144,9 @@ def drop_internet_and_allow_VC_server_rule(inf_to_internet, server_port):
:param server_port: port of the VC server running on the main host :param server_port: port of the VC server running on the main host
:param inf_to_internet: the interface that connect to the main host (internet) :param inf_to_internet: the interface that connect to the main host (internet)
""" """
commands = [["sudo", "iptables", "-A", "FORWARD", "-o", inf_to_internet, "-p", "tcp", "--dport", str(12348), "-j", "ACCEPT"],
commands = [["sudo", "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", inf_to_internet, "-j", "MASQUERADE"],
["sudo", "iptables", "-A", "FORWARD", "-o", inf_to_internet, "-p", "tcp", "--dport", str(12348), "-j", "ACCEPT"],
["sudo", "iptables", "-A", "FORWARD", "-o", inf_to_internet, "-j", "DROP"], ["sudo", "iptables", "-A", "FORWARD", "-o", inf_to_internet, "-j", "DROP"],
["sudo", "iptables", "-A", "OUTPUT", "-o", inf_to_internet, "-p", "tcp", "--dport", str(server_port), "-j", "ACCEPT"], ["sudo", "iptables", "-A", "OUTPUT", "-o", inf_to_internet, "-p", "tcp", "--dport", str(server_port), "-j", "ACCEPT"],
["sudo", "iptables", "-A", "OUTPUT", "-o", inf_to_internet, "-j", "DROP"]] ["sudo", "iptables", "-A", "OUTPUT", "-o", inf_to_internet, "-j", "DROP"]]
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment