diff options
Diffstat (limited to 'guix-container.sh')
-rwxr-xr-x | guix-container.sh | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/guix-container.sh b/guix-container.sh index d117ae3..411e4ff 100755 --- a/guix-container.sh +++ b/guix-container.sh @@ -87,6 +87,13 @@ is_running() { return $? } +resolve_ipv4_domain() { + guix shell glibc -- getent ahosts "$1" | + grep -E '^([0-9]+\.){3}[0-9]+[[:space:]]+STREAM' | + head -1 | + awk '{print $1}' +} + network_setup() { SHEPHERD_PID="$1" @@ -117,6 +124,11 @@ network_setup() { -j DNAT --to-destination 10.207.87.2 done + iptables -t nat -A OUTPUT \ + -d "$(resolve_ipv4_domain koszko.org)" -p tcp \ + -m multiport --dports 25,12525,465,587 \ + -j DNAT --to-destination 10.207.87.2 + cat /etc/resolv.conf | nsenter --target "$SHEPHERD_PID" --all \ /run/current-system/profile/bin/tee /etc/resolv.conf > /dev/null @@ -150,6 +162,11 @@ network_rip() { -s 10.207.87.1/24 -o "$LINKNAME" \ -j MASQUERADE done + + iptables_rip_rule -t nat -D OUTPUT \ + -d "$(resolve_ipv4_domain koszko.org)" -p tcp \ + -m multiport --dports 25,12525,465,587 \ + -j DNAT --to-destination 10.207.87.2 } stop() { |