Déplacement des fichiers depuis eole-one-singlenode

2014-11-13 10:06:16 +01:00
commit 7a3f95db42
15 changed files with 2638 additions and 0 deletions
--- a/hooks/graphicsfw
+++ b/hooks/graphicsfw
@ -0,0 +1,76 @@
+#!/bin/bash
+
+SELF_DIR="$(dirname $(readlink -e ${0}))"
+BASE_DIR="$(dirname $(dirname ${SELF_DIR}))"
+SCRIPTCOMMON="${BASE_DIR}/scripts_common.sh"
+
+. ${SCRIPTCOMMON}
+
+IPTABLES="sudo iptables"
+XPATH="${BASE_DIR}/datastore/xpath.rb --stdin --base64"
+
+RULES_FILE="/run/one/one_graphics_rules"
+
+function one_get_port()
+{
+    ${XPATH} ${1} '/VM/TEMPLATE/GRAPHICS/PORT'
+}
+
+function open_port()
+{
+    declare -a authorized_ip
+    declare -a authorized_netmask
+
+    vm_port=$(one_get_port ${1})
+    [[ -z "${vm_port}" ]] && return 2
+    authorized_ip=( $(CreoleGet ip_ssh_eth0) )
+    [[ -z "${authorized_ip}" ]] && return 2
+    authorized_netmask=( $(CreoleGet netmask_ssh_eth0) )
+    [[ -z "${authorized_netmask}" ]] && return 2
+
+    for ((i = 0; i < ${#authorized_ip[*]}; i +=1))
+    do
+        ${IPTABLES} -I eth0-root -s ${authorized_ip[$i]}/${authorized_netmask[$i]} -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
+        if [[ $? -eq 0 ]]
+        then
+            echo "/sbin/iptables -A eth0-root -s ${authorized_ip[$i]}/${authorized_netmask[$i]} -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT" >> "${RULES_FILE}"
+          fi
+        ${IPTABLES} -I eth0-root -s $(CreoleGet one_master_ip) -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
+        [[ ${?} -eq 0 ]] && echo "/sbin/iptables -A eth0-root -s $(CreoleGet one_master_ip) -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT" >> "${RULES_FILE}"
+    done
+}
+
+
+function close_port()
+{
+    vm_port=$(one_get_port ${1})
+    [[ -n "${vm_port}" ]] || return 2
+    rule_ids=$(${IPTABLES} -n --line-numbers -L eth0-root | awk "/dpt:${vm_port}/ {print \$1}")
+    for rule_id in ${rule_ids}
+    do
+        ${IPTABLES} -D eth0-root ${rule_id}
+        if [[ $? -eq 0 ]]
+        then
+            sed -i "/--dport ${vm_port}/d" "${RULES_FILE}"
+        fi
+    done
+}
+
+
+action=${1}
+template=${2}
+
+case $action in
+    open)
+        open_port ${template}
+        exit $?
+        ;;
+    close)
+        close_port ${template}
+        exit $?
+        ;;
+    *)
+        echo "Unknown action '$action'" >&2
+        exit 127
+        ;;
+esac