From 4015e0666e336b312f83842d78645b4d5d4abff6 Mon Sep 17 00:00:00 2001
From: Brian O'Connor <bocon@onlab.us>
Date: Wed, 13 Aug 2014 22:09:24 -0700
Subject: [PATCH] moving NAT to nodelib
---
examples/natnet.py | 2 +-
mininet/net.py | 3 +-
mininet/node.py | 70 -------------------------------------------
mininet/nodelib.py | 74 ++++++++++++++++++++++++++++++++++++++++++----
4 files changed, 72 insertions(+), 77 deletions(-)
diff --git a/examples/natnet.py b/examples/natnet.py
index 9fcc4bfd..c2fe0077 100755
--- a/examples/natnet.py
+++ b/examples/natnet.py
@@ -20,7 +20,7 @@
from mininet.topo import Topo
from mininet.net import Mininet
-from mininet.node import NAT
+from mininet.nodelib import NAT
from mininet.log import setLogLevel
from mininet.cli import CLI
from mininet.util import irange
diff --git a/mininet/net.py b/mininet/net.py
index 42ab0a70..88078040 100755
--- a/mininet/net.py
+++ b/mininet/net.py
@@ -96,7 +96,8 @@
from mininet.cli import CLI
from mininet.log import info, error, debug, output, warn
-from mininet.node import Host, OVSKernelSwitch, DefaultController, Controller, NAT
+from mininet.node import Host, OVSKernelSwitch, DefaultController, Controller
+from mininet.nodelib import NAT
from mininet.link import Link, Intf
from mininet.util import quietRun, fixLimits, numCores, ensureRoot
from mininet.util import macColonHex, ipStr, ipParse, netParse, ipAdd
diff --git a/mininet/node.py b/mininet/node.py
index 4e50fad3..fec71179 100644
--- a/mininet/node.py
+++ b/mininet/node.py
@@ -41,8 +41,6 @@
arbitrary OpenFlow-compatible controller, and which is not
created or managed by mininet.
-TODO: NAT
-
Future enhancements:
- Possibly make Node, Switch and Controller more abstract so that
@@ -1362,71 +1360,3 @@ def DefaultController( name, order=[ Controller, OVSController ], **kwargs ):
for controller in order:
if controller.isAvailable():
return controller( name, **kwargs )
-
-class NAT( Node ):
- """NAT: Provides connectivity to external network"""
-
- def __init__( self, name, inetIntf='eth0', subnet='10.0/8', localIntf=None, **params):
- super( NAT, self ).__init__( name, **params )
-
- """Start NAT/forwarding between Mininet and external network
- inetIntf: interface for internet access
- subnet: Mininet subnet (default 10.0/8)="""
- self.inetIntf = inetIntf
- self.subnet = subnet
- self.localIntf = localIntf
-
- def config( self, **params ):
- super( NAT, self).config( **params )
- """Configure the NAT and iptables"""
-
- if not self.localIntf:
- self.localIntf = self.defaultIntf()
-
- self.cmd( 'sysctl net.ipv4.ip_forward=0' )
-
- # Flush any currently active rules
- # TODO: is this safe?
- self.cmd( 'iptables -F' )
- self.cmd( 'iptables -t nat -F' )
-
- # Create default entries for unmatched traffic
- self.cmd( 'iptables -P INPUT ACCEPT' )
- self.cmd( 'iptables -P OUTPUT ACCEPT' )
- self.cmd( 'iptables -P FORWARD DROP' )
-
- # Configure NAT
- self.cmd( 'iptables -I FORWARD -i', self.localIntf, '-d', self.subnet, '-j DROP' )
- self.cmd( 'iptables -A FORWARD -i', self.localIntf, '-s', self.subnet, '-j ACCEPT' )
- self.cmd( 'iptables -A FORWARD -i', self.inetIntf, '-d', self.subnet, '-j ACCEPT' )
- self.cmd( 'iptables -t nat -A POSTROUTING -o ', self.inetIntf, '-j MASQUERADE' )
-
- # Instruct the kernel to perform forwarding
- self.cmd( 'sysctl net.ipv4.ip_forward=1' )
-
- # Prevent network-manager from messing with our interface
- # by specifying manual configuration in /etc/network/interfaces
- intf = self.localIntf
- cfile = '/etc/network/interfaces'
- line = '\niface %s inet manual\n' % intf
- config = open( cfile ).read()
- if ( line ) not in config:
- info( '*** Adding "' + line.strip() + '" to ' + cfile )
- with open( cfile, 'a' ) as f:
- f.write( line )
- # Probably need to restart network-manager to be safe -
- # hopefully this won't disconnect you
- self.cmd( 'service network-manager restart' )
-
- def terminate( self ):
- """Stop NAT/forwarding between Mininet and external network"""
- # Flush any currently active rules
- # TODO: is this safe?
- self.cmd( 'iptables -F' )
- self.cmd( 'iptables -t nat -F' )
-
- # Instruct the kernel to stop forwarding
- self.cmd( 'sysctl net.ipv4.ip_forward=0' )
-
- super( NAT, self ).terminate()
-
diff --git a/mininet/nodelib.py b/mininet/nodelib.py
index 2eb80465..1760c7b3 100644
--- a/mininet/nodelib.py
+++ b/mininet/nodelib.py
@@ -1,15 +1,12 @@
"""
Node Library for Mininet
-This contains additional Node types which you may find to be useful
+This contains additional Node types which you may find to be useful.
"""
-from mininet.net import Mininet
-from mininet.topo import Topo
-from mininet.node import Switch
+from mininet.node import Node, Switch
from mininet.log import setLogLevel, info
-
class LinuxBridge( Switch ):
"Linux Bridge (with optional spanning tree)"
@@ -49,3 +46,70 @@ def stop( self ):
self.cmd( 'ifconfig', self, 'down' )
self.cmd( 'brctl delbr', self )
+class NAT( Node ):
+ """NAT: Provides connectivity to external network"""
+
+ def __init__( self, name, inetIntf='eth0', subnet='10.0/8', localIntf=None, **params):
+ super( NAT, self ).__init__( name, **params )
+
+ """Start NAT/forwarding between Mininet and external network
+ inetIntf: interface for internet access
+ subnet: Mininet subnet (default 10.0/8)="""
+ self.inetIntf = inetIntf
+ self.subnet = subnet
+ self.localIntf = localIntf
+
+ def config( self, **params ):
+ super( NAT, self).config( **params )
+ """Configure the NAT and iptables"""
+
+ if not self.localIntf:
+ self.localIntf = self.defaultIntf()
+
+ self.cmd( 'sysctl net.ipv4.ip_forward=0' )
+
+ # Flush any currently active rules
+ # TODO: is this safe?
+ self.cmd( 'iptables -F' )
+ self.cmd( 'iptables -t nat -F' )
+
+ # Create default entries for unmatched traffic
+ self.cmd( 'iptables -P INPUT ACCEPT' )
+ self.cmd( 'iptables -P OUTPUT ACCEPT' )
+ self.cmd( 'iptables -P FORWARD DROP' )
+
+ # Configure NAT
+ self.cmd( 'iptables -I FORWARD -i', self.localIntf, '-d', self.subnet, '-j DROP' )
+ self.cmd( 'iptables -A FORWARD -i', self.localIntf, '-s', self.subnet, '-j ACCEPT' )
+ self.cmd( 'iptables -A FORWARD -i', self.inetIntf, '-d', self.subnet, '-j ACCEPT' )
+ self.cmd( 'iptables -t nat -A POSTROUTING -o ', self.inetIntf, '-j MASQUERADE' )
+
+ # Instruct the kernel to perform forwarding
+ self.cmd( 'sysctl net.ipv4.ip_forward=1' )
+
+ # Prevent network-manager from messing with our interface
+ # by specifying manual configuration in /etc/network/interfaces
+ intf = self.localIntf
+ cfile = '/etc/network/interfaces'
+ line = '\niface %s inet manual\n' % intf
+ config = open( cfile ).read()
+ if ( line ) not in config:
+ info( '*** Adding "' + line.strip() + '" to ' + cfile )
+ with open( cfile, 'a' ) as f:
+ f.write( line )
+ # Probably need to restart network-manager to be safe -
+ # hopefully this won't disconnect you
+ self.cmd( 'service network-manager restart' )
+
+ def terminate( self ):
+ """Stop NAT/forwarding between Mininet and external network"""
+ # Flush any currently active rules
+ # TODO: is this safe?
+ self.cmd( 'iptables -F' )
+ self.cmd( 'iptables -t nat -F' )
+
+ # Instruct the kernel to stop forwarding
+ self.cmd( 'sysctl net.ipv4.ip_forward=0' )
+
+ super( NAT, self ).terminate()
+
--
GitLab