This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
pespin gerrit-no-reply at lists.osmocom.orgpespin has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ci/+/16226 ) Change subject: ansible: gsm-tester: Enable ip forwarding and masquerading on boot ...................................................................... ansible: gsm-tester: Enable ip forwarding and masquerading on boot Some nodes in the internal network, such as LimeNetMicro, will need Internet access to upgrade osmo-trx-lms from OBS repos. It also makes it easier to update manually other nodes inside the internal network. Change-Id: I2c89cf9cfcb55b3153e7be212c68ffa8db0f6927 --- M ansible/roles/gsm-tester-network/README.md M ansible/roles/gsm-tester-network/defaults/main.yml A ansible/roles/gsm-tester-network/files/ogt-sysctl.conf M ansible/roles/gsm-tester-network/tasks/main.yml A ansible/roles/gsm-tester-network/templates/etc/iptables-ogt 5 files changed, 34 insertions(+), 2 deletions(-) Approvals: laforge: Looks good to me, but someone else must approve neels: Looks good to me, but someone else must approve pespin: Looks good to me, approved; Verified diff --git a/ansible/roles/gsm-tester-network/README.md b/ansible/roles/gsm-tester-network/README.md index e324929..689a127 100644 --- a/ansible/roles/gsm-tester-network/README.md +++ b/ansible/roles/gsm-tester-network/README.md @@ -4,4 +4,5 @@ # variables -- `bts_interface` (eth1): on which network interface the bts is configured. +- `bts_interface` (enp2s0): on which network interface the bts is configured. +- `gw_interface` (enp1s0): on which network interface the traffic is routed towards default gateway. diff --git a/ansible/roles/gsm-tester-network/defaults/main.yml b/ansible/roles/gsm-tester-network/defaults/main.yml index 3e506da..5bfdf63 100644 --- a/ansible/roles/gsm-tester-network/defaults/main.yml +++ b/ansible/roles/gsm-tester-network/defaults/main.yml @@ -1,3 +1,4 @@ --- -bts_interface: eth1 +bts_interface: enp2s0 +gw_interface: enp1s0 diff --git a/ansible/roles/gsm-tester-network/files/ogt-sysctl.conf b/ansible/roles/gsm-tester-network/files/ogt-sysctl.conf new file mode 100644 index 0000000..119d730 --- /dev/null +++ b/ansible/roles/gsm-tester-network/files/ogt-sysctl.conf @@ -0,0 +1 @@ +net.ipv4.ip_forward=1 diff --git a/ansible/roles/gsm-tester-network/tasks/main.yml b/ansible/roles/gsm-tester-network/tasks/main.yml index 210bf1e..b77fc0e 100644 --- a/ansible/roles/gsm-tester-network/tasks/main.yml +++ b/ansible/roles/gsm-tester-network/tasks/main.yml @@ -9,3 +9,15 @@ - name: start all network interface command: ifup -a when: gsm_tester_network_interface is changed + +- name: allow ip forwarding and masquerading traffic from internal network (iptables) + template: + src: etc/iptables-ogt + dest: /etc/network/if-up.d/iptables-ogt + mode: 0755 + +- name: allow ip forwarding from internal network (sysctl) + copy: + src: ogt-sysctl.conf + dest: /etc/sysctl.d + notify: restart udev diff --git a/ansible/roles/gsm-tester-network/templates/etc/iptables-ogt b/ansible/roles/gsm-tester-network/templates/etc/iptables-ogt new file mode 100644 index 0000000..5a781c5 --- /dev/null +++ b/ansible/roles/gsm-tester-network/templates/etc/iptables-ogt @@ -0,0 +1,17 @@ +#!/bin/sh + +IPT="/sbin/iptables" + +if [ "$IFACE" = "{{ gw_interface }}" ]; then + # Apply masquerading if not yet applied: + if [ "x$($IPT -t nat -S | grep "\-A POSTROUTING -o {{ gw_interface }} -j MASQUERADE" -c)" = "x0" ]; then + $IPT -t nat -A POSTROUTING -o {{ gw_interface }} -j MASQUERADE + fi + + # Allow IP forwarding if not yet enabled: + if [ "x$($IPT -t filter -S | grep "\-A FORWARD -j ACCEPT" -c)" = "x0" ]; then + $IPT -t filter -A FORWARD -j ACCEPT + fi + + echo "osmo-gsm-tester iptables rules loaded." +fi -- To view, visit https://gerrit.osmocom.org/c/osmo-ci/+/16226 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ci Gerrit-Branch: master Gerrit-Change-Id: I2c89cf9cfcb55b3153e7be212c68ffa8db0f6927 Gerrit-Change-Number: 16226 Gerrit-PatchSet: 4 Gerrit-Owner: pespin <pespin at sysmocom.de> Gerrit-Reviewer: laforge <laforge at osmocom.org> Gerrit-Reviewer: lynxis lazus <lynxis at fe80.eu> Gerrit-Reviewer: neels <nhofmeyr at sysmocom.de> Gerrit-Reviewer: pespin <pespin at sysmocom.de> Gerrit-MessageType: merged -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20191202/a005c7ea/attachment.htm>