Browse code
Revert "Support hairpin NAT"
This reverts commit 95a400e6e1a3b5da68431e64f9902a3fac218360.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Michael Crosby authored on 2014/11/21 07:22:22Showing 1 changed files
| ... | ... |
@@ -73,6 +73,7 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str |
| 73 | 73 |
"-p", proto, |
| 74 | 74 |
"-d", daddr, |
| 75 | 75 |
"--dport", strconv.Itoa(port), |
| 76 |
+ "!", "-i", c.Bridge, |
|
| 76 | 77 |
"-j", "DNAT", |
| 77 | 78 |
"--to-destination", net.JoinHostPort(dest_addr, strconv.Itoa(dest_port))); err != nil {
|
| 78 | 79 |
return err |
| ... | ... |
@@ -96,17 +97,6 @@ func (c *Chain) Forward(action Action, ip net.IP, port int, proto, dest_addr str |
| 96 | 96 |
return fmt.Errorf("Error iptables forward: %s", output)
|
| 97 | 97 |
} |
| 98 | 98 |
|
| 99 |
- if output, err := Raw("-t", "nat", string(fAction), "POSTROUTING",
|
|
| 100 |
- "-p", proto, |
|
| 101 |
- "-s", dest_addr, |
|
| 102 |
- "-d", dest_addr, |
|
| 103 |
- "--dport", strconv.Itoa(dest_port), |
|
| 104 |
- "-j", "MASQUERADE"); err != nil {
|
|
| 105 |
- return err |
|
| 106 |
- } else if len(output) != 0 {
|
|
| 107 |
- return fmt.Errorf("Error iptables forward: %s", output)
|
|
| 108 |
- } |
|
| 109 |
- |
|
| 110 | 99 |
return nil |
| 111 | 100 |
} |
| 112 | 101 |
|