|
@@ -81,6 +81,7 @@ func InitDriver(job *engine.Job) engine.Status {
|
|
|
network *net.IPNet
|
|
|
enableIPTables = job.GetenvBool("EnableIptables")
|
|
|
icc = job.GetenvBool("InterContainerCommunication")
|
|
|
+ ipMasq = job.GetenvBool("EnableIpMasq")
|
|
|
ipForward = job.GetenvBool("EnableIpForward")
|
|
|
bridgeIP = job.Getenv("BridgeIP")
|
|
|
)
|
|
@@ -131,7 +132,7 @@ func InitDriver(job *engine.Job) engine.Status {
|
|
|
|
|
|
// Configure iptables for link support
|
|
|
if enableIPTables {
|
|
|
- if err := setupIPTables(addr, icc); err != nil {
|
|
|
+ if err := setupIPTables(addr, icc, ipMasq); err != nil {
|
|
|
return job.Error(err)
|
|
|
}
|
|
|
}
|
|
@@ -174,15 +175,18 @@ func InitDriver(job *engine.Job) engine.Status {
|
|
|
return engine.StatusOK
|
|
|
}
|
|
|
|
|
|
-func setupIPTables(addr net.Addr, icc bool) error {
|
|
|
+func setupIPTables(addr net.Addr, icc, ipmasq bool) error {
|
|
|
// Enable NAT
|
|
|
- natArgs := []string{"POSTROUTING", "-t", "nat", "-s", addr.String(), "!", "-o", bridgeIface, "-j", "MASQUERADE"}
|
|
|
|
|
|
- if !iptables.Exists(natArgs...) {
|
|
|
- if output, err := iptables.Raw(append([]string{"-I"}, natArgs...)...); err != nil {
|
|
|
- return fmt.Errorf("Unable to enable network bridge NAT: %s", err)
|
|
|
- } else if len(output) != 0 {
|
|
|
- return fmt.Errorf("Error iptables postrouting: %s", output)
|
|
|
+ if ipmasq {
|
|
|
+ natArgs := []string{"POSTROUTING", "-t", "nat", "-s", addr.String(), "!", "-o", bridgeIface, "-j", "MASQUERADE"}
|
|
|
+
|
|
|
+ if !iptables.Exists(natArgs...) {
|
|
|
+ if output, err := iptables.Raw(append([]string{"-I"}, natArgs...)...); err != nil {
|
|
|
+ return fmt.Errorf("Unable to enable network bridge NAT: %s", err)
|
|
|
+ } else if len(output) != 0 {
|
|
|
+ return fmt.Errorf("Error iptables postrouting: %s", output)
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
|