Skip to content

R
railgun-routing-client
Commit a9da39eb authored by catofes's avatar catofes
Browse files
Options

update

parent 3f40a27e
Hide whitespace changes
Inline Side-by-side
Showing with 11 additions and 5 deletions
Dockerfile
View file @ a9da39eb
FROM node FROM node
RUN apt-get update RUN apt-get update
RUN apt-get install -y kmod RUN apt-get install -y kmod ipset gettext
RUN mkdir -p /usr/src/app RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app WORKDIR /usr/src/app
......
db.coffee
View file @ a9da39eb
...@@ -53,8 +53,8 @@ module.exports = ...@@ -53,8 +53,8 @@ module.exports =
servers[21].next_hop = 20 servers[21].next_hop = 20
servers[22].next_hop = 20 servers[22].next_hop = 20
servers[23].next_hop = 20 servers[23].next_hop = 20
regions[0].gateway = 21 regions[0].gateway = 4
regions[1].gateway = 23 regions[1].gateway = 9
when 1, 9 when 1, 9
servers[20].next_hop = 8 servers[20].next_hop = 8
servers[21].next_hop = 8 servers[21].next_hop = 8
......
iptables-rules
View file @ a9da39eb
...@@ -38,6 +38,7 @@ COMMIT ...@@ -38,6 +38,7 @@ COMMIT
# Completed on Thu Feb 4 08:05:19 2016 # Completed on Thu Feb 4 08:05:19 2016
# Generated by iptables-save v1.4.21 on Thu Feb 4 08:05:19 2016 # Generated by iptables-save v1.4.21 on Thu Feb 4 08:05:19 2016
*nat *nat
-A POSTROUTING -s 172.16.0.0/12 ! -o docker0 -j MASQUERADE
-A PREROUTING -p tcp -m set --match-set block_ip src -j REDIRECT --to-ports 3101 -A PREROUTING -p tcp -m set --match-set block_ip src -j REDIRECT --to-ports 3101
-A PREROUTING -i ${RAILGUN_INTERFACE} -p tcp -m addrtype --dst-type LOCAL -m multiport --dports 22,443,3000,1723,5001,5201 -j ACCEPT -A PREROUTING -i ${RAILGUN_INTERFACE} -p tcp -m addrtype --dst-type LOCAL -m multiport --dports 22,443,3000,1723,5001,5201 -j ACCEPT
-A PREROUTING -i ${RAILGUN_INTERFACE} -p tcp -m addrtype --dst-type LOCAL -m set --match-set ports1 dst -j REDIRECT --to-ports 3128 -A PREROUTING -i ${RAILGUN_INTERFACE} -p tcp -m addrtype --dst-type LOCAL -m set --match-set ports1 dst -j REDIRECT --to-ports 3128
...@@ -50,6 +51,7 @@ COMMIT ...@@ -50,6 +51,7 @@ COMMIT
-A POSTROUTING -o ${RAILGUN_INTERFACE} -s 10.0.0.0/8 -j SNAT --to-source ${RAILGUN_PRIVATE_ADDRESS} -A POSTROUTING -o ${RAILGUN_INTERFACE} -s 10.0.0.0/8 -j SNAT --to-source ${RAILGUN_PRIVATE_ADDRESS}
COMMIT COMMIT
*mangle *mangle
-A FORWARD -s 172.16.0.0/12 -j ACCEPT
-A PREROUTING -s ${RAILGUN_ADDRESS}/16 ! -d 10.0.0.0/8 -p tcp -m multiport --dports 9300,9301,9400 -j MARK --set-xmark 0x1/0xffffffff -A PREROUTING -s ${RAILGUN_ADDRESS}/16 ! -d 10.0.0.0/8 -p tcp -m multiport --dports 9300,9301,9400 -j MARK --set-xmark 0x1/0xffffffff
-A PREROUTING -s ${RAILGUN_ADDRESS}/16 ! -d 10.0.0.0/8 -p tcp -m multiport --dports 9300,9301,9400 -j ACCEPT -A PREROUTING -s ${RAILGUN_ADDRESS}/16 ! -d 10.0.0.0/8 -p tcp -m multiport --dports 9300,9301,9400 -j ACCEPT
-A PREROUTING -s ${RAILGUN_ADDRESS}/16 -p tcp -m addrtype ! --dst-type LOCAL -j TPROXY --on-port 5000 --on-ip 0.0.0.0 --tproxy-mark 0x3 -A PREROUTING -s ${RAILGUN_ADDRESS}/16 -p tcp -m addrtype ! --dst-type LOCAL -j TPROXY --on-port 5000 --on-ip 0.0.0.0 --tproxy-mark 0x3
......
route.coffee
View file @ a9da39eb
...@@ -111,7 +111,7 @@ module.exports = ...@@ -111,7 +111,7 @@ module.exports =
for i, region of regions when region.gateway? for i, region of regions when region.gateway?
for address in region.addresses for address in region.addresses
if region.gateway == server_id if region.gateway == server_id
ip.push "route add #{address} via #{process.env.RAILGUN_GATEWAY} table 101" ip.push "route add #{address} via #{process.env.RAILGUN_GATEWAY} dev #{process.env.RAILGUN_INTERFACE} table 101"
else else
ip.push "route add #{address} advmss 1360 dev railgun#{servers[region.gateway].next_hop} src #{servers[server_id].host} realm #{region.gateway} table 101" ip.push "route add #{address} advmss 1360 dev railgun#{servers[region.gateway].next_hop} src #{servers[server_id].host} realm #{region.gateway} table 101"
......
start.sh
View file @ a9da39eb
...@@ -6,6 +6,10 @@ echo 'modprobe fou...' ...@@ -6,6 +6,10 @@ echo 'modprobe fou...'
modprobe fou modprobe fou
echo 'ipsec...'
bash /etc/railgun/ipsec.sh
echo 'ipset...' echo 'ipset...'
ipset create -exist ports1 bitmap:port range 10000-32767 ipset create -exist ports1 bitmap:port range 10000-32767
...@@ -31,7 +35,7 @@ ip route replace 10.${RAILGUN_ID}.96.0/20 via ${RAILGUN_GATEWAY} ...@@ -31,7 +35,7 @@ ip route replace 10.${RAILGUN_ID}.96.0/20 via ${RAILGUN_GATEWAY}
echo 'network...' echo 'network...'
coffee main.coffee npm start
ip route flush cache ip route flush cache
sleep 1000d sleep 1000d
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment