add masq interfaces

1421725c · nanahira · 1369d6e8 · 1421725c · 1421725c
Commit 1421725c authored Dec 14, 2020 by nanahira
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletion

ansible/scripts/global-postup.sh.j2 ansible/scripts/global-postup.sh.j2 +5 -0

src/inventory.ts src/inventory.ts +3 -1

No files found.
--- a/ansible/scripts/global-postup.sh.j2
+++ b/ansible/scripts/global-postup.sh.j2
@@ -14,6 +14,11 @@ ipset add localnet {{subnet}} || true
 ip rule add pref 81 to {{subnet}} lookup main || true
 {% endfor %}

+# MASQ interfaces
+{% for interface in masqInterfaces %}
+iptables -t nat -A POSTROUTING -o {{interface}} -j MASQUERADE
+{% endfor %}
+
 # chain for wg origin
 iptables -t mangle -N NEXTGEN_ORIGIN
 iptables -t mangle -I PREROUTING -m mark --mark 0x0 ! -p ospf -j NEXTGEN_ORIGIN

--- a/src/inventory.ts
+++ b/src/inventory.ts
@@ -48,7 +48,7 @@ class InventoryBuilder {
    this.resolver.setServers(process.env.DNS ? [process.env.DNS] : ['114.114.114.114', '223.5.5.5']);
  }

-  async load(sheetName) {
+  async load(sheetName: string) {
    const data = await fs.promises.readFile(path.join('data', `内网互联计划 - ${sheetName}.csv`));
    // @ts-ignore
    return (await util.promisify(parse)(data, { columns: true, cast: true })).filter(h => h.id);
@@ -136,6 +136,7 @@ class InventoryBuilder {
    host.frpsNeeded = false;
    const null_connection = "10000,null";
    const lanInterfaces = host.lanInterfaces.length > 0 ? host.lanInterfaces.split(",") : [];
+    const masqInterfaces = host.masqInterfaces.length > 0 ? host.masqInterfaces.split(",") : [];
    const routePlans = [];
    for (const h of this.connections) {
      if (h != host.name) {
@@ -176,6 +177,7 @@ class InventoryBuilder {
      gateways: _.values(this.gateways[host.name]),
      connections,
      lanInterfaces,
+      masqInterfaces,
      dockerServices: host.dockerServices,
      routePlans
    };