Introduce new constant for parameters for kernel.Mechanism:
IPTABLES4_NAT_TEMPLATE = "iptables__nat_template"
And provide helpers:
# Getters and Setters
func (m *Mechanism) SetIPTables4NatTemplate(tmpl string) *Mechanism {}
func (m *Mechanism) GetIPTables4NatTemplate(tmpl string) string {}
# Helper to evaluate the iptables template using a *networkserviceConnection
func (m *Mechanism) EvaluateIPTables4NatTemplate(conn *networkservice.Connection) {}The ip tables nat template is expected to be a golang text/template to inject a struct with fields:
- NsmInterfaceName - the name of the interface from conn.GetMechanism().GetInterfaceName()
- NsmSrcIPs - the ipv4 addresses from conn.GetContext().GetIPContext(). GetSrcIpAddrs()
- NsmDstIPs - the ipv4 addresses from conn.GetContext().GetIPContext().GetDstIPAddrs()
Example template:
-N NSM_PREROUTE
-A NSM_PREROUTE -j ISTIO_REDIRECT
-I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j NSM_PREROUTE
-N NSM_OUTPUT
-A NSM_OUTPUT -j DNAT --to-destination {{ .NsmSrcIps[0] }}
-A OUTPUT -p tcp -s 127.0.0.6 -j NSM_OUTPUT
-N NSM_POSTROUTING
-A NSM_POSTROUTING -j SNAT --to-source ${NsmDstIPs[0]}
-A POSTROUTING -p tcp -o ${NSM_INTERFACE} -j NSM_POSTROUTING
Introduce new constant for parameters for kernel.Mechanism:
And provide helpers:
The ip tables nat template is expected to be a golang text/template to inject a struct with fields:
Example template: