diff --git a/package_check.sh b/package_check.sh index 5c9e12a..96321ba 100755 --- a/package_check.sh +++ b/package_check.sh @@ -142,7 +142,6 @@ then LXC_BRIDGE=$(cat "$pcheck_config" | grep LXC_BRIDGE= | cut -d '=' -f2) main_iface=$(cat "$pcheck_config" | grep iface= | cut -d '=' -f2) fi -echo "PLAGE_IP1=$PLAGE_IP" # Utilise des valeurs par défaut si les variables sont vides, et génère le fichier de config if [ -z "$PLAGE_IP" ]; then PLAGE_IP=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep "|| PLAGE_IP=" | cut -d '"' -f4) diff --git a/sub_scripts/lxc_force_start.sh b/sub_scripts/lxc_force_start.sh new file mode 100755 index 0000000..76555be --- /dev/null +++ b/sub_scripts/lxc_force_start.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +# Force le démarrage conteneur et active la config réseau dédiée. + +# Récupère le dossier du script +if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$(echo $PWD/$(dirname "$0" | cut -d '.' -f2) | sed 's@/$@@')"; fi + +pcheck_config="$script_dir/../config" +PLAGE_IP=$(cat "$pcheck_config" | grep PLAGE_IP= | cut -d '=' -f2) +LXC_NAME=$(cat "$pcheck_config" | grep LXC_NAME= | cut -d '=' -f2) +LXC_BRIDGE=$(cat "$pcheck_config" | grep LXC_BRIDGE= | cut -d '=' -f2) +main_iface=$(cat "$pcheck_config" | grep iface= | cut -d '=' -f2) + +"$script_dir/lxc_force_stop.sh" > /dev/null 2>&1 + +echo "Initialisation du réseau pour le conteneur." +sudo ifup $LXC_BRIDGE --interfaces=/etc/network/interfaces.d/$LXC_BRIDGE + +# Activation des règles iptables +echo "> Configure le parefeu" +sudo iptables -A FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT +sudo iptables -A FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT +sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE + +# Démarrage de la machine +echo "> Démarrage de la machine" +sudo lxc-start -n $LXC_NAME -d --logfile "$script_dir/lxc_boot.log" +sleep 3 + +# Vérifie que la machine a démarré +sudo lxc-ls -f diff --git a/sub_scripts/lxc_force_stop.sh b/sub_scripts/lxc_force_stop.sh new file mode 100755 index 0000000..c3418bb --- /dev/null +++ b/sub_scripts/lxc_force_stop.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +# Force l'arrêt du conteneur et désactive la config réseau dédiée. + +# Récupère le dossier du script +if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$(echo $PWD/$(dirname "$0" | cut -d '.' -f2) | sed 's@/$@@')"; fi + +pcheck_config="$script_dir/../config" +PLAGE_IP=$(cat "$pcheck_config" | grep PLAGE_IP= | cut -d '=' -f2) +LXC_NAME=$(cat "$pcheck_config" | grep LXC_NAME= | cut -d '=' -f2) +LXC_BRIDGE=$(cat "$pcheck_config" | grep LXC_BRIDGE= | cut -d '=' -f2) +main_iface=$(cat "$pcheck_config" | grep iface= | cut -d '=' -f2) + +echo "> Arrêt du conteneur" +sudo lxc-stop -n $LXC_NAME + +echo "> Suppression des règles de parefeu" +if sudo iptables -C FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT 2> /dev/null +then + sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT +fi +if sudo iptables -C FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT 2> /dev/null +then + sudo iptables -D FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT +fi +if sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null +then + sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE +fi + +echo "Arrêt de l'interface réseau pour le conteneur." +# Et arrêt du bridge +if sudo ifquery $LXC_BRIDGE --state > /dev/null +then + sudo ifdown --force $LXC_BRIDGE +fi + +sudo lxc-ls -f diff --git a/sub_scripts/lxc_launcher.sh b/sub_scripts/lxc_launcher.sh index fad603a..c8ab6cb 100755 --- a/sub_scripts/lxc_launcher.sh +++ b/sub_scripts/lxc_launcher.sh @@ -1,9 +1,9 @@ #!/bin/bash ARG_SSH="-t" -PLAGE_IP=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2) -LXC_BRIDGE=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep LXC_BRIDGE= | cut -d '=' -f2) -main_iface=$(cat "$script_dir/config" | grep iface= | cut -d '=' -f2) +# PLAGE_IP=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2) +# LXC_BRIDGE=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep LXC_BRIDGE= | cut -d '=' -f2) +# main_iface=$(cat "$script_dir/config" | grep iface= | cut -d '=' -f2) echo -e "Chargement des fonctions de lxc_launcher.sh" @@ -82,7 +82,7 @@ LXC_STOP () { if [ $(sudo lxc-info --name $LXC_NAME | grep -c "STOPPED") -eq 0 ]; then echo "Arrêt du conteneur LXC" | tee -a "$RESULT" sudo lxc-stop -n $LXC_NAME | tee -a "$RESULT" 2>&1 - fi + fi # Restaure le snapshot. echo "Restauration du snapshot de la machine lxc" | tee -a "$RESULT" if ! sudo grep -q "$LXC_NAME" /var/lib/lxcsnaps/$LXC_NAME/snap0/rootfs/etc/hosts