...
This commit is contained in:
151
tools/setup_vm_network.sh
Executable file
151
tools/setup_vm_network.sh
Executable file
@@ -0,0 +1,151 @@
|
||||
#!/bin/bash
|
||||
|
||||
# VM Network Setup Script
|
||||
# This script sets up networking for VMs to enable SSH access
|
||||
|
||||
set -e
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
log() {
|
||||
echo -e "${GREEN}[$(date +'%Y-%m-%d %H:%M:%S')] $1${NC}"
|
||||
}
|
||||
|
||||
warn() {
|
||||
echo -e "${YELLOW}[$(date +'%Y-%m-%d %H:%M:%S')] WARNING: $1${NC}"
|
||||
}
|
||||
|
||||
error() {
|
||||
echo -e "${RED}[$(date +'%Y-%m-%d %H:%M:%S')] ERROR: $1${NC}"
|
||||
exit 1
|
||||
}
|
||||
|
||||
info() {
|
||||
echo -e "${BLUE}[$(date +'%Y-%m-%d %H:%M:%S')] INFO: $1${NC}"
|
||||
}
|
||||
|
||||
# Check if running as root
|
||||
if [ "$EUID" -ne 0 ]; then
|
||||
error "This script must be run as root"
|
||||
fi
|
||||
|
||||
BRIDGE_NAME="br0"
|
||||
BRIDGE_IP="192.168.100.1/24"
|
||||
NETWORK="192.168.100.0/24"
|
||||
|
||||
log "Setting up VM networking..."
|
||||
|
||||
# Check if bridge already exists and has IP
|
||||
if ip link show "$BRIDGE_NAME" &>/dev/null; then
|
||||
if ip addr show "$BRIDGE_NAME" | grep -q "192.168.100.1"; then
|
||||
info "Bridge $BRIDGE_NAME already configured with IP"
|
||||
else
|
||||
log "Adding IP address to existing bridge..."
|
||||
ip addr add "$BRIDGE_IP" dev "$BRIDGE_NAME"
|
||||
fi
|
||||
else
|
||||
log "Bridge $BRIDGE_NAME not found. It will be created when VMs start."
|
||||
fi
|
||||
|
||||
# Enable IP forwarding
|
||||
log "Enabling IP forwarding..."
|
||||
echo 1 > /proc/sys/net/ipv4/ip_forward
|
||||
|
||||
# Make IP forwarding persistent
|
||||
if ! grep -q "net.ipv4.ip_forward=1" /etc/sysctl.conf; then
|
||||
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
|
||||
log "IP forwarding made persistent in /etc/sysctl.conf"
|
||||
fi
|
||||
|
||||
# Set up NAT for VM network
|
||||
log "Setting up NAT for VM network..."
|
||||
|
||||
# Remove existing rules to avoid duplicates
|
||||
iptables -t nat -D POSTROUTING -s "$NETWORK" -j MASQUERADE 2>/dev/null || true
|
||||
iptables -D FORWARD -i "$BRIDGE_NAME" -o "$BRIDGE_NAME" -j ACCEPT 2>/dev/null || true
|
||||
iptables -D FORWARD -i "$BRIDGE_NAME" -j ACCEPT 2>/dev/null || true
|
||||
iptables -D FORWARD -o "$BRIDGE_NAME" -j ACCEPT 2>/dev/null || true
|
||||
|
||||
# Add new rules
|
||||
iptables -t nat -A POSTROUTING -s "$NETWORK" -j MASQUERADE
|
||||
iptables -A FORWARD -i "$BRIDGE_NAME" -o "$BRIDGE_NAME" -j ACCEPT
|
||||
iptables -A FORWARD -i "$BRIDGE_NAME" -j ACCEPT
|
||||
iptables -A FORWARD -o "$BRIDGE_NAME" -j ACCEPT
|
||||
|
||||
log "NAT rules configured"
|
||||
|
||||
# Install and configure dnsmasq for DHCP
|
||||
if ! command -v dnsmasq &>/dev/null; then
|
||||
log "Installing dnsmasq for DHCP..."
|
||||
apt update && apt install -y dnsmasq
|
||||
fi
|
||||
|
||||
# Configure dnsmasq for VM network
|
||||
DNSMASQ_CONF="/etc/dnsmasq.d/vm-network.conf"
|
||||
log "Configuring DHCP for VM network..."
|
||||
|
||||
cat > "$DNSMASQ_CONF" << EOF
|
||||
# VM Network DHCP Configuration
|
||||
# Only bind to the bridge interface to avoid conflicts with systemd-resolved
|
||||
interface=$BRIDGE_NAME
|
||||
bind-interfaces
|
||||
|
||||
# Disable DNS server functionality (only DHCP)
|
||||
port=0
|
||||
|
||||
# DHCP configuration
|
||||
dhcp-range=192.168.100.10,192.168.100.100,12h
|
||||
dhcp-option=3,192.168.100.1
|
||||
dhcp-option=6,8.8.8.8,8.8.4.4
|
||||
|
||||
# Disable reading /etc/hosts and /etc/resolv.conf
|
||||
no-hosts
|
||||
no-resolv
|
||||
EOF
|
||||
|
||||
# Restart dnsmasq
|
||||
systemctl restart dnsmasq
|
||||
systemctl enable dnsmasq
|
||||
|
||||
log "DHCP server configured and started"
|
||||
|
||||
# Create a script to show VM IPs
|
||||
cat > "/usr/local/bin/vm-ips" << 'EOF'
|
||||
#!/bin/bash
|
||||
echo "VM DHCP Leases:"
|
||||
echo "==============="
|
||||
if [ -f /var/lib/dhcp/dhcpd.leases ]; then
|
||||
awk '/lease/ { ip = $2 } /client-hostname/ { hostname = $2; gsub(/[";]/, "", hostname) } /binding state active/ { print ip " - " hostname }' /var/lib/dhcp/dhcpd.leases
|
||||
elif [ -f /var/lib/dhcpcd5/dhcpcd.leases ]; then
|
||||
cat /var/lib/dhcpcd5/dhcpcd.leases
|
||||
else
|
||||
echo "DHCP lease file not found. Checking dnsmasq leases..."
|
||||
if [ -f /var/lib/dhcp/dhcpd.leases ]; then
|
||||
cat /var/lib/dhcp/dhcpd.leases
|
||||
else
|
||||
echo "No lease information available"
|
||||
echo "Try: arp -a | grep 192.168.100"
|
||||
fi
|
||||
fi
|
||||
EOF
|
||||
|
||||
chmod +x /usr/local/bin/vm-ips
|
||||
|
||||
log "Network setup completed!"
|
||||
echo ""
|
||||
info "Network Configuration Summary:"
|
||||
info "- Bridge: $BRIDGE_NAME with IP $BRIDGE_IP"
|
||||
info "- DHCP range: 192.168.100.10 - 192.168.100.100"
|
||||
info "- DNS servers: 8.8.8.8, 8.8.4.4"
|
||||
info "- NAT configured for internet access"
|
||||
echo ""
|
||||
info "To see VM IP addresses: vm-ips"
|
||||
info "To check bridge status: ip addr show $BRIDGE_NAME"
|
||||
info "To see DHCP leases: cat /var/lib/dhcp/dhcpd.leases"
|
||||
echo ""
|
||||
warn "Note: VMs need to be restarted to get DHCP IP addresses"
|
||||
Reference in New Issue
Block a user