Ver código fonte

The launch scripts now work!

The problem was that TCP and UDP checksum offloading was on in
the ous container.  The kernel expected the physical interface
to compute the checksum, but it's a veth, so there isn't one.
Therefore the checksum was wrong when it left the ous container,
and the packet treated as invalid and not sent though the nat table
later on.
Ian Goldberg 7 anos atrás
pai
commit
b2a79f6bbc
4 arquivos alterados com 11 adições e 9 exclusões
  1. 3 0
      build-slitheen
  2. 5 7
      net_run
  3. 2 1
      ous_run
  4. 1 1
      slitheen-docker/Dockerfile

+ 3 - 0
build-slitheen

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+cd slitheen-docker && docker build -t slitheen .

+ 5 - 7
net_run

@@ -1,9 +1,7 @@
-koko -d relay,veth2,172.17.31.1/24 -d ous,veth0,172.17.31.2/16 || exit 1
-docker exec --privileged -u root relay ethtool -K eth0 tso off
-docker exec --privileged -u root relay ethtool -K eth0 gro off
-docker exec --privileged -u root relay ethtool -K eth0 gso off
-docker exec --privileged -u root relay ethtool -K veth2 tso off
-docker exec --privileged -u root relay ethtool -K veth2 gro off
-docker exec --privileged -u root relay ethtool -K veth2 gso off
+koko -d ous,veth0,172.17.31.2/16 -d relay,veth1,172.17.31.100/24 || exit 1
+docker exec --privileged -u root ous ethtool -K veth0 tx off tso off ufo off
+docker exec --privileged -u root relay ethtool -K eth0 tso off gro off gso off
+docker exec --privileged -u root relay ethtool -K veth1 tso off gro off gso off
+docker exec --privileged -u root ous route del default gw 172.18.0.1
 docker exec --privileged -u root ous route add default gw 172.17.0.1
 docker exec --privileged -u root relay bash -c "echo 0 > /proc/sys/net/ipv4/ip_forward"

+ 2 - 1
ous_run

@@ -1,3 +1,4 @@
 #!/bin/bash
 
-docker rm ous; docker run -p 5900:5900 --name ous -it -v /home/iang/firefox-build:/home/iang/firefox-build --net=none slitheen /bin/bash
+docker network create vnc >/dev/null 2>&1
+docker rm ous; docker run -p 5900:5900 --name ous -it -v /home/iang/firefox-build:/home/iang/firefox-build --net=vnc slitheen /bin/bash

+ 1 - 1
slitheen-docker/Dockerfile

@@ -1,3 +1,3 @@
 FROM ff_build_bootstrapped
 RUN sudo apt-get update
-RUN sudo apt-get install -y inetutils-ping libssl-dev libpcap0.8-dev ethtool tcpdump valgrind
+RUN sudo apt-get install -y inetutils-ping libssl-dev libpcap0.8-dev ethtool tcpdump valgrind iptables telnet