diff options
| author |   Blackwell, Ian (ib733q) <ib733q@att.com> | 2018-09-20 15:56:25 +0100 |
|---|---|---|
| committer |   iblackwe <IanB@amdocs.com> | 2018-09-20 16:26:14 +0100 |
| commit | 98b93b77f43c2bd09b89b6bcc9102bb6e8e1d7af (patch) | |
| tree | 405bc2149b68b85ccd72017ccd27837ed37b9189 /sidecar/tproxy-config/src/main/bin/start.sh | |
| parent | 85f33095c117ba5b361749746d564e6308a33f14 (diff) | |
Initial drop of tproxy-config init container
The tproxy-config init container sets up a pod's internal
network routing such that any traffic outbound from
the primary service is routed through the forward
proxy.
Change-Id: Ieca438fbed07db5fe7bce6162811634237c61b2a
Issue-ID: AAI-1664
Signed-off-by: Blackwell, Ian (ib733q) <ib733q@att.com>
Diffstat (limited to 'sidecar/tproxy-config/src/main/bin/start.sh')
| -rw-r--r-- | sidecar/tproxy-config/src/main/bin/start.sh | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/sidecar/tproxy-config/src/main/bin/start.sh b/sidecar/tproxy-config/src/main/bin/start.sh new file mode 100644 index 0000000..cbb003d --- /dev/null +++ b/sidecar/tproxy-config/src/main/bin/start.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +# ============LICENSE_START======================================================= +# org.onap.aai +# ================================================================================ +# Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2017-2018 European Software Marketing Ltd. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +set -x +set -eo pipefail + +#iptables -t nat -A PREROUTING -p tcp -j REDIRECT --to-port 9080 +iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 9999 -m owner '!' --uid-owner 1001 +#iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 9999 -m owner '!' --uid-owner 100 +#iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 9999 -m owner --uid-owner 0 +iptables -t nat --list |