Redirect all web to local in HOTSPOT

Addresses #17
davesteele · Aug 16, 2018 · 6ce7c1c · 6ce7c1c
1 parent 0c4756d
commit 6ce7c1c
Showing 1 changed file with 2 additions and 16 deletions.
diff --git a/comitup/iptmgr.py b/comitup/iptmgr.py
@@ -18,26 +18,12 @@
 
 start_cmds = [
     # HOTSPOT rules
-    "iptables -w -N COMITUP-OUT",
-    "iptables -w -A COMITUP-OUT "
-      "-p icmp --icmp-type destination-unreachable -j DROP",  # noqa
-    "iptables -w -A COMITUP-OUT "
-      "-p icmp --icmp-type port-unreachable -j DROP",  # noqa
-    "iptables -w -A COMITUP-OUT -j RETURN",
-    "iptables -w -I OUTPUT -o {ap} -j COMITUP-OUT",
+    "iptables -w -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.42.0.1",
 ]
 
 end_cmds = [
     # Clear HOTSPOT rules
-    "iptables -w -D OUTPUT -o {ap} -j COMITUP-OUT >/dev/null 2>&1",
-    "iptables -w -D COMITUP-OUT "
-        "-p icmp --icmp-type destination-unreachable "        # noqa
-        "-j DROP >/dev/null 2>&1",                            # noqa
-    "iptables -w -D COMITUP-OUT "
-        "-p icmp --icmp-type port-unreachable "        # noqa
-        "-j DROP >/dev/null 2>&1",                            # noqa
-    "iptables -w -D COMITUP-OUT -j RETURN >/dev/null 2>&1",
-    "iptables -w -X COMITUP-OUT >/dev/null 2>&1",
+    "iptables -w -D PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.42.0.1",
 ]
 
 appliance_cmds = [