Antsle Forum

Welcome to our Antsle community! This forum is to connect all Antsle users to post experiences, make user-generated content available for the entire community and more. 

Please note: This forum is about discussing one specific issue at a time. No generalizations. No judgments. Please check the Forum Rules before posting. If you have specific questions about your Antsle and expect a response from our team directly, please continue to use the appropriate channels (email: [email protected]) so every inquiry is tracked. 

You need to log in to create posts and topics.

port forwarding not working for one of my antlets

Hi, we are having an issue configuring port forwarding: it's working fine for 2 out of 3 antlets!

We have 4 antlets (10.1.1.10 - 13) based on Ubuntu 18.04 LXC. Three of those are configured with port forwarding (see attached lxc below):

  • Calibre: 10.1.1.10:80 => *.local:8080 -> works fine.
  • Hub: 10.1.1.12:8080 => *.local:8081 -> works fine.
  • UpSource: 10.1.1.13:8082 => *.local:8082 -> connection refused

/var/log/libvirt/hook.log:

Tue Jun 18 13:38:42 PDT 2019 hook/lxc antlet Hub prepare
Tue Jun 18 13:38:42 PDT 2019 hook/lxc antlet Hub start
Tue Jun 18 13:38:42 PDT 2019 hook/lxc antlet Hub Mapping port 8081 -> 8080
Tue Jun 18 13:38:43 PDT 2019 hook/lxc antlet Hub started
Tue Jun 18 13:40:31 PDT 2019 hook/lxc antlet UpSource prepare
Tue Jun 18 13:40:31 PDT 2019 hook/lxc antlet UpSource start
Tue Jun 18 13:40:31 PDT 2019 hook/lxc antlet UpSource started
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre prepare
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre start
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre Mapping port 8080 -> 80
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre started

we double/triple/quadruple/etc... checked the lxc script but found nothing...

Any help is more than appreciated at this time.

Thank you

LXC file (could not attach):

#!/bin/bash
# update: 06/15/2019

antlet_type=`basename "$0"`

#--->> CALIBRE <<---------------------------------
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=Calibre
antlet_ipaddr=10.1.1.10
host_ipaddr=192.168.1.20
host_ports=( '8080' )
antlet_ports=( '80' )

# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
fi

#--->> UpSource <<---------------------------------
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=Upsource
antlet_ipaddr=10.1.1.14
host_ipaddr=192.168.1.20
host_ports=( '8082' )
antlet_ports=( '8082' )

# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -$
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j D$
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RE$
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j D$
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RE$
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -$
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j D$
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RE$
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j D$
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RE$
done
fi
fi

#--->> Hub <<-------------------------------------
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=Hub
antlet_ipaddr=10.1.1.12
host_ipaddr=192.168.1.20
host_ports=( '8081' )
antlet_ports=( '8080' )

# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
fi

replying to my own post just in case it may save someone else the same aggravation...

so, after closer inspection of the lxc hook script, I noticed that the faulty block showed up with much shorter lines than other similar blocks!

In short, when cut/pasting in nano using a graphical terminal, we only copied the *visible* portion of the script and ended up truncating lines...

moral of the story => make sure to either use your editor cut/paste (not the GUI version) and to closely double-check each pasted line :<

powered by proof factor - increase conversions with social proof notifications