Antsle Forum

Welcome to our Antsle community! This forum is to connect all Antsle users to post experiences, make user-generated content available for the entire community and more. 

Please note: This forum is about discussing one specific issue at a time. No generalizations. No judgments. Please check the Forum Rules before posting. If you have specific questions about your Antsle and expect a response from our team directly, please continue to use the appropriate channels (email: [email protected]) so every inquiry is tracked. 

Please or Register to create posts and topics.

port forwarding not working for one of my antlets

Hi, we are having an issue configuring port forwarding: it's working fine for 2 out of 3 antlets!

We have 4 antlets (10.1.1.10 - 13) based on Ubuntu 18.04 LXC. Three of those are configured with port forwarding (see attached lxc below):

  • Calibre: 10.1.1.10:80 => *.local:8080 -> works fine.
  • Hub: 10.1.1.12:8080 => *.local:8081 -> works fine.
  • UpSource: 10.1.1.13:8082 => *.local:8082 -> connection refused

/var/log/libvirt/hook.log:

Tue Jun 18 13:38:42 PDT 2019 hook/lxc antlet Hub prepare
Tue Jun 18 13:38:42 PDT 2019 hook/lxc antlet Hub start
Tue Jun 18 13:38:42 PDT 2019 hook/lxc antlet Hub Mapping port 8081 -> 8080
Tue Jun 18 13:38:43 PDT 2019 hook/lxc antlet Hub started
Tue Jun 18 13:40:31 PDT 2019 hook/lxc antlet UpSource prepare
Tue Jun 18 13:40:31 PDT 2019 hook/lxc antlet UpSource start
Tue Jun 18 13:40:31 PDT 2019 hook/lxc antlet UpSource started
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre prepare
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre start
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre Mapping port 8080 -> 80
Tue Jun 18 13:40:54 PDT 2019 hook/lxc antlet Calibre started

we double/triple/quadruple/etc... checked the lxc script but found nothing...

Any help is more than appreciated at this time.

Thank you

LXC file (could not attach):

#!/bin/bash
# update: 06/15/2019

antlet_type=`basename "$0"`

#--->> CALIBRE <<---------------------------------
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=Calibre
antlet_ipaddr=10.1.1.10
host_ipaddr=192.168.1.20
host_ports=( '8080' )
antlet_ports=( '80' )

# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
fi

#--->> UpSource <<---------------------------------
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=Upsource
antlet_ipaddr=10.1.1.14
host_ipaddr=192.168.1.20
host_ports=( '8082' )
antlet_ports=( '8082' )

# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -$
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j D$
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RE$
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j D$
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RE$
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -$
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j D$
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RE$
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j D$
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RE$
done
fi
fi

#--->> Hub <<-------------------------------------
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=Hub
antlet_ipaddr=10.1.1.12
host_ipaddr=192.168.1.20
host_ports=( '8081' )
antlet_ports=( '8080' )

# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
fi

replying to my own post just in case it may save someone else the same aggravation...

so, after closer inspection of the lxc hook script, I noticed that the faulty block showed up with much shorter lines than other similar blocks!

In short, when cut/pasting in nano using a graphical terminal, we only copied the *visible* portion of the script and ended up truncating lines...

moral of the story => make sure to either use your editor cut/paste (not the GUI version) and to closely double-check each pasted line :<

[email protected] has reacted to this post.