-
Notifications
You must be signed in to change notification settings - Fork 44
/
Copy pathpve-bridge
executable file
·60 lines (43 loc) · 1.62 KB
/
pve-bridge
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/usr/bin/perl
use strict;
use warnings;
use PVE::QemuServer;
use PVE::Tools qw(run_command);
use PVE::Network;
use PVE::Firewall;
my $have_sdn;
eval {
require PVE::Network::SDN::Zones;
require PVE::Network::SDN::Vnets;
$have_sdn = 1;
};
my $iface = shift;
my $hotplug = 0;
if ($iface eq '--hotplug') {
$hotplug = 1;
$iface = shift;
}
die "no interface specified\n" if !$iface;
die "got strange interface name '$iface'\n"
if $iface !~ m/^tap(\d+)i(\d+)$/;
my $vmid = $1;
my $netid = "net$2";
my $migratedfrom = $hotplug ? undef : $ENV{PVE_MIGRATED_FROM};
my $conf = PVE::QemuConfig->load_config($vmid, $migratedfrom);
my $netconf = $conf->{$netid};
$netconf = $conf->{pending}->{$netid} if !$migratedfrom && defined($conf->{pending}->{$netid});
die "unable to get network config '$netid'\n"
if !defined($netconf);
my $net = PVE::QemuServer::parse_net($netconf);
die "unable to parse network config '$netid'\n" if !$net;
# The nftable-based implementation from the newer proxmox-firewall does not requires FW bridges
my $create_firewall_bridges = $net->{firewall} && !PVE::Firewall::is_nftables();
if ($have_sdn) {
PVE::Network::SDN::Vnets::add_dhcp_mapping($net->{bridge}, $net->{macaddr}, $vmid, $conf->{name});
PVE::Network::SDN::Zones::tap_create($iface, $net->{bridge});
PVE::Network::SDN::Zones::tap_plug($iface, $net->{bridge}, $net->{tag}, $create_firewall_bridges, $net->{trunks}, $net->{rate});
} else {
PVE::Network::tap_create($iface, $net->{bridge});
PVE::Network::tap_plug($iface, $net->{bridge}, $net->{tag}, $create_firewall_bridges, $net->{trunks}, $net->{rate});
}
exit 0;