Skip to content

Commit

Permalink
WIP: dns: start aardvark-dns on a different port
Browse files Browse the repository at this point in the history
hardcode port 1153 and assume aardvark-dns is always started for now

Signed-off-by: Dominique Martinet <[email protected]>
Fixes: containers/aardvark-dns#13
  • Loading branch information
martinetd committed Jul 1, 2022
1 parent 0a97413 commit ee7b0de
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
2 changes: 1 addition & 1 deletion src/dns/aardvark.rs
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ impl Aardvark {
"--config",
&self.config,
"-p",
"53",
"1153",
"run",
]);

Expand Down
12 changes: 12 additions & 0 deletions src/firewall/varktables/types.rs
Original file line number Diff line number Diff line change
Expand Up @@ -344,6 +344,18 @@ pub fn get_port_forwarding_chains<'a>(
netavark_hashed_dn_chain.create = true;
}

// Create redirection for aardvark-dns on non-standard port
if let Some(gateway) = network_address.gateway {
netavark_hostport_dn_chain.create = true;
netavark_hostport_dn_chain.build_rule(VarkRule::new(
format!(
"-j {} -d {} -p {} --dport {} --to-destination {}:{} {}",
DNAT, gateway, "udp", 53, gateway, 1153, comment_dn_network_cid
),
None,
));
}

for i in pfwd.port_mappings.clone() {
if let Ok(ip) = i.host_ip.parse::<IpAddr>() {
match ip {
Expand Down

0 comments on commit ee7b0de

Please sign in to comment.