network: use /32 netmask on internal IPs in NAT providing namespace

Use /32 inside network namespace too. Otherwise inter-VM traffic is broken - as all VMs seems to be in a single /24 subnet, but in fact are not. QubesOS/qubes-issues#1143
2016-11-01 00:22:19 +01:00 · 2016-11-01 00:22:19 +01:00 · 24b726a3bf
commit 24b726a3bf
parent c8213ea55a
1 changed files with 2 additions and 2 deletions
--- a/network/vif-qubes-nat.sh
+++ b/network/vif-qubes-nat.sh
@ -1,7 +1,6 @@
 #!/bin/bash
 #set -x

-netvm_subnet=/24
 undetectable_netvm_ips=

 netns="${vif}-nat"
@ -85,13 +84,14 @@ if test "$command" == online; then
        netns iptables -t nat -I POSTROUTING -o "$netns_appvm_if" -s "$netvm_dns2_ip" -j SNAT --to-source "$appvm_dns2_ip"
    fi

-    netns ip addr add "$netvm_ip$netvm_subnet" dev "$netns_netvm_if"
+    netns ip addr add "$netvm_ip" dev "$netns_netvm_if"
    netns ip addr add "$appvm_gw_ip" dev "$netns_appvm_if"

    netns ip link set "$netns_netvm_if" up
    netns ip link set "$netns_appvm_if" up

    netns ip route add "$appvm_ip" dev "$netns_appvm_if" src "$appvm_gw_ip"
+    netns ip route add "$netvm_gw_ip" dev "$netns_netvm_if" src "$netvm_ip"
    netns ip route add default via "$netvm_gw_ip" dev "$netns_netvm_if" src "$netvm_ip"