Sha256: 100e4546e52d56d3ee90ecf2209235d36eb4786d330bf63b7df2aa91d86f697a
Contents?: true
Size: 1.11 KB
Versions: 16
Compression:
Stored size: 1.11 KB
Contents
# Configure the instance to run as a Port Address Translator (NAT) to provide
# Internet connectivity to private instances.
echo "Determining the MAC address on eth0..."
ETH0_MAC=$(cat /sys/class/net/eth0/address) ||
die "Unable to determine MAC address on eth0."
echo "Found MAC ${ETH0_MAC} for eth0."
VPC_CIDR_URI="http://169.254.169.254/latest/meta-data/network/interfaces/macs/${ETH0_MAC}/vpc-ipv4-cidr-block"
echo "Metadata location for vpc ipv4 range: ${VPC_CIDR_URI}"
VPC_CIDR_RANGE=$(curl --retry 3 --silent --fail ${VPC_CIDR_URI})
echo "Retrieved VPC CIDR range ${VPC_CIDR_RANGE} from meta-data."
echo "Enabling NAT in sysctl..."
cat >/etc/sysctl.d/90-nat.conf <<EOF
net.ipv4.ip_forward = 1
net.ipv4.conf.eth0.send_redirects = 0
EOF
service procps start
sleep 1
sysctl -p
echo "Adding NAT iptables rules..."
cat >/etc/rc.local <<EOF
#!/bin/sh -e
iptables -t nat -C POSTROUTING -o eth0 -s ${VPC_CIDR_RANGE} -j MASQUERADE 2>/dev/null ||
iptables -t nat -A POSTROUTING -o eth0 -s ${VPC_CIDR_RANGE} -j MASQUERADE
iptables -n -t nat -L POSTROUTING
exit 0
EOF
/etc/rc.local
echo "Configuration of NAT complete."
Version data entries
16 entries across 16 versions & 1 rubygems