Loading Dockerfile +3 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ FROM qemux/qemu-host:2.05 AS builder FROM debian:trixie-slim ARG TARGETARCH ARG TARGETPLATFORM ARG VERSION_ARG="0.0" ARG DEBCONF_NOWARNINGS="yes" Loading Loading @@ -46,6 +47,8 @@ RUN set -eu && \ ca-certificates \ netcat-openbsd \ qemu-system-x86 && \ wget "https://github.com/qemus/passt/releases/download/v2025_09_19/passt_2025_09_19_${TARGETARCH}.deb" -O /tmp/passt.deb -q && \ dpkg -i /tmp/passt.deb && \ apt-get clean && \ pip3 install --no-cache-dir --break-system-packages --root-user-action=ignore dissect.cstruct && \ mkdir -p /etc/qemu && \ Loading src/config.sh +1 −1 Original line number Diff line number Diff line Loading @@ -37,7 +37,7 @@ if [[ "$RAM_CHECK" != [Nn]* ]]; then fi if [[ "$DEBUG" == [Yy1]* ]]; then printf "Arguments:\n\n%s\n\n" "${ARGS// -/$'\n-'}" printf "QEMU arguments:\n\n%s\n\n" "${ARGS// -/$'\n-'}" fi return 0 src/network.sh +309 −121 Original line number Diff line number Diff line Loading @@ -7,17 +7,24 @@ set -Eeuo pipefail : "${MTU:=""}" : "${DHCP:="N"}" : "${NETWORK:="Y"}" : "${USER_PORTS:=""}" : "${HOST_PORTS:=""}" : "${USER_PORTS:=""}" : "${ADAPTER:="virtio-net-pci"}" : "${VM_NET_IP:=""}" : "${VM_NET_DEV:=""}" : "${VM_NET_TAP:="dsm"}" : "${VM_NET_MAC:="$MAC"}" : "${VM_NET_IP:="20.20.20.21"}" : "${VM_NET_BRIDGE:="docker"}" : "${VM_NET_HOST:="VirtualDSM"}" : "${VM_NET_MASK:="255.255.255.0"}" : "${PASST:="passt"}" : "${PASST_OPTS:=""}" : "${PASST_DEBUG:=""}" : "${DNSMASQ_OPTS:=""}" : "${DNSMASQ_DEBUG:=""}" : "${DNSMASQ:="/usr/sbin/dnsmasq"}" : "${DNSMASQ_CONF_DIR:="/etc/dnsmasq.d"}" Loading Loading @@ -63,7 +70,7 @@ configureDHCP() { if [[ "$MTU" != "0" && "$MTU" != "1500" ]]; then if ! ip link set dev "$VM_NET_TAP" mtu "$MTU"; then warn "Failed to set MTU size to $MTU." && MTU="0" warn "Failed to set MTU size to $MTU." fi fi Loading Loading @@ -107,41 +114,66 @@ configureDHCP() { configureDNS() { local if="$1" local ip="$2" local mac="$3" local host="$4" local mask="$5" local gateway="$6" [[ "${DNSMASQ_DISABLE:-}" == [Yy1]* ]] && return 0 [[ "$DEBUG" == [Yy1]* ]] && echo "Starting dnsmasq daemon..." local log="/var/log/dnsmasq.log" rm -f "$log" case "${NETWORK,,}" in "nat" | "tap" | "tun" | "tuntap" | "y" ) # Create lease file for faster resolve echo "0 $VM_NET_MAC $VM_NET_IP $VM_NET_HOST 01:$VM_NET_MAC" > /var/lib/misc/dnsmasq.leases echo "0 $mac $ip $host 01:$mac" > /var/lib/misc/dnsmasq.leases chmod 644 /var/lib/misc/dnsmasq.leases # dnsmasq configuration: DNSMASQ_OPTS+=" --dhcp-authoritative" # Set DHCP range and host DNSMASQ_OPTS+=" --dhcp-range=$VM_NET_IP,$VM_NET_IP" DNSMASQ_OPTS+=" --dhcp-host=$VM_NET_MAC,,$VM_NET_IP,$VM_NET_HOST,infinite" DNSMASQ_OPTS+=" --dhcp-range=$ip,$ip" DNSMASQ_OPTS+=" --dhcp-host=$mac,,$ip,$host,infinite" # Set DNS server and gateway DNSMASQ_OPTS+=" --dhcp-option=option:netmask,255.255.255.0" DNSMASQ_OPTS+=" --dhcp-option=option:router,${VM_NET_IP%.*}.1" DNSMASQ_OPTS+=" --dhcp-option=option:dns-server,${VM_NET_IP%.*}.1" DNSMASQ_OPTS+=" --dhcp-option=option:netmask,$mask" DNSMASQ_OPTS+=" --dhcp-option=option:router,$gateway" DNSMASQ_OPTS+=" --dhcp-option=option:dns-server,$gateway" esac # Set interfaces DNSMASQ_OPTS+=" --interface=$if" DNSMASQ_OPTS+=" --bind-interfaces" # Add DNS entry for container DNSMASQ_OPTS+=" --address=/host.lan/${VM_NET_IP%.*}.1" DNSMASQ_OPTS+=" --address=/host.lan/$gateway" # Set local dns resolver to dnsmasq when needed [ -f /etc/resolv.dnsmasq ] && DNSMASQ_OPTS+=" --resolv-file=/etc/resolv.dnsmasq" # Enable logging to file DNSMASQ_OPTS+=" --log-facility=$log" DNSMASQ_OPTS=$(echo "$DNSMASQ_OPTS" | sed 's/\t/ /g' | tr -s ' ' | sed 's/^ *//') [[ "$DEBUG" == [Yy1]* ]] && echo "Starting Dnsmasq daemon..." [[ "$DEBUG" == [Yy1]* ]] && printf "Dnsmasq arguments:\n\n%s\n\n" "${DNSMASQ_OPTS// -/$'\n-'}" if ! $DNSMASQ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}; then local msg="Failed to start Dnsmasq, reason: $?" [ -f "$log" ] && cat "$log" error "$msg" return 1 fi if [[ "${DEBUG_DNS:-}" == [Yy1]* ]]; then if [[ "$DNSMASQ_DEBUG" == [Yy1]* ]]; then tail -fn +0 "$log" & fi Loading Loading @@ -183,40 +215,130 @@ getUserPorts() { getHostPorts() { local list="$1" list=$(echo "${list// /}" | sed 's/,*$//g') [ -z "$list" ] && list="$MON_PORT" || list+=",$MON_PORT" [ -z "$list" ] && echo "" && return 0 if [[ "$list" != *","* ]]; then echo " ! --dport $list" else echo " -m multiport ! --dports $list" if [[ "${NETWORK,,}" == "passt" ]]; then local DNS_PORT="53" if [[ "${DNSMASQ_DISABLE:-}" != [Yy1]* ]]; then [ -z "$list" ] && list="$DNS_PORT" || list+=",$DNS_PORT" fi [ -z "$list" ] && list="$COM_PORT" || list+=",$COM_PORT" [ -z "$list" ] && list="$CHR_PORT" || list+=",$CHR_PORT" fi echo "$list" return 0 } configureUser() { configureSlirp() { [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring SLIRP networking..." [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring slirp networking..." if [ -z "$IP6" ]; then NET_OPTS="-netdev user,id=hostnet0,host=${VM_NET_IP%.*}.1,net=${VM_NET_IP%.*}.0/24,dhcpstart=$VM_NET_IP,hostname=$VM_NET_HOST" else NET_OPTS="-netdev user,id=hostnet0,ipv4=on,host=${VM_NET_IP%.*}.1,net=${VM_NET_IP%.*}.0/24,dhcpstart=$VM_NET_IP,ipv6=on,hostname=$VM_NET_HOST" fi local ip="$IP" [ -n "$VM_NET_IP" ] && ip="$VM_NET_IP" local base="${ip%.*}." [ "${ip/$base/}" -lt "4" ] && ip="${ip%.*}.4" local gateway="${ip%.*}.1" local ipv6="" [ -n "$IP6" ] && ipv6="ipv6=on," NET_OPTS="-netdev user,id=hostnet0,ipv4=on,host=$gateway,net=${gateway%.*}.0/24,dhcpstart=$ip,${ipv6}hostname=$VM_NET_HOST" local forward forward=$(getUserPorts "$USER_PORTS") forward=$(getUserPorts "${USER_PORTS:-}") [ -n "$forward" ] && NET_OPTS+=",$forward" if [[ "${DNSMASQ_DISABLE:-}" != [Yy1]* ]]; then cp /etc/resolv.conf /etc/resolv.dnsmasq echo -e "nameserver 127.0.0.1\nsearch .\noptions ndots:0" >/etc/resolv.conf configureDNS "lo" "$ip" "$VM_NET_MAC" "$VM_NET_HOST" "$VM_NET_MASK" "$gateway" || return 1 fi VM_NET_IP="$ip" return 0 } configurePasst() { [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring user-mode networking..." local log="/var/log/passt.log" rm -f "$log" local pid="/var/run/dnsmasq.pid" [ -s "$pid" ] && pKill "$(<"$pid")" local ip="$IP" [ -n "$VM_NET_IP" ] && ip="$VM_NET_IP" local gateway="" if [[ "$ip" != *".1" ]]; then gateway="${ip%.*}.1" else gateway="${ip%.*}.2" fi # passt configuration: [ -z "$IP6" ] && PASST_OPTS+=" -4" PASST_OPTS+=" -a $ip" PASST_OPTS+=" -g $gateway" PASST_OPTS+=" -n $VM_NET_MASK" exclude=$(getHostPorts "$HOST_PORTS") if [ -z "$exclude" ]; then exclude="all" else exclude="~${exclude//,/,~}" fi PASST_OPTS+=" -t $exclude" PASST_OPTS+=" -u $exclude" PASST_OPTS+=" -H $VM_NET_HOST" PASST_OPTS+=" -M $VM_NET_MAC" PASST_OPTS+=" -P /var/run/passt.pid" PASST_OPTS+=" -l $log" PASST_OPTS+=" -q" if [[ "${DNSMASQ_DISABLE:-}" != [Yy1]* ]]; then cp /etc/resolv.conf /etc/resolv.dnsmasq echo -e "nameserver 127.0.0.1\nsearch .\noptions ndots:0" >/etc/resolv.conf fi PASST_OPTS=$(echo "$PASST_OPTS" | sed 's/\t/ /g' | tr -s ' ' | sed 's/^ *//') [[ "$DEBUG" == [Yy1]* ]] && printf "Passt arguments:\n\n%s\n\n" "${PASST_OPTS// -/$'\n-'}" if ! $PASST ${PASST_OPTS:+ $PASST_OPTS}; then local msg="Failed to start passt, reason: $?" [ -f "$log" ] && cat "$log" error "$msg" return 1 fi if [[ "$PASST_DEBUG" == [Yy1]* ]]; then tail -fn +0 "$log" & fi NET_OPTS="-netdev stream,id=hostnet0,server=off,addr.type=unix,addr.path=/tmp/passt_1.socket" configureDNS "lo" "$ip" "$VM_NET_MAC" "$VM_NET_HOST" "$VM_NET_MASK" "$gateway" || return 1 VM_NET_IP="$ip" return 0 } configureNAT() { local tuntap="TUN device is missing. $ADD_ERR --device /dev/net/tun" local tables="The 'ip_tables' kernel module is not loaded. Try this command: sudo modprobe ip_tables iptable_nat" local tables="the 'ip_tables' kernel module is not loaded. Try this command: sudo modprobe ip_tables iptable_nat" [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring NAT networking..." Loading @@ -230,50 +352,59 @@ configureNAT() { fi if [ ! -c /dev/net/tun ]; then error "$tuntap" && return 1 warn "$tuntap" && return 1 fi # Check port forwarding flag if [[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]]; then { sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1; rc=$?; } || : if (( rc != 0 )) || [[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]]; then [[ "$PODMAN" == [Yy1]* ]] && return 1 error "IP forwarding is disabled. $ADD_ERR --sysctl net.ipv4.ip_forward=1" warn "IP forwarding is disabled. $ADD_ERR --sysctl net.ipv4.ip_forward=1" return 1 fi fi local ip="172.30.0.2" [ -n "$VM_NET_IP" ] && ip="$VM_NET_IP" local gateway="" if [[ "$ip" != *".1" ]]; then gateway="${ip%.*}.1" else gateway="${ip%.*}.2" fi # Create a bridge with a static IP for the VM guest { ip link add dev dockerbridge type bridge ; rc=$?; } || : { ip link add dev "$VM_NET_BRIDGE" type bridge ; rc=$?; } || : if (( rc != 0 )); then error "Failed to create bridge. $ADD_ERR --cap-add NET_ADMIN" && return 1 warn "failed to create bridge. $ADD_ERR --cap-add NET_ADMIN" && return 1 fi if ! ip address add "${VM_NET_IP%.*}.1/24" broadcast "${VM_NET_IP%.*}.255" dev dockerbridge; then error "Failed to add IP address pool!" && return 1 if ! ip address add "$gateway/24" broadcast "${ip%.*}.255" dev "$VM_NET_BRIDGE"; then warn "failed to add IP address pool!" && return 1 fi while ! ip link set dockerbridge up; do while ! ip link set "$VM_NET_BRIDGE" up; do info "Waiting for IP address to become available..." sleep 2 done # QEMU Works with taps, set tap to the bridge created if ! ip tuntap add dev "$VM_NET_TAP" mode tap; then error "$tuntap" && return 1 warn "$tuntap" && return 1 fi if [[ "$MTU" != "0" && "$MTU" != "1500" ]]; then if ! ip link set dev "$VM_NET_TAP" mtu "$MTU"; then warn "Failed to set MTU size to $MTU." && MTU="0" warn "failed to set MTU size to $MTU." fi fi GATEWAY_MAC=$(echo "$VM_NET_MAC" | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/') if ! ip link set dev "$VM_NET_TAP" address "$GATEWAY_MAC"; then warn "Failed to set gateway MAC address.." warn "failed to set gateway MAC address.." fi while ! ip link set "$VM_NET_TAP" up promisc on; do Loading @@ -281,27 +412,39 @@ configureNAT() { sleep 2 done if ! ip link set dev "$VM_NET_TAP" master dockerbridge; then error "Failed to set IP link!" && return 1 if ! ip link set dev "$VM_NET_TAP" master "$VM_NET_BRIDGE"; then warn "failed to set master bridge!" && return 1 fi # Add internet connection to the VM if grep -wq "nf_tables" /proc/modules; then update-alternatives --set iptables /usr/sbin/iptables-nft > /dev/null update-alternatives --set ip6tables /usr/sbin/ip6tables-nft > /dev/null else update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null fi exclude=$(getHostPorts "$HOST_PORTS") if [ -n "$exclude" ]; then if [[ "$exclude" != *","* ]]; then exclude=" ! --dport $exclude" else exclude=" -m multiport ! --dports $exclude" fi fi if ! iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE; then error "$tables" && return 1 warn "$tables" && return 1 fi # shellcheck disable=SC2086 if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp${exclude} -j DNAT --to "$VM_NET_IP"; then error "Failed to configure IP tables!" && return 1 if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp${exclude} -j DNAT --to "$ip"; then warn "failed to configure IP tables!" && return 1 fi if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p udp -j DNAT --to "$VM_NET_IP"; then error "Failed to configure IP tables!" && return 1 if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p udp -j DNAT --to "$ip"; then warn "failed to configure IP tables!" && return 1 fi if (( KERNEL > 4 )); then Loading @@ -318,8 +461,9 @@ configureNAT() { NET_OPTS+=",script=no,downscript=no" configureDNS || return 1 configureDNS "$VM_NET_BRIDGE" "$ip" "$VM_NET_MAC" "$VM_NET_HOST" "$VM_NET_MASK" "$gateway" || return 1 VM_NET_IP="$ip" return 0 } Loading @@ -327,14 +471,21 @@ closeBridge() { local pid="/var/run/dnsmasq.pid" [ -s "$pid" ] && pKill "$(<"$pid")" rm -f "$pid" [[ "${NETWORK,,}" == "user"* ]] && return 0 pid="/var/run/passt.pid" [ -s "$pid" ] && pKill "$(<"$pid")" rm -f "$pid" case "${NETWORK,,}" in "user"* | "passt" | "slirp" ) return 0 ;; esac ip link set "$VM_NET_TAP" down promisc off &> null || true ip link delete "$VM_NET_TAP" &> null || true ip link set dockerbridge down &> null || true ip link delete dockerbridge &> null || true ip link set "$VM_NET_BRIDGE" down &> null || true ip link delete "$VM_NET_BRIDGE" &> null || true return 0 } Loading Loading @@ -367,6 +518,21 @@ closeNetwork() { return 0 } cleanUp() { # Clean up old files rm -f /etc/resolv.dnsmasq rm -f /var/run/passt.pid rm -f /var/run/dnsmasq.pid if [[ -d "/sys/class/net/$VM_NET_TAP" ]]; then info "Lingering interface will be removed..." ip link delete "$VM_NET_TAP" || true fi return 0 } checkOS() { local kernel Loading Loading @@ -407,18 +573,31 @@ getInfo() { error "$ADD_ERR -e \"VM_NET_DEV=NAME\" to specify another interface name." && exit 26 fi GATEWAY=$(ip route list dev "$VM_NET_DEV" | awk ' /^default/ {print $3}' | head -n 1) IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/ | head -n 1) IP6="" # shellcheck disable=SC2143 if [ -f /proc/net/if_inet6 ] && [ -n "$(ifconfig -a | grep inet6)" ]; then IP6=$(ip -6 addr show dev "$VM_NET_DEV" scope global up) [ -n "$IP6" ] && IP6=$(echo "$IP6" | sed -e's/^.*inet6 \([^ ]*\)\/.*$/\1/;t;d' | head -n 1) fi local result nic bus result=$(ethtool -i "$VM_NET_DEV") nic=$(grep -m 1 -i 'driver:' <<< "$result" | awk '{print $(2)}') bus=$(grep -m 1 -i 'bus-info:' <<< "$result" | awk '{print $(2)}') if [[ "${bus,,}" != "" && "${bus,,}" != "n/a" && "${bus,,}" != "tap" ]]; then [[ "$DEBUG" == [Yy1]* ]] && info "Detected BUS: $bus" if [[ "${bus,,}" != "" && "${bus,,}" != "n/a" && "${bus,,}" != "tap" ]]; then [[ "$DEBUG" == [Yy1]* ]] && info "Detected BUS: $bus" error "This container does not support host mode networking!" exit 29 fi if [[ "$DHCP" == [Yy1]* ]]; then checkOS if [[ "${nic,,}" == "ipvlan" ]]; then error "This container does not support IPVLAN networking when DHCP=Y." exit 29 Loading @@ -430,16 +609,26 @@ getInfo() { exit 29 fi else if [[ "$IP" != "172."* && "$IP" != "10.8"* && "$IP" != "10.9"* ]]; then checkOS fi fi BASE_IP="${VM_NET_IP%.*}." local mtu="" if [ "${VM_NET_IP/$BASE_IP/}" -lt "3" ]; then error "Invalid VM_NET_IP, must end in a higher number than .3" && exit 27 if [ -f "/sys/class/net/$VM_NET_DEV/mtu" ]; then mtu=$(< "/sys/class/net/$VM_NET_DEV/mtu") fi if [ -z "$MTU" ]; then MTU=$(cat "/sys/class/net/$VM_NET_DEV/mtu") [ -z "$MTU" ] && MTU="$mtu" [ -z "$MTU" ] && MTU="0" if [ "$MTU" -gt "1500" ]; then [[ "$DEBUG" == [Yy1]* ]] && echo "MTU size is too large: $MTU, ignoring..." MTU="0" fi if [[ "${ADAPTER,,}" != "virtio-net-pci" ]]; then Loading Loading @@ -471,19 +660,25 @@ getInfo() { error "Invalid MAC address: '$VM_NET_MAC', should be 12 or 17 digits long!" && exit 28 fi GATEWAY=$(ip route list dev "$VM_NET_DEV" | awk ' /^default/ {print $3}' | head -n 1) IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/ | head -n 1) if [[ "$PODMAN" == [Yy1]* && "$DHCP" != [Yy1]* ]]; then if [ -z "$NETWORK" ] || [[ "${NETWORK^^}" == "Y" ]]; then # By default Podman has no permissions for NAT networking NETWORK="user" fi fi IP6="" # shellcheck disable=SC2143 if [ -f /proc/net/if_inet6 ] && [ -n "$(ifconfig -a | grep inet6)" ]; then IP6=$(ip -6 addr show dev "$VM_NET_DEV" scope global up) [ -n "$IP6" ] && IP6=$(echo "$IP6" | sed -e's/^.*inet6 \([^ ]*\)\/.*$/\1/;t;d' | head -n 1) if [[ "$DEBUG" == [Yy1]* ]]; then line="Host: $HOST IP: $IP Gateway: $GATEWAY Interface: $VM_NET_DEV MAC: $VM_NET_MAC MTU: $mtu" [[ "$MTU" != "0" && "$MTU" != "$mtu" ]] && line+=" ($MTU)" info "$line" if [ -f /etc/resolv.conf ]; then nameservers=$(grep '^nameserver*' /etc/resolv.conf | head -c -1 | sed 's/nameserver //g;' | sed -z 's/\n/, /g') [ -n "$nameservers" ] && info "Nameservers: $nameservers" fi echo fi [ -f "/run/.containerenv" ] && PODMAN="Y" || PODMAN="N" echo "$IP" > /run/shm/qemu.ip return 0 } Loading @@ -496,39 +691,19 @@ if [[ "$NETWORK" == [Nn]* ]]; then return 0 fi [[ "$DEBUG" == [Yy1]* ]] && echo "Retrieving network information..." msg="Initializing network..." html "$msg" [[ "$DEBUG" == [Yy1]* ]] && echo "$msg" getInfo html "Initializing network..." if [[ "$DEBUG" == [Yy1]* ]]; then mtu=$(cat "/sys/class/net/$VM_NET_DEV/mtu") line="Host: $HOST IP: $IP Gateway: $GATEWAY Interface: $VM_NET_DEV MAC: $VM_NET_MAC MTU: $mtu" [[ "$MTU" != "0" && "$MTU" != "$mtu" ]] && line+=" ($MTU)" info "$line" if [ -f /etc/resolv.conf ]; then nameservers=$(grep '^nameserver*' /etc/resolv.conf | head -c -1 | sed 's/nameserver //g;' | sed -z 's/\n/, /g') [ -n "$nameservers" ] && info "Nameservers: $nameservers" fi echo fi cleanUp if [[ "$IP" == "172.17."* ]]; then warn "your container IP starts with 172.17.* which will cause conflicts when you install the Container Manager package inside DSM!" fi # Clean up old files rm -f /var/run/dnsmasq.pid if [[ -d "/sys/class/net/$VM_NET_TAP" ]]; then info "Lingering interface will be removed..." ip link delete "$VM_NET_TAP" || true fi if [[ "$DHCP" == [Yy1]* ]]; then checkOS # Configure for macvtap interface configureDHCP || exit 20 Loading @@ -537,10 +712,6 @@ if [[ "$DHCP" == [Yy1]* ]]; then else if [[ "$IP" != "172."* && "$IP" != "10.8"* && "$IP" != "10.9"* ]]; then checkOS fi if [[ "${WEB:-}" != [Nn]* ]]; then # Shutdown nginx Loading @@ -549,33 +720,50 @@ else fi if [[ "${NETWORK,,}" != "user"* ]]; then case "${NETWORK,,}" in "user"* | "passt" | "slirp" ) ;; "nat" | "tap" | "tun" | "tuntap" | "y" ) # Configure for tap interface # Configure tap interface if ! configureNAT; then closeBridge NETWORK="user" msg="falling back to user-mode networking!" if [[ "$PODMAN" != [Yy1]* ]]; then msg="an error occured, $msg" else msg="podman detected, $msg" fi warn "$msg" [ -z "$USER_PORTS" ] && info "Notice: when you want to expose ports in this mode, map them using this variable: \"USER_PORTS=5000,5001\"." msg="failed to setup NAT networking, $msg" fi fi ;; fi esac if [[ "${NETWORK,,}" == "user"* ]]; then [[ "${NETWORK,,}" == "user"* ]] && NETWORK="passt" # Configure for user-mode networking (slirp) configureUser || exit 24 case "${NETWORK,,}" in "nat" | "tap" | "tun" | "tuntap" | "y" ) ;; "passt" ) # Configure for user-mode networking (passt) if ! configurePasst; then error "Failed to configure user-mode networking!" exit 24 fi ;; "slirp" ) # Configure for user-mode networking (slirp) if ! configureSlirp; then error "Failed to configure user-mode networking!" exit 24 fi if [ -z "$USER_PORTS" ]; then info "Notice: slirp networking is active, so when you want to expose ports, you will need to map them using this variable: \"USER_PORTS=5000,5001\"." fi ;; *) error "Unrecognized NETWORK value: \"$NETWORK\"" && exit 24 ;; esac fi NET_OPTS+=" -device $ADAPTER,id=net0,netdev=hostnet0,romfile=,mac=$VM_NET_MAC" Loading src/power.sh +1 −1 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ set -Eeuo pipefail # Configure QEMU for graceful shutdown API_CMD=6 API_HOST="127.0.0.1:2210" API_HOST="127.0.0.1:$COM_PORT" QEMU_TERM="" QEMU_DIR="/run/shm" Loading src/print.sh +1 −1 Original line number Diff line number Diff line Loading @@ -15,7 +15,7 @@ page="/run/shm/index.html" address="/run/shm/qemu.ip" shutdown="/run/shm/qemu.end" template="/var/www/index.html" url="http://127.0.0.1:2210/read?command=10" url="http://127.0.0.1:$COM_PORT/read?command=10" resp_err="Guest returned an invalid response:" curl_err="Failed to connect to guest: curl error" Loading Loading
Dockerfile +3 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,7 @@ FROM qemux/qemu-host:2.05 AS builder FROM debian:trixie-slim ARG TARGETARCH ARG TARGETPLATFORM ARG VERSION_ARG="0.0" ARG DEBCONF_NOWARNINGS="yes" Loading Loading @@ -46,6 +47,8 @@ RUN set -eu && \ ca-certificates \ netcat-openbsd \ qemu-system-x86 && \ wget "https://github.com/qemus/passt/releases/download/v2025_09_19/passt_2025_09_19_${TARGETARCH}.deb" -O /tmp/passt.deb -q && \ dpkg -i /tmp/passt.deb && \ apt-get clean && \ pip3 install --no-cache-dir --break-system-packages --root-user-action=ignore dissect.cstruct && \ mkdir -p /etc/qemu && \ Loading
src/config.sh +1 −1 Original line number Diff line number Diff line Loading @@ -37,7 +37,7 @@ if [[ "$RAM_CHECK" != [Nn]* ]]; then fi if [[ "$DEBUG" == [Yy1]* ]]; then printf "Arguments:\n\n%s\n\n" "${ARGS// -/$'\n-'}" printf "QEMU arguments:\n\n%s\n\n" "${ARGS// -/$'\n-'}" fi return 0
src/network.sh +309 −121 Original line number Diff line number Diff line Loading @@ -7,17 +7,24 @@ set -Eeuo pipefail : "${MTU:=""}" : "${DHCP:="N"}" : "${NETWORK:="Y"}" : "${USER_PORTS:=""}" : "${HOST_PORTS:=""}" : "${USER_PORTS:=""}" : "${ADAPTER:="virtio-net-pci"}" : "${VM_NET_IP:=""}" : "${VM_NET_DEV:=""}" : "${VM_NET_TAP:="dsm"}" : "${VM_NET_MAC:="$MAC"}" : "${VM_NET_IP:="20.20.20.21"}" : "${VM_NET_BRIDGE:="docker"}" : "${VM_NET_HOST:="VirtualDSM"}" : "${VM_NET_MASK:="255.255.255.0"}" : "${PASST:="passt"}" : "${PASST_OPTS:=""}" : "${PASST_DEBUG:=""}" : "${DNSMASQ_OPTS:=""}" : "${DNSMASQ_DEBUG:=""}" : "${DNSMASQ:="/usr/sbin/dnsmasq"}" : "${DNSMASQ_CONF_DIR:="/etc/dnsmasq.d"}" Loading Loading @@ -63,7 +70,7 @@ configureDHCP() { if [[ "$MTU" != "0" && "$MTU" != "1500" ]]; then if ! ip link set dev "$VM_NET_TAP" mtu "$MTU"; then warn "Failed to set MTU size to $MTU." && MTU="0" warn "Failed to set MTU size to $MTU." fi fi Loading Loading @@ -107,41 +114,66 @@ configureDHCP() { configureDNS() { local if="$1" local ip="$2" local mac="$3" local host="$4" local mask="$5" local gateway="$6" [[ "${DNSMASQ_DISABLE:-}" == [Yy1]* ]] && return 0 [[ "$DEBUG" == [Yy1]* ]] && echo "Starting dnsmasq daemon..." local log="/var/log/dnsmasq.log" rm -f "$log" case "${NETWORK,,}" in "nat" | "tap" | "tun" | "tuntap" | "y" ) # Create lease file for faster resolve echo "0 $VM_NET_MAC $VM_NET_IP $VM_NET_HOST 01:$VM_NET_MAC" > /var/lib/misc/dnsmasq.leases echo "0 $mac $ip $host 01:$mac" > /var/lib/misc/dnsmasq.leases chmod 644 /var/lib/misc/dnsmasq.leases # dnsmasq configuration: DNSMASQ_OPTS+=" --dhcp-authoritative" # Set DHCP range and host DNSMASQ_OPTS+=" --dhcp-range=$VM_NET_IP,$VM_NET_IP" DNSMASQ_OPTS+=" --dhcp-host=$VM_NET_MAC,,$VM_NET_IP,$VM_NET_HOST,infinite" DNSMASQ_OPTS+=" --dhcp-range=$ip,$ip" DNSMASQ_OPTS+=" --dhcp-host=$mac,,$ip,$host,infinite" # Set DNS server and gateway DNSMASQ_OPTS+=" --dhcp-option=option:netmask,255.255.255.0" DNSMASQ_OPTS+=" --dhcp-option=option:router,${VM_NET_IP%.*}.1" DNSMASQ_OPTS+=" --dhcp-option=option:dns-server,${VM_NET_IP%.*}.1" DNSMASQ_OPTS+=" --dhcp-option=option:netmask,$mask" DNSMASQ_OPTS+=" --dhcp-option=option:router,$gateway" DNSMASQ_OPTS+=" --dhcp-option=option:dns-server,$gateway" esac # Set interfaces DNSMASQ_OPTS+=" --interface=$if" DNSMASQ_OPTS+=" --bind-interfaces" # Add DNS entry for container DNSMASQ_OPTS+=" --address=/host.lan/${VM_NET_IP%.*}.1" DNSMASQ_OPTS+=" --address=/host.lan/$gateway" # Set local dns resolver to dnsmasq when needed [ -f /etc/resolv.dnsmasq ] && DNSMASQ_OPTS+=" --resolv-file=/etc/resolv.dnsmasq" # Enable logging to file DNSMASQ_OPTS+=" --log-facility=$log" DNSMASQ_OPTS=$(echo "$DNSMASQ_OPTS" | sed 's/\t/ /g' | tr -s ' ' | sed 's/^ *//') [[ "$DEBUG" == [Yy1]* ]] && echo "Starting Dnsmasq daemon..." [[ "$DEBUG" == [Yy1]* ]] && printf "Dnsmasq arguments:\n\n%s\n\n" "${DNSMASQ_OPTS// -/$'\n-'}" if ! $DNSMASQ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}; then local msg="Failed to start Dnsmasq, reason: $?" [ -f "$log" ] && cat "$log" error "$msg" return 1 fi if [[ "${DEBUG_DNS:-}" == [Yy1]* ]]; then if [[ "$DNSMASQ_DEBUG" == [Yy1]* ]]; then tail -fn +0 "$log" & fi Loading Loading @@ -183,40 +215,130 @@ getUserPorts() { getHostPorts() { local list="$1" list=$(echo "${list// /}" | sed 's/,*$//g') [ -z "$list" ] && list="$MON_PORT" || list+=",$MON_PORT" [ -z "$list" ] && echo "" && return 0 if [[ "$list" != *","* ]]; then echo " ! --dport $list" else echo " -m multiport ! --dports $list" if [[ "${NETWORK,,}" == "passt" ]]; then local DNS_PORT="53" if [[ "${DNSMASQ_DISABLE:-}" != [Yy1]* ]]; then [ -z "$list" ] && list="$DNS_PORT" || list+=",$DNS_PORT" fi [ -z "$list" ] && list="$COM_PORT" || list+=",$COM_PORT" [ -z "$list" ] && list="$CHR_PORT" || list+=",$CHR_PORT" fi echo "$list" return 0 } configureUser() { configureSlirp() { [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring SLIRP networking..." [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring slirp networking..." if [ -z "$IP6" ]; then NET_OPTS="-netdev user,id=hostnet0,host=${VM_NET_IP%.*}.1,net=${VM_NET_IP%.*}.0/24,dhcpstart=$VM_NET_IP,hostname=$VM_NET_HOST" else NET_OPTS="-netdev user,id=hostnet0,ipv4=on,host=${VM_NET_IP%.*}.1,net=${VM_NET_IP%.*}.0/24,dhcpstart=$VM_NET_IP,ipv6=on,hostname=$VM_NET_HOST" fi local ip="$IP" [ -n "$VM_NET_IP" ] && ip="$VM_NET_IP" local base="${ip%.*}." [ "${ip/$base/}" -lt "4" ] && ip="${ip%.*}.4" local gateway="${ip%.*}.1" local ipv6="" [ -n "$IP6" ] && ipv6="ipv6=on," NET_OPTS="-netdev user,id=hostnet0,ipv4=on,host=$gateway,net=${gateway%.*}.0/24,dhcpstart=$ip,${ipv6}hostname=$VM_NET_HOST" local forward forward=$(getUserPorts "$USER_PORTS") forward=$(getUserPorts "${USER_PORTS:-}") [ -n "$forward" ] && NET_OPTS+=",$forward" if [[ "${DNSMASQ_DISABLE:-}" != [Yy1]* ]]; then cp /etc/resolv.conf /etc/resolv.dnsmasq echo -e "nameserver 127.0.0.1\nsearch .\noptions ndots:0" >/etc/resolv.conf configureDNS "lo" "$ip" "$VM_NET_MAC" "$VM_NET_HOST" "$VM_NET_MASK" "$gateway" || return 1 fi VM_NET_IP="$ip" return 0 } configurePasst() { [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring user-mode networking..." local log="/var/log/passt.log" rm -f "$log" local pid="/var/run/dnsmasq.pid" [ -s "$pid" ] && pKill "$(<"$pid")" local ip="$IP" [ -n "$VM_NET_IP" ] && ip="$VM_NET_IP" local gateway="" if [[ "$ip" != *".1" ]]; then gateway="${ip%.*}.1" else gateway="${ip%.*}.2" fi # passt configuration: [ -z "$IP6" ] && PASST_OPTS+=" -4" PASST_OPTS+=" -a $ip" PASST_OPTS+=" -g $gateway" PASST_OPTS+=" -n $VM_NET_MASK" exclude=$(getHostPorts "$HOST_PORTS") if [ -z "$exclude" ]; then exclude="all" else exclude="~${exclude//,/,~}" fi PASST_OPTS+=" -t $exclude" PASST_OPTS+=" -u $exclude" PASST_OPTS+=" -H $VM_NET_HOST" PASST_OPTS+=" -M $VM_NET_MAC" PASST_OPTS+=" -P /var/run/passt.pid" PASST_OPTS+=" -l $log" PASST_OPTS+=" -q" if [[ "${DNSMASQ_DISABLE:-}" != [Yy1]* ]]; then cp /etc/resolv.conf /etc/resolv.dnsmasq echo -e "nameserver 127.0.0.1\nsearch .\noptions ndots:0" >/etc/resolv.conf fi PASST_OPTS=$(echo "$PASST_OPTS" | sed 's/\t/ /g' | tr -s ' ' | sed 's/^ *//') [[ "$DEBUG" == [Yy1]* ]] && printf "Passt arguments:\n\n%s\n\n" "${PASST_OPTS// -/$'\n-'}" if ! $PASST ${PASST_OPTS:+ $PASST_OPTS}; then local msg="Failed to start passt, reason: $?" [ -f "$log" ] && cat "$log" error "$msg" return 1 fi if [[ "$PASST_DEBUG" == [Yy1]* ]]; then tail -fn +0 "$log" & fi NET_OPTS="-netdev stream,id=hostnet0,server=off,addr.type=unix,addr.path=/tmp/passt_1.socket" configureDNS "lo" "$ip" "$VM_NET_MAC" "$VM_NET_HOST" "$VM_NET_MASK" "$gateway" || return 1 VM_NET_IP="$ip" return 0 } configureNAT() { local tuntap="TUN device is missing. $ADD_ERR --device /dev/net/tun" local tables="The 'ip_tables' kernel module is not loaded. Try this command: sudo modprobe ip_tables iptable_nat" local tables="the 'ip_tables' kernel module is not loaded. Try this command: sudo modprobe ip_tables iptable_nat" [[ "$DEBUG" == [Yy1]* ]] && echo "Configuring NAT networking..." Loading @@ -230,50 +352,59 @@ configureNAT() { fi if [ ! -c /dev/net/tun ]; then error "$tuntap" && return 1 warn "$tuntap" && return 1 fi # Check port forwarding flag if [[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]]; then { sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1; rc=$?; } || : if (( rc != 0 )) || [[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]]; then [[ "$PODMAN" == [Yy1]* ]] && return 1 error "IP forwarding is disabled. $ADD_ERR --sysctl net.ipv4.ip_forward=1" warn "IP forwarding is disabled. $ADD_ERR --sysctl net.ipv4.ip_forward=1" return 1 fi fi local ip="172.30.0.2" [ -n "$VM_NET_IP" ] && ip="$VM_NET_IP" local gateway="" if [[ "$ip" != *".1" ]]; then gateway="${ip%.*}.1" else gateway="${ip%.*}.2" fi # Create a bridge with a static IP for the VM guest { ip link add dev dockerbridge type bridge ; rc=$?; } || : { ip link add dev "$VM_NET_BRIDGE" type bridge ; rc=$?; } || : if (( rc != 0 )); then error "Failed to create bridge. $ADD_ERR --cap-add NET_ADMIN" && return 1 warn "failed to create bridge. $ADD_ERR --cap-add NET_ADMIN" && return 1 fi if ! ip address add "${VM_NET_IP%.*}.1/24" broadcast "${VM_NET_IP%.*}.255" dev dockerbridge; then error "Failed to add IP address pool!" && return 1 if ! ip address add "$gateway/24" broadcast "${ip%.*}.255" dev "$VM_NET_BRIDGE"; then warn "failed to add IP address pool!" && return 1 fi while ! ip link set dockerbridge up; do while ! ip link set "$VM_NET_BRIDGE" up; do info "Waiting for IP address to become available..." sleep 2 done # QEMU Works with taps, set tap to the bridge created if ! ip tuntap add dev "$VM_NET_TAP" mode tap; then error "$tuntap" && return 1 warn "$tuntap" && return 1 fi if [[ "$MTU" != "0" && "$MTU" != "1500" ]]; then if ! ip link set dev "$VM_NET_TAP" mtu "$MTU"; then warn "Failed to set MTU size to $MTU." && MTU="0" warn "failed to set MTU size to $MTU." fi fi GATEWAY_MAC=$(echo "$VM_NET_MAC" | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/') if ! ip link set dev "$VM_NET_TAP" address "$GATEWAY_MAC"; then warn "Failed to set gateway MAC address.." warn "failed to set gateway MAC address.." fi while ! ip link set "$VM_NET_TAP" up promisc on; do Loading @@ -281,27 +412,39 @@ configureNAT() { sleep 2 done if ! ip link set dev "$VM_NET_TAP" master dockerbridge; then error "Failed to set IP link!" && return 1 if ! ip link set dev "$VM_NET_TAP" master "$VM_NET_BRIDGE"; then warn "failed to set master bridge!" && return 1 fi # Add internet connection to the VM if grep -wq "nf_tables" /proc/modules; then update-alternatives --set iptables /usr/sbin/iptables-nft > /dev/null update-alternatives --set ip6tables /usr/sbin/ip6tables-nft > /dev/null else update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null fi exclude=$(getHostPorts "$HOST_PORTS") if [ -n "$exclude" ]; then if [[ "$exclude" != *","* ]]; then exclude=" ! --dport $exclude" else exclude=" -m multiport ! --dports $exclude" fi fi if ! iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE; then error "$tables" && return 1 warn "$tables" && return 1 fi # shellcheck disable=SC2086 if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp${exclude} -j DNAT --to "$VM_NET_IP"; then error "Failed to configure IP tables!" && return 1 if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp${exclude} -j DNAT --to "$ip"; then warn "failed to configure IP tables!" && return 1 fi if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p udp -j DNAT --to "$VM_NET_IP"; then error "Failed to configure IP tables!" && return 1 if ! iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p udp -j DNAT --to "$ip"; then warn "failed to configure IP tables!" && return 1 fi if (( KERNEL > 4 )); then Loading @@ -318,8 +461,9 @@ configureNAT() { NET_OPTS+=",script=no,downscript=no" configureDNS || return 1 configureDNS "$VM_NET_BRIDGE" "$ip" "$VM_NET_MAC" "$VM_NET_HOST" "$VM_NET_MASK" "$gateway" || return 1 VM_NET_IP="$ip" return 0 } Loading @@ -327,14 +471,21 @@ closeBridge() { local pid="/var/run/dnsmasq.pid" [ -s "$pid" ] && pKill "$(<"$pid")" rm -f "$pid" [[ "${NETWORK,,}" == "user"* ]] && return 0 pid="/var/run/passt.pid" [ -s "$pid" ] && pKill "$(<"$pid")" rm -f "$pid" case "${NETWORK,,}" in "user"* | "passt" | "slirp" ) return 0 ;; esac ip link set "$VM_NET_TAP" down promisc off &> null || true ip link delete "$VM_NET_TAP" &> null || true ip link set dockerbridge down &> null || true ip link delete dockerbridge &> null || true ip link set "$VM_NET_BRIDGE" down &> null || true ip link delete "$VM_NET_BRIDGE" &> null || true return 0 } Loading Loading @@ -367,6 +518,21 @@ closeNetwork() { return 0 } cleanUp() { # Clean up old files rm -f /etc/resolv.dnsmasq rm -f /var/run/passt.pid rm -f /var/run/dnsmasq.pid if [[ -d "/sys/class/net/$VM_NET_TAP" ]]; then info "Lingering interface will be removed..." ip link delete "$VM_NET_TAP" || true fi return 0 } checkOS() { local kernel Loading Loading @@ -407,18 +573,31 @@ getInfo() { error "$ADD_ERR -e \"VM_NET_DEV=NAME\" to specify another interface name." && exit 26 fi GATEWAY=$(ip route list dev "$VM_NET_DEV" | awk ' /^default/ {print $3}' | head -n 1) IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/ | head -n 1) IP6="" # shellcheck disable=SC2143 if [ -f /proc/net/if_inet6 ] && [ -n "$(ifconfig -a | grep inet6)" ]; then IP6=$(ip -6 addr show dev "$VM_NET_DEV" scope global up) [ -n "$IP6" ] && IP6=$(echo "$IP6" | sed -e's/^.*inet6 \([^ ]*\)\/.*$/\1/;t;d' | head -n 1) fi local result nic bus result=$(ethtool -i "$VM_NET_DEV") nic=$(grep -m 1 -i 'driver:' <<< "$result" | awk '{print $(2)}') bus=$(grep -m 1 -i 'bus-info:' <<< "$result" | awk '{print $(2)}') if [[ "${bus,,}" != "" && "${bus,,}" != "n/a" && "${bus,,}" != "tap" ]]; then [[ "$DEBUG" == [Yy1]* ]] && info "Detected BUS: $bus" if [[ "${bus,,}" != "" && "${bus,,}" != "n/a" && "${bus,,}" != "tap" ]]; then [[ "$DEBUG" == [Yy1]* ]] && info "Detected BUS: $bus" error "This container does not support host mode networking!" exit 29 fi if [[ "$DHCP" == [Yy1]* ]]; then checkOS if [[ "${nic,,}" == "ipvlan" ]]; then error "This container does not support IPVLAN networking when DHCP=Y." exit 29 Loading @@ -430,16 +609,26 @@ getInfo() { exit 29 fi else if [[ "$IP" != "172."* && "$IP" != "10.8"* && "$IP" != "10.9"* ]]; then checkOS fi fi BASE_IP="${VM_NET_IP%.*}." local mtu="" if [ "${VM_NET_IP/$BASE_IP/}" -lt "3" ]; then error "Invalid VM_NET_IP, must end in a higher number than .3" && exit 27 if [ -f "/sys/class/net/$VM_NET_DEV/mtu" ]; then mtu=$(< "/sys/class/net/$VM_NET_DEV/mtu") fi if [ -z "$MTU" ]; then MTU=$(cat "/sys/class/net/$VM_NET_DEV/mtu") [ -z "$MTU" ] && MTU="$mtu" [ -z "$MTU" ] && MTU="0" if [ "$MTU" -gt "1500" ]; then [[ "$DEBUG" == [Yy1]* ]] && echo "MTU size is too large: $MTU, ignoring..." MTU="0" fi if [[ "${ADAPTER,,}" != "virtio-net-pci" ]]; then Loading Loading @@ -471,19 +660,25 @@ getInfo() { error "Invalid MAC address: '$VM_NET_MAC', should be 12 or 17 digits long!" && exit 28 fi GATEWAY=$(ip route list dev "$VM_NET_DEV" | awk ' /^default/ {print $3}' | head -n 1) IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/ | head -n 1) if [[ "$PODMAN" == [Yy1]* && "$DHCP" != [Yy1]* ]]; then if [ -z "$NETWORK" ] || [[ "${NETWORK^^}" == "Y" ]]; then # By default Podman has no permissions for NAT networking NETWORK="user" fi fi IP6="" # shellcheck disable=SC2143 if [ -f /proc/net/if_inet6 ] && [ -n "$(ifconfig -a | grep inet6)" ]; then IP6=$(ip -6 addr show dev "$VM_NET_DEV" scope global up) [ -n "$IP6" ] && IP6=$(echo "$IP6" | sed -e's/^.*inet6 \([^ ]*\)\/.*$/\1/;t;d' | head -n 1) if [[ "$DEBUG" == [Yy1]* ]]; then line="Host: $HOST IP: $IP Gateway: $GATEWAY Interface: $VM_NET_DEV MAC: $VM_NET_MAC MTU: $mtu" [[ "$MTU" != "0" && "$MTU" != "$mtu" ]] && line+=" ($MTU)" info "$line" if [ -f /etc/resolv.conf ]; then nameservers=$(grep '^nameserver*' /etc/resolv.conf | head -c -1 | sed 's/nameserver //g;' | sed -z 's/\n/, /g') [ -n "$nameservers" ] && info "Nameservers: $nameservers" fi echo fi [ -f "/run/.containerenv" ] && PODMAN="Y" || PODMAN="N" echo "$IP" > /run/shm/qemu.ip return 0 } Loading @@ -496,39 +691,19 @@ if [[ "$NETWORK" == [Nn]* ]]; then return 0 fi [[ "$DEBUG" == [Yy1]* ]] && echo "Retrieving network information..." msg="Initializing network..." html "$msg" [[ "$DEBUG" == [Yy1]* ]] && echo "$msg" getInfo html "Initializing network..." if [[ "$DEBUG" == [Yy1]* ]]; then mtu=$(cat "/sys/class/net/$VM_NET_DEV/mtu") line="Host: $HOST IP: $IP Gateway: $GATEWAY Interface: $VM_NET_DEV MAC: $VM_NET_MAC MTU: $mtu" [[ "$MTU" != "0" && "$MTU" != "$mtu" ]] && line+=" ($MTU)" info "$line" if [ -f /etc/resolv.conf ]; then nameservers=$(grep '^nameserver*' /etc/resolv.conf | head -c -1 | sed 's/nameserver //g;' | sed -z 's/\n/, /g') [ -n "$nameservers" ] && info "Nameservers: $nameservers" fi echo fi cleanUp if [[ "$IP" == "172.17."* ]]; then warn "your container IP starts with 172.17.* which will cause conflicts when you install the Container Manager package inside DSM!" fi # Clean up old files rm -f /var/run/dnsmasq.pid if [[ -d "/sys/class/net/$VM_NET_TAP" ]]; then info "Lingering interface will be removed..." ip link delete "$VM_NET_TAP" || true fi if [[ "$DHCP" == [Yy1]* ]]; then checkOS # Configure for macvtap interface configureDHCP || exit 20 Loading @@ -537,10 +712,6 @@ if [[ "$DHCP" == [Yy1]* ]]; then else if [[ "$IP" != "172."* && "$IP" != "10.8"* && "$IP" != "10.9"* ]]; then checkOS fi if [[ "${WEB:-}" != [Nn]* ]]; then # Shutdown nginx Loading @@ -549,33 +720,50 @@ else fi if [[ "${NETWORK,,}" != "user"* ]]; then case "${NETWORK,,}" in "user"* | "passt" | "slirp" ) ;; "nat" | "tap" | "tun" | "tuntap" | "y" ) # Configure for tap interface # Configure tap interface if ! configureNAT; then closeBridge NETWORK="user" msg="falling back to user-mode networking!" if [[ "$PODMAN" != [Yy1]* ]]; then msg="an error occured, $msg" else msg="podman detected, $msg" fi warn "$msg" [ -z "$USER_PORTS" ] && info "Notice: when you want to expose ports in this mode, map them using this variable: \"USER_PORTS=5000,5001\"." msg="failed to setup NAT networking, $msg" fi fi ;; fi esac if [[ "${NETWORK,,}" == "user"* ]]; then [[ "${NETWORK,,}" == "user"* ]] && NETWORK="passt" # Configure for user-mode networking (slirp) configureUser || exit 24 case "${NETWORK,,}" in "nat" | "tap" | "tun" | "tuntap" | "y" ) ;; "passt" ) # Configure for user-mode networking (passt) if ! configurePasst; then error "Failed to configure user-mode networking!" exit 24 fi ;; "slirp" ) # Configure for user-mode networking (slirp) if ! configureSlirp; then error "Failed to configure user-mode networking!" exit 24 fi if [ -z "$USER_PORTS" ]; then info "Notice: slirp networking is active, so when you want to expose ports, you will need to map them using this variable: \"USER_PORTS=5000,5001\"." fi ;; *) error "Unrecognized NETWORK value: \"$NETWORK\"" && exit 24 ;; esac fi NET_OPTS+=" -device $ADAPTER,id=net0,netdev=hostnet0,romfile=,mac=$VM_NET_MAC" Loading
src/power.sh +1 −1 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ set -Eeuo pipefail # Configure QEMU for graceful shutdown API_CMD=6 API_HOST="127.0.0.1:2210" API_HOST="127.0.0.1:$COM_PORT" QEMU_TERM="" QEMU_DIR="/run/shm" Loading
src/print.sh +1 −1 Original line number Diff line number Diff line Loading @@ -15,7 +15,7 @@ page="/run/shm/index.html" address="/run/shm/qemu.ip" shutdown="/run/shm/qemu.end" template="/var/www/index.html" url="http://127.0.0.1:2210/read?command=10" url="http://127.0.0.1:$COM_PORT/read?command=10" resp_err="Guest returned an invalid response:" curl_err="Failed to connect to guest: curl error" Loading
