3 from invirt.config import structs as cfg
4 host_port = cfg.vnc.base_port
5 server_port = host_port
9 :PREROUTING ACCEPT [5:300]
10 :POSTROUTING ACCEPT [8:674]
11 :OUTPUT ACCEPT [8:674]
13 -A PREROUTING -s ! ${h.ip} -i eth0 -p tcp -m tcp --dport ${server_port} -j DNAT --to-destination ${h.ip}:${host_port}
14 -A POSTROUTING -d ${h.ip} -o eth0 -p tcp -m tcp --dport ${host_port} -j SNAT --to-source ${cfg.vnc.proxy_ip}
15 <% server_port += 1 %>\
20 :INPUT ACCEPT [366:44912]
22 :OUTPUT ACCEPT [292:53151]
24 -A FORWARD -d ${h.ip} -i eth0 -o eth0 -p tcp -m tcp --dport ${host_port} -j ACCEPT