cot icon indicating copy to clipboard operation
cot copied to clipboard

Published 20 hours ago verified publisher icon glennmatthews

Edit network port forward rules

Open HeroCC opened this issue 5 years ago • 4 comments
trafficstars

Hello! I'd like to be able to manipulate port forwarding rules on an OVF I have. However, I don't see a way to do it through cot, is this something that can be added? Or is there already a way to do it? The forward doesn't show up in cot info. This can be accomplished with VBoxManage, but the system I'm running the build on doesn't have virtualbox installed, and there doesn't appear to be a direct download for just the manage utility. When I export an OVA with forwarded ports on virtualbox, the network area looks something like this:

  <ovf:NetworkSection>
    <ovf:Info>Logical networks used in the package</ovf:Info>
    <ovf:Network ovf:name="NAT">
      <ovf:Description>Logical network used by this appliance.</ovf:Description>
    </ovf:Network>
  </ovf:NetworkSection>
...
        <ovf:Network>
          <ovf:Adapter slot="0" enabled="true" MACAddress="<snip>" type="82540EM">
            <ovf:DisabledModes>
              <ovf:BridgedInterface name="<snip>" />
              <ovf:InternalNetwork name="intnet" />
              <ovf:NATNetwork name="NatNetwork" />
            </ovf:DisabledModes>
            <ovf:NAT>
              <ovf:Forwarding name="Rule 1" proto="1" hostport="9080" guestport="9080" />
            </ovf:NAT>
          </ovf:Adapter>
        </ovf:Network>

HeroCC avatar Jul 06 '20 13:07 HeroCC

Hi! When last I looked into the OVF files exported from VirtualBox, the XML that you're referencing above was encapsulated in the VirtualBox-specific vbox:Machine section in the XML; I'm not sure if that's changed in newer VirtualBox versions, but in any case despite their use of the ovf XML namespace, the above elements are not part of the OVF standard but are in fact VirtualBox-specific extensions.

I've tried to keep COT agnostic of the various vendor-specific extensions of the specification so far, but if you can specify the exact functionality that you'd like to have here for processing a VirtualBox-specific OVF, I'm willing to consider adding it - i.e., what information would you like to appear in cot info? What would be the arguments and behavior you'd like to see for a new cot edit-vbox-port-forwarding (?) command?

Thanks!

glennmatthews avatar Jul 06 '20 15:07 glennmatthews

That would be great! Or if you're uncomfortable with adding non-generic utilities to COT, maybe a plugin / addon or a separate python program that uses the cot API? I'm no expert when it comes to this, whatever you're most happy with.

You're right, I checked, both 1.0 and 2.0 exports have the forward inside the vbox:Machine namespace. If you were to add the functionality, in info I'd like to see the name, host port and guest port, type (TCP or UDP), and if they are specified, the IP bindings (guest and host). For the edit command, I'd like to be able to edit all of those fields, as well as add and delete. Essentially, a replication of the functionality in the GUI. This is only available when using the NAT type network. image

Here's my attempt at syntax, though I'm in no way married to this exact format if you have any other suggestions:

$ cot help edit-vbox-port-forwarding
usage:
  cot edit-vbox-port-forwarding --help

Edit VirtualBox Port Forwarding Rules

positional arguments:
  PACKAGE               OVF descriptor or OVA file to edit

general options:
  -h, --help            Show this help message and exit
  -o OUTPUT, --output OUTPUT
                        Name/path of new OVF/OVA package to create instead of updating the existing OVF

  -n 'Rule Name', --rule 'Rule Name'
                        Select which rule we will be modifying.
  -d, --delete
                        Delete the specified rule. Ignores other args
  -p (TCP/UDP), --protocol
                        Specify which protocol to forward
  -gp (1...65300), --guest-port
                        Specify which port to expose from the guest
  -gip (IP_ADDRESS), --guest-ip
                        Specify which IP to bind from the guest
  -hp (1...65300), --host-port
                        Specify which port to expose on the host
  -hip (IP_ADDRESS), --host-ip
                        Which IP to bind to on the host
  --delete-all-rules
                        Delete all forwarding rules

HeroCC avatar Jul 06 '20 16:07 HeroCC

If it helps at all, here's what it looks like when exported as OVF v2, with the hostip and guestip set.

        <Network>
          <Adapter slot="0" enabled="true" MACAddress="<snip>" type="82540EM">
            <DisabledModes>
              <BridgedInterface name="<snip>"/>
              <InternalNetwork name="intnet"/>
              <NATNetwork name="NatNetwork"/>
            </DisabledModes>
            <NAT>
              <Forwarding name="Rule 1" proto="1" hostip="0.0.0.0" hostport="9080" guestip="1.1.1.1" guestport="9080"/>
            </NAT>
          </Adapter>
        </Network>

HeroCC avatar Jul 07 '20 14:07 HeroCC

I ended up finding a way around this -- I ran a docker container with virtualbox, imported the file, used VBoxManage to tweak the vm, and exported it. Feel free to close this ticket if you're not interested in implementing this anymore, thank your for considering it in the first place!

HeroCC avatar Jul 19 '20 00:07 HeroCC