Add iptables rule creation in noVNC launch script

[suryansh1]

Functional Requirements

For launching a standalone VM by booting an img file directly, we need to allocate a port on the webserver for accessing the VM. Traffic needs to be allowed to this webserver port by adding an iptables rules to do so.

/home//sahil/iptables.rules is the script in dev where we need to add the iptables rule.

Example # Allowing port 1337 for testing standalone VM kali-test iptables -A INPUT -m conntrack --ctstate NEW,ESTABLISHED,RELATED -p tcp --dport 1337 -j ACCEPT

To automate this step, the following needs to be done

1) Add this rule in /var/www/noVNC-0.6.2/utils/launch.sh

2) Undo this rule when a ctrl+C input is received to terminate this script, ensuring traffic to the chosen port is no longer allowed

3) Update the guide's step 4, removing the manual step. /var/www/noVNC-0.6.2/utils/launch.sh

[sahiilll]

The script should also include conditional check if there is already a rule for the port or not.

[ In case if some one else is spinning the machine on the same port, port might not be available to spin new machine and it also adds double rule to the iptables. ]

iptables -C INPUT -m conntrack --ctstate NEW,ESTABLISHED,RELATED -p tcp --dport 1337 -j ACCEPT if [ $(echo $?) == '1' ] && [ $requires_internet = 'f' ] then echo "Rule Added" iptables -I FORWARD 2 -i bond0.$vlan -s 10.$vlan.1.0/24 -j REJECT else echo "No need to add the rule" fi

This would do the job