This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # You must have sudo ability on your machine | |
| machine=$1 | |
| if [ -z $machine ]; then | |
| echo "usage $0 {machine_name}" | |
| exit | |
| fi | |
| docker-machine ls | grep ${machine} | |
| if [ $? == 1 ]; then | |
| echo "${machine} is not a docker-machine" | |
| exit 1 | |
| fi | |
| dm_ip=`docker-machine ip ${machine} | awk -F. '{print $1"."$2"."$3}'` | |
| fwrule=`sudo ipfw -a list | grep "deny ip from any to any"` | |
| fwrule_id=`echo $fwrule | awk '{ print $1 }'` | |
| if [ "$fwrule" != "" ]; then | |
| echo "Found blocking firewall rule: $(tput setaf 1)${fwrule}$(tput sgr0)" | |
| printf "Deleting rule ${fwrule_id} ... " | |
| sudo ipfw delete ${fwrule_id} | |
| if [ $? == 0 ]; then | |
| echo "$(tput setaf 2)[OK]$(tput sgr0)" | |
| else | |
| echo "$(tput setaf 1)[FAIL]$(tput sgr0)" | |
| exit 1 | |
| fi | |
| else | |
| echo "No rules found. You are good to go" | |
| fi | |
| docker_interface=$(VBoxManage showvminfo ${machine} | grep -o -E 'vboxnet\d\d?') | |
| if [ -z "${docker_interface}" ]; then | |
| echo "No docker VM found!" | |
| exit 1 | |
| else | |
| echo "Found docker interface at $(tput setaf 1)${docker_interface}$(tput sgr0). Changing routes ..." | |
| current_route=$(sudo netstat -rn | grep ${dm_ip}) | |
| if [ -z "${current_route}" ]; then | |
| # no route, let's add it! | |
| sudo route -nv add -net ${dm_ip} -interface ${docker_interface} | |
| else | |
| sudo route -nv change -net ${dm_ip} -interface ${docker_interface} | |
| fi | |
| if [ $? == 0 ]; then | |
| echo "$(tput setaf 2)[OK]$(tput sgr0)" | |
| else | |
| echo "$(tput setaf 1)[FAIL]$(tput sgr0)" | |
| exit 1 | |
| fi | |
| fi |
@tony-garcia, I had similar output to yours when I ran this script with sudo. When running as my normal account, without sudo, it appeared to work fine.
On my OS X 10.10.5 machine with Junos Pulse Secure, I had to remove and add routes for the entire /24 IP range. I also added some checks to see if ipfw exists since it's been replaced with pf. My version of this script doesn't currently support removal of pf rules, but I may add that in later. LINK TO GIST
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for writing this script. However I'm it's not helping me with using docker-machine and Cisco Anyconnect. When I use this script with the instructions you provided here:
boot2docker/boot2docker#392 (comment)
I get this:
time="2015-04-06T19:09:47-04:00" level="error" msg="error getting state for host dockervm: machine does not exist"
time="2015-04-06T19:09:47-04:00" level="error" msg="error getting URL for host dockervm: machine does not exist"
dockervm * virtualbox Error
No rules found. You are good to go
VBoxManage: error: Could not find a registered machine named 'dockervm'
VBoxManage: error: Details: code VBOX_E_OBJECT_NOT_FOUND (0x80bb0001), component VirtualBox, interface IVirtualBox, callee nsISupports
VBoxManage: error: Context: "FindMachine(Bstr(VMNameOrUuid).raw(), machine.asOutParam())" at line 2611 of file VBoxManageInfo.cpp
No docker VM found!
'dockervm' is the name of my virtual machine that I created with docker-machine. For some reason, it seems like it's not being recognized by your script as a valid machine name. Here is some info about my setup:
docker version:
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.4.1
Git commit (client): a8a31ef
OS/Arch (client): darwin/amd64
Server version: 1.5.0
Server API version: 1.17
Go version (server): go1.4.1
Git commit (server): a8a31ef
docker-machine version 0.1.0
MacOS X 10.8.5