From 91454b6ebb9f1206f0f04450d320c40fee797690 Mon Sep 17 00:00:00 2001
From: Eugene Yakubovich <eugene.yakubovich@coreos.com>
Date: Mon, 13 Jul 2015 15:41:02 -0700
Subject: [PATCH] enable net.ipv4.ip_forward in plugins that need it

---
 pkg/ip/ipforward.go           | 31 +++++++++++++++++++++++++++++++
 plugins/main/bridge/bridge.go |  4 ++++
 plugins/main/veth/veth.go     |  4 ++++
 3 files changed, 39 insertions(+)
 create mode 100644 pkg/ip/ipforward.go

diff --git a/pkg/ip/ipforward.go b/pkg/ip/ipforward.go
new file mode 100644
index 00000000..0a1ca252
--- /dev/null
+++ b/pkg/ip/ipforward.go
@@ -0,0 +1,31 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package ip
+
+import (
+	"io/ioutil"
+)
+
+func EnableIP4Forward() error {
+	return echo1("/proc/sys/net/ipv4/ip_forward")
+}
+
+func EnableIP6Forward() error {
+	return echo1("/proc/sys/net/ipv6/conf/all/forwarding")
+}
+
+func echo1(f string) error {
+	return ioutil.WriteFile(f, []byte("1"), 0644)
+}
diff --git a/plugins/main/bridge/bridge.go b/plugins/main/bridge/bridge.go
index dbc48b1a..e65e08e4 100644
--- a/plugins/main/bridge/bridge.go
+++ b/plugins/main/bridge/bridge.go
@@ -212,6 +212,10 @@ func cmdAdd(args *skel.CmdArgs) error {
 		if err = ensureBridgeAddr(br, gwn); err != nil {
 			return err
 		}
+
+		if err := ip.EnableIP4Forward(); err != nil {
+			return fmt.Errorf("failed to enable forwarding: %v", err)
+		}
 	}
 
 	if n.IPMasq {
diff --git a/plugins/main/veth/veth.go b/plugins/main/veth/veth.go
index 5d343932..58a0396e 100644
--- a/plugins/main/veth/veth.go
+++ b/plugins/main/veth/veth.go
@@ -95,6 +95,10 @@ func cmdAdd(args *skel.CmdArgs) error {
 		return fmt.Errorf("failed to load netconf: %v", err)
 	}
 
+	if err := ip.EnableIP4Forward(); err != nil {
+		return fmt.Errorf("failed to enable forwarding: %v", err)
+	}
+
 	// run the IPAM plugin and get back the config to apply
 	result, err := plugin.ExecAdd(conf.IPAM.Type, args.StdinData)
 	if err != nil {