#!/bin/bash set -e # Start libvirt and virtlogd services echo "Starting libvirt and virtlogd daemons..." /usr/sbin/libvirtd -d /usr/sbin/virtlogd -d sleep 2 # Give daemons a moment to start # Change to the Vagrant project directory cd /opt/win10 || exit # Bring up the VM. This command is idempotent. echo "Bringing up the VM..." vagrant up # Get the VM IP address using virsh echo "Fetching VM IP address..." DOMAIN_NAME="win10_default" # It can take a while for the guest agent to report the IP address. # We will retry a few times. VM_IP="" for i in {1..12}; do # Retry for 2 minutes (12 * 10s) # The output of domifaddr can be multiline, we are interested in ipv4 # The output looks like: # Name MAC address Protocol Address # ------------------------------------------------------------------------------- # vnet1 52:54:00:ab:cd:ef ipv4 192.168.121.44/24 VM_IP=$(virsh domifaddr "$DOMAIN_NAME" 2>/dev/null | grep ipv4 | awk '{print $4}' | cut -d'/' -f1) if [ -n "$VM_IP" ]; then echo "VM IP Address found: $VM_IP" break fi echo "Waiting for VM to get an IP address... (attempt $i/12)" sleep 10 done if [ -z "$VM_IP" ]; then echo "Fatal: Failed to get VM IP address after multiple retries." exit 1 fi echo "Windows VM IP Address: $VM_IP" # On the Docker HOST, add a rule to the DOCKER-USER chain to allow # incoming RDP traffic to be forwarded to the container. # This is the correct way to allow traffic when the FORWARD policy is DROP. echo "Allowing RDP forwarding on the Docker host..." iptables -I DOCKER-USER -p tcp --dport 33890 -j ACCEPT # Inside the container, configure iptables for RDP port forwarding to the VM echo "Configuring iptables for RDP..." iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination "$VM_IP":3389 iptables -t nat -A POSTROUTING -j MASQUERADE echo "Port forwarding rule added." echo "RDP connections to this container on port 3389 will be forwarded to the Windows VM." # Keep the container running echo "Container is running. Use 'docker exec' to access it." tail -f /dev/null