ipv6-support: Next iteration * Make ula_prefix a global option * Add preliminary support for NAT (Linux >= 3.7, ip6tables >= 1.4.17) * Minor fixes for prefix fallback
SVN-Revision: 34586
This commit is contained in:
parent
57d853ffc4
commit
a07ddb955f
4 changed files with 136 additions and 36 deletions
|
@ -8,7 +8,7 @@
|
||||||
include $(TOPDIR)/rules.mk
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=ipv6-support
|
PKG_NAME:=ipv6-support
|
||||||
PKG_VERSION:=2012-12-06
|
PKG_VERSION:=2012-12-08
|
||||||
PKG_RELEASE:=1
|
PKG_RELEASE:=1
|
||||||
|
|
||||||
include $(INCLUDE_DIR)/package.mk
|
include $(INCLUDE_DIR)/package.mk
|
||||||
|
|
|
@ -24,14 +24,9 @@ done
|
||||||
|
|
||||||
|
|
||||||
# Enable relaying if requested
|
# Enable relaying if requested
|
||||||
local prefix_fallback
|
local fallback="stop"
|
||||||
config_get prefix_fallback "$network" prefix_fallback
|
[ -z "$PREFIXES" -a "$state" != "unbound" ] && fallback="start"
|
||||||
[ "$prefix_fallback" == "relay" -a -z "$PREFIXES" -a "$state" != "unbound" ] &&
|
setup_prefix_fallback "$fallback" "$network" "$device"
|
||||||
restart_relay "$network" "fallback"
|
|
||||||
|
|
||||||
# Disable relay if requested
|
|
||||||
[ "$prefix_fallback" != "relay" -o -n "$PREFIXES" -o "$state" == "unbound" ] &&
|
|
||||||
restart_relay "$network"
|
|
||||||
|
|
||||||
|
|
||||||
# Operations in case of success
|
# Operations in case of success
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
|
config global global
|
||||||
|
option ula_prefix auto
|
||||||
|
|
||||||
config interface wan
|
config interface wan
|
||||||
option mode dhcpv6
|
option mode dhcpv6
|
||||||
option ula_prefix auto
|
|
||||||
option request_prefix auto
|
option request_prefix auto
|
||||||
option prefix_fallback relay
|
option prefix_fallback relay
|
||||||
option peerdns 1
|
option peerdns 1
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
. /lib/functions/network.sh
|
. /lib/functions/network.sh
|
||||||
|
|
||||||
config_load network6
|
config_load network6
|
||||||
|
local NAT="ip6tables -t nat"
|
||||||
|
|
||||||
conf_get() {
|
conf_get() {
|
||||||
local __return="$1"
|
local __return="$1"
|
||||||
|
@ -67,6 +67,46 @@ resolve_network() {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
setup_masquerading() {
|
||||||
|
local cmd="$1"
|
||||||
|
local chain="network6_masquerade_$2"
|
||||||
|
local device="$3"
|
||||||
|
|
||||||
|
$NAT -D POSTROUTING -j "$chain" 2>/dev/null && {
|
||||||
|
$NAT -F "$chain" 2>/dev/null
|
||||||
|
$NAT -X "$chain" 2>/dev/null
|
||||||
|
}
|
||||||
|
|
||||||
|
[ "$cmd" != "stop" ] && {
|
||||||
|
$NAT -N "$chain"
|
||||||
|
$NAT -A "$chain" -o "$device" -j MASQUERADE
|
||||||
|
$NAT -A POSTROUTING -j "$chain"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
setup_npt_chain() {
|
||||||
|
local cmd="$1"
|
||||||
|
local network="$2"
|
||||||
|
local chain="network6_npt_$network"
|
||||||
|
|
||||||
|
[ "$cmd" != "start" ] && {
|
||||||
|
$NAT -D POSTROUTING -j "$chain" 2>/dev/null && {
|
||||||
|
$NAT -D PREROUTING -j "$chain" 2>/dev/null
|
||||||
|
$NAT -F "$chain" 2>/dev/null
|
||||||
|
$NAT -X "$chain" 2>/dev/null
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
[ "$cmd" != "stop" ] && {
|
||||||
|
$NAT -N "$chain" 2>/dev/null && {
|
||||||
|
$NAT -A PREROUTING -j "$chain"
|
||||||
|
$NAT -A POSTROUTING -j "$chain"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
announce_prefix() {
|
announce_prefix() {
|
||||||
local prefix="$1"
|
local prefix="$1"
|
||||||
local network="$2"
|
local network="$2"
|
||||||
|
@ -84,11 +124,42 @@ announce_prefix() {
|
||||||
valid=$(echo "$rem" | cut -d, -f3)
|
valid=$(echo "$rem" | cut -d, -f3)
|
||||||
}
|
}
|
||||||
|
|
||||||
local msg='{"network": "'"$network"'", "prefix": "'"$addr"'", "length": '"$length"
|
# Get prefix configuration
|
||||||
[ -n "$valid" ] && msg="$msg"', "valid": '"$valid"', "preferred": '"$prefer"
|
local ula=""
|
||||||
[ -z "$cmd" ] && cmd=newprefix
|
local prefix_action=""
|
||||||
|
config_get ula global ula_prefix
|
||||||
|
config_get prefix_action "$network" prefix_action
|
||||||
|
[ -z "$prefix_action" ] && prefix_action="distribute"
|
||||||
|
|
||||||
ubus call 6distributed "$cmd" "$msg}"
|
# Always announce the ULA when doing NPT
|
||||||
|
[ "$prefix" == "$ula" -a "$prefix_action" == "npt" ] && prefix_action="distribute"
|
||||||
|
|
||||||
|
[ "$prefix_action" == "distribute" ] && {
|
||||||
|
local msg='{"network": "'"$network"'", "prefix": "'"$addr"'", "length": '"$length"
|
||||||
|
[ -n "$valid" ] && msg="$msg"', "valid": '"$valid"', "preferred": '"$prefer"
|
||||||
|
[ -z "$cmd" ] && cmd=newprefix
|
||||||
|
|
||||||
|
ubus call 6distributed "$cmd" "$msg}"
|
||||||
|
}
|
||||||
|
|
||||||
|
[ "$prefix_action" == "npt" ] && {
|
||||||
|
local chain="network6_npt_$network"
|
||||||
|
local ula_addr=$(echo "$ula" | cut -d/ -f1)
|
||||||
|
local ula_rem=$(echo "$ula" | cut -d/ -f2)
|
||||||
|
local ula_length=$(echo "$ula_rem" | cut -d, -f1)
|
||||||
|
local device=""
|
||||||
|
|
||||||
|
network_get_device device "$network"
|
||||||
|
[ "$length" -lt "$ula_length" ] && length="$ula_length"
|
||||||
|
[ "$cmd" == "delprefix" ] && cmd="-D $chain" || cmd="-A $chain"
|
||||||
|
|
||||||
|
local in="-i $device -d $addr/$length -j NETMAP --to $ula_addr/$ula_length"
|
||||||
|
local out="-o $device -s $ula_addr/$ula_length -j NETMAP --to $addr/$length"
|
||||||
|
|
||||||
|
setup_npt_chain start "$network"
|
||||||
|
$NAT $cmd $in
|
||||||
|
$NAT $cmd $out
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -216,6 +287,26 @@ restart_relay() {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
setup_prefix_fallback() {
|
||||||
|
local cmd="$1"
|
||||||
|
local network="$2"
|
||||||
|
local device="$3"
|
||||||
|
|
||||||
|
stop_relay "$network"
|
||||||
|
restart_relay "$network"
|
||||||
|
|
||||||
|
setup_masquerading stop "$network"
|
||||||
|
|
||||||
|
[ "$cmd" != "stop" ] && {
|
||||||
|
local fallback=""
|
||||||
|
config_get fallback "$network" prefix_fallback
|
||||||
|
|
||||||
|
[ "$fallback" == "relay" ] && restart_relay "$network" fallback
|
||||||
|
[ "$fallback" == "masquerade" ] && setup_masquerading start "$network" "$device"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
restart_master_relay() {
|
restart_master_relay() {
|
||||||
local network="$1"
|
local network="$1"
|
||||||
local mode="$2"
|
local mode="$2"
|
||||||
|
@ -248,30 +339,24 @@ disable_interface() {
|
||||||
# Disable distribution
|
# Disable distribution
|
||||||
disable_router "$network"
|
disable_router "$network"
|
||||||
|
|
||||||
# Disable relay
|
# Disable any active relays, masquerading rules and NPT rules
|
||||||
stop_relay "$network"
|
stop_relay "$network"
|
||||||
|
setup_masquerading stop "$network"
|
||||||
|
setup_npt_chain stop "$network"
|
||||||
|
|
||||||
# Disable DHCPv6 client if enabled, state script will take care
|
# Disable DHCPv6 client if enabled, state script will take care
|
||||||
stop_service /usr/sbin/odhcp6c "/var/run/ipv6-dhcpv6-$network.pid"
|
stop_service /usr/sbin/odhcp6c "/var/run/ipv6-dhcpv6-$network.pid"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
enable_static() {
|
enable_ula_prefix() {
|
||||||
local network="$1"
|
local network="$1"
|
||||||
local device="$2"
|
local ula="$2"
|
||||||
|
[ -z "$ula" ] && ula="global"
|
||||||
# Enable global forwarding
|
|
||||||
local global_forward
|
|
||||||
conf_get global_forward all forwarding
|
|
||||||
[ "$global_forward" != "1" ] && conf_set all forwarding 1
|
|
||||||
|
|
||||||
# Configure device
|
|
||||||
conf_set "$device" accept_ra 1
|
|
||||||
conf_set "$device" forwarding 1
|
|
||||||
|
|
||||||
# ULA-integration
|
# ULA-integration
|
||||||
local ula_prefix=""
|
local ula_prefix=""
|
||||||
config_get ula_prefix "$network" ula_prefix
|
config_get ula_prefix "$ula" ula_prefix
|
||||||
|
|
||||||
# ULA auto configuration (first init)
|
# ULA auto configuration (first init)
|
||||||
[ "$ula_prefix" == "auto" ] && {
|
[ "$ula_prefix" == "auto" ] && {
|
||||||
|
@ -289,12 +374,33 @@ enable_static() {
|
||||||
ula_prefix="fd$r1:$r2:$r3::/48"
|
ula_prefix="fd$r1:$r2:$r3::/48"
|
||||||
|
|
||||||
# Save prefix so it will be preserved across reboots
|
# Save prefix so it will be preserved across reboots
|
||||||
uci_set network6 "$network" ula_prefix "$ula_prefix"
|
config_set "$ula" ula_prefix "$ula_prefix"
|
||||||
|
uci_set network6 "$ula" ula_prefix "$ula_prefix"
|
||||||
uci_commit network6
|
uci_commit network6
|
||||||
}
|
}
|
||||||
|
|
||||||
# Announce ULA
|
# Announce ULA
|
||||||
[ -n "$ula_prefix" ] && announce_prefix $ula_prefix $network
|
[ -n "$ula_prefix" ] && announce_prefix "$ula_prefix" "$network"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
enable_static() {
|
||||||
|
local network="$1"
|
||||||
|
local device="$2"
|
||||||
|
|
||||||
|
# Enable global forwarding
|
||||||
|
local global_forward
|
||||||
|
conf_get global_forward all forwarding
|
||||||
|
[ "$global_forward" != "1" ] && conf_set all forwarding 1
|
||||||
|
|
||||||
|
# Configure device
|
||||||
|
conf_set "$device" accept_ra 1
|
||||||
|
conf_set "$device" forwarding 1
|
||||||
|
|
||||||
|
# Enable ULA
|
||||||
|
enable_ula_prefix "$network"
|
||||||
|
# Compatibility (deprecated)
|
||||||
|
enable_ula_prefix "$network" "$network"
|
||||||
|
|
||||||
# Announce all static prefixes
|
# Announce all static prefixes
|
||||||
config_list_foreach "$network" static_prefix announce_prefix $network
|
config_list_foreach "$network" static_prefix announce_prefix $network
|
||||||
|
@ -316,15 +422,10 @@ enable_router() {
|
||||||
|
|
||||||
# Start RD & DHCPv6 service
|
# Start RD & DHCPv6 service
|
||||||
local pid="/var/run/ipv6-router-$network.pid"
|
local pid="/var/run/ipv6-router-$network.pid"
|
||||||
|
|
||||||
# Start server
|
|
||||||
start_service "/usr/sbin/6relayd -S . $device" "$pid"
|
start_service "/usr/sbin/6relayd -S . $device" "$pid"
|
||||||
|
|
||||||
# Try relaying if necessary
|
# Try relaying if necessary
|
||||||
restart_master_relay "$network"
|
restart_master_relay "$network"
|
||||||
|
|
||||||
# start relay if there are forced relay members
|
|
||||||
restart_relay "$network"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -387,14 +488,16 @@ enable_interface()
|
||||||
local network="$1"
|
local network="$1"
|
||||||
local device="$2"
|
local device="$2"
|
||||||
local mode=""
|
local mode=""
|
||||||
|
|
||||||
config_get mode "$network" mode
|
config_get mode "$network" mode
|
||||||
|
[ -n "$mode" -a "$mode" != "none" ] || return
|
||||||
|
|
||||||
# Compatibility with old mode names
|
# Compatibility with old mode names
|
||||||
[ "$mode" == "downstream" ] && mode=router
|
[ "$mode" == "downstream" ] && mode=router
|
||||||
[ "$mode" == "upstream" ] && mode=dhcpv6
|
[ "$mode" == "upstream" ] && mode=dhcpv6
|
||||||
|
|
||||||
# Run mode startup code
|
# Run mode startup code
|
||||||
[ "$mode" == "dhcpv6" -o "$mode" == "static" ] && enable_static "$network" "$device"
|
enable_static "$network" "$device"
|
||||||
[ "$mode" == "dhcpv6" ] && enable_dhcpv6 "$network" "$device"
|
[ "$mode" == "dhcpv6" ] && enable_dhcpv6 "$network" "$device"
|
||||||
[ "$mode" == "router" ] && enable_router "$network" "$device"
|
[ "$mode" == "router" ] && enable_router "$network" "$device"
|
||||||
[ "$mode" == "6to4" -o "$mode" == "6rd" ] && enable_6to4 "$network" "$device" "$mode"
|
[ "$mode" == "6to4" -o "$mode" == "6rd" ] && enable_6to4 "$network" "$device" "$mode"
|
||||||
|
|
Loading…
Reference in a new issue