KumiSystems/openwrtv4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
openwrtv4/package/network/config/vti/Makefile
Felix Fietkau e2e8cb8347 network: add virtual tunnel interface (VTI) support 
This adds support for configuring VTI interfaces within /etc/config/network.
VTI interfaces are used to create IPsec tunnel interfaces. These interfaces
may be used for routing and other purposes.

Example config:
config interface 'vti1'
	option proto 'vti'
	option mtu '1500'
	option tunlink 'wan'
	option peeraddr '192.168.5.16'
	option zone 'VPN'
	option ikey 2
	option okey 2

config interface 'vti1_static'
	option proto 'static'
	option ifname '@vti1'
	option ipaddr '192.168.7.2/24'

The options ikey and okey correspond to the fwmark value of a ipsec policy.
The may be null if you do not want fwmarks.
Also peeraddr may be 0.0.0 if you want all ESP packets go through the
interface.
Example strongswan config:
conn vti
	left=%any
	leftcert=peer2.test.der
	leftid=@peer2.test
	right=192.168.5.16
	rightid=@peer3.test
	leftsubnet=0.0.0.0/0
	rightsubnet=0.0.0.0/0
	mark=2
	auto=route

Signed-off-by: André Valentin <avalentin@marcant.net>

SVN-Revision: 48274
2016-01-17 11:06:02 +00:00

65 lines
1.5 KiB
Makefile
Raw Blame History

#
# Copyright (C) 2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=vti
PKG_VERSION:=1
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
include $(INCLUDE_DIR)/package.mk
define Package/vti/Default
SECTION:=net
CATEGORY:=Network
MAINTAINER:=Andre Valentin <avalentin@marcant.net>
endef
define Package/vti
$(call Package/vti/Default)
TITLE:=Virtual IPsec Tunnel Interface config support
endef
define Package/vti/description
Virtual IPsec Tunnel Interface config support (IPv4 and IPv6) in /etc/config/network.
endef
define Package/vtiv4
$(call Package/vti/Default)
TITLE:=Virtual IPsec Tunnel Interface (IPv4) config support
DEPENDS:=@(PACKAGE_vti) +kmod-ip_vti
endef
define Package/vtiv4/description
Virtual IPsec Tunnel Interface config support (IPv4) in /etc/config/network.
endef
define Package/vtiv6
$(call Package/vti/Default)
TITLE:=Virtual IPsec Tunnel Interface (IPv6) config support
DEPENDS:=@(PACKAGE_vti) @IPV6 +kmod-ip6_vti
endef
define Package/vtiv6/description
Virtual IPsec Tunnel Interface config support (IPv6) in /etc/config/network.
endef
define Build/Compile
endef
define Build/Configure
endef
define Package/vti/install
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/vti.sh $(1)/lib/netifd/proto/vti.sh
endef
$(eval $(call BuildPackage,vti))
$(eval $(call BuildPackage,vtiv4))
$(eval $(call BuildPackage,vtiv6))
Reference in a new issue View git blame Copy permalink