package/network/ipv6/6in4/files/6in4.sh

   1 #!/bin/sh
   2 # 6in4.sh - IPv6-in-IPv4 tunnel backend
   3 # Copyright (c) 2010-2015 OpenWrt.org
   4
   5 [ -n "$INCLUDE_ONLY" ] || {
   6         . /lib/functions.sh
   7         . /lib/functions/network.sh
   8         . ../netifd-proto.sh
   9         init_proto "$@"
  10 }
  11
  12 # Function taken from 6to4 package (6to4.sh), flipped returns
  13 test_6in4_rfc1918()
  14 {
  15         local oIFS="$IFS"; IFS="."; set -- $1; IFS="$oIFS"
  16         [ $1 -eq  10 ] && return 1
  17         [ $1 -eq 192 ] && [ $2 -eq 168 ] && return 1
  18         [ $1 -eq 172 ] && [ $2 -ge  16 ] && [ $2 -le  31 ] && return 1
  19
  20         # RFC 6598
  21         [ $1 -eq 100 ] && [ $2 -ge  64 ] && [ $2 -le 127 ] && return 1
  22
  23         return 0
  24 }
  25
  26 proto_6in4_update() {
  27         sh -c '
  28                 timeout=5
  29
  30                 (while [ $((timeout--)) -gt 0 ]; do
  31                         sleep 1
  32                         kill -0 $$ || exit 0
  33                 done; kill -9 $$) 2>/dev/null &
  34
  35                 exec "$@"
  36         ' "$1" "$@"
  37 }
  38
  39 proto_6in4_add_prefix() {
  40         append "$3" "$1"
  41 }
  42
  43 proto_6in4_setup() {
  44         local cfg="$1"
  45         local iface="$2"
  46         local link="6in4-$cfg"
  47
  48         local mtu ttl tos ipaddr peeraddr ip6addr ip6prefix ip6prefixes tunlink tunnelid username password updatekey
  49         json_get_vars mtu ttl tos ipaddr peeraddr ip6addr tunlink tunnelid username password updatekey
  50         json_for_each_item proto_6in4_add_prefix ip6prefix ip6prefixes
  51
  52         [ -z "$peeraddr" ] && {
  53                 proto_notify_error "$cfg" "MISSING_ADDRESS"
  54                 proto_block_restart "$cfg"
  55                 return
  56         }
  57
  58         ( proto_add_host_dependency "$cfg" "$peeraddr" "$tunlink" )
  59
  60         [ -z "$ipaddr" ] && {
  61                 local wanif="$tunlink"
  62                 if [ -z "$wanif" ] && ! network_find_wan wanif; then
  63                         proto_notify_error "$cfg" "NO_WAN_LINK"
  64                         return
  65                 fi
  66
  67                 if ! network_get_ipaddr ipaddr "$wanif"; then
  68                         proto_notify_error "$cfg" "NO_WAN_LINK"
  69                         return
  70                 fi
  71         }
  72
  73         proto_init_update "$link" 1
  74
  75         [ -n "$ip6addr" ] && {
  76                 local local6="${ip6addr%%/*}"
  77                 local mask6="${ip6addr##*/}"
  78                 [ "$local6" = "$mask6" ] && mask6=
  79                 proto_add_ipv6_address "$local6" "$mask6"
  80                 proto_add_ipv6_route "::" 0 "" "" "" "$local6/$mask6"
  81         }
  82
  83         for ip6prefix in $ip6prefixes; do
  84                 proto_add_ipv6_prefix "$ip6prefix"
  85                 proto_add_ipv6_route "::" 0 "" "" "" "$ip6prefix"
  86         done
  87
  88         proto_add_tunnel
  89         json_add_string mode sit
  90         json_add_int mtu "${mtu:-1280}"
  91         json_add_int ttl "${ttl:-64}"
  92         [ -n "$tos" ] && json_add_string tos "$tos"
  93         json_add_string local "$ipaddr"
  94         json_add_string remote "$peeraddr"
  95         [ -n "$tunlink" ] && json_add_string link "$tunlink"
  96         proto_close_tunnel
  97
  98         proto_send_update "$cfg"
  99
 100         [ -n "$tunnelid" -a -n "$username" -a \( -n "$password" -o -n "$updatekey" \) ] && {
 101                 [ -n "$updatekey" ] && password="$updatekey"
 102
 103                 local http="http"
 104                 local urlget="uclient-fetch"
 105                 local urlget_opts="-qO-"
 106                 local ca_path="${SSL_CERT_DIR:-/etc/ssl/certs}"
 107
 108                 [ -f /lib/libustream-ssl.so ] && http=https
 109                 [ "$http" = "https" -a -z "$(find $ca_path -name "*.0" 2>/dev/null)" ] && {
 110                         urlget_opts="$urlget_opts --no-check-certificate"
 111                 }
 112
 113                 local url="$http://ipv4.tunnelbroker.net/nic/update?hostname=$tunnelid"
 114
 115                 test_6in4_rfc1918 "$ipaddr" && {
 116                         local url="${url}&myip=${ipaddr}"
 117                 }
 118
 119                 local try=0
 120                 local max=3
 121
 122                 (
 123                         set -o pipefail
 124                         while [ $((++try)) -le $max ]; do
 125                                 if proto_6in4_update $urlget $urlget_opts --user="$username" --password="$password" "$url" 2>&1 | \
 126                                         sed -e 's,^Killed$,timeout,' -e "s,^,update $try/$max: ," | \
 127                                         logger -t "$link";
 128                                 then
 129                                         logger -t "$link" "updated"
 130                                         return 0
 131                                 fi
 132                                 sleep 5
 133                         done
 134                         logger -t "$link" "update failed"
 135                 )
 136         }
 137 }
 138
 139 proto_6in4_teardown() {
 140         local cfg="$1"
 141 }
 142
 143 proto_6in4_init_config() {
 144         no_device=1
 145         available=1
 146
 147         proto_config_add_string "ipaddr"
 148         proto_config_add_string "ip6addr"
 149         proto_config_add_array "ip6prefix"
 150         proto_config_add_string "peeraddr"
 151         proto_config_add_string "tunlink"
 152         proto_config_add_string "tunnelid"
 153         proto_config_add_string "username"
 154         proto_config_add_string "password"
 155         proto_config_add_string "updatekey"
 156         proto_config_add_int "mtu"
 157         proto_config_add_int "ttl"
 158         proto_config_add_string "tos"
 159 }
 160
 161 [ -n "$INCLUDE_ONLY" ] || {
 162         add_protocol 6in4
 163 }