1 -- Copyright 2008 Steven Barth <steven@midlink.org>
2 -- Copyright 2008-2015 Jo-Philipp Wich <jow@openwrt.org>
3 -- Licensed to the public under the Apache License 2.0.
5 local uci = require "luci.model.uci".cursor()
6 local bit = require "nixio".bit
7 local ip = require "luci.ip"
9 -------------------- Init --------------------
12 -- Find link-local address
16 for _, r in ipairs(ip.routes({ family = 6, dest = "fe80::/64" })) do
17 if r.dest:higher("fe80:0:0:0:ff:fe00:0:0") then
18 return (r.dest - "fe80::")
27 local ula_prefix = uci:get("siit", "ipv6", "ula_prefix") or "fd00::"
28 local ula_global = uci:get("siit", "ipv6", "ula_global") or "00ca:ffee:babe::" -- = Freifunk
29 local ula_subnet = uci:get("siit", "ipv6", "ula_subnet") or "0000:0000:0000:4223::" -- = Berlin
30 local siit_prefix = uci:get("siit", "ipv6", "siit_prefix") or "::ffff:0000:0000"
31 local ipv4_pool = uci:get("siit", "ipv4", "pool") or "172.16.0.0/12"
32 local ipv4_netsz = uci:get("siit", "ipv4", "netsize") or "24"
35 -- Find IPv4 allocation pool
37 local gv4_net = ip.IPv4(ipv4_pool)
42 local ula = ip.IPv6("::/64")
44 for _, prefix in ipairs({ ula_prefix, ula_global, ula_subnet }) do
45 ula = ula:add(ip.IPv6(prefix))
48 ula = ula:add(find_ll())
51 -------------------- View --------------------
52 f = SimpleForm("siitwizard", "SIIT-Wizard",
53 "This wizard helps to set up SIIT (IPv4-over-IPv6) translation according to RFC2765.")
55 f:field(DummyValue, "info_ula", "Mesh ULA address").value = ula:string()
57 f:field(DummyValue, "ipv4_pool", "IPv4 allocation pool").value =
58 "%s (%i hosts)" %{ gv4_net:string(), 2 ^ ( 32 - gv4_net:prefix() ) - 2 }
60 f:field(DummyValue, "ipv4_size", "IPv4 LAN network prefix").value =
61 "%i bit (%i hosts)" %{ ipv4_netsz, 2 ^ ( 32 - ipv4_netsz ) - 2 }
63 mode = f:field(ListValue, "mode", "Operation mode")
64 mode:value("client", "Client")
65 mode:value("gateway", "Gateway")
67 dev = f:field(ListValue, "device", "Wireless device")
68 uci:foreach("wireless", "wifi-device",
70 dev:value(section[".name"])
73 lanip = f:field(Value, "ipaddr", "LAN IPv4 subnet")
74 function lanip.formvalue(self, section)
75 local val = self.map:formvalue(self:cbid(section))
76 local net = ip.IPv4("%s/%i" %{ val, ipv4_netsz })
79 if gv4_net:contains(net) then
80 if not net:minhost():equal(net:host()) then
81 self.error = { [section] = true }
82 f.errmessage = "IPv4 address is not the first host of " ..
83 "subnet, expected " .. net:minhost():string()
86 self.error = { [section] = true }
87 f.errmessage = "IPv4 address is not within the allocation pool"
90 self.error = { [section] = true }
91 f.errmessage = "Invalid IPv4 address given"
97 dns = f:field(Value, "dns", "DNS server for LAN clients")
98 dns.value = "141.1.1.1"
100 -------------------- Control --------------------
101 function f.handle(self, state, data)
102 if state == FORM_VALID then
103 luci.http.redirect(luci.dispatcher.build_url("admin", "uci", "changes"))
109 function mode.write(self, section, value)
112 -- Find LAN IPv4 range
114 local lan_net = ip.IPv4(
115 ( lanip:formvalue(section) or "172.16.0.1" ) .. "/" .. ipv4_netsz
118 if not lan_net then return end
121 -- Find wifi interface, dns server and hostname
123 local device = dev:formvalue(section)
124 local dns_server = dns:formvalue(section) or "141.1.1.1"
125 local hostname = "siit-" .. lan_net:host():string():gsub("%.","-")
128 -- Configure wifi device
130 local wifi_device = dev:formvalue(section)
131 local wifi_essid = uci:get("siit", "wifi", "essid") or "6mesh.freifunk.net"
132 local wifi_bssid = uci:get("siit", "wifi", "bssid") or "02:ca:ff:ee:ba:be"
133 local wifi_channel = uci:get("siit", "wifi", "channel") or "1"
135 -- nuke old device definition
136 uci:delete_all("wireless", "wifi-iface",
137 function(s) return s.device == wifi_device end )
139 uci:delete_all("network", "interface",
140 function(s) return s['.name'] == wifi_device end )
142 -- create wifi device definition
143 uci:tset("wireless", wifi_device, {
145 channel = wifi_channel,
151 uci:section("wireless", "wifi-iface", nil, {
156 network = wifi_device,
157 device = wifi_device,
165 -- * wan port is dhcp, lan port is 172.23.1.1/24
166 -- * siit0 gets a dummy address: 169.254.42.42
167 -- * wl0 gets an ipv6 address, in this case the fdca:ffee:babe::1:1/64
168 -- * we do a ::ffff:ffff:0/96 route into siit0, so everything from 6mesh goes into translation.
169 -- * an HNA6 of ::ffff:ffff:0:0/96 announces the mapped 0.0.0.0/0 ipv4 space.
170 -- * MTU on WAN, LAN down to 1400, ipv6 headers are slightly larger.
172 if value == "gateway" then
175 uci:set("network", "wan", "mtu", 1240)
178 uci:tset("network", "lan", {
180 ipaddr = lan_net:host():string(),
181 netmask = lan_net:mask():string(),
185 -- use full siit subnet
186 siit_route = ip.IPv6(siit_prefix .. "/96")
189 uci:delete_all("network", "route",
190 function(s) return s.interface == "siit0" end)
192 uci:section("network", "route", nil, {
194 target = gv4_net:network():string(),
195 netmask = gv4_net:mask():string()
201 -- * 172.23.2.1/24 on its lan, fdca:ffee:babe::1:2 on wl0 and the usual dummy address on siit0.
202 -- * we do a ::ffff:ffff:172.13.2.0/120 to siit0, because in this case, only traffic directed to clients needs to go into translation.
203 -- * same route as HNA6 announcement to catch the traffic out of the mesh.
204 -- * Also, MTU on LAN reduced to 1400.
209 uci:tset("network", "lan", {
211 ipaddr = lan_net:host():string(),
212 netmask = lan_net:mask():string()
215 -- derive siit subnet from lan config
216 siit_route = ip.IPv6(
217 siit_prefix .. "/" .. (96 + lan_net:prefix())
220 -- ipv4 <-> siit route
221 uci:delete_all("network", "route",
222 function(s) return s.interface == "siit0" end)
224 -- XXX: kind of a catch all, gv4_net would be better
225 -- but does not cover non-local v4 space
226 uci:section("network", "route", nil, {
233 -- setup the firewall
234 uci:delete_all("firewall", "zone",
236 s['.name'] == "siit0" or s.name == "siit0" or
237 s.network == "siit0" or s['.name'] == wifi_device or
238 s.name == wifi_device or s.network == wifi_device
241 uci:delete_all("firewall", "forwarding",
243 s.src == wifi_device and s.dest == "siit0" or
244 s.dest == wifi_device and s.src == "siit0" or
245 s.src == "lan" and s.dest == "siit0" or
246 s.dest == "lan" and s.src == "siit0"
249 uci:section("firewall", "zone", "siit0", {
257 uci:section("firewall", "zone", wifi_device, {
259 network = wifi_device,
265 uci:section("firewall", "forwarding", nil, {
270 uci:section("firewall", "forwarding", nil, {
275 uci:section("firewall", "forwarding", nil, {
280 uci:section("firewall", "forwarding", nil, {
286 uci:delete_all("firewall", "include",
287 function(s) return s.path == "/etc/firewall.user" end)
289 uci:section("firewall", "include", nil, {
290 path = "/etc/firewall.user"
295 uci:delete_all("network", "interface",
296 function(s) return ( s.ifname == "siit0" ) end)
298 uci:section("network", "interface", "siit0", {
304 uci:delete_all("network", "route6",
305 function(s) return siit_route:contains(ip.IPv6(s.target)) end)
307 uci:section("network", "route6", nil, {
309 target = siit_route:string()
312 -- create wifi network interface
313 uci:section("network", "interface", wifi_device, {
316 ip6addr = ula:string()
319 -- nuke old olsrd interfaces
320 uci:delete_all("olsrd", "Interface",
321 function(s) return s.interface == wifi_device end)
323 -- configure olsrd interface
324 uci:foreach("olsrd", "olsrd",
325 function(s) uci:set("olsrd", s['.name'], "IpVersion", 6) end)
327 uci:section("olsrd", "Interface", nil, {
329 interface = wifi_device,
330 Ip6AddrType = "unique-local"
334 uci:delete_all("olsrd", "Hna6",
335 function(s) return true end)
337 uci:section("olsrd", "Hna6", nil, {
338 netaddr = siit_route:host():string(),
339 prefix = siit_route:prefix()
342 -- txtinfo v6 & olsrd nameservice
343 uci:foreach("olsrd", "LoadPlugin",
345 if s.library == "olsrd_txtinfo" then
346 uci:set("olsrd", s['.name'], "accept", "::1")
347 elseif s.library == "olsrd_nameservice" then
348 uci:set("olsrd", s['.name'], "name", hostname)
353 uci:tset("dhcp", "lan", {
354 dhcp_option = "6," .. dns_server,
355 start = bit.band(lan_net:minhost():add(1)[2][2], 0xFF),
356 limit = ( 2 ^ ( 32 - lan_net:prefix() ) ) - 3
360 uci:foreach("system", "system",
362 uci:set("system", s['.name'], "hostname", hostname)