#
-# Copyright (C) 2014 OpenWrt.org
+# Copyright (C) 2014-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
TITLE:=MAP-T configuration support
endef
+define Package/464xlat
+ SECTION:=net
+ CATEGORY:=Network
+ DEPENDS:=+kmod-nat46
+ TITLE:=464xlat CLAT support
+endef
+
define KernelPackage/nat46
DEPENDS:=+kmod-ipv6
TITLE:=Stateless NAT46 translation kernel module
include $(INCLUDE_DIR)/kernel-defaults.mk
+define Build/Prepare
+ $(call Build/Prepare/Default)
+ $(CP) ./src/* $(PKG_BUILD_DIR)/
+endef
+
define Build/Compile
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ CC="$(TARGET_CC)" \
+ CFLAGS="$(TARGET_CFLAGS) -Wall" \
+ LDFLAGS="$(TARGET_LDFLAGS)"
$(MAKE) $(KERNEL_MAKEOPTS) SUBDIRS="$(PKG_BUILD_DIR)/nat46/modules" \
MODFLAGS="-DMODULE -mlong-calls" \
EXTRA_CFLAGS="-DNAT46_VERSION=\\\"$(PKG_SOURCE_VERSION)\\\"" \
true
endef
+define Package/464xlat/install
+ $(INSTALL_DIR) $(1)/lib/netifd/proto
+ $(INSTALL_BIN) ./files/464xlat.sh $(1)/lib/netifd/proto/464xlat.sh
+ $(INSTALL_DIR) $(1)/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/464xlatcfg $(1)/sbin
+endef
+
$(eval $(call KernelPackage,nat46))
$(eval $(call BuildPackage,map-t))
+$(eval $(call BuildPackage,464xlat))
--- /dev/null
+#!/bin/sh
+# 464xlat.sh - 464xlat CLAT
+#
+# Copyright (c) 2015 Steven Barth <cyrus@openwrt.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+[ -n "$INCLUDE_ONLY" ] || {
+ . /lib/functions.sh
+ . /lib/functions/network.sh
+ . ../netifd-proto.sh
+ init_proto "$@"
+}
+
+proto_464xlat_setup() {
+ local cfg="$1"
+ local iface="$2"
+ local link="464xlat-$cfg"
+
+ local ip6addr ip6prefix tunlink zone
+ json_get_vars ip6addr ip6prefix tunlink zone
+
+ [ -z "$zone" ] && zone="wan"
+
+ ( proto_add_host_dependency "$cfg" "::" "$tunlink" )
+
+ if [ -z "$tunlink" ] && ! network_find_wan6 tunlink; then
+ proto_notify_error "$cfg" "NO_WAN_LINK"
+ return
+ fi
+ network_get_device tundev "$tunlink"
+
+ ip6addr=$(464xlatcfg "$link" "$tundev" "$ip6prefix" 192.0.0.1 $ip6addr)
+ if [ -z "$ip6addr" ]; then
+ proto_notify_error "$cfg" "CLAT_CONFIG_FAILED"
+ return
+ fi
+
+ proto_init_update "$link" 1
+ proto_add_ipv4_route "0.0.0.0" 0 "" "" 2048
+ proto_add_ipv6_route $ip6addr 128 "" "" "" "" 128
+
+ proto_add_data
+ [ "$zone" != "-" ] && json_add_string zone "$zone"
+
+ json_add_array firewall
+ json_add_object ""
+ json_add_string type nat
+ json_add_string target SNAT
+ json_add_string family inet
+ json_add_string snat_ip 192.0.0.1
+ json_close_object
+ json_add_object ""
+ json_add_string type rule
+ json_add_string family inet6
+ json_add_string proto all
+ json_add_string direction in
+ json_add_string dest "$zone"
+ json_add_string src "$zone"
+ json_add_string src_ip $ip6addr
+ json_add_string target ACCEPT
+ json_close_object
+ json_add_object ""
+ json_add_string type rule
+ json_add_string family inet6
+ json_add_string proto all
+ json_add_string direction out
+ json_add_string dest "$zone"
+ json_add_string src "$zone"
+ json_add_string dest_ip $ip6addr
+ json_add_string target ACCEPT
+ json_close_object
+ json_close_array
+ proto_close_data
+
+ proto_send_update "$cfg"
+}
+
+proto_464xlat_teardown() {
+ 464xlatcfg "464xlat-$1"
+}
+
+proto_464xlat_init_config() {
+ no_device=1
+ available=1
+
+ proto_config_add_string "ip6prefix"
+ proto_config_add_string "ip6addr"
+ proto_config_add_string "tunlink"
+ proto_config_add_string "zone"
+}
+
+[ -n "$INCLUDE_ONLY" ] || {
+ add_protocol 464xlat
+}
--- /dev/null
+/* 464xlatcfg.c
+ *
+ * Copyright (c) 2015 Steven Barth <cyrus@openwrt.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+#include <netinet/icmp6.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <net/if.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <stdio.h>
+#include <netdb.h>
+
+int main(int argc, const char *argv[])
+{
+ char buf[INET6_ADDRSTRLEN], prefix[INET6_ADDRSTRLEN + 4];
+ int pid;
+
+ if (argc <= 1) {
+ fprintf(stderr, "Usage: %s <name> [ifname] [ipv6prefix] [ipv4addr] [ipv6addr]\n", argv[0]);
+ return 1;
+ }
+
+ snprintf(buf, sizeof(buf), "/var/run/%s.pid", argv[1]);
+ FILE *fp = fopen(buf, "r");
+ if (fp) {
+ fscanf(fp, "%d", &pid);
+ kill(pid, SIGTERM);
+ unlink(buf);
+ fclose(fp);
+ }
+
+ if (!argv[2])
+ return 0;
+
+ if (!argv[3] || !argv[4] || !(fp = fopen(buf, "wx")))
+ return 1;
+
+ prefix[sizeof(prefix) - 1] = 0;
+ strncpy(prefix, argv[3], sizeof(prefix) - 1);
+
+ if (!prefix[0]) {
+ struct addrinfo hints = { .ai_family = AF_INET6 }, *res;
+ if (getaddrinfo("ipv4only.arpa", NULL, &hints, &res) || !res) {
+ sleep(3);
+ if (getaddrinfo("ipv4only.arpa", NULL, &hints, &res) || !res)
+ return 2;
+ }
+
+ struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)res->ai_addr;
+ inet_ntop(AF_INET6, &sin6->sin6_addr, prefix, sizeof(prefix) - 4);
+ strcat(prefix, "/96");
+ freeaddrinfo(res);
+ }
+
+ struct sockaddr_in6 saddr = {.sin6_family = AF_INET6, .sin6_addr = {{{0x20, 0x01, 0x0d, 0xb8}}}};
+ socklen_t saddrlen = sizeof(saddr);
+ int sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6);
+ struct icmp6_filter filt;
+ ICMP6_FILTER_SETBLOCKALL(&filt);
+ setsockopt(sock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, sizeof(filt));
+ setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, argv[2], strlen(argv[2]));
+ if (connect(sock, (struct sockaddr*)&saddr, sizeof(saddr)) ||
+ getsockname(sock, (struct sockaddr*)&saddr, &saddrlen))
+ return 3;
+
+ struct ipv6_mreq mreq = {saddr.sin6_addr, if_nametoindex(argv[2])};
+ if (!argv[5]) {
+ srandom(mreq.ipv6mr_multiaddr.s6_addr32[0] ^ mreq.ipv6mr_multiaddr.s6_addr32[1] ^
+ mreq.ipv6mr_multiaddr.s6_addr32[2] ^ mreq.ipv6mr_multiaddr.s6_addr32[3]);
+ mreq.ipv6mr_multiaddr.s6_addr32[2] = random();
+ mreq.ipv6mr_multiaddr.s6_addr32[3] = random();
+ } else if (inet_pton(AF_INET6, argv[5], &mreq.ipv6mr_multiaddr) != 1) {
+ return 1;
+ }
+
+ if (setsockopt(sock, SOL_IPV6, IPV6_JOIN_ANYCAST, &mreq, sizeof(mreq)))
+ return 3;
+
+ inet_ntop(AF_INET6, &mreq.ipv6mr_multiaddr, buf, sizeof(buf));
+ fputs(buf, stdout);
+ fputc('\n', stdout);
+ fflush(stdout);
+
+ FILE *nat46 = fopen("/proc/net/nat46/control", "w");
+ if (!nat46 || fprintf(nat46, "add %s\nconfig %s local.style NONE local.v4 %s/32 local.v6 %s/128 "
+ "remote.style RFC6052 remote.v6 %s\n", argv[1], argv[1], argv[4], buf, prefix) < 0 ||
+ fclose(nat46))
+ return 4;
+
+ if (!(pid = fork())) {
+ fclose(fp);
+ fclose(stdin);
+ fclose(stdout);
+ fclose(stderr);
+ chdir("/");
+ setsid();
+ pause();
+ } else {
+ fprintf(fp, "%d\n", pid);
+ }
+
+ return 0;
+}
--- /dev/null
+all: 464xlatcfg
+
+464xlatcfg: 464xlatcfg.c
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $<
+
+clean:
+ rm -f 464xlatcfg
+
projects / feed / routing.git / commitdiff