From: Felix Fietkau Date: Sun, 30 Dec 2007 18:12:11 +0000 (+0000) Subject: natpmp package X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fsvn-archive%2Farchive.git;a=commitdiff_plain;h=c180f48a001bdad277ddeaff609ceb1f41b11be2 natpmp package http://savannah.nongnu.org/projects/natpmp This is a daemon implementing NAT-PMP. NAT-PMP is a protocol for handling port forwarding requests from clients behind a NAT. Signed-off-by: Lorenz Schori SVN-Revision: 10062 --- diff --git a/natpmp/Makefile b/natpmp/Makefile new file mode 100644 index 0000000000..dd124ab52c --- /dev/null +++ b/natpmp/Makefile @@ -0,0 +1,57 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=natpmp +PKG_VERSION:=0.2.1 +PKG_RELEASE:=1 + +PKG_SOURCE_URL:=http://download.savannah.nongnu.org/releases/natpmp/ +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_MD5SUM:=b0b1fea34ecd2c99f75c01a6728c9a7b + +PKG_CAT:=zcat +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) +PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install + +include $(INCLUDE_DIR)/package.mk + +define Package/natpmp + SECTION:=net + CATEGORY:=Network + DEPENDS:=+ip + TITLE:=A daemon implementing NAT-PMP + URL:=http://savannah.nongnu.org/projects/natpmp +endef + +define Package/natpmp/description + stunnel replacement based on xyssl +endef + +define Build/Configure +endef + +define Build/Compile + rm -rf $(PKG_INSTALL_DIR) + $(MAKE) -C $(PKG_BUILD_DIR) \ + $(TARGET_CONFIGURE_OPTS) \ + CC=$(TARGET_CC) \ + LD=$(TARGET_CC) \ + CFLAGS="$(strip $(TARGET_CFLAGS))" \ + CPPFLAGS="$$$$CPPFLAGS -I$(STAGING_DIR)/usr/include" \ + LDFLAGS="-L$(STAGING_DIR)/usr/lib" \ + prefix="$(PKG_INSTALL_DIR)/usr" + mkdir -p $(PKG_INSTALL_DIR)/usr/sbin + $(CP) $(PKG_BUILD_DIR)/natpmp $(PKG_INSTALL_DIR)/usr/sbin +endef + +define Package/natpmp/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/natpmp $(1)/usr/sbin + $(RSTRIP) $(1)/usr/sbin/natpmp + + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_DATA) ./files/natpmp.config $(1)/etc/config/natpmp + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/natpmp.init $(1)/etc/init.d/natpmp +endef + +$(eval $(call BuildPackage,natpmp)) diff --git a/natpmp/files/natpmp.config b/natpmp/files/natpmp.config new file mode 100644 index 0000000000..a01867e055 --- /dev/null +++ b/natpmp/files/natpmp.config @@ -0,0 +1,4 @@ +config natpmp + option outbound_interface vlan0 + option inbound_interfaces br-lan eth1 + option iptables_chain natpmp diff --git a/natpmp/files/natpmp.init b/natpmp/files/natpmp.init new file mode 100644 index 0000000000..289a63d08b --- /dev/null +++ b/natpmp/files/natpmp.init @@ -0,0 +1,63 @@ +#!/bin/sh /etc/rc.common + +START=70 + +IP=$(which ip) +IPTABLES=$(which iptables) +NATPMP=/usr/sbin/natpmp +PIDFILE=/var/run/natpmp.pid + +natpmp_config() { + local cfg="$1" + + config_get PUBLIC_IF "$cfg" outbound_interface + config_get PRIVATE_IFS "$cfg" inbound_interfaces + config_get IPTABLES_CHAIN "$cfg" iptables_chain +} + +start() { + config_load natpmp + config_foreach natpmp_config natpmp + + # Flush all the rules in the natpmp chain, or create it, if it doesn't exists. + $IPTABLES -t nat -F $IPTABLES_CHAIN 2>/dev/null || \ + $IPTABLES -t nat -N $IPTABLES_CHAIN + + # Handle all incoming connections in the natpmp chain. + $IPTABLES -t nat -D PREROUTING -j $IPTABLES_CHAIN 2>/dev/null || true + $IPTABLES -t nat -A PREROUTING -j $IPTABLES_CHAIN + + # Iterate through the private interfaces. + BIND_ARGS="" + for IF in $PRIVATE_IFS; do + # Get the IP address of this interface. + ADDR=`$IP addr show dev $IF 2>/dev/null | grep "^ *inet .* $IF\$" | cut -d " " -f 6 | cut -d / -f 1` + if [ -n "$ADDR" ] ; then + # Add the IP address to the argument list. + BIND_ARGS="$BIND_ARGS -a $ADDR" + else + echo "Could not get IP address of interface $IF. Skipping." >&2 + fi + done + + if [ -z "$BIND_ARGS" ] ; then + echo "No IP addresses to bind to. Exiting." >&2 + exit 1 + fi + + $NATPMP -p $PIDFILE -b -i "$PUBLIC_IF" $BIND_ARGS -- "$IPTABLES_CHAIN" +} + +stop() { + config_load natpmp + config_foreach natpmp_config natpmp + + # Unlink chain + $IPTABLES -t nat -D PREROUTING -j $IPTABLES_CHAIN 2>/dev/null || true + + # Flush all the rules in the natpmp chain + $IPTABLES -t nat -F $IPTABLES_CHAIN 2>/dev/null && \ + $IPTABLES -t nat -X $IPTABLES_CHAIN + + kill $(cat $PIDFILE) +}