464xlat.sh 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111
  1. #!/bin/sh
  2. # 464xlat.sh - 464xlat CLAT
  3. #
  4. # Copyright (c) 2015 Steven Barth <cyrus@openwrt.org>
  5. #
  6. # This program is free software; you can redistribute it and/or modify
  7. # it under the terms of the GNU General Public License version 2
  8. # as published by the Free Software Foundation
  9. #
  10. # This program is distributed in the hope that it will be useful,
  11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. # GNU General Public License for more details.
  14. [ -n "$INCLUDE_ONLY" ] || {
  15. . /lib/functions.sh
  16. . /lib/functions/network.sh
  17. . ../netifd-proto.sh
  18. init_proto "$@"
  19. }
  20. proto_464xlat_setup() {
  21. local cfg="$1"
  22. local iface="$2"
  23. local link="464-$cfg"
  24. local ip6addr ip6prefix tunlink zone
  25. json_get_vars ip6addr ip6prefix tunlink zone
  26. [ -z "$zone" ] && zone="wan"
  27. ( proto_add_host_dependency "$cfg" "::" "$tunlink" )
  28. if [ -z "$tunlink" ] && ! network_find_wan6 tunlink; then
  29. proto_notify_error "$cfg" "NO_WAN_LINK"
  30. return
  31. fi
  32. network_get_device tundev "$tunlink"
  33. ip6addr=$(464xlatcfg "$link" "$tundev" "$ip6prefix" 192.0.0.1 $ip6addr)
  34. if [ -z "$ip6addr" ]; then
  35. proto_notify_error "$cfg" "CLAT_CONFIG_FAILED"
  36. return
  37. fi
  38. ip -6 rule del from all lookup local
  39. ip -6 rule add from all lookup local pref 1
  40. ip -6 rule add to $ip6addr lookup prelocal pref 0
  41. echo "$ip6addr" > /tmp/464-$cfg-anycast
  42. proto_init_update "$link" 1
  43. proto_add_ipv4_route "0.0.0.0" 0 "" "" 2048
  44. proto_add_ipv6_route $ip6addr 128 "" "" "" "" 128
  45. proto_add_data
  46. [ "$zone" != "-" ] && json_add_string zone "$zone"
  47. json_add_array firewall
  48. json_add_object ""
  49. json_add_string type nat
  50. json_add_string target SNAT
  51. json_add_string family inet
  52. json_add_string snat_ip 192.0.0.1
  53. json_close_object
  54. json_add_object ""
  55. json_add_string type rule
  56. json_add_string family inet6
  57. json_add_string proto all
  58. json_add_string direction in
  59. json_add_string dest "$zone"
  60. json_add_string src "$zone"
  61. json_add_string src_ip $ip6addr
  62. json_add_string target ACCEPT
  63. json_close_object
  64. json_close_array
  65. proto_close_data
  66. proto_send_update "$cfg"
  67. }
  68. proto_464xlat_teardown() {
  69. local cfg="$1"
  70. local link="464-$cfg"
  71. [ -f /tmp/464-$cfg-anycast ] || return
  72. local ip6addr=$(cat /tmp/464-$cfg-anycast)
  73. 464xlatcfg "$link"
  74. rm -rf /tmp/464-$cfg-anycast
  75. [ -n "$ip6addr" ] && ip -6 rule del to $ip6addr lookup prelocal
  76. if [ -z "$(ls /tmp/464-*-anycast 2>&-)" ]; then
  77. ip -6 rule del from all lookup local
  78. ip -6 rule add from all lookup local pref 0
  79. fi
  80. }
  81. proto_464xlat_init_config() {
  82. no_device=1
  83. available=1
  84. proto_config_add_string "ip6prefix"
  85. proto_config_add_string "ip6addr"
  86. proto_config_add_string "tunlink"
  87. proto_config_add_string "zone"
  88. }
  89. [ -n "$INCLUDE_ONLY" ] || {
  90. add_protocol 464xlat
  91. }