+++ /dev/null
-#
-# Copyright (C) 2014-2015 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-PKG_NAME:=nat46
-PKG_VERSION:=11
-PKG_RELEASE:=$(PKG_SOURCE_VERSION)
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=18b36fcb30c6c56e39c20f3363f806f909d08bb21041ac5c930c9216b6d3e2aa
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=https://github.com/ayourtch/nat46.git
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=683fbd2b765506332a1af141545652bf58f03166
-PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
-PKG_LICENSE:=GPL-2.0
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/map-t
- SECTION:=net
- CATEGORY:=Network
- DEPENDS:=+map +kmod-nat46
- TITLE:=MAP-T configuration support
-endef
-
-define Package/464xlat
- SECTION:=net
- CATEGORY:=Network
- DEPENDS:=+kmod-nat46 +ip
- TITLE:=464xlat CLAT support
-endef
-
-define KernelPackage/nat46
- DEPENDS:=@IPV6
- TITLE:=Stateless NAT46 translation kernel module
- SECTION:=kernel
- SUBMENU:=Network Support
- FILES:=$(PKG_BUILD_DIR)/nat46/modules/nat46.ko
- AUTOLOAD:=$(call AutoLoad,33,nat46)
-endef
-
-include $(INCLUDE_DIR)/kernel-defaults.mk
-
-define Build/Prepare
- $(call Build/Prepare/Default)
- $(CP) ./src/* $(PKG_BUILD_DIR)/
-endef
-
-define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR) \
- CC="$(TARGET_CC)" \
- CFLAGS="$(TARGET_CFLAGS) -Wall" \
- LDFLAGS="$(TARGET_LDFLAGS)"
- $(MAKE) $(KERNEL_MAKEOPTS) SUBDIRS="$(PKG_BUILD_DIR)/nat46/modules" \
- MODFLAGS="-DMODULE -mlong-calls" \
- EXTRA_CFLAGS="-DNAT46_VERSION=\\\"$(PKG_SOURCE_VERSION)\\\"" \
- modules
-endef
-
-define Package/map-t/install
- true
-endef
-
-define Package/464xlat/install
- $(INSTALL_DIR) $(1)/lib/netifd/proto
- $(INSTALL_BIN) ./files/464xlat.sh $(1)/lib/netifd/proto/464xlat.sh
- $(INSTALL_DIR) $(1)/sbin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/464xlatcfg $(1)/sbin
-endef
-
-$(eval $(call KernelPackage,nat46))
-$(eval $(call BuildPackage,map-t))
-$(eval $(call BuildPackage,464xlat))
+++ /dev/null
-#!/bin/sh
-# 464xlat.sh - 464xlat CLAT
-#
-# Copyright (c) 2015 Steven Barth <cyrus@openwrt.org>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 2
-# as published by the Free Software Foundation
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-
-[ -n "$INCLUDE_ONLY" ] || {
- . /lib/functions.sh
- . /lib/functions/network.sh
- . ../netifd-proto.sh
- init_proto "$@"
-}
-
-proto_464xlat_setup() {
- local cfg="$1"
- local iface="$2"
- local link="464-$cfg"
-
- local ip6addr ip6prefix tunlink zone
- json_get_vars ip6addr ip6prefix tunlink zone
-
- [ -z "$zone" ] && zone="wan"
-
- ( proto_add_host_dependency "$cfg" "::" "$tunlink" )
-
- if [ -z "$tunlink" ] && ! network_find_wan6 tunlink; then
- proto_notify_error "$cfg" "NO_WAN_LINK"
- return
- fi
- network_get_device tundev "$tunlink"
-
- ip6addr=$(464xlatcfg "$link" "$tundev" "$ip6prefix" 192.0.0.1 $ip6addr)
- if [ -z "$ip6addr" ]; then
- proto_notify_error "$cfg" "CLAT_CONFIG_FAILED"
- return
- fi
-
- ip -6 rule del from all lookup local
- ip -6 rule add from all lookup local pref 1
- ip -6 rule add to $ip6addr lookup prelocal pref 0
- echo "$ip6addr" > /tmp/464-$cfg-anycast
-
- proto_init_update "$link" 1
- proto_add_ipv4_route "0.0.0.0" 0 "" "" 2048
- proto_add_ipv6_route $ip6addr 128 "" "" "" "" 128
-
- proto_add_data
- [ "$zone" != "-" ] && json_add_string zone "$zone"
-
- json_add_array firewall
- json_add_object ""
- json_add_string type nat
- json_add_string target SNAT
- json_add_string family inet
- json_add_string snat_ip 192.0.0.1
- json_close_object
- json_add_object ""
- json_add_string type rule
- json_add_string family inet6
- json_add_string proto all
- json_add_string direction in
- json_add_string dest "$zone"
- json_add_string src "$zone"
- json_add_string src_ip $ip6addr
- json_add_string target ACCEPT
- json_close_object
- json_close_array
- proto_close_data
-
- proto_send_update "$cfg"
-}
-
-proto_464xlat_teardown() {
- local cfg="$1"
- local link="464-$cfg"
-
- [ -f /tmp/464-$cfg-anycast ] || return
- local ip6addr=$(cat /tmp/464-$cfg-anycast)
-
- 464xlatcfg "$link"
-
- rm -rf /tmp/464-$cfg-anycast
- [ -n "$ip6addr" ] && ip -6 rule del to $ip6addr lookup prelocal
-
- if [ -z "$(ls /tmp/464-*-anycast 2>&-)" ]; then
- ip -6 rule del from all lookup local
- ip -6 rule add from all lookup local pref 0
- fi
-}
-
-proto_464xlat_init_config() {
- no_device=1
- available=1
-
- proto_config_add_string "ip6prefix"
- proto_config_add_string "ip6addr"
- proto_config_add_string "tunlink"
- proto_config_add_string "zone"
-}
-
-[ -n "$INCLUDE_ONLY" ] || {
- add_protocol 464xlat
-}
+++ /dev/null
-/* 464xlatcfg.c
- *
- * Copyright (c) 2015 Steven Barth <cyrus@openwrt.org>
- * Copyright (c) 2017 Hans Dedecker <dedeckeh@gmail.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- */
-
-#include <netinet/icmp6.h>
-#include <netinet/in.h>
-#include <sys/socket.h>
-#include <arpa/inet.h>
-#include <net/if.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <stdio.h>
-#include <netdb.h>
-
-static void sighandler(__attribute__((unused)) int signal)
-{
-}
-
-int main(int argc, const char *argv[])
-{
- char buf[INET6_ADDRSTRLEN], prefix[INET6_ADDRSTRLEN + 4];
- int pid;
-
- if (argc <= 1) {
- fprintf(stderr, "Usage: %s <name> [ifname] [ipv6prefix] [ipv4addr] [ipv6addr]\n", argv[0]);
- return 1;
- }
-
- snprintf(buf, sizeof(buf), "/var/run/%s.pid", argv[1]);
- FILE *fp = fopen(buf, "r");
- if (fp) {
- if (fscanf(fp, "%d", &pid) == 1)
- kill(pid, SIGTERM);
-
- unlink(buf);
- fclose(fp);
- }
-
- if (!argv[2])
- return 0;
-
- if (!argv[3] || !argv[4] || !(fp = fopen(buf, "wx")))
- return 1;
-
- signal(SIGTERM, SIG_DFL);
- setvbuf(fp, NULL, _IOLBF, 0);
- fprintf(fp, "%d\n", getpid());
-
- prefix[sizeof(prefix) - 1] = 0;
- strncpy(prefix, argv[3], sizeof(prefix) - 1);
-
- if (!prefix[0]) {
- struct addrinfo hints = { .ai_family = AF_INET6 }, *res;
- if (getaddrinfo("ipv4only.arpa", NULL, &hints, &res) || !res) {
- sleep(3);
- if (getaddrinfo("ipv4only.arpa", NULL, &hints, &res) || !res)
- return 2;
- }
-
- struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)res->ai_addr;
- inet_ntop(AF_INET6, &sin6->sin6_addr, prefix, sizeof(prefix) - 4);
- strcat(prefix, "/96");
- freeaddrinfo(res);
- }
-
- int i = 0;
- int sock;
- struct sockaddr_in6 saddr;
-
- do {
- socklen_t saddrlen = sizeof(saddr);
- struct icmp6_filter filt;
-
- sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6);
- ICMP6_FILTER_SETBLOCKALL(&filt);
- setsockopt(sock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, sizeof(filt));
- setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, argv[2], strlen(argv[2]));
- memset(&saddr, 0, sizeof(saddr));
- saddr.sin6_family = AF_INET6;
- saddr.sin6_addr.s6_addr32[0] = htonl(0x2001);
- saddr.sin6_addr.s6_addr32[1] = htonl(0xdb8);
- if (connect(sock, (struct sockaddr*)&saddr, sizeof(saddr)) ||
- getsockname(sock, (struct sockaddr*)&saddr, &saddrlen))
- return 3;
-
- if (!IN6_IS_ADDR_LINKLOCAL(&saddr.sin6_addr) || argv[5])
- break;
-
- close(sock);
- sleep(3);
- i++;
- } while (i < 3);
-
- struct ipv6_mreq mreq = {saddr.sin6_addr, if_nametoindex(argv[2])};
- if (!argv[5]) {
- if (IN6_IS_ADDR_LINKLOCAL(&mreq.ipv6mr_multiaddr))
- return 5;
-
- srandom(mreq.ipv6mr_multiaddr.s6_addr32[0] ^ mreq.ipv6mr_multiaddr.s6_addr32[1] ^
- mreq.ipv6mr_multiaddr.s6_addr32[2] ^ mreq.ipv6mr_multiaddr.s6_addr32[3]);
- mreq.ipv6mr_multiaddr.s6_addr32[2] = random();
- mreq.ipv6mr_multiaddr.s6_addr32[3] = random();
- } else if (inet_pton(AF_INET6, argv[5], &mreq.ipv6mr_multiaddr) != 1) {
- return 1;
- }
-
- if (setsockopt(sock, SOL_IPV6, IPV6_JOIN_ANYCAST, &mreq, sizeof(mreq)))
- return 3;
-
- inet_ntop(AF_INET6, &mreq.ipv6mr_multiaddr, buf, sizeof(buf));
- fputs(buf, stdout);
- fputc('\n', stdout);
- fflush(stdout);
-
- FILE *nat46 = fopen("/proc/net/nat46/control", "w");
- if (!nat46 || fprintf(nat46, "add %s\nconfig %s local.style NONE local.v4 %s/32 local.v6 %s/128 "
- "remote.style RFC6052 remote.v6 %s\n", argv[1], argv[1], argv[4], buf, prefix) < 0 ||
- fclose(nat46))
- return 4;
-
- if (!(pid = fork())) {
- fclose(fp);
- fclose(stdin);
- fclose(stdout);
- fclose(stderr);
- chdir("/");
- setsid();
- signal(SIGTERM, sighandler);
- pause();
-
- nat46 = fopen("/proc/net/nat46/control", "w");
- if (nat46) {
- fprintf(nat46, "del %s\n", argv[1]);
- fclose(nat46);
- }
- } else {
- rewind(fp);
- fprintf(fp, "%d\n", pid);
- }
-
- return 0;
-}
+++ /dev/null
-all: 464xlatcfg
-
-464xlatcfg: 464xlatcfg.c
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $<
-
-clean:
- rm -f 464xlatcfg
-