From: Steven Barth Date: Fri, 17 Jan 2014 13:59:47 +0000 (+0000) Subject: 6in4, 6rd, 6to4: Use source-restricted routes by default X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=a5ee266cd9f4f7909aa7df0bff2e96a0e9199611;p=openwrt%2Fstaging%2Fmans0n.git 6in4, 6rd, 6to4: Use source-restricted routes by default SVN-Revision: 39307 --- diff --git a/package/network/ipv6/6in4/files/6in4.sh b/package/network/ipv6/6in4/files/6in4.sh index 647a2f89cf..d508df788f 100755 --- a/package/network/ipv6/6in4/files/6in4.sh +++ b/package/network/ipv6/6in4/files/6in4.sh @@ -14,8 +14,8 @@ proto_6in4_setup() { local iface="$2" local link="6in4-$cfg" - local mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password - json_get_vars mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password + local mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password sourcerouting + json_get_vars mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password sourcerouting [ -z "$peeraddr" ] && { proto_notify_error "$cfg" "MISSING_ADDRESS" @@ -34,16 +34,23 @@ proto_6in4_setup() { } proto_init_update "$link" 1 - proto_add_ipv6_route "::" 0 + + local source="" + [ "$sourcerouting" != "0" ] && source="::/128" + proto_add_ipv6_route "::" 0 "" "" "" "$source" [ -n "$ip6addr" ] && { local local6="${ip6addr%%/*}" local mask6="${ip6addr##*/}" [[ "$local6" = "$mask6" ]] && mask6= proto_add_ipv6_address "$local6" "$mask6" + [ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$local6/$mask6" } - [ -n "$ip6prefix" ] && proto_add_ipv6_prefix "$ip6prefix" + [ -n "$ip6prefix" ] && { + proto_add_ipv6_prefix "$ip6prefix" + [ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$ip6prefix" + } proto_add_tunnel json_add_string mode sit @@ -90,6 +97,7 @@ proto_6in4_init_config() { proto_config_add_string "password" proto_config_add_int "mtu" proto_config_add_int "ttl" + proto_config_add_boolean "soucerouting" } [ -n "$INCLUDE_ONLY" ] || { diff --git a/package/network/ipv6/6rd/files/6rd.sh b/package/network/ipv6/6rd/files/6rd.sh index a3935e1422..be6d536845 100644 --- a/package/network/ipv6/6rd/files/6rd.sh +++ b/package/network/ipv6/6rd/files/6rd.sh @@ -14,8 +14,8 @@ proto_6rd_setup() { local iface="$2" local link="6rd-$cfg" - local mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink - json_get_vars mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink + local mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting + json_get_vars mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting [ -z "$ip6prefix" -o -z "$peeraddr" ] && { proto_notify_error "$cfg" "MISSING_ADDRESS" @@ -48,7 +48,14 @@ proto_6rd_setup() { proto_init_update "$link" 1 proto_add_ipv6_address "$ip6addr" "$ip6prefixlen" proto_add_ipv6_prefix "$ip6lanprefix" - proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 + + if [ "$sourcerouting" != "0" ]; then + proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "::/128" + proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "$ip6addr/$ip6prefixlen" + proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "$ip6lanprefix" + else + proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 + fi proto_add_tunnel json_add_string mode sit @@ -79,6 +86,7 @@ proto_6rd_init_config() { proto_config_add_string "ip6prefixlen" proto_config_add_string "ip4prefixlen" proto_config_add_string "tunlink" + proto_config_add_boolean "sourcerouting" } [ -n "$INCLUDE_ONLY" ] || { diff --git a/package/network/ipv6/6to4/files/6to4.sh b/package/network/ipv6/6to4/files/6to4.sh index 6f2fbd840c..2a9b26292c 100755 --- a/package/network/ipv6/6to4/files/6to4.sh +++ b/package/network/ipv6/6to4/files/6to4.sh @@ -34,8 +34,8 @@ proto_6to4_setup() { local iface="$2" local link="6to4-$cfg" - local mtu ttl ipaddr - json_get_vars mtu ttl ipaddr + local mtu ttl ipaddr sourcerouting + json_get_vars mtu ttl ipaddr sourcerouting ( proto_add_host_dependency "$cfg" 0.0.0.0 ) @@ -64,7 +64,14 @@ proto_6to4_setup() { proto_init_update "$link" 1 proto_add_ipv6_address "$local6" 16 proto_add_ipv6_prefix "$prefix6::/48" - proto_add_ipv6_route "::" 0 "::192.88.99.1" + + if [ "$sourcerouting" != "0" ]; then + proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "::/128" + proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "$local6/16" + proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "$prefix6::/48" + else + proto_add_ipv6_route "::" 0 "::192.88.99.1" + fi proto_add_tunnel json_add_string mode sit @@ -87,6 +94,7 @@ proto_6to4_init_config() { proto_config_add_string "ipaddr" proto_config_add_int "mtu" proto_config_add_int "ttl" + proto_config_add_boolean "sourcerouting" } [ -n "$INCLUDE_ONLY" ] || {