bakabtw/packages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

packages: ipv6/tayga: move static mappings to 'firewall' config

Browse Source 
Static NAT64 entries should really belong to firewall config and could
be also processed by firewall code.

Currently tayga only processes ipv4_addr and ipv6_addr options, this is
the mapping itself.  ipv4_addr is taken from dynamic pool and is not
accessable from anywhere.  In addition, firewall code may add DNAT/SNAT
rules to map it to address from WAN interface and permit access from WAN
zone using selected ports/protocols.  Furthermore, firewall may allow or
deny access to ipv6_addr from 4-to-6 translated addresses.

Example:

config nat64
	option ipv4_addr 192.0.2.31
	option ipv6_addr 2001:db8::31

Signed-off-by: Alexey I. Froloff <raorn@altlinux.org>

git-svn-id: svn://svn.openwrt.org/openwrt/packages@30582 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
juhosg 2012-02-16 11:58:32 +00:00
parent eb1d43d020
commit 9e29b4cb85
1 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
ipv6/tayga/files/tayga.sh
View File

@ -32,14 +32,25 @@ coldplug_interface_tayga() {
setup_interface_tayga "tayga-$1" "$1"
}
conf_rule_add() {
local cfg="$1"
local tmpconf="$2"
local ipv4_addr ipv6_addr
config_get ipv4_addr "$cfg" ipv4_addr ""
config_get ipv6_addr "$cfg" ipv6_addr ""
[ -n "$ipv4_addr" ] && [ -n "$ipv6_addr" ] &&
echo "map $ipv4_addr $ipv6_addr" >>$tmpconf
tayga_add_static_mappings() {
local tmpconf="$1"
(
. /etc/functions.sh
config_load firewall
tayga_map_rule_add() {
local cfg="$1"
local tmpconf="$2"
local ipv4_addr ipv6_addr
config_get ipv4_addr "$cfg" ipv4_addr ""
config_get ipv6_addr "$cfg" ipv6_addr ""
[ -n "$ipv4_addr" ] && [ -n "$ipv6_addr" ] &&
echo "map $ipv4_addr $ipv6_addr" >>$tmpconf
}
config_foreach tayga_map_rule_add nat64 "$tmpconf"
)
}
setup_interface_tayga() {
@ -96,7 +107,7 @@ setup_interface_tayga() {
[ -n "$prefix" ] &&
echo "prefix $prefix" >>$tmpconf
config_foreach conf_rule_add map_rule "$tmpconf"
tayga_add_static_mappings "$tmpconf"
[ -n "$dynamic_pool" ] &&
echo "dynamic-pool $dynamic_pool" >>$tmpconf