From 9e29b4cb85c95306dd8ce0f7968fe72f6127ec5f Mon Sep 17 00:00:00 2001
From: juhosg <juhosg@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Thu, 16 Feb 2012 11:58:32 +0000
Subject: [PATCH] packages: ipv6/tayga: move static mappings to 'firewall'
 config

Static NAT64 entries should really belong to firewall config and could
be also processed by firewall code.

Currently tayga only processes ipv4_addr and ipv6_addr options, this is
the mapping itself.  ipv4_addr is taken from dynamic pool and is not
accessable from anywhere.  In addition, firewall code may add DNAT/SNAT
rules to map it to address from WAN interface and permit access from WAN
zone using selected ports/protocols.  Furthermore, firewall may allow or
deny access to ipv6_addr from 4-to-6 translated addresses.

Example:

config nat64
	option ipv4_addr 192.0.2.31
	option ipv6_addr 2001:db8::31

Signed-off-by: Alexey I. Froloff <raorn@altlinux.org>

git-svn-id: svn://svn.openwrt.org/openwrt/packages@30582 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 ipv6/tayga/files/tayga.sh | 29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

diff --git a/ipv6/tayga/files/tayga.sh b/ipv6/tayga/files/tayga.sh
index 36c33dee5..96d132d4d 100644
--- a/ipv6/tayga/files/tayga.sh
+++ b/ipv6/tayga/files/tayga.sh
@@ -32,14 +32,25 @@ coldplug_interface_tayga() {
 	setup_interface_tayga "tayga-$1" "$1"
 }
 
-conf_rule_add() {
-	local cfg="$1"
-	local tmpconf="$2"
-	local ipv4_addr ipv6_addr
-	config_get ipv4_addr "$cfg" ipv4_addr ""
-	config_get ipv6_addr "$cfg" ipv6_addr ""
-	[ -n "$ipv4_addr" ] && [ -n "$ipv6_addr" ] &&
-		echo "map $ipv4_addr $ipv6_addr" >>$tmpconf
+tayga_add_static_mappings() {
+	local tmpconf="$1"
+
+	(
+		. /etc/functions.sh
+		config_load firewall
+
+		tayga_map_rule_add() {
+			local cfg="$1"
+			local tmpconf="$2"
+			local ipv4_addr ipv6_addr
+			config_get ipv4_addr "$cfg" ipv4_addr ""
+			config_get ipv6_addr "$cfg" ipv6_addr ""
+			[ -n "$ipv4_addr" ] && [ -n "$ipv6_addr" ] &&
+				echo "map $ipv4_addr $ipv6_addr" >>$tmpconf
+		}
+
+		config_foreach tayga_map_rule_add nat64 "$tmpconf"
+	)
 }
 
 setup_interface_tayga() {
@@ -96,7 +107,7 @@ setup_interface_tayga() {
 	[ -n "$prefix" ] &&
 		echo "prefix $prefix" >>$tmpconf
 
-	config_foreach conf_rule_add map_rule "$tmpconf"
+	tayga_add_static_mappings "$tmpconf"
 
 	[ -n "$dynamic_pool" ] &&
 		echo "dynamic-pool $dynamic_pool" >>$tmpconf