packages: ipv6/tayga: move static mappings to 'firewall' config

Static NAT64 entries should really belong to firewall config and could
be also processed by firewall code.

Currently tayga only processes ipv4_addr and ipv6_addr options, this is
the mapping itself.  ipv4_addr is taken from dynamic pool and is not
accessable from anywhere.  In addition, firewall code may add DNAT/SNAT
rules to map it to address from WAN interface and permit access from WAN
zone using selected ports/protocols.  Furthermore, firewall may allow or
deny access to ipv6_addr from 4-to-6 translated addresses.

Example:

config nat64
	option ipv4_addr 192.0.2.31
	option ipv6_addr 2001:db8::31

Signed-off-by: Alexey I. Froloff <raorn@altlinux.org>

git-svn-id: svn://svn.openwrt.org/openwrt/packages@30582 3c298f89-4303-0410-b956-a3cf2f4a3e73

ipv6/tayga/files/tayga.sh

@@ -32,7 +32,14 @@ coldplug_interface_tayga() {
 	setup_interface_tayga "tayga-$1" "$1"
 }
 
-conf_rule_add() {
+tayga_add_static_mappings() {
+	local tmpconf="$1"
+
+	(
+		. /etc/functions.sh
+		config_load firewall
+
+		tayga_map_rule_add() {
 			local cfg="$1"
 			local tmpconf="$2"
 			local ipv4_addr ipv6_addr
@@ -42,6 +49,10 @@ conf_rule_add() {
 				echo "map $ipv4_addr $ipv6_addr" >>$tmpconf
 		}
 
+		config_foreach tayga_map_rule_add nat64 "$tmpconf"
+	)
+}
+
 setup_interface_tayga() {
 	local iface="$1"
 	local cfg="$2"
@@ -96,7 +107,7 @@ setup_interface_tayga() {
 	[ -n "$prefix" ] &&
 		echo "prefix $prefix" >>$tmpconf
 
-	config_foreach conf_rule_add map_rule "$tmpconf"
+	tayga_add_static_mappings "$tmpconf"
 
 	[ -n "$dynamic_pool" ] &&
 		echo "dynamic-pool $dynamic_pool" >>$tmpconf