natpmp package

http://savannah.nongnu.org/projects/natpmp

This is a daemon implementing NAT-PMP. NAT-PMP is a protocol for
handling port forwarding requests from clients behind a NAT.

Signed-off-by: Lorenz Schori <lorenz.schori@gmx.ch>


git-svn-id: svn://svn.openwrt.org/openwrt/packages@10062 3c298f89-4303-0410-b956-a3cf2f4a3e73

natpmp/Makefile

@@ -0,0 +1,57 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=natpmp
+PKG_VERSION:=0.2.1
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=http://download.savannah.nongnu.org/releases/natpmp/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_MD5SUM:=b0b1fea34ecd2c99f75c01a6728c9a7b
+
+PKG_CAT:=zcat
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/natpmp
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+ip
+  TITLE:=A daemon implementing NAT-PMP
+  URL:=http://savannah.nongnu.org/projects/natpmp
+endef
+
+define Package/natpmp/description
+  stunnel replacement based on xyssl
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+	rm -rf $(PKG_INSTALL_DIR)
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		$(TARGET_CONFIGURE_OPTS) \
+		CC=$(TARGET_CC) \
+		LD=$(TARGET_CC) \
+		CFLAGS="$(strip $(TARGET_CFLAGS))" \
+		CPPFLAGS="$$$$CPPFLAGS -I$(STAGING_DIR)/usr/include" \
+		LDFLAGS="-L$(STAGING_DIR)/usr/lib" \
+		prefix="$(PKG_INSTALL_DIR)/usr"
+	mkdir -p $(PKG_INSTALL_DIR)/usr/sbin
+	$(CP) $(PKG_BUILD_DIR)/natpmp $(PKG_INSTALL_DIR)/usr/sbin
+endef
+
+define Package/natpmp/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/natpmp $(1)/usr/sbin
+	$(RSTRIP) $(1)/usr/sbin/natpmp
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DATA) ./files/natpmp.config $(1)/etc/config/natpmp
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/natpmp.init $(1)/etc/init.d/natpmp
+endef
+
+$(eval $(call BuildPackage,natpmp))

natpmp/files/natpmp.config

@@ -0,0 +1,4 @@
+config natpmp
+	option outbound_interface	vlan0
+	option inbound_interfaces	br-lan eth1
+	option iptables_chain		natpmp

natpmp/files/natpmp.init

@@ -0,0 +1,63 @@
+#!/bin/sh /etc/rc.common
+
+START=70
+
+IP=$(which ip)
+IPTABLES=$(which iptables)
+NATPMP=/usr/sbin/natpmp
+PIDFILE=/var/run/natpmp.pid
+
+natpmp_config() {
+	local cfg="$1"
+	
+	config_get PUBLIC_IF "$cfg" outbound_interface
+	config_get PRIVATE_IFS "$cfg" inbound_interfaces
+	config_get IPTABLES_CHAIN "$cfg" iptables_chain
+}
+
+start() {
+	config_load natpmp
+	config_foreach natpmp_config natpmp
+	
+    # Flush all the rules in the natpmp chain, or create it, if it doesn't exists.
+    $IPTABLES -t nat -F $IPTABLES_CHAIN 2>/dev/null || \
+    $IPTABLES -t nat -N $IPTABLES_CHAIN
+
+    # Handle all incoming connections in the natpmp chain.
+    $IPTABLES -t nat -D PREROUTING -j $IPTABLES_CHAIN 2>/dev/null || true
+    $IPTABLES -t nat -A PREROUTING -j $IPTABLES_CHAIN
+
+    # Iterate through the private interfaces.
+    BIND_ARGS=""
+    for IF in $PRIVATE_IFS; do
+            # Get the IP address of this interface.
+            ADDR=`$IP addr show dev $IF 2>/dev/null | grep "^ *inet .* $IF\$" | cut -d " " -f 6 | cut -d / -f 1`
+            if [ -n "$ADDR" ] ; then
+                    # Add the IP address to the argument list.
+                    BIND_ARGS="$BIND_ARGS -a $ADDR"
+            else
+                    echo "Could not get IP address of interface $IF. Skipping." >&2
+            fi
+    done
+
+    if [ -z "$BIND_ARGS" ] ; then
+            echo "No IP addresses to bind to. Exiting." >&2
+            exit 1
+    fi
+
+    $NATPMP -p $PIDFILE -b -i "$PUBLIC_IF" $BIND_ARGS -- "$IPTABLES_CHAIN"
+}
+
+stop() {
+    config_load natpmp
+    config_foreach natpmp_config natpmp
+
+    # Unlink chain
+    $IPTABLES -t nat -D PREROUTING -j $IPTABLES_CHAIN 2>/dev/null || true
+
+    # Flush all the rules in the natpmp chain
+    $IPTABLES -t nat -F $IPTABLES_CHAIN 2>/dev/null && \
+    $IPTABLES -t nat -X $IPTABLES_CHAIN
+
+    kill $(cat $PIDFILE)
+}