Static NAT64 entries should really belong to firewall config and could
be also processed by firewall code.
Currently tayga only processes ipv4_addr and ipv6_addr options, this is
the mapping itself. ipv4_addr is taken from dynamic pool and is not
accessable from anywhere. In addition, firewall code may add DNAT/SNAT
rules to map it to address from WAN interface and permit access from WAN
zone using selected ports/protocols. Furthermore, firewall may allow or
deny access to ipv6_addr from 4-to-6 translated addresses.
Example:
config nat64
option ipv4_addr 192.0.2.31
option ipv6_addr 2001:db8::31
Signed-off-by: Alexey I. Froloff <raorn@altlinux.org>
git-svn-id: svn://svn.openwrt.org/openwrt/packages@30582 3c298f89-4303-0410-b956-a3cf2f4a3e73
TAYGA is an out-of-kernel stateless NAT64 implementation for
Linux. It uses the TUN driver to exchange packets with the
kernel, which is the same driver used by OpenVPN and QEMU/KVM.
Signed-off-by: Alexey I. Froloff <raorn@altlinux.org>
git-svn-id: svn://svn.openwrt.org/openwrt/packages@28013 3c298f89-4303-0410-b956-a3cf2f4a3e73
