From 0555ebf66d415045b176181cde25ba2ed063c09d Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Wed, 26 Mar 2014 10:12:49 +0000 Subject: [PATCH] 6rd / ds-lite: make the firewall-zones of nested-protocols configurable SVN-Revision: 40020 --- .../network/config/netifd/files/lib/netifd/dhcp.script | 1 + .../network/config/netifd/files/lib/netifd/proto/dhcp.sh | 6 ++++-- package/network/ipv6/6rd/Makefile | 2 +- package/network/ipv6/6rd/files/6rd.sh | 9 +++++++-- package/network/ipv6/ds-lite/Makefile | 2 +- package/network/ipv6/ds-lite/files/dslite.sh | 9 +++++++-- package/network/ipv6/odhcp6c/Makefile | 4 ++-- package/network/ipv6/odhcp6c/files/dhcpv6.script | 1 + package/network/ipv6/odhcp6c/files/dhcpv6.sh | 6 ++++-- 9 files changed, 28 insertions(+), 12 deletions(-) diff --git a/package/network/config/netifd/files/lib/netifd/dhcp.script b/package/network/config/netifd/files/lib/netifd/dhcp.script index c5978403626..948c3cd665e 100755 --- a/package/network/config/netifd/files/lib/netifd/dhcp.script +++ b/package/network/config/netifd/files/lib/netifd/dhcp.script @@ -54,6 +54,7 @@ setup_interface () { json_add_int ip6prefixlen "$ip6rdprefixlen" json_add_string tunlink "$INTERFACE" [ -n "$IFACE6RD_DELEGATE" ] && json_add_boolean delegate "$IFACE6RD_DELEGATE" + [ -n "$ZONE6RD" ] && json_add_string zone "$ZONE6RD" json_close_object ubus call network add_dynamic "$(json_dump)" diff --git a/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh b/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh index 80c3562e69a..93f4a5e09a5 100755 --- a/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh +++ b/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh @@ -15,14 +15,15 @@ proto_dhcp_init_config() { proto_config_add_string iface6rd proto_config_add_string sendopts proto_config_add_boolean delegate + proto_config_add_string zone6rd } proto_dhcp_setup() { local config="$1" local iface="$2" - local ipaddr hostname clientid vendorid broadcast reqopts iface6rd sendopts delegate - json_get_vars ipaddr hostname clientid vendorid broadcast reqopts iface6rd sendopts delegate + local ipaddr hostname clientid vendorid broadcast reqopts iface6rd sendopts delegate zone6rd + json_get_vars ipaddr hostname clientid vendorid broadcast reqopts iface6rd sendopts delegate zone6rd local opt dhcpopts for opt in $reqopts; do @@ -37,6 +38,7 @@ proto_dhcp_setup() { [ -n "$clientid" ] && clientid="-x 0x3d:${clientid//:/}" || clientid="-C" [ -n "$iface6rd" ] && proto_export "IFACE6RD=$iface6rd" [ -n "$iface6rd" ] && append dhcpopts "-O 212" + [ -n "$zone6rd" ] && proto_export "ZONE6RD=$zone6rd" [ "$delegate" = "0" ] && proto_export "IFACE6RD_DELEGATE=0" proto_export "INTERFACE=$config" diff --git a/package/network/ipv6/6rd/Makefile b/package/network/ipv6/6rd/Makefile index 5a4807805c9..19177f1c460 100644 --- a/package/network/ipv6/6rd/Makefile +++ b/package/network/ipv6/6rd/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=6rd -PKG_VERSION:=5 +PKG_VERSION:=6 PKG_RELEASE:=1 include $(INCLUDE_DIR)/package.mk diff --git a/package/network/ipv6/6rd/files/6rd.sh b/package/network/ipv6/6rd/files/6rd.sh index e80729c3412..58b16c8ff7a 100644 --- a/package/network/ipv6/6rd/files/6rd.sh +++ b/package/network/ipv6/6rd/files/6rd.sh @@ -14,8 +14,8 @@ proto_6rd_setup() { local iface="$2" local link="6rd-$cfg" - local mtu df ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting - json_get_vars mtu df ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting + local mtu df ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting zone + json_get_vars mtu df ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting zone [ -z "$ip6prefix" -o -z "$peeraddr" ] && { proto_notify_error "$cfg" "MISSING_ADDRESS" @@ -68,6 +68,10 @@ proto_6rd_setup() { [ -n "$tunlink" ] && json_add_string link "$tunlink" proto_close_tunnel + proto_add_data + [ -n "$zone" ] && json_add_string zone "$zone" + proto_close_data + proto_send_update "$cfg" } @@ -89,6 +93,7 @@ proto_6rd_init_config() { proto_config_add_string "ip4prefixlen" proto_config_add_string "tunlink" proto_config_add_boolean "sourcerouting" + proto_config_add_string "zone" } [ -n "$INCLUDE_ONLY" ] || { diff --git a/package/network/ipv6/ds-lite/Makefile b/package/network/ipv6/ds-lite/Makefile index 688ddf9017d..a806f67ab93 100644 --- a/package/network/ipv6/ds-lite/Makefile +++ b/package/network/ipv6/ds-lite/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ds-lite -PKG_VERSION:=1 +PKG_VERSION:=2 PKG_RELEASE:=1 include $(INCLUDE_DIR)/package.mk diff --git a/package/network/ipv6/ds-lite/files/dslite.sh b/package/network/ipv6/ds-lite/files/dslite.sh index 67887881e1a..f4efa1c4c33 100755 --- a/package/network/ipv6/ds-lite/files/dslite.sh +++ b/package/network/ipv6/ds-lite/files/dslite.sh @@ -14,8 +14,8 @@ proto_dslite_setup() { local iface="$2" local link="dslite-$cfg" - local mtu ttl peeraddr ip6addr tunlink - json_get_vars mtu ttl peeraddr ip6addr tunlink + local mtu ttl peeraddr ip6addr tunlink zone + json_get_vars mtu ttl peeraddr ip6addr tunlink zone [ -z "$peeraddr" ] && { proto_notify_error "$cfg" "MISSING_ADDRESS" @@ -51,6 +51,10 @@ proto_dslite_setup() { [ -n "$tunlink" ] && json_add_string link "$tunlink" proto_close_tunnel + proto_add_data + [ -n "$zone" ] && json_add_string zone "$zone" + proto_close_data + proto_send_update "$cfg" } @@ -67,6 +71,7 @@ proto_dslite_init_config() { proto_config_add_string "tunlink" proto_config_add_int "mtu" proto_config_add_int "ttl" + proto_config_add_string "zone" } [ -n "$INCLUDE_ONLY" ] || { diff --git a/package/network/ipv6/odhcp6c/Makefile b/package/network/ipv6/odhcp6c/Makefile index d843c1076e8..78ac07e90b5 100644 --- a/package/network/ipv6/odhcp6c/Makefile +++ b/package/network/ipv6/odhcp6c/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=odhcp6c -PKG_VERSION:=2014-03-13 +PKG_VERSION:=2014-03-26 PKG_RELEASE=$(PKG_SOURCE_VERSION) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) PKG_SOURCE_URL:=git://github.com/sbyx/odhcp6c.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=9c7c654cb2d5ac6ac536f603cd5a9372416e91da +PKG_SOURCE_VERSION:=6c8109e0c77d5a54950ba607d1ec1f83d5efb5b7 PKG_MAINTAINER:=Steven Barth include $(INCLUDE_DIR)/package.mk diff --git a/package/network/ipv6/odhcp6c/files/dhcpv6.script b/package/network/ipv6/odhcp6c/files/dhcpv6.script index 563c9ada0d0..851e94be918 100755 --- a/package/network/ipv6/odhcp6c/files/dhcpv6.script +++ b/package/network/ipv6/odhcp6c/files/dhcpv6.script @@ -84,6 +84,7 @@ setup_interface () { json_add_string proto "dslite" json_add_string peeraddr "$AFTR_IP" json_add_string tunlink "$INTERFACE" + [ -n "$ZONE_DSLITE" ] && json_add_string zone "$ZONE_DSLITE" [ -n "$IFACE_DSLITE_DELEGATE" ] && json_add_boolean delegate "$IFACE_DSLITE_DELEGATE" json_close_object ubus call network add_dynamic "$(json_dump)" diff --git a/package/network/ipv6/odhcp6c/files/dhcpv6.sh b/package/network/ipv6/odhcp6c/files/dhcpv6.sh index aa7a2e1b088..9b6275e3f97 100755 --- a/package/network/ipv6/odhcp6c/files/dhcpv6.sh +++ b/package/network/ipv6/odhcp6c/files/dhcpv6.sh @@ -14,6 +14,7 @@ proto_dhcpv6_init_config() { proto_config_add_string 'norelease:bool' proto_config_add_string 'ip6prefix:ip6addr' proto_config_add_string iface_dslite + proto_config_add_string zone_dslite proto_config_add_string 'ifaceid:ip6addr' proto_config_add_string 'sourcerouting:bool' proto_config_add_string "userclass" @@ -25,8 +26,8 @@ proto_dhcpv6_setup() { local config="$1" local iface="$2" - local reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite ifaceid sourcerouting userclass vendorclass delegate - json_get_vars reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite ifaceid sourcerouting userclass vendorclass delegate + local reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite ifaceid sourcerouting userclass vendorclass delegate zone_dslite + json_get_vars reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite ifaceid sourcerouting userclass vendorclass delegate zone_dslite # Configure @@ -58,6 +59,7 @@ proto_dhcpv6_setup() { [ -n "$iface_dslite" ] && proto_export "IFACE_DSLITE=$iface_dslite" [ "$sourcerouting" != "0" ] && proto_export "SOURCE_ROUTING=1" [ "$delegate" = "0" ] && proto_export "IFACE_DSLITE_DELEGATE=0" + [ -n "$zone_dslite" ] && proto_export "ZONE_DSLITE=$zone_dslite" proto_export "INTERFACE=$config" proto_run_command "$config" odhcp6c \