ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-02-06 02:59:27 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

ipv6-support: Update iteration * Add support for blocking forwarding while address assignments * Fix relay restarting function

Browse Source 
SVN-Revision: 34985
This commit is contained in:
Steven Barth 2013-01-02 23:05:44 +00:00
parent c7d9d7c952
commit 965afef317
3 changed files with 53 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/network/ipv6/ipv6-support/Makefile
View File

@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=ipv6-support PKG_NAME:=ipv6-support
PKG_VERSION:=2013-01-01 PKG_VERSION:=2013-01-02
PKG_RELEASE:=1 PKG_RELEASE:=1
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk

28
package/network/ipv6/ipv6-support/files/dhcpv6.sh
View File

@ -12,6 +12,29 @@ resolve_network network "$device"
# Unknown network # Unknown network
[ -z "$network" ] && exit 0 [ -z "$network" ] && exit 0
if [ "$state" == "started" ]; then
# Start border
set_forward_border "$network" "$device" enable
# Configure device
conf_set "$device" accept_ra 2
conf_set "$device" forwarding 2
# Trigger RS
conf_set "$device" disable_ipv6 1
conf_set "$device" disable_ipv6 0
exit 0
elif [ "$state" == "stopped" ]; then
# Deconfigure device
conf_set "$device" accept_ra 1
conf_set "$device" forwarding 1
# Disable border
set_forward_border "$network" "$device" disable
exit 0
fi
# Announce prefixes # Announce prefixes
for prefix in $PREFIXES; do for prefix in $PREFIXES; do
@ -23,7 +46,7 @@ for prefix in $PREFIXES_LOST; do
done done
# Enable relaying if requested # Enable relaying if requested and we didn't get a prefix, disable otherwise
local fallback="stop" local fallback="stop"
[ -z "$PREFIXES" -a "$state" != "unbound" ] && fallback="start" [ -z "$PREFIXES" -a "$state" != "unbound" ] && fallback="start"
setup_prefix_fallback "$fallback" "$network" "$device" setup_prefix_fallback "$fallback" "$network" "$device"
@ -32,6 +55,9 @@ setup_prefix_fallback "$fallback" "$network" "$device"
# Operations in case of success # Operations in case of success
[ "$state" == "timeout" -o "$state" == "unbound" ] && exit 0 [ "$state" == "timeout" -o "$state" == "unbound" ] && exit 0
# Handshake completed, disable forwarding border
set_forward_border "$network" "$device" disable
local peerdns local peerdns
config_get_bool peerdns "$network" peerdns 1 config_get_bool peerdns "$network" peerdns 1
[ "$peerdns" -eq "1" ] && { [ "$peerdns" -eq "1" ] && {

38
package/network/ipv6/ipv6-support/files/support.sh
View File

@ -329,8 +329,6 @@ setup_prefix_fallback() {
restart_master_relay() { restart_master_relay() {
local network="$1" local network="$1"
local mode="$2" local mode="$2"
local pid_fallback="/var/run/ipv6-relay-fallback-$network.pid"
local pid_forced="/var/run/ipv6-relay-forced-$network.pid"
# Disable active relaying to this interface # Disable active relaying to this interface
config_get relay_master "$network" relay_master config_get relay_master "$network" relay_master
@ -338,8 +336,10 @@ restart_master_relay() {
network_is_up "$relay_master" || return network_is_up "$relay_master" || return
# Detect running mode # Detect running mode
[ -z "$mode" && -f "$pid_fallback" ] && mode="fallback" local pid_fallback="/var/run/ipv6-relay-fallback-$relay_master.pid"
[ -z "$mode" && -f "$pid_forced" ] && mode="forced" local pid_forced="/var/run/ipv6-relay-forced-$relay_master.pid"
[ -z "$mode" -a -f "$pid_fallback" ] && mode="fallback"
[ -z "$mode" -a -f "$pid_forced" ] && mode="forced"
# Restart relay if running or start requested # Restart relay if running or start requested
[ -n "$mode" ] && restart_relay "$relay_master" "$mode" [ -n "$mode" ] && restart_relay "$relay_master" "$mode"
@ -375,6 +375,26 @@ set_site_border() {
} }
set_forward_border() {
local network="$1"
local device="$2"
local method="$3"
local fwscript="/var/etc/ipv6-firewall.d/forward-border-$network.sh"
if [ "$method" == "enable" ]; then
mkdir -p $(dirname "$fwscript")
echo "ip6tables -A forwarding_rule -o \"$device\" -j REJECT --reject-with icmp6-no-route" > "$fwscript"
. "$fwscript"
else
[ -f "$fwscript" ] || return
rm -f "$fwscript"
# Racy race race
ip6tables -D forwarding_rule -o "$device" -j REJECT --reject-with icmp6-no-route 2>/dev/null
ip6tables -D forwarding_rule -o "$device" -j REJECT --reject-with icmp6-no-route 2>/dev/null
fi
}
disable_interface() { disable_interface() {
local network="$1" local network="$1"
@ -446,8 +466,8 @@ enable_static() {
[ "$global_forward" != "1" ] && conf_set all forwarding 1 [ "$global_forward" != "1" ] && conf_set all forwarding 1
# Configure device # Configure device
conf_set "$device" accept_ra 1
conf_set "$device" forwarding 1 conf_set "$device" forwarding 1
conf_set "$device" accept_ra 1
# Enable ULA # Enable ULA
enable_ula_prefix "$network" global "$device" enable_ula_prefix "$network" global "$device"
@ -506,14 +526,6 @@ enable_dhcpv6() {
local network="$1" local network="$1"
local device="$2" local device="$2"
# Configure device
conf_set "$device" accept_ra 2
conf_set "$device" forwarding 2
# Trigger RS
conf_set "$device" disable_ipv6 1
conf_set "$device" disable_ipv6 0
# Configure DHCPv6-client # Configure DHCPv6-client
local dhcp6_opts="$device" local dhcp6_opts="$device"