aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteven Barth <cyrus@openwrt.org>2014-01-17 13:59:47 +0000
committerSteven Barth <cyrus@openwrt.org>2014-01-17 13:59:47 +0000
commita5ee266cd9f4f7909aa7df0bff2e96a0e9199611 (patch)
treea569019491693edf12f50d999ff89d42b7c8013f
parentbc8412b90e8d1c9ce29142801ec7fda9fe938b29 (diff)
downloadupstream-a5ee266cd9f4f7909aa7df0bff2e96a0e9199611.tar.gz
upstream-a5ee266cd9f4f7909aa7df0bff2e96a0e9199611.tar.bz2
upstream-a5ee266cd9f4f7909aa7df0bff2e96a0e9199611.zip
6in4, 6rd, 6to4: Use source-restricted routes by default
SVN-Revision: 39307
-rwxr-xr-xpackage/network/ipv6/6in4/files/6in4.sh16
-rw-r--r--package/network/ipv6/6rd/files/6rd.sh14
-rwxr-xr-xpackage/network/ipv6/6to4/files/6to4.sh14
3 files changed, 34 insertions, 10 deletions
diff --git a/package/network/ipv6/6in4/files/6in4.sh b/package/network/ipv6/6in4/files/6in4.sh
index 647a2f89cf..d508df788f 100755
--- a/package/network/ipv6/6in4/files/6in4.sh
+++ b/package/network/ipv6/6in4/files/6in4.sh
@@ -14,8 +14,8 @@ proto_6in4_setup() {
local iface="$2"
local link="6in4-$cfg"
- local mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password
- json_get_vars mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password
+ local mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password sourcerouting
+ json_get_vars mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password sourcerouting
[ -z "$peeraddr" ] && {
proto_notify_error "$cfg" "MISSING_ADDRESS"
@@ -34,16 +34,23 @@ proto_6in4_setup() {
}
proto_init_update "$link" 1
- proto_add_ipv6_route "::" 0
+
+ local source=""
+ [ "$sourcerouting" != "0" ] && source="::/128"
+ proto_add_ipv6_route "::" 0 "" "" "" "$source"
[ -n "$ip6addr" ] && {
local local6="${ip6addr%%/*}"
local mask6="${ip6addr##*/}"
[[ "$local6" = "$mask6" ]] && mask6=
proto_add_ipv6_address "$local6" "$mask6"
+ [ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$local6/$mask6"
}
- [ -n "$ip6prefix" ] && proto_add_ipv6_prefix "$ip6prefix"
+ [ -n "$ip6prefix" ] && {
+ proto_add_ipv6_prefix "$ip6prefix"
+ [ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$ip6prefix"
+ }
proto_add_tunnel
json_add_string mode sit
@@ -90,6 +97,7 @@ proto_6in4_init_config() {
proto_config_add_string "password"
proto_config_add_int "mtu"
proto_config_add_int "ttl"
+ proto_config_add_boolean "soucerouting"
}
[ -n "$INCLUDE_ONLY" ] || {
diff --git a/package/network/ipv6/6rd/files/6rd.sh b/package/network/ipv6/6rd/files/6rd.sh
index a3935e1422..be6d536845 100644
--- a/package/network/ipv6/6rd/files/6rd.sh
+++ b/package/network/ipv6/6rd/files/6rd.sh
@@ -14,8 +14,8 @@ proto_6rd_setup() {
local iface="$2"
local link="6rd-$cfg"
- local mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink
- json_get_vars mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink
+ local mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting
+ json_get_vars mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting
[ -z "$ip6prefix" -o -z "$peeraddr" ] && {
proto_notify_error "$cfg" "MISSING_ADDRESS"
@@ -48,7 +48,14 @@ proto_6rd_setup() {
proto_init_update "$link" 1
proto_add_ipv6_address "$ip6addr" "$ip6prefixlen"
proto_add_ipv6_prefix "$ip6lanprefix"
- proto_add_ipv6_route "::" 0 "::$peeraddr" 4096
+
+ if [ "$sourcerouting" != "0" ]; then
+ proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "::/128"
+ proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "$ip6addr/$ip6prefixlen"
+ proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "$ip6lanprefix"
+ else
+ proto_add_ipv6_route "::" 0 "::$peeraddr" 4096
+ fi
proto_add_tunnel
json_add_string mode sit
@@ -79,6 +86,7 @@ proto_6rd_init_config() {
proto_config_add_string "ip6prefixlen"
proto_config_add_string "ip4prefixlen"
proto_config_add_string "tunlink"
+ proto_config_add_boolean "sourcerouting"
}
[ -n "$INCLUDE_ONLY" ] || {
diff --git a/package/network/ipv6/6to4/files/6to4.sh b/package/network/ipv6/6to4/files/6to4.sh
index 6f2fbd840c..2a9b26292c 100755
--- a/package/network/ipv6/6to4/files/6to4.sh
+++ b/package/network/ipv6/6to4/files/6to4.sh
@@ -34,8 +34,8 @@ proto_6to4_setup() {
local iface="$2"
local link="6to4-$cfg"
- local mtu ttl ipaddr
- json_get_vars mtu ttl ipaddr
+ local mtu ttl ipaddr sourcerouting
+ json_get_vars mtu ttl ipaddr sourcerouting
( proto_add_host_dependency "$cfg" 0.0.0.0 )
@@ -64,7 +64,14 @@ proto_6to4_setup() {
proto_init_update "$link" 1
proto_add_ipv6_address "$local6" 16
proto_add_ipv6_prefix "$prefix6::/48"
- proto_add_ipv6_route "::" 0 "::192.88.99.1"
+
+ if [ "$sourcerouting" != "0" ]; then
+ proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "::/128"
+ proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "$local6/16"
+ proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "$prefix6::/48"
+ else
+ proto_add_ipv6_route "::" 0 "::192.88.99.1"
+ fi
proto_add_tunnel
json_add_string mode sit
@@ -87,6 +94,7 @@ proto_6to4_init_config() {
proto_config_add_string "ipaddr"
proto_config_add_int "mtu"
proto_config_add_int "ttl"
+ proto_config_add_boolean "sourcerouting"
}
[ -n "$INCLUDE_ONLY" ] || {