aboutsummaryrefslogtreecommitdiffstats
path: root/package/6to4/files/6to4.sh
diff options
context:
space:
mode:
authorJo-Philipp Wich <jow@openwrt.org>2011-06-12 18:59:40 +0000
committerJo-Philipp Wich <jow@openwrt.org>2011-06-12 18:59:40 +0000
commitd3b8685cd79e04f6c215e13220b9ba8784ea7e0a (patch)
treeb402432823b280abe5eb2a24c98fda31f925184e /package/6to4/files/6to4.sh
parent01e7d775e79427108e1229008e28a5b76c2aa895 (diff)
downloadupstream-d3b8685cd79e04f6c215e13220b9ba8784ea7e0a.tar.gz
upstream-d3b8685cd79e04f6c215e13220b9ba8784ea7e0a.tar.bz2
upstream-d3b8685cd79e04f6c215e13220b9ba8784ea7e0a.zip
6to4: don't start if detected local IPv4 address is RFC1918, allows people to deploy firmwares with 6to4 enabled by default
SVN-Revision: 27160
Diffstat (limited to 'package/6to4/files/6to4.sh')
-rwxr-xr-xpackage/6to4/files/6to4.sh16
1 files changed, 15 insertions, 1 deletions
diff --git a/package/6to4/files/6to4.sh b/package/6to4/files/6to4.sh
index 65f4ffa5c2..6e85914b43 100755
--- a/package/6to4/files/6to4.sh
+++ b/package/6to4/files/6to4.sh
@@ -1,5 +1,5 @@
# 6to4.sh - IPv6-in-IPv4 tunnel backend
-# Copyright (c) 2010 OpenWrt.org
+# Copyright (c) 2010-2011 OpenWrt.org
find_6to4_wanif() {
local if=$(ip -4 r l e 0.0.0.0/0); if="${if#default* dev }"; if="${if%% *}"
@@ -18,6 +18,15 @@ find_6to4_prefix() {
printf "2002:%02x%02x:%02x%02x\n" $1 $2 $3 $4
}
+test_6to4_rfc1918()
+{
+ local oIFS="$IFS"; IFS="."; set -- $1; IFS="$oIFS"
+ [ $1 -eq 10 ] && return 0
+ [ $1 -eq 192 ] && [ $2 -eq 168 ] && return 0
+ [ $1 -eq 172 ] && [ $2 -ge 16 ] && [ $2 -le 31 ] && return 0
+ return 1
+}
+
set_6to4_radvd_interface() {
local cfgid="$1"
local lanif="${2:-lan}"
@@ -136,6 +145,11 @@ setup_interface_6to4() {
}
}
+ test_6to4_rfc1918 "$local4" && {
+ logger -t "$link" "Local wan ip $local4 is private - aborting"
+ return
+ }
+
[ -n "$local4" ] && {
logger -t "$link" "Starting ..."