From 6e39ca25a897f1ad568c292c19dc7edf6d3dd7ad Mon Sep 17 00:00:00 2001
From: Steven Barth <steven@midlink.org>
Date: Fri, 17 Jan 2014 13:59:47 +0000
Subject: 6in4, 6rd, 6to4: Use source-restricted routes by default

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39307 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/network/ipv6/6in4/files/6in4.sh | 16 ++++++++++++----
 package/network/ipv6/6rd/files/6rd.sh   | 14 +++++++++++---
 package/network/ipv6/6to4/files/6to4.sh | 14 +++++++++++---
 3 files changed, 34 insertions(+), 10 deletions(-)

(limited to 'package')

diff --git a/package/network/ipv6/6in4/files/6in4.sh b/package/network/ipv6/6in4/files/6in4.sh
index 647a2f89cf..d508df788f 100755
--- a/package/network/ipv6/6in4/files/6in4.sh
+++ b/package/network/ipv6/6in4/files/6in4.sh
@@ -14,8 +14,8 @@ proto_6in4_setup() {
 	local iface="$2"
 	local link="6in4-$cfg"
 
-	local mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password
-	json_get_vars mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password
+	local mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password sourcerouting
+	json_get_vars mtu ttl ipaddr peeraddr ip6addr ip6prefix tunnelid username password sourcerouting
 
 	[ -z "$peeraddr" ] && {
 		proto_notify_error "$cfg" "MISSING_ADDRESS"
@@ -34,16 +34,23 @@ proto_6in4_setup() {
 	}
 
 	proto_init_update "$link" 1
-	proto_add_ipv6_route "::" 0
+
+	local source=""
+	[ "$sourcerouting" != "0" ] && source="::/128"
+	proto_add_ipv6_route "::" 0 "" "" "" "$source"
 
 	[ -n "$ip6addr" ] && {
 		local local6="${ip6addr%%/*}"
 		local mask6="${ip6addr##*/}"
 		[[ "$local6" = "$mask6" ]] && mask6=
 		proto_add_ipv6_address "$local6" "$mask6"
+		[ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$local6/$mask6"
 	}
 
-	[ -n "$ip6prefix" ] && proto_add_ipv6_prefix "$ip6prefix"
+	[ -n "$ip6prefix" ] && {
+		proto_add_ipv6_prefix "$ip6prefix"
+		[ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$ip6prefix"
+	}
 
 	proto_add_tunnel
 	json_add_string mode sit
@@ -90,6 +97,7 @@ proto_6in4_init_config() {
 	proto_config_add_string "password"
 	proto_config_add_int "mtu"
 	proto_config_add_int "ttl"
+	proto_config_add_boolean "soucerouting"
 }
 
 [ -n "$INCLUDE_ONLY" ] || {
diff --git a/package/network/ipv6/6rd/files/6rd.sh b/package/network/ipv6/6rd/files/6rd.sh
index a3935e1422..be6d536845 100644
--- a/package/network/ipv6/6rd/files/6rd.sh
+++ b/package/network/ipv6/6rd/files/6rd.sh
@@ -14,8 +14,8 @@ proto_6rd_setup() {
 	local iface="$2"
 	local link="6rd-$cfg"
 
-	local mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink
-	json_get_vars mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink
+	local mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting
+	json_get_vars mtu ttl ipaddr peeraddr ip6prefix ip6prefixlen ip4prefixlen tunlink sourcerouting
 
 	[ -z "$ip6prefix" -o -z "$peeraddr" ] && {
 		proto_notify_error "$cfg" "MISSING_ADDRESS"
@@ -48,7 +48,14 @@ proto_6rd_setup() {
 	proto_init_update "$link" 1
 	proto_add_ipv6_address "$ip6addr" "$ip6prefixlen"
 	proto_add_ipv6_prefix "$ip6lanprefix"
-	proto_add_ipv6_route "::" 0 "::$peeraddr" 4096
+
+	if [ "$sourcerouting" != "0" ]; then
+		proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "::/128"
+		proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "$ip6addr/$ip6prefixlen"
+		proto_add_ipv6_route "::" 0 "::$peeraddr" 4096 "" "$ip6lanprefix"
+	else
+		proto_add_ipv6_route "::" 0 "::$peeraddr" 4096
+	fi
 
 	proto_add_tunnel
 	json_add_string mode sit
@@ -79,6 +86,7 @@ proto_6rd_init_config() {
 	proto_config_add_string "ip6prefixlen"
 	proto_config_add_string "ip4prefixlen"
 	proto_config_add_string "tunlink"
+	proto_config_add_boolean "sourcerouting"
 }
 
 [ -n "$INCLUDE_ONLY" ] || {
diff --git a/package/network/ipv6/6to4/files/6to4.sh b/package/network/ipv6/6to4/files/6to4.sh
index 6f2fbd840c..2a9b26292c 100755
--- a/package/network/ipv6/6to4/files/6to4.sh
+++ b/package/network/ipv6/6to4/files/6to4.sh
@@ -34,8 +34,8 @@ proto_6to4_setup() {
 	local iface="$2"
 	local link="6to4-$cfg"
 
-	local mtu ttl ipaddr
-	json_get_vars mtu ttl ipaddr
+	local mtu ttl ipaddr sourcerouting
+	json_get_vars mtu ttl ipaddr sourcerouting
 
 	( proto_add_host_dependency "$cfg" 0.0.0.0 )
 
@@ -64,7 +64,14 @@ proto_6to4_setup() {
 	proto_init_update "$link" 1
 	proto_add_ipv6_address "$local6" 16
 	proto_add_ipv6_prefix "$prefix6::/48"
-	proto_add_ipv6_route "::" 0 "::192.88.99.1"
+
+	if [ "$sourcerouting" != "0" ]; then
+		proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "::/128"
+		proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "$local6/16"
+		proto_add_ipv6_route "::" 0 "::192.88.99.1" "" "" "$prefix6::/48"
+	else
+		proto_add_ipv6_route "::" 0 "::192.88.99.1"
+	fi
 
 	proto_add_tunnel
 	json_add_string mode sit
@@ -87,6 +94,7 @@ proto_6to4_init_config() {
 	proto_config_add_string "ipaddr"
 	proto_config_add_int "mtu"
 	proto_config_add_int "ttl"
+	proto_config_add_boolean "sourcerouting"
 }
 
 [ -n "$INCLUDE_ONLY" ] || {
-- 
cgit v1.2.3