forked from freifunk-franken/firmware
fff-layer3-config: add rules for router_ip
If the router_ips don't happen to be included in the client network's subnet, the decision defaults to a main table lookup. This causes packets to choose the wrong interface. This patch forces packets from a router_ip to be routed via the fff table. Fixes: #175 Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> Reviewed-by: Fabian Bläse <fabian@blaese.de>
This commit is contained in:
parent
5e7bdc0548
commit
450312e237
|
@ -1,3 +1,5 @@
|
||||||
|
. /lib/functions.sh
|
||||||
|
|
||||||
configure() {
|
configure() {
|
||||||
local router_ip
|
local router_ip
|
||||||
local router_ip6
|
local router_ip6
|
||||||
|
@ -9,16 +11,66 @@ configure() {
|
||||||
# remove netmask entry that ships by default
|
# remove netmask entry that ships by default
|
||||||
uci -q del network.loopback.netmask
|
uci -q del network.loopback.netmask
|
||||||
|
|
||||||
|
# clean old rules
|
||||||
|
remove_rules() {
|
||||||
|
local name="$1"
|
||||||
|
|
||||||
|
# check if filter was added by this script
|
||||||
|
if ! [ "$(uci -q get network.$name.addedbyautoconfig)" = '30-network-routerip' ]; then
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
|
uci -q del network.$name
|
||||||
|
}
|
||||||
|
|
||||||
|
config_load network
|
||||||
|
config_foreach remove_rules rule
|
||||||
|
config_foreach remove_rules rule6
|
||||||
|
|
||||||
# add router_ip
|
# add router_ip
|
||||||
router_ip=$(uci -q get gateway.meta.router_ip)
|
router_ip=$(uci -q get gateway.meta.router_ip)
|
||||||
for ip in $router_ip; do
|
for ip in $router_ip; do
|
||||||
uci -q add_list network.loopback.ipaddr="$ip"
|
uci -q add_list network.loopback.ipaddr="$ip"
|
||||||
|
|
||||||
|
# CIDR notation required
|
||||||
|
case $ip in
|
||||||
|
*/*)
|
||||||
|
# do nothing; ip is already in CIDR notation
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
ip="$ip/32"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
config=$(uci add network rule)
|
||||||
|
uci -q set network.$config.src="$ip"
|
||||||
|
uci -q set network.$config.lookup='fff'
|
||||||
|
# default prio for the ip4table interface option is 10000
|
||||||
|
uci -q set network.$config.priority='10000'
|
||||||
|
uci -q set network.$config.addedbyautoconfig='30-network-routerip'
|
||||||
done
|
done
|
||||||
|
|
||||||
# add router_ip6
|
# add router_ip6
|
||||||
router_ip6=$(uci -q get gateway.meta.router_ip6)
|
router_ip6=$(uci -q get gateway.meta.router_ip6)
|
||||||
for ip in $router_ip6; do
|
for ip in $router_ip6; do
|
||||||
uci -q add_list network.loopback.ip6addr="$ip"
|
uci -q add_list network.loopback.ip6addr="$ip"
|
||||||
|
|
||||||
|
# CIDR notation required
|
||||||
|
case $ip in
|
||||||
|
*/*)
|
||||||
|
# do nothing; ip is already in CIDR notation
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
ip="$ip/128"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
config=$(uci add network rule6)
|
||||||
|
uci -q set network.$config.src="$ip"
|
||||||
|
uci -q set network.$config.lookup='fff'
|
||||||
|
# default prio for the ip6table interface option is 10000
|
||||||
|
uci -q set network.$config.priority='10000'
|
||||||
|
uci -q set network.$config.addedbyautoconfig='30-network-routerip'
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
include $(TOPDIR)/rules.mk
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=fff-layer3
|
PKG_NAME:=fff-layer3
|
||||||
PKG_RELEASE:=8
|
PKG_RELEASE:=9
|
||||||
|
|
||||||
include $(INCLUDE_DIR)/package.mk
|
include $(INCLUDE_DIR)/package.mk
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue