forked from freifunk-franken/firmware
Merge branch 'ipv4snatV2' of https://git.freifunk-franken.de/ChristianD/firmware into CHD-20210220
This commit is contained in:
commit
bd092168bb
|
|
@ -2,6 +2,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=fff-firewall
|
||||
PKG_RELEASE:=6
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
|
|
|
|||
|
|
@ -5,5 +5,11 @@ ebtables -X
|
|||
iptables -F
|
||||
iptables -X
|
||||
|
||||
iptables -F -t nat
|
||||
iptables -X -t nat
|
||||
|
||||
iptables -F -t mangle
|
||||
iptables -X -t mangle
|
||||
|
||||
ip6tables -F
|
||||
ip6tables -X
|
||||
|
|
|
|||
|
|
@ -0,0 +1,32 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=fff-layer3-ipv4snat
|
||||
PKG_RELEASE:=1
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/fff-layer3-ipv4snat
|
||||
SECTION:=base
|
||||
CATEGORY:=Freifunk
|
||||
TITLE:=Freifunk-Franken layer3 configuration with SNAT
|
||||
URL:=https://www.freifunk-franken.de
|
||||
DEPENDS:= \
|
||||
+iptables-mod-nat-extra \
|
||||
+fff-firewall \
|
||||
+fff-layer3-config
|
||||
|
||||
endef
|
||||
|
||||
define Package/fff-layer3-ipv4snat/description
|
||||
With this package it is possible to make SNAT with IPv4 on the router
|
||||
endef
|
||||
|
||||
define Build/Compile
|
||||
# nothing
|
||||
endef
|
||||
|
||||
define Package/fff-layer3-ipv4snat/install
|
||||
$(CP) ./files/* $(1)/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,fff-layer3-ipv4snat))
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
configure() {
|
||||
# first we delete the snat config
|
||||
uci -q del network.client.nat
|
||||
if [ "$(uci -q get gateway.@client[0].nat)" = '1' ]; then
|
||||
|
||||
# first check the config is plausible
|
||||
if ! peer_ip=$(uci get gateway.meta.peer_ip); then
|
||||
echo "ERROR: No peer_ip set! For SNAT use you must set a peer_ip"
|
||||
return 1
|
||||
fi
|
||||
if ! ipaddr=$(uci get gateway.@client[0].ipaddr); then
|
||||
echo "ERROR: No ipaddr set! For SNAT use you must set ipaddr"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# We set the snat config
|
||||
uci set network.client.nat=1
|
||||
fi
|
||||
}
|
||||
|
||||
reload() {
|
||||
/etc/init.d/fff-firewall start
|
||||
}
|
||||
|
||||
apply() {
|
||||
uci commit network
|
||||
}
|
||||
|
||||
revert() {
|
||||
uci revert network
|
||||
}
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
if [ "$(uci -q get gateway.@client[0].nat)" = '1' ]; then
|
||||
peer_ip=$(uci get gateway.meta.peer_ip)
|
||||
ipaddr=$(uci get gateway.@client[0].ipaddr)
|
||||
for ip in $ipaddr; do
|
||||
iptables -t nat -A POSTROUTING -s $ip -j SNAT --to-source $peer_ip
|
||||
done
|
||||
fi
|
||||
|
|
@ -2,6 +2,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=fff-layer3
|
||||
PKG_RELEASE:=8
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/fff-layer3
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
|
|
@ -16,6 +17,7 @@ define Package/fff-layer3
|
|||
+fff-dhcp \
|
||||
+fff-layer3-config \
|
||||
+fff-mqtt-monitoring \
|
||||
+fff-layer3-ipv4snat \
|
||||
+fff-network \
|
||||
+fff-ra \
|
||||
+fff-web-mqtt \
|
||||
|
|
|
|||
Loading…
Reference in New Issue