fff-node: Add package fff-vxlan-node-vpn
This package adds vxlan support to the node variant and configures the vxlan-vpn tunnels to the gateways.
Signed-off-by: Robert Langhammer <rlanghammer@web.de>
Acked-by: Fabian Bläse <fabian@blaese.de>
---
A vpn section for vxlan in hoodfile:
"vpn": [
{
"name": "gatewayname",
"protocol": "vxlan",
"address": "gateway.url" (or IP)
}
"name" is optional.
---
This commit is contained in:
parent
1febd2a9b2
commit
12f60419cd
|
|
@ -1,7 +1,7 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=fff-node
|
||||
PKG_RELEASE:=3
|
||||
PKG_RELEASE:=4
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
|
|
@ -12,6 +12,7 @@ define Package/fff-node
|
|||
URL:=https://www.freifunk-franken.de
|
||||
DEPENDS:=+fff-batman-adv \
|
||||
+fff-fastd \
|
||||
+fff-vxlan-node-vpn \
|
||||
+fff-firewall \
|
||||
+fff-hoods \
|
||||
+fff-uradvd
|
||||
|
|
|
|||
|
|
@ -0,0 +1,29 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=fff-vxlan-node-vpn
|
||||
PKG_RELEASE:=1
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/$(PKG_NAME)
|
||||
SECTION:=base
|
||||
CATEGORY:=Freifunk
|
||||
TITLE:=Freifunk-Franken vxlan-node
|
||||
URL:=http://www.freifunk-franken.de
|
||||
DEPENDS:=+vxlan
|
||||
endef
|
||||
|
||||
define Package/$(PKG_NAME)/description
|
||||
This is the vxlan-node-vpn package for the Freifunk Franken Firmware
|
||||
This will configure and set up the VPN via vxlan
|
||||
endef
|
||||
|
||||
define Build/Compile
|
||||
# nothing
|
||||
endef
|
||||
|
||||
define Package/$(PKG_NAME)/install
|
||||
$(CP) ./files/* $(1)/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,$(PKG_NAME)))
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
uci batch <<EOF
|
||||
set network.vxlan0=interface
|
||||
set network.vxlan0.proto=vxlan6
|
||||
set network.vxlan0.port=8472
|
||||
set network.vxlan0.ip6addr=auto
|
||||
set network.vxlan0.srcportmin=8472
|
||||
set network.vxlan0.srcportmax=8473
|
||||
set network.vxlan0.ageing=30
|
||||
set network.vxlan0.mtu=1422
|
||||
|
||||
set network.vxbat=interface
|
||||
set network.vxbat.proto=batadv_hardif
|
||||
set network.vxbat.master=bat0
|
||||
set network.vxbat.ifname=vxlan0
|
||||
EOF
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
protocol=vxlan
|
||||
|
||||
vxlan_clear() {
|
||||
while uci -q delete network.@vxlan_peer[0]; do :; done
|
||||
}
|
||||
|
||||
vxlan_addpeer() {
|
||||
uci set network.vxlan0.vid="$id"
|
||||
json_get_var address address
|
||||
address=$(ping6 -w1 -c1 "$address" | awk '/from/ {print substr($4, 1, length($4)-1); exit}')
|
||||
[ -z $address ] && return ## address not reachable
|
||||
uci add network vxlan_peer
|
||||
uci set network.@vxlan_peer[-1].vxlan="vxlan0"
|
||||
uci set network.@vxlan_peer[-1].dst="$address"
|
||||
}
|
||||
|
||||
vxlan_start_stop() {
|
||||
uci commit network
|
||||
# reload_config will not add new peers. A ifup is needed
|
||||
ifup vxlan0
|
||||
|
||||
# this workaround is cleaning up old fdb entries
|
||||
# and can be removed if someday netifd will do that
|
||||
bridge fdb show dev vxlan0 state permanent | while read mac dst ip rest ; do
|
||||
grep -q "$ip" /etc/config/network || bridge fdb del $mac dev vxlan0 dst $ip
|
||||
done
|
||||
}
|
||||
Loading…
Reference in New Issue