Add package fff-layer3-snat
With this package it is possible to make SNAT with IPv4 on the router The user must set a routerip setting in gateway.meta.routerip to get a single ip for peering interfaces. At ipaddr the user must set a ip that not use in babel (e.g. 192.168.0.1/16) for the clients With this package the ipaddr address is SNAT to the routerip and every router need only one freifunk ip and can use the same ipaddr on every router. It is a system like cgnat from big provider Signed-off-by: Christian Dresel <freifunk@dresel.systems>
This commit is contained in:
parent
5013238166
commit
6d1c5aaa82
|
@ -0,0 +1,32 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=fff-layer3-snat
|
||||
PKG_RELEASE:=1
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/fff-layer3-snat
|
||||
SECTION:=base
|
||||
CATEGORY:=Freifunk
|
||||
TITLE:=Freifunk-Franken layer3 configuration with SNAT
|
||||
URL:=https://www.freifunk-franken.de
|
||||
DEPENDS:= \
|
||||
+iptables-mod-nat-extra \
|
||||
+fff-firewall \
|
||||
+fff-layer3-config
|
||||
|
||||
endef
|
||||
|
||||
define Package/fff-layer3-snat/description
|
||||
With this package it is possible to make SNAT with IPv4 on the router
|
||||
endef
|
||||
|
||||
define Build/Compile
|
||||
# nothing
|
||||
endef
|
||||
|
||||
define Package/fff-layer3-snat/install
|
||||
$(CP) ./files/* $(1)/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,fff-layer3-snat))
|
|
@ -0,0 +1,36 @@
|
|||
configure() {
|
||||
# first we delete the snat config
|
||||
uci -q del network.client.fff_snat
|
||||
uci -q del network.client.fff_snat_routerip
|
||||
if [ "$(uci -q get gateway.@client[0].snat)" = '1' ]; then
|
||||
|
||||
# first check the config is plausible
|
||||
routerip=$(uci -q get gateway.meta.routerip)
|
||||
|
||||
if ! $routerip; then
|
||||
echo "ERROR: No routerip set, which is required for SNAT!"
|
||||
return 1
|
||||
fi
|
||||
if ! uci -q get gateway.@client[0].ipaddr; then
|
||||
echo "ERROR: No ipaddr set, which is required for SNAT!"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# keep only the first IP
|
||||
routerip=${routerip%% *}
|
||||
# keep only the IP without the CIDR
|
||||
routerip=${routerip%%/*}
|
||||
|
||||
# We set the snat config
|
||||
uci set network.client.fff_snat=1
|
||||
uci set network.client.fff_snat_sourceip=$routerip
|
||||
fi
|
||||
}
|
||||
|
||||
apply() {
|
||||
uci commit network
|
||||
}
|
||||
|
||||
revert() {
|
||||
uci revert network
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
if [ "$(uci -q get network.client.fff_snat)" = '1' ]; then
|
||||
iptables -t nat -A POSTROUTING -i br-client -j SNAT --to-source $(uci -q get network.client.fff_snat_sourceip)
|
||||
fi
|
|
@ -15,6 +15,7 @@ define Package/fff-layer3
|
|||
+fff-boardname \
|
||||
+fff-dhcp \
|
||||
+fff-layer3-config \
|
||||
+fff-layer3-snat \
|
||||
+fff-network \
|
||||
+fff-ra \
|
||||
+fff-wireguard \
|
||||
|
|
Loading…
Reference in New Issue