For some purposes (e.g. SNAT, vxlan) it might be necessary to have an
additional address just for the router which is not attached to any
interfaces. Addresses like this are typically added to the loopback
interface.
The new options "router_ip" and "router_ip6" are added to the gateway
config to allow the user to configure such addresses. It is possible to
both specify the address with or without a subnet size.
The default configuration contains the IPv4 loopback address
(127.0.0.1/8) explicitly, but this is not necessary. These addresses are
configured automatically, even if they are not present in the
configuration, so they can safely be removed, if present.
The filters of our routing daemon babeld are adjusted accordingly, so
the newly added addresses are announced correctly.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
Reviewed-by: Johannes Kimmel <fff@bareminimum.eu>
The IPv4 source routing features was removed from babeld with version
1.10. Therefore, the first_table_number option is not needed anymore and
its existance stops babeld from starting up.
As babeld 1.10 is included with OpenWrt 21.02, which is currently used
for our firmware, this option is removed.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Johannes Kimmel <fff@bareminimum.eu>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
This reverts commit e5da228cb1.
With the patch there can be situations with just "*" in traceroute,
breaking MTU in wireguard. If R1 with IPv6 address from provider P1
is connected to Freifunk via wireguard, and another R2 with address
from provider P2 is behind it, then R1 won't answer to traceroutes
sent from R2.
Revert the patch for now.
Fixes: #66 (gitea)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
The name br-mesh is actually quite misleading, since the bridge
actually includes the "client" interfaces. In order to make this
obvious, and to prevent confusion with the properly named wXmesh
interfaces, rename them to br-client.
Note that br-mesh is also particularly disturbing for the layer 3
firmware without batman-adv.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Fabian Bläse <fabian@blaese.de>
Acked-by: Christian Dresel <freifunk@dresel.systems>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
configuregateway and it's gateway.d files represent a specific
functionality that other packages depend on. Thus, it is put into
a package of its own so dependencies can be expressed more properly.
While at, use the chance to get rid of the ambiguous term "gateway"
and rename the script to configure-layer3 and the folders to layer3.d.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
With this patch the router answers in traceroute over the fff table with
Freifunk IPs and not with the WAN IP. All other connections use the fff
table too.
We already have the rules with 5000 and 5001 so that wireguard does not use
the fff table anyway and connect the VPN only via the main table.
Signed-off-by: Christian Dresel <freifunk@dresel.systems>
Acked-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
uci-defaults scripts are supposed to be run once after firstboot
and then removed. However, the removal only takes place if the
subshell created for the sourced scripts returns exit code 0.
For some of the files, the last command returned a different exit
code, though, leading to the script remaining in its location and
being executed for every boot.
To prevent cases like the latter, this adds an "exit 0" to all
uci-defaults files in our package store. While at it, remove the
shebang for all these files since they are sourced (and not
executed).
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
babeld filters routes before announcing them with the
redistribute filters.
Users might add unknown public subnets to the client interface,
so redistribute filters have to be generated for these addresses.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Tested-by: Fabian Bläse <fabian@blaese.de>
When the user removes a peer from /etc/config/gateway,
the script has to be able to find any leftover configurations
that have been created for it.
This can be made very easy by prepending a prefix to every
automatically generated configuration.
This also allows to remove the nasty check for the babeld default interface.
Therefore the naming check for cfg* also can be removed.
As a side effect all manually created configuration blocks that do not match a
prefix will not be touched by configuregateway.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Various things have to be done for every interface on
which babeld shall run.
Those procedures are moved into functions to reduce duplicate code.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>