From 6794d30ff55bf14fef28f415367c911ca30d9e3a Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Fri, 8 Apr 2016 12:00:08 +0200 Subject: [PATCH 1/8] gluon-next-node: mark local-node ip6 as deprecated Prevent the local-node ip6 from being eligible for source address selection. This is highly undesireable in a layer 3 mesh. --- docs/index.rst | 1 + docs/package/gluon-next-node.rst | 21 +++++++++++++ .../files/lib/gluon/upgrade/400-next-node | 25 +++++++++++----- .../lib/netifd/proto/static_deprecated.sh | 30 +++++++++++++++++++ 4 files changed, 69 insertions(+), 8 deletions(-) create mode 100644 docs/package/gluon-next-node.rst create mode 100755 package/gluon-next-node/files/lib/netifd/proto/static_deprecated.sh diff --git a/docs/index.rst b/docs/index.rst index 07777460..51c7d7bc 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -53,6 +53,7 @@ Packages package/gluon-client-bridge package/gluon-ebtables-filter-multicast package/gluon-ebtables-filter-ra-dhcp + package/gluon-next-node Releases -------- diff --git a/docs/package/gluon-next-node.rst b/docs/package/gluon-next-node.rst new file mode 100644 index 00000000..9b9ff63d --- /dev/null +++ b/docs/package/gluon-next-node.rst @@ -0,0 +1,21 @@ +gluon-next-node +=============== + +This package provides a virtual interface (tied to *br-client*) called *local-node* +using the same MAC, IP4 and IP6 across all nodes in a mesh. Thus, the node that +the client is currently connected to, can always be reached under a known address. + +The IP6 is marked es deprecated to prevent it from being used as a source +address for packages originating from a node. + +site.conf +--------- + +next_node.mac + MAC to be set on the interface. + +next_node.ip4 + IP4 to be set on the interface. + +next_node.ip6 + IP6 to be set on the interface. diff --git a/package/gluon-next-node/files/lib/gluon/upgrade/400-next-node b/package/gluon-next-node/files/lib/gluon/upgrade/400-next-node index 79cc0369..46d26282 100755 --- a/package/gluon-next-node/files/lib/gluon/upgrade/400-next-node +++ b/package/gluon-next-node/files/lib/gluon/upgrade/400-next-node @@ -19,14 +19,23 @@ c:section('network', 'device', 'local_node_dev', local prefix4 = ip.IPv4(site.prefix4) c:delete('network', 'local_node') -c:section('network', 'interface', 'local_node', - { - ifname = 'local-node', - proto = 'static', - ipaddr = site.next_node.ip4, - netmask = prefix4:mask():string(), - ip6addr = site.next_node.ip6 .. '/128', - } +c:delete('network', 'local_node4') +c:delete('network', 'local_node6') + +c:section('network', 'interface', 'local_node4', + { + ifname = 'local-node', + proto = 'static', + ipaddr = site.next_node.ip4 .. '/32', + } +) + +c:section('network', 'interface', 'local_node6', + { + ifname = 'local-node', + proto = 'static_deprecated', + ip6addr = site.next_node.ip6, + } ) c:delete('network', 'local_node_route6') diff --git a/package/gluon-next-node/files/lib/netifd/proto/static_deprecated.sh b/package/gluon-next-node/files/lib/netifd/proto/static_deprecated.sh new file mode 100755 index 00000000..8c970c55 --- /dev/null +++ b/package/gluon-next-node/files/lib/netifd/proto/static_deprecated.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +. /lib/functions.sh +. ../netifd-proto.sh +init_proto "$@" + +proto_static_deprecated_init_config() { + renew_handler=1 + + proto_config_add_string 'ip6addr:ip6addr' +} + +proto_static_deprecated_setup() { + local config="$1" + local iface="$2" + + local ip6addr + json_get_vars ip6addr + + proto_init_update "*" 1 + proto_add_ipv6_address "$ip6addr" "" "0" + proto_send_update "$config" +} + +proto_static_deprecated_teardown() { + local config="$1" +} + +add_protocol static_deprecated + From 7d68ff046505b64a17effa9aacfc980903bafce2 Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Fri, 8 Apr 2016 12:05:00 +0200 Subject: [PATCH 2/8] gluon-radvd: run on local-node instead of br-client On a layer 3 mesh, we'd like the default route to point to all node's local-node interface for roaming to work. --- package/gluon-radvd/files/etc/init.d/gluon-radvd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/gluon-radvd/files/etc/init.d/gluon-radvd b/package/gluon-radvd/files/etc/init.d/gluon-radvd index d7a981d4..23af07eb 100755 --- a/package/gluon-radvd/files/etc/init.d/gluon-radvd +++ b/package/gluon-radvd/files/etc/init.d/gluon-radvd @@ -7,7 +7,7 @@ SERVICE_DAEMONIZE=1 start() { - service_start /usr/sbin/uradvd -i br-client -p $(lua -e 'print(require("gluon.site_config").prefix6)') + service_start /usr/sbin/uradvd -i local-node -a $(lua -e 'print(require("gluon.site_config").prefix6)') } stop() { From a2e36ec9c98ed30ac086ee3e8eb248d64b364e4b Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Tue, 12 Apr 2016 12:24:35 +0200 Subject: [PATCH 3/8] gluon-next-node: split gluon-next-node-batman-adv Move ebtables rules dealing with bat0 to gluon-next-node-batman-adv. This new package should be used in batman-adv based setups instead of gluon-next-node. --- package/gluon-next-node-batman-adv/Makefile | 31 +++++++++++++++++++ .../gluon/ebtables/250-next-node-batman-adv | 17 ++++++++++ package/gluon-next-node/Makefile | 2 +- .../files/lib/gluon/ebtables/250-next-node | 15 --------- 4 files changed, 49 insertions(+), 16 deletions(-) create mode 100644 package/gluon-next-node-batman-adv/Makefile create mode 100644 package/gluon-next-node-batman-adv/files/lib/gluon/ebtables/250-next-node-batman-adv diff --git a/package/gluon-next-node-batman-adv/Makefile b/package/gluon-next-node-batman-adv/Makefile new file mode 100644 index 00000000..488c4e74 --- /dev/null +++ b/package/gluon-next-node-batman-adv/Makefile @@ -0,0 +1,31 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-next-node-batman-adv +PKG_VERSION:=1 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(GLUONDIR)/include/package.mk + +define Package/gluon-next-node-batman-adv + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Next-node anycast address ebtables filter for batman-adv + DEPENDS:=+gluon-core +gluon-ebtables +gluon-next-node +gluon-mesh-batman-adv +kmod-macvlan +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/gluon-next-node-batman-adv/install + $(CP) ./files/* $(1)/ +endef + +$(eval $(call BuildPackage,gluon-next-node-batman-adv)) diff --git a/package/gluon-next-node-batman-adv/files/lib/gluon/ebtables/250-next-node-batman-adv b/package/gluon-next-node-batman-adv/files/lib/gluon/ebtables/250-next-node-batman-adv new file mode 100644 index 00000000..6b9588f7 --- /dev/null +++ b/package/gluon-next-node-batman-adv/files/lib/gluon/ebtables/250-next-node-batman-adv @@ -0,0 +1,17 @@ +local site = require 'gluon.site_config' +local next_node = site.next_node + +rule('FORWARD --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP') +rule('OUTPUT --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP') +rule('FORWARD --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP') +rule('OUTPUT --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP') + +rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP') +rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP') +rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP') +rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP') + +rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP') +rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP') +rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP') +rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP') diff --git a/package/gluon-next-node/Makefile b/package/gluon-next-node/Makefile index df27ecbe..c08890b9 100644 --- a/package/gluon-next-node/Makefile +++ b/package/gluon-next-node/Makefile @@ -11,7 +11,7 @@ define Package/gluon-next-node SECTION:=gluon CATEGORY:=Gluon TITLE:=Next-node anycast address - DEPENDS:=+gluon-core +gluon-ebtables +gluon-mesh-batman-adv +kmod-macvlan + DEPENDS:=+gluon-core +gluon-ebtables +kmod-macvlan endef define Package/gluon-next-node/description diff --git a/package/gluon-next-node/files/lib/gluon/ebtables/250-next-node b/package/gluon-next-node/files/lib/gluon/ebtables/250-next-node index 0df7abcc..8ef5b986 100644 --- a/package/gluon-next-node/files/lib/gluon/ebtables/250-next-node +++ b/package/gluon-next-node/files/lib/gluon/ebtables/250-next-node @@ -3,18 +3,3 @@ local next_node = site.next_node rule('FORWARD --logical-in br-client -p ARP --arp-ip-src ' .. next_node.ip4 .. ' -j DROP') rule('FORWARD --logical-in br-client -p ARP --arp-ip-dst ' .. next_node.ip4 .. ' -j DROP') - -rule('FORWARD --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP') -rule('OUTPUT --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP') -rule('FORWARD --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP') -rule('OUTPUT --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP') - -rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP') -rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP') -rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP') -rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP') - -rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP') -rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP') -rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP') -rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP') From 9b552dacce6ed3b33e1f241f63db6460172f3a41 Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Fri, 8 Apr 2016 12:08:15 +0200 Subject: [PATCH 4/8] gluon-mesh-babel: HACK: basic, experimental babel config --- package/gluon-mesh-babel/Makefile | 36 ++++++ package/gluon-mesh-babel/check_site.lua | 2 + .../upgrade/300-gluon-mesh-babel-firewall | 27 +++++ .../gluon/upgrade/300-gluon-mesh-babel-ip6 | 104 ++++++++++++++++++ .../gluon/upgrade/300-gluon-mesh-babel-tables | 34 ++++++ .../upgrade/310-gluon-mesh-babel-filters | 52 +++++++++ .../upgrade/320-gluon-mesh-babel-wireless | 79 +++++++++++++ .../upgrade/330-gluon-mesh-babel-interfaces | 23 ++++ 8 files changed, 357 insertions(+) create mode 100644 package/gluon-mesh-babel/Makefile create mode 100644 package/gluon-mesh-babel/check_site.lua create mode 100755 package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-firewall create mode 100755 package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-ip6 create mode 100755 package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-tables create mode 100755 package/gluon-mesh-babel/files/lib/gluon/upgrade/310-gluon-mesh-babel-filters create mode 100755 package/gluon-mesh-babel/files/lib/gluon/upgrade/320-gluon-mesh-babel-wireless create mode 100755 package/gluon-mesh-babel/files/lib/gluon/upgrade/330-gluon-mesh-babel-interfaces diff --git a/package/gluon-mesh-babel/Makefile b/package/gluon-mesh-babel/Makefile new file mode 100644 index 00000000..b7dd2b06 --- /dev/null +++ b/package/gluon-mesh-babel/Makefile @@ -0,0 +1,36 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-mesh-babel +PKG_VERSION:=1 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(GLUONDIR)/include/package.mk + +define Package/gluon-mesh-babel + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Babel mesh + DEPENDS:=+gluon-core +babeld +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/gluon-mesh-babel/install + $(CP) ./files/* $(1)/ +endef + +define Package/gluon-mesh-babel/postinst +#!/bin/sh +$(call GluonCheckSite,check_site.lua) +endef + +$(eval $(call BuildPackage,gluon-mesh-babel)) diff --git a/package/gluon-mesh-babel/check_site.lua b/package/gluon-mesh-babel/check_site.lua new file mode 100644 index 00000000..75bdb8cb --- /dev/null +++ b/package/gluon-mesh-babel/check_site.lua @@ -0,0 +1,2 @@ +need_string_match('babel_mesh.prefix', '^[%x:]+/64$') +need_boolean('mesh_on_wan', false) diff --git a/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-firewall b/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-firewall new file mode 100755 index 00000000..9c2f7ec2 --- /dev/null +++ b/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-firewall @@ -0,0 +1,27 @@ +#!/usr/bin/lua + +local uci = require('luci.model.uci').cursor() + +uci:section('firewall', 'rule', 'wan_babel', + { + name = 'wan_babel', + src = 'wan', + src_ip = 'fe80::/64', + dest_port = '6696', + proto = 'udp', + target = 'ACCEPT', + } +) + +uci:section('firewall', 'zone', 'mesh_babel', + { + name = 'mesh_babel', + input = 'ACCEPT', + output = 'ACCEPT', + forward = 'ACCEPT', + } +) + +uci:save('firewall') +uci:commit('firewall') + diff --git a/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-ip6 b/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-ip6 new file mode 100755 index 00000000..235e7891 --- /dev/null +++ b/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-ip6 @@ -0,0 +1,104 @@ +#!/usr/bin/lua + +local nixio = require 'nixio' +local sysconfig = require 'gluon.sysconfig' +local uci = require('luci.model.uci').cursor() +local site = require 'gluon.site_config' + + +function IPv6(address) +--[[ +(c) 2008 Jo-Philipp Wich +(c) 2008 Steven Barth + +Licensed under the Apache License, Version 2.0 (the "License"). +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 +]]-- + local data = {} + + local borderl = address:sub(1, 1) == ":" and 2 or 1 + local borderh, zeroh, chunk, block + + if #address > 45 then return nil end + + repeat + borderh = address:find(":", borderl, true) + if not borderh then break end + + block = tonumber(address:sub(borderl, borderh - 1), 16) + if block and block <= 0xFFFF then + data[#data+1] = block + else + if zeroh or borderh - borderl > 1 then return nil end + zeroh = #data + 1 + end + + borderl = borderh + 1 + until #data == 7 + + chunk = address:sub(borderl) + if #chunk > 0 and #chunk <= 4 then + block = tonumber(chunk, 16) + if not block or block > 0xFFFF then return nil end + + data[#data+1] = block + elseif #chunk > 4 then + if #data == 7 or #chunk > 15 then return nil end + borderl = 1 + for i=1, 4 do + borderh = chunk:find(".", borderl, true) + if not borderh and i < 4 then return nil end + borderh = borderh and borderh - 1 + + block = tonumber(chunk:sub(borderl, borderh)) + if not block or block > 255 then return nil end + + if i == 1 or i == 3 then + data[#data+1] = block * 256 + else + data[#data] = data[#data] + block + end + + borderl = borderh and borderh + 2 + end + end + + if zeroh then + if #data == 8 then return nil end + while #data < 8 do + table.insert(data, zeroh, 0) + end + end + + if #data == 8 then + return data[1], data[2], data[3], data[4], data[5], data[6], data[7], data[8] + end +end + +function mac_to_ip(prefix, mac) + local m1, m2, m3, m6, m7, m8 = string.match(mac, '(%x%x):(%x%x):(%x%x):(%x%x):(%x%x):(%x%x)') + local m4 = 0xff + local m5 = 0xfe + m1 = nixio.bit.bxor(tonumber(m1, 16), 0x02) + + local h1 = 0x100 * m1 + tonumber(m2, 16) + local h2 = 0x100 * tonumber(m3, 16) + m4 + local h3 = 0x100 * m5 + tonumber(m6, 16) + local h4 = 0x100 * tonumber(m7, 16) + tonumber(m8, 16) + + local prefix, plen = string.match(prefix, '(.*)/(%d+)') + plen = tonumber(plen, 10) + + local p1, p2, p3, p4, p5, p6, p7, p8 = IPv6(prefix) + + return string.format("%x:%x:%x:%x:%x:%x:%x:%x/%d", p1, p2, p3, p4, h1, h2, h3, h4, 128) +end + +local ip = mac_to_ip(site.babel_mesh.prefix, sysconfig.primary_mac) + +uci:set('network', 'loopback', 'ip6addr', ip) +uci:save('network') +uci:commit('network') + diff --git a/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-tables b/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-tables new file mode 100755 index 00000000..9ec3c6b3 --- /dev/null +++ b/package/gluon-mesh-babel/files/lib/gluon/upgrade/300-gluon-mesh-babel-tables @@ -0,0 +1,34 @@ +#!/usr/bin/lua + +local uci = require('luci.model.uci').cursor() +local site = require 'gluon.site_config' + +uci:section('babeld', 'general', 'gluon', + { + export_table = 10, + import_table = { + 255, + 11, + }, + } +) + +uci:section('network', 'rule6', 'babel_import_lookup', + { + lookup = 11, + priority = 64000, + } +) + +uci:section('network', 'rule6', 'babel_export_lookup', + { + lookup = 10, + priority = 64100, + } +) + +uci:save('babeld') +uci:save('network') +uci:commit('babeld') +uci:commit('network') + diff --git a/package/gluon-mesh-babel/files/lib/gluon/upgrade/310-gluon-mesh-babel-filters b/package/gluon-mesh-babel/files/lib/gluon/upgrade/310-gluon-mesh-babel-filters new file mode 100755 index 00000000..0cbe54c2 --- /dev/null +++ b/package/gluon-mesh-babel/files/lib/gluon/upgrade/310-gluon-mesh-babel-filters @@ -0,0 +1,52 @@ +#!/usr/bin/lua + +local uci = require('luci.model.uci').cursor() +local site = require 'gluon.site_config' + +uci:section('babeld', 'filter', 'mesh_prefix', + { + type = 'redistribute', + ip = site.babel_mesh.prefix, + eq = 128, + action = 'allow', + } +) + +uci:section('babeld', 'filter', 'client_prefix', + { + type = 'redistribute', + ip = site.prefix6, + eq = 128, + action = 'allow', + } +) + +uci:section('babeld', 'filter', 'client_prefix', + { + type = 'redistribute', + ip = site.prefix6, + eq = 128, + action = 'allow', + } +) + +uci:section('babeld', 'filter', 'local_deny', + { + type = 'redistribute', + ['local'] = 1, -- local is a keyword + action = 'deny', + } +) + +uci:section('babeld', 'filter', 'defaultroute', + { + type = 'redistribute', + ip = '::/0', + eq = 0, + action = 'allow', + } +) + +uci:save('babeld') +uci:commit('babeld') + diff --git a/package/gluon-mesh-babel/files/lib/gluon/upgrade/320-gluon-mesh-babel-wireless b/package/gluon-mesh-babel/files/lib/gluon/upgrade/320-gluon-mesh-babel-wireless new file mode 100755 index 00000000..e6114b28 --- /dev/null +++ b/package/gluon-mesh-babel/files/lib/gluon/upgrade/320-gluon-mesh-babel-wireless @@ -0,0 +1,79 @@ +#!/usr/bin/lua + +local site = require 'gluon.site_config' +local util = require 'gluon.util' + +local uci = require('luci.model.uci').cursor() + + +local function is_disabled(config, name) + local disabled = config and config.disabled + if uci:get('wireless', name) then + disabled = uci:get_bool('wireless', name, 'disabled') + end + + return disabled and 1 or 0 +end + +local function configure_mesh(config, radio, index, suffix) + local name = 'mesh_' .. radio + local disabled = is_disabled(config, name) + + uci:delete('network', name) + uci:delete('wireless', name) + uci:delete('babeld', name) + + if config then + uci:section('network', 'interface', name, + { + proto = 'none', + } + ) + + local ifname = 'mesh' .. suffix + + uci:section('wireless', 'wifi-iface', name, + { + device = radio, + network = name, + mode = 'mesh', + mesh_id = config.id, + mesh_fwding = 0, + mcast_rate = config.mcast_rate, + ifname = ifname, + disabled = disabled, + } + ) + + uci:section('babeld', 'interface', name, + { + ifname = ifname, + } + ) + + local networks = uci:get_list('firewall', 'mesh_babel', 'network') + local set = {} + for _, l in ipairs(networks) do set[l] = true end + set[name] = true + networks = {} + for k, _ in pairs(set) do table.insert(networks, k) end + uci:set_list('firewall', 'mesh_babel', 'network', networks) + end +end + +local function configure_radio(radio, index, config) + local suffix = radio:match('^radio(%d+)$') + + configure_mesh(config.mesh, radio, index, suffix) +end + +util.iterate_radios(configure_radio) + +uci:save('wireless') +uci:save('network') +uci:save('babeld') +uci:save('firewall') +uci:commit('wireless') +uci:commit('network') +uci:commit('babeld') +uci:commit('firewall') diff --git a/package/gluon-mesh-babel/files/lib/gluon/upgrade/330-gluon-mesh-babel-interfaces b/package/gluon-mesh-babel/files/lib/gluon/upgrade/330-gluon-mesh-babel-interfaces new file mode 100755 index 00000000..28cbe5df --- /dev/null +++ b/package/gluon-mesh-babel/files/lib/gluon/upgrade/330-gluon-mesh-babel-interfaces @@ -0,0 +1,23 @@ +#!/usr/bin/lua + +local uci = require('luci.model.uci').cursor() +local site = require 'gluon.site_config' + +if site.mesh_on_wan then + uci:section('babeld', 'interface', 'mesh_wan', + { + ifname = 'br-wan', + } + ) + + uci:add_to_set('firewall', 'mesh_babel', 'network', 'wan') +end + +uci:add_to_set('firewall', 'mesh_babel', 'network', 'client') +uci:add_to_set('firewall', 'mesh_babel', 'network', 'local_node4') +uci:add_to_set('firewall', 'mesh_babel', 'network', 'local_node6') + +uci:save('babeld') +uci:save('firewall') +uci:commit('babeld') +uci:commit('firewall') From 0fb6bd238f2180abbf12072555b3bed6a1303313 Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Fri, 8 Apr 2016 12:08:44 +0200 Subject: [PATCH 5/8] gluon-l3roamd: HACK: unfinished l3roamd package --- package/gluon-l3roamd/Makefile | 31 +++++++++++++++++++ .../files/etc/init.d/gluon-l3roamd | 16 ++++++++++ .../lib/gluon/upgrade/380-gluon-l3roamd-route | 26 ++++++++++++++++ 3 files changed, 73 insertions(+) create mode 100644 package/gluon-l3roamd/Makefile create mode 100755 package/gluon-l3roamd/files/etc/init.d/gluon-l3roamd create mode 100755 package/gluon-l3roamd/files/lib/gluon/upgrade/380-gluon-l3roamd-route diff --git a/package/gluon-l3roamd/Makefile b/package/gluon-l3roamd/Makefile new file mode 100644 index 00000000..52e60264 --- /dev/null +++ b/package/gluon-l3roamd/Makefile @@ -0,0 +1,31 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-l3roamd +PKG_VERSION:=1 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(INCLUDE_DIR)/package.mk + +define Package/gluon-l3roamd + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Configure l3roamd for babel + DEPENDS:=+gluon-core +gluon-mesh-babel +l3roamd +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/gluon-l3roamd/install + $(CP) ./files/* $(1)/ +endef + +$(eval $(call BuildPackage,gluon-l3roamd)) diff --git a/package/gluon-l3roamd/files/etc/init.d/gluon-l3roamd b/package/gluon-l3roamd/files/etc/init.d/gluon-l3roamd new file mode 100755 index 00000000..8f3a070f --- /dev/null +++ b/package/gluon-l3roamd/files/etc/init.d/gluon-l3roamd @@ -0,0 +1,16 @@ +#!/bin/sh /etc/rc.common + +START=50 + +USE_PROCD=1 +PROG=/usr/bin/l3roamd + +start_service () { + procd_open_instance + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_set_param command "$PROG" -p $(lua -e 'print(require("gluon.site_config").prefix6)') -i br-client -m mesh0 -t 11 -a $(uci get network.loopback.ip6addr | cut -d/ -f1) + + procd_close_instance +} + diff --git a/package/gluon-l3roamd/files/lib/gluon/upgrade/380-gluon-l3roamd-route b/package/gluon-l3roamd/files/lib/gluon/upgrade/380-gluon-l3roamd-route new file mode 100755 index 00000000..c89b2e4a --- /dev/null +++ b/package/gluon-l3roamd/files/lib/gluon/upgrade/380-gluon-l3roamd-route @@ -0,0 +1,26 @@ +#!/usr/bin/lua + +local uci = require('luci.model.uci').cursor() +local site = require 'gluon.site_config' + +uci:delete('network', 'l3roam') +uci:section('network', 'interface', 'l3roam', + { + ifname = 'l3roam0', + proto = 'none', + } +) + +uci:delete('network', 'l3roamd_client') +uci:section('network', 'route6', 'l3roamd_client', + { + interface = 'l3roam', + target = site.prefix6, + gateway = '::', + table = '10', + } +) + +uci:save('network') +uci:commit('network') + From b8fb547792b2b8dd8838649b1addb777ea5438dd Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Fri, 8 Apr 2016 12:07:28 +0200 Subject: [PATCH 6/8] gluon-radvd: HACK: free ebtables from bat0 --- package/gluon-radvd/Makefile | 4 ++-- .../files/lib/gluon/ebtables/300-radv-input-output | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) delete mode 100644 package/gluon-radvd/files/lib/gluon/ebtables/300-radv-input-output diff --git a/package/gluon-radvd/Makefile b/package/gluon-radvd/Makefile index 6695673c..08448362 100644 --- a/package/gluon-radvd/Makefile +++ b/package/gluon-radvd/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=gluon-radvd -PKG_VERSION:=3 +PKG_VERSION:=4 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) @@ -11,7 +11,7 @@ define Package/gluon-radvd SECTION:=gluon CATEGORY:=Gluon TITLE:=Advertise an IPv6 prefix from the node - DEPENDS:=+gluon-core +gluon-ebtables +gluon-mesh-batman-adv +uradvd + DEPENDS:=+gluon-core +uradvd endef define Package/gluon-radvd/description diff --git a/package/gluon-radvd/files/lib/gluon/ebtables/300-radv-input-output b/package/gluon-radvd/files/lib/gluon/ebtables/300-radv-input-output deleted file mode 100644 index 377d11cd..00000000 --- a/package/gluon-radvd/files/lib/gluon/ebtables/300-radv-input-output +++ /dev/null @@ -1,2 +0,0 @@ -rule 'INPUT -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type router-solicitation -i bat0 -j DROP' -rule 'OUTPUT -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type router-advertisement -o bat0 -j DROP' From 6a7afebecc76fcfb8d3cdaa55af72a1b38a82740 Mon Sep 17 00:00:00 2001 From: Christof Schulze Date: Tue, 26 Apr 2016 21:54:59 +0200 Subject: [PATCH 7/8] add l3roamd dev package (#736) --- package/l3roamd/Makefile | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 package/l3roamd/Makefile diff --git a/package/l3roamd/Makefile b/package/l3roamd/Makefile new file mode 100644 index 00000000..d8f990ff --- /dev/null +++ b/package/l3roamd/Makefile @@ -0,0 +1,31 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=l3roamd +PKG_VERSION:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL=https://github.com/tcatm/l3roamd.git +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +# this is master from april 14th +PKG_SOURCE_VERSION:=master +#PKG_SOURCE_VERSION:=14e87caa275be2432ae0fcc7242742946851d327 +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz + +#PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +define Package/l3roamd + SECTION:=net + CATEGORY:=Network + TITLE:=The layer 3 roaming daemon + DEPENDS:=+libnl-tiny +endef + +define Package/l3roamd/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/l3roamd $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,l3roamd)) From 1f62bf5ffd3d6b444d6b8d0646d1c56b6199d25b Mon Sep 17 00:00:00 2001 From: Christof Schulze Date: Sun, 1 May 2016 11:44:46 +0200 Subject: [PATCH 8/8] babel: L3roamd dev package add dependencies (#746) * added deps for l3roamd * optimize for size --- package/l3roamd/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package/l3roamd/Makefile b/package/l3roamd/Makefile index d8f990ff..bc1f3593 100644 --- a/package/l3roamd/Makefile +++ b/package/l3roamd/Makefile @@ -12,6 +12,7 @@ PKG_SOURCE_VERSION:=master PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz #PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) +CMAKE_OPTIONS += I-DCMAKE_BUILD_TYPE:STRING=MINSIZEREL include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/cmake.mk @@ -20,7 +21,7 @@ define Package/l3roamd SECTION:=net CATEGORY:=Network TITLE:=The layer 3 roaming daemon - DEPENDS:=+libnl-tiny + DEPENDS:=+libnl-tiny +kmod-tun +librt +libpthread endef define Package/l3roamd/install