From 8c4403ba115f5901203a069ea52c03458b9c5fbd Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Wed, 30 Nov 2016 20:29:25 +0100 Subject: [PATCH] gluon-client-bridge, gluon-mesh-batman-adv-core: switch roles of br-client and local-node interfaces MAC and IP addresses are switched. This makes the gluon-client-bridge package more useful for different routing protocols that don't need a unique address on the client bridge. As a side effect, gluon-radvd is now using the next-node address, which had been considered before, but was dismissed to avoid having gluon-radvd depend on gluon-next-node and gluon-mesh-batman-adv. This will be useful for announcing default routes via gluon-radvd. One downside is that this introduces a minor dependency on batman-adv in gluon-respondd: the hotplug script that checked for the client interface before will now check for local-node. This doesn't really matter: for mesh protocols without a local-node interface, the check will do nothing (which makes sense, as there is no interface to bind to for mesh-wide respondd). --- package/gluon-alfred/Makefile | 2 +- .../lib/gluon/upgrade/500-enable-alfred | 2 +- package/gluon-client-bridge/check_site.lua | 9 ++ .../upgrade/300-gluon-client-bridge-network | 62 +++++++++--- .../gluon-mesh-batman-adv-core/check_site.lua | 8 -- .../files/lib/gluon/respondd/client.dev | 2 +- .../310-gluon-mesh-batman-adv-core-mesh | 99 ++++--------------- ...0-gluon-mesh-batman-adv-core-client-bridge | 45 +++++++++ .../330-gluon-mesh-batman-adv-core-local-node | 77 +++++++++++++++ ...-gluon-mesh-batman-adv-core-mac-addresses} | 0 .../luasrc/lib/gluon/upgrade/400-next-node | 63 ------------ .../gluon-mesh-batman-adv-core/src/respondd.c | 2 +- 12 files changed, 202 insertions(+), 169 deletions(-) create mode 100755 package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-core-client-bridge create mode 100755 package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/330-gluon-mesh-batman-adv-core-local-node rename package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/{320-gluon-mesh-batman-adv-core-mac-addresses => 340-gluon-mesh-batman-adv-core-mac-addresses} (100%) delete mode 100755 package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/400-next-node diff --git a/package/gluon-alfred/Makefile b/package/gluon-alfred/Makefile index f38b0dbe..01fbdf43 100644 --- a/package/gluon-alfred/Makefile +++ b/package/gluon-alfred/Makefile @@ -12,7 +12,7 @@ include $(GLUONDIR)/include/package.mk define Package/gluon-alfred SECTION:=gluon CATEGORY:=Gluon - DEPENDS:=+gluon-core +gluon-respondd +gluon-neighbour-info +micrond +alfred + DEPENDS:=+gluon-core +gluon-respondd +gluon-neighbour-info gluon-mesh-batman-adv +micrond +alfred TITLE:=Configure alfred endef diff --git a/package/gluon-alfred/luasrc/lib/gluon/upgrade/500-enable-alfred b/package/gluon-alfred/luasrc/lib/gluon/upgrade/500-enable-alfred index d3802d8a..ce4ac0ad 100755 --- a/package/gluon-alfred/luasrc/lib/gluon/upgrade/500-enable-alfred +++ b/package/gluon-alfred/luasrc/lib/gluon/upgrade/500-enable-alfred @@ -7,7 +7,7 @@ local c = uci.cursor() c:delete('alfred', 'alfred') c:section('alfred', 'alfred', 'alfred', { - interface = 'br-client', + interface = 'local-node', mode = 'slave', batmanif = 'bat0', start_vis = '1', diff --git a/package/gluon-client-bridge/check_site.lua b/package/gluon-client-bridge/check_site.lua index 3a7d81ee..c71f11c0 100644 --- a/package/gluon-client-bridge/check_site.lua +++ b/package/gluon-client-bridge/check_site.lua @@ -1,3 +1,12 @@ +need_string_match('next_node.mac', '^%x[02468aAcCeE]:%x%x:%x%x:%x%x:%x%x:%x%x$') + +if need_string_match('next_node.ip4', '^%d+.%d+.%d+.%d+$', false) then + need_string_match('prefix4', '^%d+.%d+.%d+.%d+/%d+$') +end + +need_string_match('next_node.ip6', '^[%x:]+$', false) + + for _, config in ipairs({'wifi24', 'wifi5'}) do if need_table(config .. '.ap', nil, false) then need_string(config .. '.ap.ssid') diff --git a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network index f5ab8582..67d0c061 100755 --- a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network +++ b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network @@ -1,33 +1,69 @@ #!/usr/bin/lua +local site = require 'gluon.site_config' local sysconfig = require 'gluon.sysconfig' +local ip = require 'luci.ip' local lutil = require 'luci.util' local uci = require('luci.model.uci').cursor() +local ip4, netmask, ip6 + +if site.next_node.ip4 then + ip4 = site.next_node.ip4 + netmask = ip.IPv4(site.prefix4):mask():string() +end + +if site.next_node.ip6 then + ip6 = site.next_node.ip6 .. '/128' +end + uci:section('network', 'interface', 'client', - { - type = 'bridge', - } + { + type = 'bridge', + proto = 'static', + macaddr = site.next_node.mac, + ipaddr = ip4, + netmask = netmask, + ip6addr = ip6, + } ) +uci:delete('network', 'client', 'reqprefix') +uci:delete('network', 'client', 'peerdns') +uci:delete('network', 'client', 'sourcefilter') + + local ifname = uci:get('network', 'client', 'ifname') if type(ifname) == 'string' then - uci:delete('network', 'client', 'ifname') - for x in ifname:gmatch("[^%s]+") do - uci:add_to_set('network', 'client', 'ifname', x) - end + uci:delete('network', 'client', 'ifname') + for x in ifname:gmatch("[^%s]+") do + uci:add_to_set('network', 'client', 'ifname', x) + end end if sysconfig.lan_ifname and not ifname and not uci:get_bool('network', 'mesh_lan', 'auto') then - for _, lanif in ipairs(lutil.split(sysconfig.lan_ifname, ' ')) do - uci:add_to_set('network', 'client', 'ifname', lanif) - end + for _, lanif in ipairs(lutil.split(sysconfig.lan_ifname, ' ')) do + uci:add_to_set('network', 'client', 'ifname', lanif) + end end - -uci:set('network', 'client', 'macaddr', sysconfig.primary_mac) - uci:save('network') + + +local dnsmasq = uci:get_first('dhcp', 'dnsmasq') +uci:set('dhcp', dnsmasq, 'boguspriv', 0) +uci:set('dhcp', dnsmasq, 'localise_queries', 0) +uci:set('dhcp', dnsmasq, 'rebind_protection', 0) + +uci:delete('dhcp', 'client') +uci:section('dhcp', 'dhcp', 'client', + { + interface = 'client', + ignore = 1, + } +) + +uci:save('dhcp') diff --git a/package/gluon-mesh-batman-adv-core/check_site.lua b/package/gluon-mesh-batman-adv-core/check_site.lua index bd0c00a4..d1f577c8 100644 --- a/package/gluon-mesh-batman-adv-core/check_site.lua +++ b/package/gluon-mesh-batman-adv-core/check_site.lua @@ -23,11 +23,3 @@ need_boolean('mesh_on_lan', false) if need_table('mesh', nil, false) and need_table('mesh.batman_adv', nil, false) then need_number('mesh.batman_adv.gw_sel_class', false) end - -need_string_match('next_node.mac', '^%x[02468aAcCeE]:%x%x:%x%x:%x%x:%x%x:%x%x$') - -if need_string_match('next_node.ip4', '^%d+.%d+.%d+.%d+$', false) then - need_string_match('prefix4', '^%d+.%d+.%d+.%d+/%d+$') -end - -need_string_match('next_node.ip6', '^[%x:]+$', false) diff --git a/package/gluon-mesh-batman-adv-core/files/lib/gluon/respondd/client.dev b/package/gluon-mesh-batman-adv-core/files/lib/gluon/respondd/client.dev index b051c6c5..9a074885 100644 --- a/package/gluon-mesh-batman-adv-core/files/lib/gluon/respondd/client.dev +++ b/package/gluon-mesh-batman-adv-core/files/lib/gluon/respondd/client.dev @@ -1 +1 @@ -client +local_node diff --git a/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-core-mesh b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-core-mesh index 4710d47c..9569df25 100755 --- a/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-core-mesh +++ b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-core-mesh @@ -1,7 +1,6 @@ #!/usr/bin/lua local sysconfig = require 'gluon.sysconfig' -local sysctl = require 'gluon.sysctl' local site = require 'gluon.site_config' local uci = require('luci.model.uci').cursor() @@ -9,94 +8,32 @@ local uci = require('luci.model.uci').cursor() local gw_sel_class if site.mesh and site.mesh.batman_adv then - gw_sel_class = site.mesh.batman_adv.gw_sel_class + gw_sel_class = site.mesh.batman_adv.gw_sel_class end uci:delete('batman-adv', 'bat0') uci:section('batman-adv', 'mesh', 'bat0', - { - orig_interval = 5000, - gw_mode = 'client', - gw_sel_class = gw_sel_class, - hop_penalty = 15, - multicast_mode = 0, - } + { + orig_interval = 5000, + gw_mode = 'client', + gw_sel_class = gw_sel_class, + hop_penalty = 15, + multicast_mode = 0, + } ) uci:save('batman-adv') +uci:delete('network', 'bat0') +uci:section('network', 'interface', 'bat0', + { + ifname = 'bat0', + proto = 'none', + macaddr = sysconfig.primary_mac, + multicast_router = 2, + learning = 0, + } +) uci:add_to_set('network', 'client', 'ifname', 'bat0') -uci:set('network', 'client', 'proto', 'dhcpv6') -uci:set('network', 'client', 'reqprefix', 'no') -uci:delete('network', 'client', 'igmp_snooping') -uci:set('network', 'client', 'robustness', 3) -uci:set('network', 'client', 'query_interval', 2000) -uci:set('network', 'client', 'query_response_interval', 500) -uci:set('network', 'client', 'peerdns', 1) -uci:set('network', 'client', 'sourcefilter', 0) - -uci:delete('network', 'bat0') -uci:section('network', 'interface', 'bat0', - { - ifname = 'bat0', - proto = 'none', - macaddr = sysconfig.primary_mac, - multicast_router = 2, - learning = 0, - } -) - -uci:delete('network', 'client_lan') -if sysconfig.lan_ifname then - uci:section('network', 'interface', 'client_lan', - { - unicast_flood = 0, - } - ) - uci:set('network', 'client_lan', 'ifname', sysconfig.lan_ifname) -end - uci:save('network') - - -uci:delete('firewall', 'client') -uci:section('firewall', 'zone', 'client', - { - name = 'client', - network = {'client'}, - input = 'ACCEPT', - output = 'ACCEPT', - forward = 'REJECT', - } -) - -uci:section('firewall', 'rule', 'client_dns', - { - name = 'client_dns', - src = 'client', - dest_port = '53', - target = 'REJECT', - } -) - -uci:save('firewall') - - -local dnsmasq = uci:get_first('dhcp', 'dnsmasq') -uci:set('dhcp', dnsmasq, 'boguspriv', 0) -uci:set('dhcp', dnsmasq, 'localise_queries', 0) -uci:set('dhcp', dnsmasq, 'rebind_protection', 0) - -uci:delete('dhcp', 'client') -uci:section('dhcp', 'dhcp', 'client', - { - interface = 'client', - ignore = 1, - } -) - -uci:save('dhcp') - - -sysctl.set('net.ipv6.conf.br-client.forwarding', 0) diff --git a/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-core-client-bridge b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-core-client-bridge new file mode 100755 index 00000000..30a0dfb2 --- /dev/null +++ b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-core-client-bridge @@ -0,0 +1,45 @@ +#!/usr/bin/lua + +local sysconfig = require 'gluon.sysconfig' +local sysctl = require 'gluon.sysctl' + +local uci = require('luci.model.uci').cursor() + +uci:section('network', 'interface', 'client', + { + robustness = 3, + query_interval = 2000, + query_response_interval = 500, + } +) +uci:delete('network', 'client', 'igmp_snooping') + +uci:delete('network', 'client_lan') +if sysconfig.lan_ifname then + uci:section('network', 'interface', 'client_lan', + { + unicast_flood = 0, + } + ) + uci:set('network', 'client_lan', 'ifname', sysconfig.lan_ifname) +end + +uci:save('network') + + +uci:delete('firewall', 'client') +uci:section('firewall', 'zone', 'client', + { + name = 'client', + network = {'client'}, + input = 'ACCEPT', + output = 'ACCEPT', + forward = 'REJECT', + } +) + +uci:delete('firewall', 'client_dns') + +uci:save('firewall') + +sysctl.set('net.ipv6.conf.br-client.forwarding') diff --git a/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/330-gluon-mesh-batman-adv-core-local-node b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/330-gluon-mesh-batman-adv-core-local-node new file mode 100755 index 00000000..04909fa6 --- /dev/null +++ b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/330-gluon-mesh-batman-adv-core-local-node @@ -0,0 +1,77 @@ +#!/usr/bin/lua + +local site = require 'gluon.site_config' +local sysconfig = require 'gluon.sysconfig' +local sysctl = require 'gluon.sysctl' + +local uci = require('luci.model.uci').cursor() + + +uci:delete('network', 'local_node_dev') +uci:section('network', 'device', 'local_node_dev', + { + name = 'local-node', + ifname = 'br-client', + type = 'macvlan', + macaddr = sysconfig.primary_mac, + } +) + +uci:delete('network', 'local_node') +uci:section('network', 'interface', 'local_node', + { + ifname = 'local-node', + proto = 'dhcpv6', + reqprefix = 'no', + peerdns = 1, + sourcefilter = 0, + } +) + +uci:delete('network', 'local_node_route6') +uci:section('network', 'route6', 'local_node_route6', + { + interface = 'local-node', + target = site.prefix6, + gateway = '::', + } +) + +uci:save('network') + + +uci:delete('firewall', 'local_node') +uci:section('firewall', 'zone', 'local_node', + { + name = 'local_node', + network = {'local_node'}, + input = 'ACCEPT', + output = 'ACCEPT', + forward = 'REJECT', + } +) + +uci:section('firewall', 'rule', 'local_node_dns', + { + name = 'local_node_dns', + src = 'local_node', + dest_port = '53', + target = 'REJECT', + } +) + +uci:save('firewall') + + +uci:delete('dhcp', 'local_node') +uci:section('dhcp', 'dhcp', 'local_node', + { + interface = 'local_node', + ignore = 1, + } +) + +uci:save('dhcp') + + +sysctl.set('net.ipv6.conf.local_node.forwarding', 0) diff --git a/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-core-mac-addresses b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/340-gluon-mesh-batman-adv-core-mac-addresses similarity index 100% rename from package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-core-mac-addresses rename to package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/340-gluon-mesh-batman-adv-core-mac-addresses diff --git a/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/400-next-node b/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/400-next-node deleted file mode 100755 index 98dffbc9..00000000 --- a/package/gluon-mesh-batman-adv-core/luasrc/lib/gluon/upgrade/400-next-node +++ /dev/null @@ -1,63 +0,0 @@ -#!/usr/bin/lua - -local site = require 'gluon.site_config' -local uci = require 'luci.model.uci' -local ip = require 'luci.ip' - -local c = uci.cursor() - - -c:delete('network', 'local_node_dev') -c:section('network', 'device', 'local_node_dev', - { - name = 'local-node', - ifname = 'br-client', - type = 'macvlan', - macaddr = site.next_node.mac, - } -) - -local ip4, netmask, ip6 - -if site.next_node.ip4 then - ip4 = site.next_node.ip4 - netmask = ip.IPv4(site.prefix4):mask():string() -end - -if site.next_node.ip6 then - ip6 = site.next_node.ip6 .. '/128' -end - -c:delete('network', 'local_node') -c:section('network', 'interface', 'local_node', - { - ifname = 'local-node', - proto = 'static', - ipaddr = ip4, - netmask = netmask, - ip6addr = ip6, - } -) - -c:delete('network', 'local_node_route6') -c:section('network', 'route6', 'local_node_route6', - { - interface = 'client', - target = site.prefix6, - gateway = '::', - } -) - -c:save('network') - -c:delete('firewall', 'local_node') -c:section('firewall', 'zone', 'local_node', - { - name = 'local_node', - network = {'local_node'}, - input = 'ACCEPT', - output = 'ACCEPT', - forward = 'REJECT', - } -) -c:save('firewall') diff --git a/package/gluon-mesh-batman-adv-core/src/respondd.c b/package/gluon-mesh-batman-adv-core/src/respondd.c index ba14997a..a84076e9 100644 --- a/package/gluon-mesh-batman-adv-core/src/respondd.c +++ b/package/gluon-mesh-batman-adv-core/src/respondd.c @@ -85,7 +85,7 @@ static struct json_object * get_addresses(void) { &flags, ifname) != 18) continue; - if (strcmp(ifname, "br-client")) + if (strcmp(ifname, "local-node")) continue; if (flags & (IFA_F_TENTATIVE|IFA_F_DEPRECATED))