Merge pull request #49 from oskar456/tayga

tayga: import from oldpackages, fix broken checksum and add netifd support

ipv6/tayga/Makefile

@@ -0,0 +1,49 @@
+# $Id: Makefile 5624 2006-11-23 00:29:07Z nbd $
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=tayga
+PKG_VERSION:=0.9.2
+PKG_RELEASE:=2
+
+PKG_SOURCE:=tayga-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=http://www.litech.org/tayga/
+PKG_MD5SUM:=7a7b24165ce008df772f398d86fa280e
+PKG_CAT:=bzcat
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/tayga-$(PKG_VERSION)
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/tayga
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+ip +kmod-ipv6 +kmod-tun
+  TITLE:=Out-of-kernel stateless NAT64 implementation for Linux
+  URL:=http://www.litech.org/tayga/
+  MAINTAINER:=Ondrej Caletka <ondrej@caletka.cz>
+endef
+
+define Package/tayga/description
+  TAYGA is an out-of-kernel stateless NAT64 implementation for
+  Linux.  It uses the TUN driver to exchange packets with the
+  kernel, which is the same driver used by OpenVPN and QEMU/KVM.
+endef
+
+ifdef CONFIG_PACKAGE_netifd
+  define Package/tayga/install
+	$(INSTALL_DIR) $(1)/usr/sbin $(1)/lib/netifd/proto
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/tayga $(1)/usr/sbin/
+	$(INSTALL_BIN) ./files/tayga-proto.sh $(1)/lib/netifd/proto/tayga.sh
+  endef
+else
+  define Package/tayga/install
+	$(INSTALL_DIR) $(1)/usr/sbin $(1)/lib/network $(1)/etc/hotplug.d/iface
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/tayga $(1)/usr/sbin/
+	$(INSTALL_DATA) ./files/tayga.sh $(1)/lib/network/tayga.sh
+	$(INSTALL_DATA) ./files/tayga.hotplug $(1)/etc/hotplug.d/iface/95-tayga
+  endef
+endif
+
+$(eval $(call BuildPackage,tayga))

ipv6/tayga/files/tayga-proto.sh

@@ -0,0 +1,92 @@
+#!/bin/sh
+# tayga.sh - TAYGA proto
+# Copyright (c) 2014 OpenWrt.org
+
+[ -n "$INCLUDE_ONLY" ] || {
+	. /lib/functions.sh
+	. /lib/functions/network.sh
+	. ../netifd-proto.sh
+	init_proto "$@"
+}
+
+proto_tayga_setup() {
+	local cfg="$1"
+	local iface="$2"
+	local link="tayga-$cfg"
+
+	local ipv4_addr ipv6_addr prefix dynamic_pool ipaddr ip6addr
+	json_get_vars ipv4_addr ipv6_addr prefix dynamic_pool ipaddr ip6addr
+	[ -z "$ipv4_addr" -o -z "$prefix" ] && {
+		proto_notify_error "$cfg" "REQUIRED_PARAMETERS_MISSING"
+		proto_block_restart "$cfg"
+		return
+	}
+
+	local tmpconf="/var/etc/tayga-$cfg.conf"
+	mkdir -p /var/etc
+	mkdir -p /var/run/tayga/$cfg
+
+	echo "tun-device $link" >$tmpconf
+	echo "ipv4-addr $ipv4_addr" >>$tmpconf
+	[ -n "$ipv6_addr" ] &&
+		echo "ipv6-addr $ipv6_addr" >>$tmpconf
+	[ -n "$prefix" ] &&
+		echo "prefix $prefix" >>$tmpconf
+	[ -n "$dynamic_pool" ] &&
+		echo "dynamic-pool $dynamic_pool" >>$tmpconf
+	echo "data-dir /var/run/tayga/$cfg" >>$tmpconf
+	#TODO: Support static mapping of IPv4 <-> IPv6
+
+	# here we create TUN device and check configuration
+	tayga -c $tmpconf --mktun
+	[ "$?" -ne 0 ] && {
+		proto_notify_error "$cfg" "TAYGA_FAILED"
+		proto_block_restart "$cfg"
+		return
+	}
+
+	proto_init_update "$link" 1
+
+	[ -n "$ipaddr" ]  && proto_add_ipv4_address "$ipaddr" "255.255.255.255"
+	[ -n "$ip6addr" ] && proto_add_ipv6_address "$ip6addr" "128"
+	[ -n "$ipv6_addr" ] && proto_add_ipv6_route "$ipv6_addr" "128"
+	[ -n "$dynamic_pool" ] && {
+		local pool="${dynamic_pool%%/*}"
+		local mask="${dynamic_pool##*/}"
+		proto_add_ipv4_route "$pool" "$mask"
+	}
+	[ -n "$prefix" ] && {
+		local prefix6="${prefix%%/*}"
+		local mask6="${prefix##*/}"
+		proto_add_ipv6_route "$prefix6" "$mask6"
+	}
+
+	proto_send_update "$cfg"
+
+	proto_run_command "$cfg" tayga -n -c $tmpconf \
+		-p /var/run/$link.pid
+
+}
+
+proto_tayga_teardown() {
+	local cfg="$1"
+	local tmpconf="/var/etc/tayga-$cfg.conf"
+	proto_kill_command "$cfg"
+	sleep 1
+	tayga -c $tmpconf --rmtun
+}
+
+proto_tayga_init_config() {
+	no_device=1
+	available=1
+	proto_config_add_string "ipv4_addr"
+	proto_config_add_string "ipv6_addr"
+	proto_config_add_string "prefix"
+	proto_config_add_string "dynamic_pool"
+	proto_config_add_string "ipaddr"
+	proto_config_add_string "ip6addr:ip6addr"
+}
+
+[ -n "$INCLUDE_ONLY" ] || {
+	add_protocol tayga
+}

ipv6/tayga/files/tayga.hotplug

@@ -0,0 +1,37 @@
+#!/bin/sh
+
+if [ "$ACTION" = ifup ]; then
+	. /lib/functions.sh
+
+	include /lib/network
+	scan_interfaces
+
+	update_tunnel() {
+		local cfg="$1"
+
+		local proto
+		config_get proto "$cfg" proto
+		[ "$proto" = tayga ] || return 0
+
+		local wandev4
+		config_get wandev4 "$cfg" wan4_device "$(find_tayga_wanif4)"
+
+		local wandev6
+		config_get wandev6 "$cfg" wan6_device "$(find_tayga_wanif6)"
+
+		[ "$wandev4" = "$DEVICE" ] || [ "$wandev6" = "$DEVICE" ] || return 0
+
+		local wanip4=$(find_tayga_wanip4 "$wandev4")
+		local wanip6=$(find_tayga_wanip6 "$wandev6")
+
+		[ -n "$wanip4" ] && [ -n "$wanip6" ] && {
+			uci_set_state network "$cfg" ipv4addr "$wanip4"
+			uci_set_state network "$cfg" ipv6addr "$wanip6"
+
+			logger -t tayga-update "Re-establishing tayga NAT64 due to change on $INTERFACE ($DEVICE)"
+			ifup "$cfg" &
+		}
+	}
+
+	config_foreach update_tunnel interface
+fi

ipv6/tayga/files/tayga.sh

@@ -0,0 +1,152 @@
+# tayga.sh - NAT64 backend
+
+find_tayga_wanif4() {
+	local if=$(ip -4 r l e 0.0.0.0/0); if="${if#default* dev }"; if="${if%% *}"
+	[ -n "$if" ] && grep -qs "^ *$if:" /proc/net/dev && echo "$if"
+}
+
+find_tayga_wanip4() {
+	local ip=$(ip -4 a s dev "$1"); ip="${ip#*inet }"
+	echo "${ip%%[^0-9.]*}"
+}
+
+find_tayga_wanif6() {
+	local if=$(ip -6 r l e ::/0); if="${if#default* dev }"; if="${if%% *}"
+	[ -n "$if" ] && grep -qs "^ *$if:" /proc/net/dev && echo "$if"
+}
+
+find_tayga_wanip6() {
+	local ip=$(ip -6 a s dev "$1"); ip="${ip#*inet6 }"
+	echo "${ip%%[^0-9A-Fa-f:]*}"
+}
+
+# Hook into scan_interfaces() to synthesize a .device option
+# This is needed for /sbin/ifup to properly dispatch control
+# to setup_interface_tayga() even if no .ifname is set in
+# the configuration.
+scan_tayga() {
+	config_set "$1" device "tayga-$1"
+}
+
+coldplug_interface_tayga() {
+	setup_interface_tayga "tayga-$1" "$1"
+}
+
+tayga_add_static_mappings() {
+	local tmpconf="$1"
+
+	(
+		. /lib/functions.sh
+		config_load firewall
+
+		tayga_map_rule_add() {
+			local cfg="$1"
+			local tmpconf="$2"
+			local ipv4_addr ipv6_addr
+			config_get ipv4_addr "$cfg" ipv4_addr ""
+			config_get ipv6_addr "$cfg" ipv6_addr ""
+			[ -n "$ipv4_addr" ] && [ -n "$ipv6_addr" ] &&
+				echo "map $ipv4_addr $ipv6_addr" >>$tmpconf
+		}
+
+		config_foreach tayga_map_rule_add nat64 "$tmpconf"
+	)
+}
+
+setup_interface_tayga() {
+	local iface="$1"
+	local cfg="$2"
+	local link="tayga-$cfg"
+
+	local ipv4_addr ipv6_addr prefix dynamic_pool
+
+	config_get ipv4_addr "$cfg" ipv4_addr
+	config_get ipv6_addr "$cfg" ipv6_addr
+	config_get prefix "$cfg" prefix
+	config_get dynamic_pool "$cfg" dynamic_pool
+
+	local args
+
+	include /lib/network
+	scan_interfaces
+
+	local wanip4=$(uci_get network "$cfg" ipv4addr)
+	local wanip6=$(uci_get network "$cfg" ipv6addr)
+
+	local wanif4=$(find_tayga_wanif4)
+	local wanif6=$(find_tayga_wanif6)
+
+	[ -z "$wanip4" ] && {
+		[ -n "$wanif4" ] && {
+			wanip4=$(find_tayga_wanip4 "$wanif4")
+			uci_set_state network "$cfg" wan4_device "$wanif4"
+		}
+	}
+
+	[ -z "$wanip6" ] && {
+		[ -n "$wanif6" ] && {
+			wanip6=$(find_tayga_wanip6 "$wanif6")
+			uci_set_state network "$cfg" wan6_device "$wanif6"
+		}
+	}
+
+	[ -n "$wanip4" ] && [ -n "$wanip6" ] || {
+		echo "Cannot determine local IPv4 and IPv6 addressed for tayga NAT64 $cfg - skipping"
+		return 1
+	}
+
+	local tmpconf="/var/etc/tayga-$cfg.conf"
+	args="-c $tmpconf"
+	mkdir -p /var/etc
+	mkdir -p /var/run/tayga/$cfg
+
+	echo "tun-device $link" >$tmpconf
+	echo "ipv4-addr $ipv4_addr" >>$tmpconf
+	[ -n "$ipv6_addr" ] &&
+		echo "ipv6-addr $ipv6_addr" >>$tmpconf
+	[ -n "$prefix" ] &&
+		echo "prefix $prefix" >>$tmpconf
+
+	tayga_add_static_mappings "$tmpconf"
+
+	[ -n "$dynamic_pool" ] &&
+		echo "dynamic-pool $dynamic_pool" >>$tmpconf
+	echo "data-dir /var/run/tayga/$cfg" >>$tmpconf
+
+	# creating the tunnel below will trigger a net subsystem event
+	# prevent it from touching or iface by disabling .auto here
+	uci_set_state network "$cfg" ifname $link
+	uci_set_state network "$cfg" auto 0
+
+	# here we create TUN device and check configuration
+	tayga $args --mktun || return 1
+
+	ip link set "$link" up
+
+	ip addr add "$wanip4" dev "$link"
+	ip addr add "$wanip6" dev "$link"
+
+	[ -n "$dynamic_pool" ] &&
+		ip -4 route add "$dynamic_pool" dev "$link"
+	[ -n "$prefix" ] &&
+		ip -6 route add "$prefix" dev "$link"
+
+	start-stop-daemon -S -x tayga -- $args -p /var/run/$link.pid
+
+	env -i ACTION="ifup" DEVICE="$link" INTERFACE="$cfg" PROTO="tayga" \
+		/sbin/hotplug-call iface
+}
+
+stop_interface_tayga() {
+	local cfg="$1"
+	local link="tayga-$cfg"
+
+	env -i ACTION="ifdown" DEVICE="$link" INTERFACE="$cfg" PROTO="tayga" \
+		/sbin/hotplug-call iface
+
+	service_kill tayga "/var/run/$link.pid"
+
+	ip link set "$link" down
+	ip addr flush dev "$link"
+	ip route flush dev "$link"
+}

ipv6/tayga/patches/001-configure_unset_CFLAGS.patch

@@ -0,0 +1,11 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -5,8 +5,6 @@ AC_CONFIG_HEADERS(config.h)
+ 
+ AC_PROG_CC
+ 
+-CFLAGS='-g -Wall'
+-
+ tayga_conf_path=${sysconfdir}/tayga.conf
+ 
+ AC_SUBST(tayga_conf_path)

ipv6/tayga/patches/002-bigendian_wrong_checksum.patch

@@ -0,0 +1,53 @@
+--- a/nat64.c
++++ b/nat64.c
+@@ -19,6 +19,11 @@
+ 
+ extern struct config *gcfg;
+ 
++static uint16_t checksum_extend_byte(uint8_t b)
++{
++	return htons(b << 8);
++}
++
+ static uint16_t ip_checksum(void *d, int c)
+ {
+ 	uint32_t sum = 0xffff;
+@@ -30,7 +35,7 @@ static uint16_t ip_checksum(void *d, int
+ 	}
+ 
+ 	if (c)
+-		sum += htons(*((uint8_t *)p) << 8);
++		sum += checksum_extend_byte(*((uint8_t *)p));
+ 
+ 	while (sum > 0xffff)
+ 		sum = (sum & 0xffff) + (sum >> 16);
+@@ -180,10 +185,12 @@ static int xlate_payload_4to6(struct pkt
+ 		cksum = ones_add(p->icmp->cksum, cksum);
+ 		if (p->icmp->type == 8) {
+ 			p->icmp->type = 128;
+-			p->icmp->cksum = ones_add(cksum, ~(128 - 8));
++			p->icmp->cksum = ones_add(cksum,
++						~checksum_extend_byte(128 - 8));
+ 		} else {
+ 			p->icmp->type = 129;
+-			p->icmp->cksum = ones_add(cksum, ~(129 - 0));
++			p->icmp->cksum = ones_add(cksum,
++						~checksum_extend_byte(129 - 0));
+ 		}
+ 		return 0;
+ 	case 17:
+@@ -668,10 +675,12 @@ static int xlate_payload_6to4(struct pkt
+ 		cksum = ones_add(p->icmp->cksum, cksum);
+ 		if (p->icmp->type == 128) {
+ 			p->icmp->type = 8;
+-			p->icmp->cksum = ones_add(cksum, 128 - 8);
++			p->icmp->cksum = ones_add(cksum,
++						checksum_extend_byte(128 - 8));
+ 		} else {
+ 			p->icmp->type = 0;
+-			p->icmp->cksum = ones_add(cksum, 129 - 0);
++			p->icmp->cksum = ones_add(cksum,
++						checksum_extend_byte(129 - 0));
+ 		}
+ 		return 0;
+ 	case 17: