From patchwork Fri May 8 23:09:53 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lars X-Patchwork-Id: 470211 X-Patchwork-Delegate: jow@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 80D1E140213 for ; Sat, 9 May 2015 09:10:56 +1000 (AEST) Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id D1E3028BDCB; Sat, 9 May 2015 01:09:02 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.2 Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id 4E3E728424A for ; Sat, 9 May 2015 01:08:45 +0200 (CEST) X-policyd-weight: using cached result; rate: -7.6 Received: from mail.systemli.org (systemli.sh1b.ch [212.103.72.251]) by arrakis.dune.hu (Postfix) with ESMTPS for ; Sat, 9 May 2015 01:08:44 +0200 (CEST) From: Lars Gierth To: openwrt-devel@lists.openwrt.org Date: Sat, 9 May 2015 01:09:53 +0200 Message-Id: <1431126594-6375-2-git-send-email-larsg@systemli.org> In-Reply-To: <1431126594-6375-1-git-send-email-larsg@systemli.org> References: <554CF7FA.6040708@systemli.org> <1431126594-6375-1-git-send-email-larsg@systemli.org> Cc: jow@subsignal.org Subject: [OpenWrt-Devel] [PATCH v2 1/2] firewall3: add masq6 option for IPv6 masquerading X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openwrt-devel-bounces@lists.openwrt.org Sender: "openwrt-devel" Signed-off-by: Lars Gierth --- options.h | 1 + zones.c | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/options.h b/options.h index a2bacce..20188c6 100644 --- a/options.h +++ b/options.h @@ -302,6 +302,7 @@ struct fw3_zone const char *extra_dest; bool masq; + bool masq6; struct list_head masq_src; struct list_head masq_dest; diff --git a/zones.c b/zones.c index 2ddd7b4..c902ebc 100644 --- a/zones.c +++ b/zones.c @@ -66,6 +66,7 @@ const struct fw3_option fw3_zone_opts[] = { FW3_OPT("output", target, zone, policy_output), FW3_OPT("masq", bool, zone, masq), + FW3_OPT("masq6", bool, zone, masq6), FW3_LIST("masq_src", network, zone, masq_src), FW3_LIST("masq_dest", network, zone, masq_dest), @@ -220,6 +221,12 @@ fw3_load_zones(struct fw3_state *state, struct uci_package *p) zone->conntrack = true; } + if (zone->masq6) + { + setbit(zone->flags[1], FW3_FLAG_SNAT); + zone->conntrack = true; + } + if (zone->custom_chains) { setbit(zone->flags[0], FW3_FLAG_SNAT); @@ -540,7 +547,8 @@ print_zone_rule(struct fw3_ipt_handle *handle, struct fw3_state *state, break; case FW3_TABLE_NAT: - if (zone->masq && handle->family == FW3_FAMILY_V4) + if ((zone->masq && handle->family == FW3_FAMILY_V4) || + (zone->masq6 && handle->family == FW3_FAMILY_V6)) { fw3_foreach(msrc, &zone->masq_src) fw3_foreach(mdest, &zone->masq_dest)