From: Michael Tremer Date: Fri, 2 Jun 2017 07:55:18 +0000 (+0200) Subject: Drop support for 6rd X-Git-Tag: 009~239 X-Git-Url: http://git.ipfire.org/?p=network.git;a=commitdiff_plain;h=c7c40071e4f8334b5a6b67fde1320318dd003485 Drop support for 6rd This is probably not in wide use any more and I do not want to support this either. Therefore this is dropped for now. Fixes #11369 Signed-off-by: Michael Tremer --- diff --git a/Makefile.am b/Makefile.am index fde8b24e..acf5a718 100644 --- a/Makefile.am +++ b/Makefile.am @@ -211,7 +211,6 @@ dist_hooks_ports_SCRIPTS = \ src/hooks/ports/wireless-ap dist_hooks_zones_SCRIPTS = \ - src/hooks/zones/6rd \ src/hooks/zones/6to4-tunnel \ src/hooks/zones/bridge \ src/hooks/zones/modem \ @@ -343,7 +342,6 @@ MANPAGES = \ man/network-route.8 \ man/network-settings.8 \ man/network-zone.8 \ - man/network-zone-6rd.8 \ man/network-zone-6to4-tunnel.8 \ man/network-zone-bridge.8 \ man/network-zone-config-pppoe-server.8 \ diff --git a/man/network-zone-6rd.xml b/man/network-zone-6rd.xml deleted file mode 100644 index ccf5fd8f..00000000 --- a/man/network-zone-6rd.xml +++ /dev/null @@ -1,156 +0,0 @@ - - - - - - network-zone-6rd - network - - - - Developer - Stefan - Schantl - stefan.schantl@ipfire.org - - - - - - network-zone-6rd - 8 - - - - network-zone-6rd - Network Configuration Control Program - - - - - network zone new ZONE 6rd ... - - - - network zone ZONE edit ... - - - - - Description - - - 6rd specifies a protocol mechanism to deploy IPv6 to sites via the IPv4 network - of a service provider. - - - - The 6rd hook is used to connect to IPv6 networks where your provider does not - provide native IPv6. - - - - - Options - - - The following options are understood: - - - - - - - - - - - The 6rd prefix for the given 6rd domain. - - - This is the 6rd IPv6 prefix for the given 6rd domain. - - - - - - - - - - - - The address of the 6rd border relay server. - - - The IPv4 address of the 6rd Border Relay for a - given 6rd domain. - - - - - - - - - - - - The public IPv4 address that is used to connect to - the server. - - - - There are several ways and services around to determine the own IPv4 public - address. - - - - Attention! - - - - In case your local tunnel endpoint is behind a NAT, you also need to - configure the "--local-ipv4-address" option. - - - - - - - - - - - - The local IPv4 address of the client system. - - - - This option is only required if the local tunnel endpoint is behind a NAT. - - - - If the system is directly connected to the Internet, this flag can be ignored. - - - - - - - - See Also - - - - network - 8 - , - - network-zone - 8 - - - - diff --git a/src/functions/functions.ip-tunnel b/src/functions/functions.ip-tunnel index 8a1e2ee4..91af97f4 100644 --- a/src/functions/functions.ip-tunnel +++ b/src/functions/functions.ip-tunnel @@ -90,20 +90,3 @@ ip_tunnel_del() { ip tunnel del ${device} assert [ $? -eq 0 ] } - -ip_tunnel_6rd_set_prefix() { - local device="${1}" - assert isset device - - local prefix="${2}" - assert isset prefix - - # Validate the prefix. - assert ipv6_net_is_valid "${prefix}" - - log INFO "Setting 6rd-prefix ${prefix} on ${device}" - - # Set the prefix. - cmd ip tunnel 6rd dev "${device}" 6rd-prefix "${prefix}" - assert [ $? -eq 0 ] -} diff --git a/src/functions/functions.ipv6 b/src/functions/functions.ipv6 index 3d22b4d1..3e81d3a6 100644 --- a/src/functions/functions.ipv6 +++ b/src/functions/functions.ipv6 @@ -457,84 +457,3 @@ ipv6_hash() { ipv6_get_network() { ip_get_network $@ } - -ipv6_6rd_format_address() { - local isp_prefix="${1}" - assert ipv6_net_is_valid "${isp_prefix}" - - local client_address="${2}" - assert ipv4_is_valid "${client_address}" - - local prefix="$(ipv6_get_prefix "${isp_prefix}")" - isp_prefix="$(ipv6_split_prefix "${isp_prefix}")" - - # This only works for prefix lengths up to 32 bit. - assert [ "${prefix}" -le 32 ] - assert [ "${prefix}" -gt 0 ] - - # Explode the address and throw away the second 32 bit. - local address - local segment - for segment in ${isp_prefix//:/ }; do - while [[ ${#segment} -lt 4 ]]; do - segment="0${segment}" - done - list_append address "${segment}" - done - address="$(list_join ":" ${address})" - - client_address="$(ipv6_6rd_format_client_address ${client_address})" - assert isset client_address - - local block1="0x${address:0:4}" - local block2="0x${address:5:4}" - local block3="0x${address:10:4}" - local block4="0x${address:15:4}" - - address="$(( (${block1} << 48) + (${block2} << 32) + (${block3} << 16) + ${block4} ))" - assert [ "${address}" -gt 0 ] - - block1="0x${client_address:0:4}" - block2="0x${client_address:5:4}" - - client_address="$(( (${block1} << 48) + (${block2} << 32) ))" - - # Fix for numbers that are interpreted by bash as negative - # numbers and therefore filled up with ones when shifted to - # the right. Weird. - if [ "${client_address}" -gt 0 ]; then - client_address="$(( ${client_address} >> ${prefix} ))" - else - local bitmask="$(( 1 << 63 ))" - client_address="$(( ${client_address} >> 1 ))" - client_address="$(( ${client_address} ^ ${bitmask} ))" - client_address="$(( ${client_address} >> $(( ${prefix} - 1 )) ))" - fi - assert [ "${client_address}" -gt 0 ] - - # XOR everything together - address="$(( ${address} ^ ${client_address} ))" - prefix="$(( ${prefix} + 32 ))" - - local block formatted_address=":" - while [ ${address} -gt 0 ]; do - printf -v block "%x" "$(( ${address} & 0xffff ))" - formatted_address="${block}:${formatted_address}" - - address="$(( ${address} >> 16 ))" - done - - assert ipv6_is_valid "${formatted_address}" - - # Implode the output IP address. - formatted_address="$(ipv6_format "${formatted_address}")" - - print "${formatted_address}/${prefix}" -} - -ipv6_6rd_format_client_address() { - local address="${1}" - assert isset address - - print "%02x%02x:%02x%02x" ${address//\./ } -} diff --git a/src/hooks/zones/6rd b/src/hooks/zones/6rd deleted file mode 100644 index a277674c..00000000 --- a/src/hooks/zones/6rd +++ /dev/null @@ -1,175 +0,0 @@ -#!/bin/bash -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2013 IPFire Network Development Team # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -. /usr/lib/network/header-zone - -HOOK_SETTINGS="HOOK SIX_RD_PREFIX LOCAL_ADDRESS PUBLIC_ADDRESS SERVER_ADDRESS" - -# The address that is assigned to the tunnel device (with prefix). -SIX_RD_PREFIX="" - -# The local IPv4 address of the tunnel endpoint. -# For usage if the endpoint is in a pre-routed network. -LOCAL_ADDRESS="" - -# The IPv4 address of the tunnel endpoint where to connect to. -SERVER_ADDRESS="" - -# The public IPv4 address of the tunnel client. -PUBLIC_ADDRESS="" - -hook_check_settings() { - assert isset SIX_RD_PREFIX - assert isset PUBLIC_ADDRESS - assert isset SERVER_ADDRESS - - # Check if an optional local address has been specified or use the public address instead. - if [ -z "${LOCAL_ADDRESS}" ]; then - LOCAL_ADDRESS="${PUBLIC_ADDRESS}" - fi - - assert isset LOCAL_ADDRESS - - # Check input. - if ! ipv6_net_is_valid "${SIX_RD_PREFIX}"; then - log ERROR "Invalid 6rd prefix. Please use a valid IPv6 prefix." - return ${EXIT_ERROR} - fi - - if ! ipv4_is_valid "${SERVER_ADDRESS}"; then - log ERROR "Invalid server address. Please use a valid IPv4 address." - return ${EXIT_ERROR} - fi - - if ! ipv4_is_valid "${PUBLIC_ADDRESS}"; then - log ERROR "Invalid public address. Please use a valid IPv4 address." - return ${EXIT_ERROR} - fi - - if ! ipv4_is_valid "${LOCAL_ADDRESS}"; then - log ERROR "Invalid local address. Please use a valid IPv4 address." - return ${EXIT_ERROR} - fi -} - -hook_parse_cmdline() { - local value - - while [ $# -gt 0 ]; do - case "${1}" in - --6rd-prefix=*) - SIX_RD_PREFIX=$(cli_get_val ${1}) - ;; - --server-address=*) - SERVER_ADDRESS=$(cli_get_val ${1}) - ;; - --local-ipv4-address=*) - LOCAL_ADDRESS=$(cli_get_val ${1}) - ;; - --public-ipv4-address=*) - PUBLIC_ADDRESS=$(cli_get_val ${1}) - ;; - *) - echo "Unknown option: ${1}" >&2 - exit ${EXIT_ERROR} - ;; - esac - shift - done -} - -hook_up() { - local zone="${1}" - assert isset zone - - # Read configuration options. - zone_settings_read "${zone}" - - # Configure the tunnel. - if ! device_exists "${zone}"; then - ip_tunnel_add "${zone}" \ - --ttl=64 \ - --local-address="${LOCAL_ADDRESS}" - fi - - # Set 6rd prefix. - ip_tunnel_6rd_set_prefix "${zone}" "${SIX_RD_PREFIX}" - - # Bring up the device. - device_set_up "${zone}" - - # Update routing information. - db_set "${zone}/ipv6/type" "${HOOK}" - db_set "${zone}/ipv6/local-ip-address" "::${LOCAL_ADDRESS}" - db_set "${zone}/ipv6/remote-ip-address" "::${SERVER_ADDRESS}" - db_set "${zone}/ipv6/active" 1 - - # Update the routing database. - routing_update ${zone} ipv6 - routing_default_update - - exit ${EXIT_OK} -} - -hook_down() { - local zone=${1} - assert isset zone - - # Remove everything from the routing db. - db_delete "${zone}/ipv6" - - routing_update ${zone} ipv6 - routing_default_update - - # Remove the tunnel device. - ip_tunnel_del ${zone} - - exit ${EXIT_OK} -} - -hook_status() { - local zone=${1} - assert isset zone - - cli_device_headline ${zone} - - zone_settings_read "${zone}" - - local server_line="${SERVER_ADDRESS}" - local server_hostname=$(dns_get_hostname ${SERVER_ADDRESS}) - if [ -n "${server_hostname}" ]; then - server_line="${server_line} (Hostname: ${server_hostname})" - fi - - cli_headline 2 "Configuration" - cli_print_fmt1 2 "Server" "${server_line}" - cli_print_fmt1 2 "6rd Prefix" "${SIX_RD_PREFIX}" - cli_space - - # Generate the IPv6 prefix from the given 6rd Prefix and the Public IPv4 Address. - local six_rd_address="$(ipv6_6rd_format_address "${SIX_RD_PREFIX}" "${PUBLIC_ADDRESS}")" - - cli_headline 2 "Tunnel properties" - cli_print_fmt1 2 "IPv6 Subnet" "${six_rd_address}" - cli_space - - exit ${EXIT_OK} -}