applications/luci-app-siitwizard/luasrc/model/cbi/siitwizard.lua

   1 -- Copyright 2008 Steven Barth <steven@midlink.org>
   2 -- Copyright 2008 Jo-Philipp Wich <jow@openwrt.org>
   3 -- Licensed to the public under the Apache License 2.0.
   4
   5 local uci = require "luci.model.uci".cursor()
   6 local bit = require "nixio".bit
   7
   8 -------------------- Init --------------------
   9
  10 --
  11 -- Find link-local address
  12 --
  13 LL_PREFIX = luci.ip.IPv6("fe80::/64")
  14 function find_ll()
  15         for _, r in ipairs(luci.sys.net.routes6()) do
  16                 if LL_PREFIX:contains(r.dest) and r.dest:higher(LL_PREFIX) then
  17                         return r.dest:sub(LL_PREFIX)
  18                 end
  19         end
  20         return luci.ip.IPv6("::")
  21 end
  22
  23 --
  24 -- Determine defaults
  25 --
  26 local ula_prefix  = uci:get("siit", "ipv6", "ula_prefix")  or "fd00::"
  27 local ula_global  = uci:get("siit", "ipv6", "ula_global")  or "00ca:ffee:babe::"                -- = Freifunk
  28 local ula_subnet  = uci:get("siit", "ipv6", "ula_subnet")  or "0000:0000:0000:4223::"   -- = Berlin
  29 local siit_prefix = uci:get("siit", "ipv6", "siit_prefix") or "::ffff:0000:0000"
  30 local ipv4_pool   = uci:get("siit", "ipv4", "pool")        or "172.16.0.0/12"
  31 local ipv4_netsz  = uci:get("siit", "ipv4", "netsize")     or "24"
  32
  33 --
  34 -- Find IPv4 allocation pool
  35 --
  36 local gv4_net = luci.ip.IPv4(ipv4_pool)
  37
  38 --
  39 -- Generate ULA
  40 --
  41 local ula = luci.ip.IPv6("::/64")
  42
  43 for _, prefix in ipairs({ ula_prefix, ula_global, ula_subnet }) do
  44         ula = ula:add(luci.ip.IPv6(prefix))
  45 end
  46
  47 ula = ula:add(find_ll())
  48
  49
  50 -------------------- View --------------------
  51 f = SimpleForm("siitwizward", "SIIT-Wizzard",
  52  "This wizzard helps to setup SIIT (IPv4-over-IPv6) translation according to RFC2765.")
  53
  54 f:field(DummyValue, "info_ula", "Mesh ULA address").value = ula:string()
  55
  56 f:field(DummyValue, "ipv4_pool", "IPv4 allocation pool").value =
  57         "%s (%i hosts)" %{ gv4_net:string(), 2 ^ ( 32 - gv4_net:prefix() ) - 2 }
  58
  59 f:field(DummyValue, "ipv4_size", "IPv4 LAN network prefix").value =
  60         "%i bit (%i hosts)" %{ ipv4_netsz, 2 ^ ( 32 - ipv4_netsz ) - 2 }
  61
  62 mode = f:field(ListValue, "mode", "Operation mode")
  63 mode:value("client", "Client")
  64 mode:value("gateway", "Gateway")
  65
  66 dev = f:field(ListValue, "device", "Wireless device")
  67 uci:foreach("wireless", "wifi-device",
  68         function(section)
  69                 dev:value(section[".name"])
  70         end)
  71
  72 lanip = f:field(Value, "ipaddr", "LAN IPv4 subnet")
  73 function lanip.formvalue(self, section)
  74         local val = self.map:formvalue(self:cbid(section))
  75         local net = luci.ip.IPv4("%s/%i" %{ val, ipv4_netsz })
  76
  77         if net then
  78                 if gv4_net:contains(net) then
  79                         if not net:minhost():equal(net:host()) then
  80                                 self.error = { [section] = true }
  81                                 f.errmessage = "IPv4 address is not the first host of " ..
  82                                         "subnet, expected " .. net:minhost():string()
  83                         end
  84                 else
  85                         self.error = { [section] = true }
  86                         f.errmessage = "IPv4 address is not within the allocation pool"
  87                 end
  88         else
  89                 self.error = { [section] = true }
  90                 f.errmessage = "Invalid IPv4 address given"
  91         end
  92
  93         return val
  94 end
  95
  96 dns = f:field(Value, "dns", "DNS server for LAN clients")
  97 dns.value = "141.1.1.1"
  98
  99 -------------------- Control --------------------
 100 function f.handle(self, state, data)
 101         if state == FORM_VALID then
 102                 luci.http.redirect(luci.dispatcher.build_url("admin", "uci", "changes"))
 103                 return false
 104         end
 105         return true
 106 end
 107
 108 function mode.write(self, section, value)
 109
 110         --
 111         -- Find LAN IPv4 range
 112         --
 113         local lan_net = luci.ip.IPv4(
 114                 ( lanip:formvalue(section) or "172.16.0.1" ) .. "/" .. ipv4_netsz
 115         )
 116
 117         if not lan_net then return end
 118
 119         --
 120         -- Find wifi interface, dns server and hostname
 121         --
 122         local device      = dev:formvalue(section)
 123         local dns_server  = dns:formvalue(section) or "141.1.1.1"
 124         local hostname    = "siit-" .. lan_net:host():string():gsub("%.","-")
 125
 126         --
 127         -- Configure wifi device
 128         --
 129         local wifi_device  = dev:formvalue(section)
 130         local wifi_essid   = uci:get("siit", "wifi", "essid")   or "6mesh.freifunk.net"
 131         local wifi_bssid   = uci:get("siit", "wifi", "bssid")   or "02:ca:ff:ee:ba:be"
 132         local wifi_channel = uci:get("siit", "wifi", "channel") or "1"
 133
 134         -- nuke old device definition
 135         uci:delete_all("wireless", "wifi-iface",
 136                 function(s) return s.device == wifi_device end )
 137
 138         uci:delete_all("network", "interface",
 139                 function(s) return s['.name'] == wifi_device end )
 140
 141         -- create wifi device definition
 142         uci:tset("wireless", wifi_device, {
 143                 disabled  = 0,
 144                 channel   = wifi_channel,
 145 --              txantenna = 1,
 146 --              rxantenna = 1,
 147 --              diversity = 0
 148         })
 149
 150         uci:section("wireless", "wifi-iface", nil, {
 151                 encryption = "none",
 152                 mode       = "adhoc",
 153                 txpower    = 10,
 154                 sw_merge   = 1,
 155                 network    = wifi_device,
 156                 device     = wifi_device,
 157                 ssid       = wifi_essid,
 158                 bssid      = wifi_bssid,
 159         })
 160
 161         --
 162         -- Gateway mode
 163         --
 164         --      * wan port is dhcp, lan port is 172.23.1.1/24
 165         --      * siit0 gets a dummy address: 169.254.42.42
 166         --      * wl0 gets an ipv6 address, in this case the fdca:ffee:babe::1:1/64
 167         --      * we do a ::ffff:ffff:0/96 route into siit0, so everything from 6mesh goes into translation.
 168         --      * an HNA6 of ::ffff:ffff:0:0/96 announces the mapped 0.0.0.0/0 ipv4 space.
 169         --      * MTU on WAN, LAN down to 1400, ipv6 headers are slighly larger.
 170
 171         if value == "gateway" then
 172
 173                 -- wan mtu
 174                 uci:set("network", "wan", "mtu", 1240)
 175
 176                 -- lan settings
 177                 uci:tset("network", "lan", {
 178                         mtu     = 1240,
 179                         ipaddr  = lan_net:host():string(),
 180                         netmask = lan_net:mask():string(),
 181                         proto   = "static"
 182                 })
 183
 184                 -- use full siit subnet
 185                 siit_route = luci.ip.IPv6(siit_prefix .. "/96")
 186
 187                 -- v4 <-> siit route
 188                 uci:delete_all("network", "route",
 189                         function(s) return s.interface == "siit0" end)
 190
 191                 uci:section("network", "route", nil, {
 192                         interface = "siit0",
 193                         target    = gv4_net:network():string(),
 194                         netmask   = gv4_net:mask():string()
 195                 })
 196
 197         --
 198         -- Client mode
 199         --
 200         --      * 172.23.2.1/24 on its lan, fdca:ffee:babe::1:2 on wl0 and the usual dummy address on siit0.
 201         --      * we do a ::ffff:ffff:172.13.2.0/120 to siit0, because in this case, only traffic directed to clients needs to go into translation.
 202         --      * same route as HNA6 announcement to catch the traffic out of the mesh.
 203         --      * Also, MTU on LAN reduced to 1400.
 204
 205         else
 206
 207                 -- lan settings
 208                 uci:tset("network", "lan", {
 209                         mtu     = 1240,
 210                         ipaddr  = lan_net:host():string(),
 211                         netmask = lan_net:mask():string()
 212                 })
 213
 214                 -- derive siit subnet from lan config
 215                 siit_route = luci.ip.IPv6(
 216                         siit_prefix .. "/" .. (96 + lan_net:prefix())
 217                 ):add(lan_net[2])
 218
 219                 -- ipv4 <-> siit route
 220                 uci:delete_all("network", "route",
 221                         function(s) return s.interface == "siit0" end)
 222
 223                 -- XXX: kind of a catch all, gv4_net would be better
 224                 --      but does not cover non-local v4 space
 225                 uci:section("network", "route", nil, {
 226                         interface = "siit0",
 227                         target    = "0.0.0.0",
 228                         netmask   = "0.0.0.0"
 229                 })
 230         end
 231
 232         -- setup the firewall
 233         uci:delete_all("firewall", "zone",
 234                 function(s) return (
 235                         s['.name'] == "siit0" or s.name == "siit0" or
 236                         s.network == "siit0" or s['.name'] == wifi_device or
 237                         s.name == wifi_device or s.network == wifi_device
 238                 ) end)
 239
 240         uci:delete_all("firewall", "forwarding",
 241                 function(s) return (
 242                         s.src == wifi_device and s.dest == "siit0" or
 243                         s.dest == wifi_device and s.src == "siit0" or
 244                         s.src == "lan" and s.dest == "siit0" or
 245                         s.dest == "lan" and s.src == "siit0"
 246                 ) end)
 247
 248         uci:section("firewall", "zone", "siit0", {
 249                 name    = "siit0",
 250                 network = "siit0",
 251                 input   = "ACCEPT",
 252                 output  = "ACCEPT",
 253                 forward = "ACCEPT"
 254         })
 255
 256         uci:section("firewall", "zone", wifi_device, {
 257                 name    = wifi_device,
 258                 network = wifi_device,
 259                 input   = "ACCEPT",
 260                 output  = "ACCEPT",
 261                 forward = "ACCEPT"
 262         })
 263
 264         uci:section("firewall", "forwarding", nil, {
 265                 src  = wifi_device,
 266                 dest = "siit0"
 267         })
 268
 269         uci:section("firewall", "forwarding", nil, {
 270                 src  = "siit0",
 271                 dest = wifi_device
 272         })
 273
 274         uci:section("firewall", "forwarding", nil, {
 275                 src  = "lan",
 276                 dest = "siit0"
 277         })
 278
 279         uci:section("firewall", "forwarding", nil, {
 280                 src  = "siit0",
 281                 dest = "lan"
 282         })
 283
 284         -- firewall include
 285         uci:delete_all("firewall", "include",
 286                 function(s) return s.path == "/etc/firewall.user" end)
 287
 288         uci:section("firewall", "include", nil, {
 289                 path = "/etc/firewall.user"
 290         })
 291
 292
 293         -- siit0 interface
 294         uci:delete_all("network", "interface",
 295                 function(s) return ( s.ifname == "siit0" ) end)
 296
 297         uci:section("network", "interface", "siit0", {
 298                 ifname  = "siit0",
 299                 proto   = "none"
 300         })
 301
 302         -- siit0 route
 303         uci:delete_all("network", "route6",
 304                 function(s) return siit_route:contains(luci.ip.IPv6(s.target)) end)
 305
 306         uci:section("network", "route6", nil, {
 307                 interface = "siit0",
 308                 target    = siit_route:string()
 309         })
 310
 311         -- create wifi network interface
 312         uci:section("network", "interface", wifi_device, {
 313                 proto   = "static",
 314                 mtu     = 1400,
 315                 ip6addr = ula:string()
 316         })
 317
 318         -- nuke old olsrd interfaces
 319         uci:delete_all("olsrd", "Interface",
 320                 function(s) return s.interface == wifi_device end)
 321
 322         -- configure olsrd interface
 323         uci:foreach("olsrd", "olsrd",
 324                 function(s) uci:set("olsrd", s['.name'], "IpVersion", 6) end)
 325
 326         uci:section("olsrd", "Interface", nil, {
 327                 ignore      = 0,
 328                 interface   = wifi_device,
 329                 Ip6AddrType = "unique-local"
 330         })
 331
 332         -- hna6
 333         uci:delete_all("olsrd", "Hna6",
 334                 function(s) return true end)
 335
 336         uci:section("olsrd", "Hna6", nil, {
 337                 netaddr = siit_route:host():string(),
 338                 prefix  = siit_route:prefix()
 339         })
 340
 341         -- txtinfo v6 & olsrd nameservice
 342         uci:foreach("olsrd", "LoadPlugin",
 343                 function(s)
 344                         if s.library == "olsrd_txtinfo.so.0.1" then
 345                                 uci:set("olsrd", s['.name'], "accept", "::1")
 346                         elseif s.library == "olsrd_nameservice.so.0.3" then
 347                                 uci:set("olsrd", s['.name'], "name", hostname)
 348                         end
 349                 end)
 350
 351         -- lan dns
 352         uci:tset("dhcp", "lan", {
 353                 dhcp_option = "6," .. dns_server,
 354                 start       = bit.band(lan_net:minhost():add(1)[2][2], 0xFF),
 355                 limit       = ( 2 ^ ( 32 - lan_net:prefix() ) ) - 3
 356         })
 357
 358         -- hostname
 359         uci:foreach("system", "system",
 360                 function(s)
 361                         uci:set("system", s['.name'], "hostname", hostname)
 362                 end)
 363
 364         uci:save("wireless")
 365         uci:save("firewall")
 366         uci:save("network")
 367         uci:save("system")
 368         uci:save("olsrd")
 369         uci:save("dhcp")
 370 end
 371
 372 return f