applications/luci-app-siitwizard/luasrc/model/cbi/siitwizard.lua

   1 -- Copyright 2008 Steven Barth <steven@midlink.org>
   2 -- Copyright 2008-2015 Jo-Philipp Wich <jow@openwrt.org>
   3 -- Licensed to the public under the Apache License 2.0.
   4
   5 local uci = require "luci.model.uci".cursor()
   6 local bit = require "nixio".bit
   7 local ip  = require "luci.ip"
   8
   9 -------------------- Init --------------------
  10
  11 --
  12 -- Find link-local address
  13 --
  14 function find_ll()
  15         local _, r
  16         for _, r in ipairs(ip.routes({ family = 6, dest = "fe80::/64" })) do
  17                 if r.dest:higher("fe80:0:0:0:ff:fe00:0:0") then
  18                         return (r.dest - "fe80::")
  19                 end
  20         end
  21         return ip.IPv6("::")
  22 end
  23
  24 --
  25 -- Determine defaults
  26 --
  27 local ula_prefix  = uci:get("siit", "ipv6", "ula_prefix")  or "fd00::"
  28 local ula_global  = uci:get("siit", "ipv6", "ula_global")  or "00ca:ffee:babe::"                -- = Freifunk
  29 local ula_subnet  = uci:get("siit", "ipv6", "ula_subnet")  or "0000:0000:0000:4223::"   -- = Berlin
  30 local siit_prefix = uci:get("siit", "ipv6", "siit_prefix") or "::ffff:0000:0000"
  31 local ipv4_pool   = uci:get("siit", "ipv4", "pool")        or "172.16.0.0/12"
  32 local ipv4_netsz  = uci:get("siit", "ipv4", "netsize")     or "24"
  33
  34 --
  35 -- Find IPv4 allocation pool
  36 --
  37 local gv4_net = ip.IPv4(ipv4_pool)
  38
  39 --
  40 -- Generate ULA
  41 --
  42 local ula = ip.IPv6("::/64")
  43
  44 for _, prefix in ipairs({ ula_prefix, ula_global, ula_subnet }) do
  45         ula = ula:add(ip.IPv6(prefix))
  46 end
  47
  48 ula = ula:add(find_ll())
  49
  50
  51 -------------------- View --------------------
  52 f = SimpleForm("siitwizward", "SIIT-Wizzard",
  53  "This wizzard helps to setup SIIT (IPv4-over-IPv6) translation according to RFC2765.")
  54
  55 f:field(DummyValue, "info_ula", "Mesh ULA address").value = ula:string()
  56
  57 f:field(DummyValue, "ipv4_pool", "IPv4 allocation pool").value =
  58         "%s (%i hosts)" %{ gv4_net:string(), 2 ^ ( 32 - gv4_net:prefix() ) - 2 }
  59
  60 f:field(DummyValue, "ipv4_size", "IPv4 LAN network prefix").value =
  61         "%i bit (%i hosts)" %{ ipv4_netsz, 2 ^ ( 32 - ipv4_netsz ) - 2 }
  62
  63 mode = f:field(ListValue, "mode", "Operation mode")
  64 mode:value("client", "Client")
  65 mode:value("gateway", "Gateway")
  66
  67 dev = f:field(ListValue, "device", "Wireless device")
  68 uci:foreach("wireless", "wifi-device",
  69         function(section)
  70                 dev:value(section[".name"])
  71         end)
  72
  73 lanip = f:field(Value, "ipaddr", "LAN IPv4 subnet")
  74 function lanip.formvalue(self, section)
  75         local val = self.map:formvalue(self:cbid(section))
  76         local net = ip.IPv4("%s/%i" %{ val, ipv4_netsz })
  77
  78         if net then
  79                 if gv4_net:contains(net) then
  80                         if not net:minhost():equal(net:host()) then
  81                                 self.error = { [section] = true }
  82                                 f.errmessage = "IPv4 address is not the first host of " ..
  83                                         "subnet, expected " .. net:minhost():string()
  84                         end
  85                 else
  86                         self.error = { [section] = true }
  87                         f.errmessage = "IPv4 address is not within the allocation pool"
  88                 end
  89         else
  90                 self.error = { [section] = true }
  91                 f.errmessage = "Invalid IPv4 address given"
  92         end
  93
  94         return val
  95 end
  96
  97 dns = f:field(Value, "dns", "DNS server for LAN clients")
  98 dns.value = "141.1.1.1"
  99
 100 -------------------- Control --------------------
 101 function f.handle(self, state, data)
 102         if state == FORM_VALID then
 103                 luci.http.redirect(luci.dispatcher.build_url("admin", "uci", "changes"))
 104                 return false
 105         end
 106         return true
 107 end
 108
 109 function mode.write(self, section, value)
 110
 111         --
 112         -- Find LAN IPv4 range
 113         --
 114         local lan_net = ip.IPv4(
 115                 ( lanip:formvalue(section) or "172.16.0.1" ) .. "/" .. ipv4_netsz
 116         )
 117
 118         if not lan_net then return end
 119
 120         --
 121         -- Find wifi interface, dns server and hostname
 122         --
 123         local device      = dev:formvalue(section)
 124         local dns_server  = dns:formvalue(section) or "141.1.1.1"
 125         local hostname    = "siit-" .. lan_net:host():string():gsub("%.","-")
 126
 127         --
 128         -- Configure wifi device
 129         --
 130         local wifi_device  = dev:formvalue(section)
 131         local wifi_essid   = uci:get("siit", "wifi", "essid")   or "6mesh.freifunk.net"
 132         local wifi_bssid   = uci:get("siit", "wifi", "bssid")   or "02:ca:ff:ee:ba:be"
 133         local wifi_channel = uci:get("siit", "wifi", "channel") or "1"
 134
 135         -- nuke old device definition
 136         uci:delete_all("wireless", "wifi-iface",
 137                 function(s) return s.device == wifi_device end )
 138
 139         uci:delete_all("network", "interface",
 140                 function(s) return s['.name'] == wifi_device end )
 141
 142         -- create wifi device definition
 143         uci:tset("wireless", wifi_device, {
 144                 disabled  = 0,
 145                 channel   = wifi_channel,
 146 --              txantenna = 1,
 147 --              rxantenna = 1,
 148 --              diversity = 0
 149         })
 150
 151         uci:section("wireless", "wifi-iface", nil, {
 152                 encryption = "none",
 153                 mode       = "adhoc",
 154                 txpower    = 10,
 155                 sw_merge   = 1,
 156                 network    = wifi_device,
 157                 device     = wifi_device,
 158                 ssid       = wifi_essid,
 159                 bssid      = wifi_bssid,
 160         })
 161
 162         --
 163         -- Gateway mode
 164         --
 165         --      * wan port is dhcp, lan port is 172.23.1.1/24
 166         --      * siit0 gets a dummy address: 169.254.42.42
 167         --      * wl0 gets an ipv6 address, in this case the fdca:ffee:babe::1:1/64
 168         --      * we do a ::ffff:ffff:0/96 route into siit0, so everything from 6mesh goes into translation.
 169         --      * an HNA6 of ::ffff:ffff:0:0/96 announces the mapped 0.0.0.0/0 ipv4 space.
 170         --      * MTU on WAN, LAN down to 1400, ipv6 headers are slighly larger.
 171
 172         if value == "gateway" then
 173
 174                 -- wan mtu
 175                 uci:set("network", "wan", "mtu", 1240)
 176
 177                 -- lan settings
 178                 uci:tset("network", "lan", {
 179                         mtu     = 1240,
 180                         ipaddr  = lan_net:host():string(),
 181                         netmask = lan_net:mask():string(),
 182                         proto   = "static"
 183                 })
 184
 185                 -- use full siit subnet
 186                 siit_route = ip.IPv6(siit_prefix .. "/96")
 187
 188                 -- v4 <-> siit route
 189                 uci:delete_all("network", "route",
 190                         function(s) return s.interface == "siit0" end)
 191
 192                 uci:section("network", "route", nil, {
 193                         interface = "siit0",
 194                         target    = gv4_net:network():string(),
 195                         netmask   = gv4_net:mask():string()
 196                 })
 197
 198         --
 199         -- Client mode
 200         --
 201         --      * 172.23.2.1/24 on its lan, fdca:ffee:babe::1:2 on wl0 and the usual dummy address on siit0.
 202         --      * we do a ::ffff:ffff:172.13.2.0/120 to siit0, because in this case, only traffic directed to clients needs to go into translation.
 203         --      * same route as HNA6 announcement to catch the traffic out of the mesh.
 204         --      * Also, MTU on LAN reduced to 1400.
 205
 206         else
 207
 208                 -- lan settings
 209                 uci:tset("network", "lan", {
 210                         mtu     = 1240,
 211                         ipaddr  = lan_net:host():string(),
 212                         netmask = lan_net:mask():string()
 213                 })
 214
 215                 -- derive siit subnet from lan config
 216                 siit_route = ip.IPv6(
 217                         siit_prefix .. "/" .. (96 + lan_net:prefix())
 218                 ):add(lan_net[2])
 219
 220                 -- ipv4 <-> siit route
 221                 uci:delete_all("network", "route",
 222                         function(s) return s.interface == "siit0" end)
 223
 224                 -- XXX: kind of a catch all, gv4_net would be better
 225                 --      but does not cover non-local v4 space
 226                 uci:section("network", "route", nil, {
 227                         interface = "siit0",
 228                         target    = "0.0.0.0",
 229                         netmask   = "0.0.0.0"
 230                 })
 231         end
 232
 233         -- setup the firewall
 234         uci:delete_all("firewall", "zone",
 235                 function(s) return (
 236                         s['.name'] == "siit0" or s.name == "siit0" or
 237                         s.network == "siit0" or s['.name'] == wifi_device or
 238                         s.name == wifi_device or s.network == wifi_device
 239                 ) end)
 240
 241         uci:delete_all("firewall", "forwarding",
 242                 function(s) return (
 243                         s.src == wifi_device and s.dest == "siit0" or
 244                         s.dest == wifi_device and s.src == "siit0" or
 245                         s.src == "lan" and s.dest == "siit0" or
 246                         s.dest == "lan" and s.src == "siit0"
 247                 ) end)
 248
 249         uci:section("firewall", "zone", "siit0", {
 250                 name    = "siit0",
 251                 network = "siit0",
 252                 input   = "ACCEPT",
 253                 output  = "ACCEPT",
 254                 forward = "ACCEPT"
 255         })
 256
 257         uci:section("firewall", "zone", wifi_device, {
 258                 name    = wifi_device,
 259                 network = wifi_device,
 260                 input   = "ACCEPT",
 261                 output  = "ACCEPT",
 262                 forward = "ACCEPT"
 263         })
 264
 265         uci:section("firewall", "forwarding", nil, {
 266                 src  = wifi_device,
 267                 dest = "siit0"
 268         })
 269
 270         uci:section("firewall", "forwarding", nil, {
 271                 src  = "siit0",
 272                 dest = wifi_device
 273         })
 274
 275         uci:section("firewall", "forwarding", nil, {
 276                 src  = "lan",
 277                 dest = "siit0"
 278         })
 279
 280         uci:section("firewall", "forwarding", nil, {
 281                 src  = "siit0",
 282                 dest = "lan"
 283         })
 284
 285         -- firewall include
 286         uci:delete_all("firewall", "include",
 287                 function(s) return s.path == "/etc/firewall.user" end)
 288
 289         uci:section("firewall", "include", nil, {
 290                 path = "/etc/firewall.user"
 291         })
 292
 293
 294         -- siit0 interface
 295         uci:delete_all("network", "interface",
 296                 function(s) return ( s.ifname == "siit0" ) end)
 297
 298         uci:section("network", "interface", "siit0", {
 299                 ifname  = "siit0",
 300                 proto   = "none"
 301         })
 302
 303         -- siit0 route
 304         uci:delete_all("network", "route6",
 305                 function(s) return siit_route:contains(ip.IPv6(s.target)) end)
 306
 307         uci:section("network", "route6", nil, {
 308                 interface = "siit0",
 309                 target    = siit_route:string()
 310         })
 311
 312         -- create wifi network interface
 313         uci:section("network", "interface", wifi_device, {
 314                 proto   = "static",
 315                 mtu     = 1400,
 316                 ip6addr = ula:string()
 317         })
 318
 319         -- nuke old olsrd interfaces
 320         uci:delete_all("olsrd", "Interface",
 321                 function(s) return s.interface == wifi_device end)
 322
 323         -- configure olsrd interface
 324         uci:foreach("olsrd", "olsrd",
 325                 function(s) uci:set("olsrd", s['.name'], "IpVersion", 6) end)
 326
 327         uci:section("olsrd", "Interface", nil, {
 328                 ignore      = 0,
 329                 interface   = wifi_device,
 330                 Ip6AddrType = "unique-local"
 331         })
 332
 333         -- hna6
 334         uci:delete_all("olsrd", "Hna6",
 335                 function(s) return true end)
 336
 337         uci:section("olsrd", "Hna6", nil, {
 338                 netaddr = siit_route:host():string(),
 339                 prefix  = siit_route:prefix()
 340         })
 341
 342         -- txtinfo v6 & olsrd nameservice
 343         uci:foreach("olsrd", "LoadPlugin",
 344                 function(s)
 345                         if s.library == "olsrd_txtinfo.so.0.1" then
 346                                 uci:set("olsrd", s['.name'], "accept", "::1")
 347                         elseif s.library == "olsrd_nameservice.so.0.3" then
 348                                 uci:set("olsrd", s['.name'], "name", hostname)
 349                         end
 350                 end)
 351
 352         -- lan dns
 353         uci:tset("dhcp", "lan", {
 354                 dhcp_option = "6," .. dns_server,
 355                 start       = bit.band(lan_net:minhost():add(1)[2][2], 0xFF),
 356                 limit       = ( 2 ^ ( 32 - lan_net:prefix() ) ) - 3
 357         })
 358
 359         -- hostname
 360         uci:foreach("system", "system",
 361                 function(s)
 362                         uci:set("system", s['.name'], "hostname", hostname)
 363                 end)
 364
 365         uci:save("wireless")
 366         uci:save("firewall")
 367         uci:save("network")
 368         uci:save("system")
 369         uci:save("olsrd")
 370         uci:save("dhcp")
 371 end
 372
 373 return f