• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/bin/bash
2#
3#  Copyright (c) 2017, The OpenThread Authors.
4#  All rights reserved.
5#
6#  Redistribution and use in source and binary forms, with or without
7#  modification, are permitted provided that the following conditions are met:
8#  1. Redistributions of source code must retain the above copyright
9#     notice, this list of conditions and the following disclaimer.
10#  2. Redistributions in binary form must reproduce the above copyright
11#     notice, this list of conditions and the following disclaimer in the
12#     documentation and/or other materials provided with the distribution.
13#  3. Neither the name of the copyright holder nor the
14#     names of its contributors may be used to endorse or promote products
15#     derived from this software without specific prior written permission.
16#
17#  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18#  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19#  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20#  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21#  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22#  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23#  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24#  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25#  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26#  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27#  POSSIBILITY OF SUCH DAMAGE.
28#
29#   Description:
30#       This script manipulates nat64 configuration.
31#
32
33NAT64_SERVICE="${NAT64_SERVICE:-tayga}"
34TAYGA_DEFAULT=/etc/default/tayga
35TAYGA_CONF=/etc/tayga.conf
36TAYGA_IPV4_ADDR=192.168.255.1
37TAYGA_IPV6_ADDR=fdaa:bb:1::1
38TAYGA_TUN_V6_ADDR=fdaa:bb:1::2
39NAT64_PREFIX=64:ff9b::/96
40DYNAMIC_POOL="${NAT64_DYNAMIC_POOL:-192.168.255.0/24}"
41NAT44_SERVICE=/etc/init.d/otbr-nat44
42WLAN_IFNAMES="${INFRA_IF_NAME:-eth0}"
43
44# Currently solution was verified only on raspbian and ubuntu.
45#
46#without NAT64 || test $PLATFORM = ubuntu || test $PLATFORM = raspbian || die "nat64 is not tested under $PLATFORM."
47
48tayga_install()
49{
50    test -f $TAYGA_DEFAULT -a -f $TAYGA_CONF || die 'Cannot find tayga configuration file!'
51    sudo sed -i 's/^RUN="no"/RUN="yes"/' $TAYGA_DEFAULT
52    sudo sed -i 's/^IPV4_TUN_ADDR=""/IPV4_TUN_ADDR="'$TAYGA_IPV4_ADDR'"/' $TAYGA_DEFAULT
53    sudo sed -i 's/^IPV6_TUN_ADDR=""/IPV6_TUN_ADDR="'$TAYGA_TUN_V6_ADDR'"/' $TAYGA_DEFAULT
54    sudo sed -i 's/^prefix /##prefix /' $TAYGA_CONF
55    sudo sed -i '/^##prefix /a prefix '$NAT64_PREFIX $TAYGA_CONF
56    sudo sed -i '/^#ipv6-addr/a ipv6-addr '$TAYGA_IPV6_ADDR $TAYGA_CONF
57    sudo sed -i 's/^dynamic-pool /##dynamic-pool /' $TAYGA_CONF
58    sudo sed -i '/^##dynamic-pool /a dynamic-pool '"$DYNAMIC_POOL" $TAYGA_CONF
59
60    if have systemctl; then
61        sudo systemctl restart tayga || die 'Unable to restart taga service!'
62        sudo systemctl enable tayga || die 'Unable to enable taga service!'
63    fi
64}
65
66tayga_uninstall()
67{
68    sudo sed -i 's/^RUN="yes"/RUN="no"/' $TAYGA_DEFAULT
69    sudo sed -i 's/^IPV4_TUN_ADDR="'$TAYGA_IPV4_ADDR'"/IPV4_TUN_ADDR=""/' $TAYGA_DEFAULT
70    sudo sed -i '/^prefix /d' $TAYGA_CONF
71    if grep "##prefix " $TAYGA_CONF; then
72        sudo sed -i 's/^##prefix /prefix /' $TAYGA_CONF
73    else
74        sudo sed -i 's/^# prefix /prefix /' $TAYGA_CONF
75    fi
76    sudo sed -i '/^ipv6-addr '$TAYGA_IPV6_ADDR'/d' $TAYGA_CONF
77    if grep "##dynamic-pool " $TAYGA_CONF; then
78        sudo sed -i '/^dynamic-pool /d' $TAYGA_CONF
79        sudo sed -i 's/^##dynamic-pool /dynamic-pool /' $TAYGA_CONF
80    fi
81}
82
83tayga_start()
84{
85    if with DOCKER; then
86        service tayga start || die 'Failed to start tayga'
87    elif have systemctl; then
88        sudo systemctl start tayga || die 'Failed to start tayga!'
89        sudo systemctl enable tayga || die 'Failed to enable tayga!'
90    fi
91}
92
93tayga_stop()
94{
95    if with DOCKER; then
96        service tayga stop || true
97    elif have systemctl; then
98        sudo systemctl stop tayga || true
99    fi
100}
101
102# Although Tayga also configures a NAT44 iptables route, this NAT44 service is used with Tayga
103# due to some history reason. It might be removed when native NAT64 service is ready.
104nat44_install()
105{
106    sudo tee $NAT44_SERVICE <<EOF
107#! /bin/sh
108#
109#  Copyright (c) 2017, The OpenThread Authors.
110#  All rights reserved.
111#
112#  Redistribution and use in source and binary forms, with or without
113#  modification, are permitted provided that the following conditions are met:
114#  1. Redistributions of source code must retain the above copyright
115#     notice, this list of conditions and the following disclaimer.
116#  2. Redistributions in binary form must reproduce the above copyright
117#     notice, this list of conditions and the following disclaimer in the
118#     documentation and/or other materials provided with the distribution.
119#  3. Neither the name of the copyright holder nor the
120#     names of its contributors may be used to endorse or promote products
121#     derived from this software without specific prior written permission.
122#
123#  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
124#  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
125#  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
126#  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
127#  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
128#  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
129#  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
130#  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
131#  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
132#  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
133#  POSSIBILITY OF SUCH DAMAGE.
134#
135### BEGIN INIT INFO
136# Provides:          otbr-nat44
137# Required-Start:    tayga
138# Required-Stop:
139# Should-Start:
140# Should-Stop:
141# Default-Start:     2 3 4 5
142# Default-Stop:
143# Short-Description: iptables NAT44
144# Description:       NAT44 is require for OpenThread border router
145#                    to connect to arbitrary IPv4 endpoints.
146### END INIT INFO
147
148. /lib/lsb/init-functions
149. /lib/init/vars.sh
150
151case "\$1" in
152    start)
153EOF
154    for IFNAME in $WLAN_IFNAMES; do
155        echo "      iptables -t nat -A POSTROUTING -o $IFNAME -j MASQUERADE" | sudo tee -a $NAT44_SERVICE
156    done
157    sudo tee -a $NAT44_SERVICE <<EOF
158        ;;
159    restart|reload|force-reload)
160        echo "Error: argument '\$1' not supported" >&2
161        exit 3
162        ;;
163    stop|status)
164        # No-op
165        ;;
166    *)
167        echo "Usage: \$0 start|stop" >&2
168        exit 3
169        ;;
170esac
171EOF
172    sudo chmod a+x $NAT44_SERVICE
173    if have systemctl; then
174        sudo systemctl enable otbr-nat44 || die 'Unable to enable nat44 service!'
175    fi
176}
177
178nat44_uninstall()
179{
180    if have systemctl; then
181        sudo systemctl disable otbr-nat44 || true
182    fi
183
184    # systemctl disable doesn't remove sym-links
185    if have update-rc.d; then
186        sudo update-rc.d otbr-nat44 remove || true
187    fi
188    test ! -f $NAT44_SERVICE || sudo rm $NAT44_SERVICE
189}
190
191nat44_start()
192{
193    if [ "$NAT64_SERVICE" = tayga ] && have systemctl; then
194        sudo systemctl start otbr-nat44 || die 'Failed to start NAT44!'
195    else
196        sudo iptables -t nat -A POSTROUTING -s "$DYNAMIC_POOL" -j MASQUERADE || die 'Failed to start NAT44!'
197    fi
198}
199
200nat44_stop()
201{
202    if [ "$NAT64_SERVICE" = tayga ] && have systemctl; then
203        sudo systemctl stop otbr-nat44 || true
204    else
205        sudo iptables -t nat -D POSTROUTING -s "$DYNAMIC_POOL" -j MASQUERADE || true
206    fi
207}
208
209nat64_install()
210{
211    with NAT64 || return 0
212
213    if [ "$NAT64_SERVICE" = tayga ]; then
214        tayga_install
215        nat44_install
216    fi
217}
218
219nat64_uninstall()
220{
221    with NAT64 || return 0
222
223    nat64_stop
224
225    if [ "$NAT64_SERVICE" = tayga ]; then
226        tayga_uninstall
227        nat44_uninstall
228    fi
229}
230
231nat64_start()
232{
233    with NAT64 || return 0
234
235    if [ "$NAT64_SERVICE" = tayga ]; then
236        tayga_start
237    fi
238
239    nat44_start
240}
241
242nat64_stop()
243{
244    with NAT64 || return 0
245
246    if [ "$NAT64_SERVICE" = tayga ]; then
247        tayga_stop
248    fi
249
250    nat44_stop
251}
252