[OpenWrt-Devel] [PATCH v2 1/2] firewall3: add masq6 option for IPv6 masquerading

Lars Gierth larsg at systemli.org
Fri May 8 19:09:53 EDT 2015


Signed-off-by: Lars Gierth <larsg at systemli.org>
---
 options.h |  1 +
 zones.c   | 10 +++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/options.h b/options.h
index a2bacce..20188c6 100644
--- a/options.h
+++ b/options.h
@@ -302,6 +302,7 @@ struct fw3_zone
 	const char *extra_dest;
 
 	bool masq;
+	bool masq6;
 	struct list_head masq_src;
 	struct list_head masq_dest;
 
diff --git a/zones.c b/zones.c
index 2ddd7b4..c902ebc 100644
--- a/zones.c
+++ b/zones.c
@@ -66,6 +66,7 @@ const struct fw3_option fw3_zone_opts[] = {
 	FW3_OPT("output",              target,   zone,     policy_output),
 
 	FW3_OPT("masq",                bool,     zone,     masq),
+	FW3_OPT("masq6",               bool,     zone,     masq6),
 	FW3_LIST("masq_src",           network,  zone,     masq_src),
 	FW3_LIST("masq_dest",          network,  zone,     masq_dest),
 
@@ -220,6 +221,12 @@ fw3_load_zones(struct fw3_state *state, struct uci_package *p)
 			zone->conntrack = true;
 		}
 
+		if (zone->masq6)
+		{
+			setbit(zone->flags[1], FW3_FLAG_SNAT);
+			zone->conntrack = true;
+		}
+
 		if (zone->custom_chains)
 		{
 			setbit(zone->flags[0], FW3_FLAG_SNAT);
@@ -540,7 +547,8 @@ print_zone_rule(struct fw3_ipt_handle *handle, struct fw3_state *state,
 		break;
 
 	case FW3_TABLE_NAT:
-		if (zone->masq && handle->family == FW3_FAMILY_V4)
+		if ((zone->masq && handle->family == FW3_FAMILY_V4) ||
+			(zone->masq6 && handle->family == FW3_FAMILY_V6))
 		{
 			fw3_foreach(msrc, &zone->masq_src)
 			fw3_foreach(mdest, &zone->masq_dest)
-- 
2.1.0
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list