Hey, this is my first patch to OpenWRT, please be gentle :-) I already submitted as a ticket (#13446), but I guess the list is more appropriate
Kernel 3.7 introduced IPv6 NAT, together with a couple of additional netfilter targets. - Core NAT Support: nf_nat_ipv6 ip6table_nat - known NAT targets MASQUERADE DNAT SNAT NETMAP REDIRECT - Stateless 1:1 NAT (NPT) NPT The attached patch adds these modules to OpenWRT. I have tested MASQUERADE, SNAT and REDIRECT, NPT can be at least configured. I'm not sure about the module placement though. At the moment I have put the core NAT, MASQUERADE and SNAT/DNAT into kmod-ipt-nat, which would probably make it depend on IPv6. NPT is also added to kmod-ipt-nat, that could either be left there, moved to -core (since the main advantage of NPT is to be without connection tracking) or moved to -natextra, since it is a less used IPv6 NAT feature. I don't really think it can be committed as is, but if you think so Signed-Off-By: Bernhard Schmidt <[email protected]> Index: include/netfilter.mk =================================================================== --- include/netfilter.mk (Revision 36608) +++ include/netfilter.mk (Arbeitskopie) @@ -161,10 +161,14 @@ # kernel only $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT, $(P_XT)nf_nat $(P_V4)nf_nat_ipv4 $(P_XT)xt_nat $(P_V4)iptable_nat, ge 3.7.0),)) +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT_IPV6, $(P_V6)nf_nat_ipv6 $(P_V6)ip6table_nat, ge 3.7.0),)) $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT, $(P_V4)nf_nat $(P_V4)iptable_nat, lt 3.7.0),)) +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_IP6_NF_TARGET_MASQUERADE, $(P_V6)ip6t_MASQUERADE, ge 3.7.0),)) +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_IP6_NF_TARGET_NPT, $(P_V6)ip6t_NPT, ge 3.7.0),)) # userland only $(eval $(if $(NF_KMOD),,$(call nf_add,IPT_NAT,CONFIG_NF_NAT, ipt_SNAT ipt_DNAT))) +$(eval $(if $(NF_KMOD),,$(call nf_add,IPT_NAT,CONFIG_IP6_NF_TARGET_NPT, ip6t_DNPT ip6t_SNPT))) $(eval $(call nf_add,IPT_NAT,CONFIG_IP_NF_TARGET_MASQUERADE, $(P_V4)ipt_MASQUERADE)) @@ -173,8 +177,10 @@ $(eval $(call nf_add,IPT_NAT_EXTRA,CONFIG_IP_NF_TARGET_NETMAP, $(P_XT)xt_NETMAP, ge 3.7.0)) $(eval $(call nf_add,IPT_NAT_EXTRA,CONFIG_IP_NF_TARGET_NETMAP, $(P_V4)ipt_NETMAP, lt 3.7.0)) +$(eval $(call nf_add,IPT_NAT_EXTRA,CONFIG_IP_NF_TARGET_NETMAP, $(P_V6)ip6t_NETMAP, lt 3.7.0)) $(eval $(call nf_add,IPT_NAT_EXTRA,CONFIG_IP_NF_TARGET_REDIRECT, $(P_XT)xt_REDIRECT, ge 3.7.0)) $(eval $(call nf_add,IPT_NAT_EXTRA,CONFIG_IP_NF_TARGET_REDIRECT, $(P_V4)ipt_REDIRECT, lt 3.7.0)) +$(eval $(call nf_add,IPT_NAT_EXTRA,CONFIG_IP_NF_TARGET_REDIRECT, $(P_V4)ip6t_REDIRECT, lt 3.7.0)) # nathelper _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
