From patchwork Fri May  8 17:53:08 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Lars <larsg@systemli.org>
X-Patchwork-Id: 470161
Return-Path: <openwrt-devel-bounces@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176])
	(using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 9817D140281
	for <incoming@patchwork.ozlabs.org>;
	Sat,  9 May 2015 03:54:15 +1000 (AEST)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=systemli.org header.i=@systemli.org
	header.b=rXstT7ND; dkim-atps=neutral
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id 0211328BDBD;
	Fri,  8 May 2015 19:52:26 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,T_DKIM_INVALID
	autolearn=unavailable version=3.3.2
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id B3F8128BDB2
	for <openwrt-devel@lists.openwrt.org>;
	Fri,  8 May 2015 19:51:58 +0200 (CEST)
X-policyd-weight: using cached result; rate: -7.6
Received: from mail.systemli.org (systemli.sh1b.ch [212.103.72.251])
	by arrakis.dune.hu (Postfix) with ESMTPS
	for <openwrt-devel@lists.openwrt.org>;
	Fri,  8 May 2015 19:51:58 +0200 (CEST)
Message-ID: <554CF804.2050602@systemli.org>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=systemli.org;
	s=default; t=1431107590;
	bh=Apl7bLGY0cB8iBNBAAk7djIc6m2PsxPh62JZf09Bojw=;
	h=Date:From:To:CC:Subject;
	b=rXstT7NDszhfcBM7RmdLrBkq8s5ownYNWDEsDgo3TnXbGC32cNqztkiuBG1kNYhPD
	c78fQnmQodGM0LdnK7N7bBoPXfPXOabqDsnycb7dXRY4dOGUSz+q1isGPOb9tx/fxt
	C76VM0DHJck5p33qlRikj8m3200TfsIsP8MOjGhw=
Date: Fri, 08 May 2015 19:53:08 +0200
From: Lars <larsg@systemli.org>
MIME-Version: 1.0
To: openwrt-devel@lists.openwrt.org
OpenPGP: id=7E86809F
Cc: jow@subsignal.org
Subject: [OpenWrt-Devel] [PATCH 1/2] firewall3: add masq6 option for IPv6
	masquerading
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OpenWrt Development List <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/options/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.openwrt.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
Errors-To: openwrt-devel-bounces@lists.openwrt.org
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>

Signed-off-by: Lars Gierth <larsg@systemli.org>
---
 options.h |  1 +
 zones.c   | 10 +++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

 			zone->conntrack = true;
 		}
 +		if (zone->masq6)
+		{
+			setbit(zone->flags[1], FW3_FLAG_SNAT);
+			zone->conntrack = true;
+		}
+
 		if (zone->custom_chains)
 		{
 			setbit(zone->flags[0], FW3_FLAG_SNAT);
@@ -540,7 +547,8 @@ print_zone_rule(struct fw3_ipt_handle *handle,
struct fw3_state *state,
 		break;
  	case FW3_TABLE_NAT:
-		if (zone->masq && handle->family == FW3_FAMILY_V4)
+		if ((zone->masq && handle->family == FW3_FAMILY_V4) ||
+			(zone->masq6 && handle->family == FW3_FAMILY_V6))
 		{
 			fw3_foreach(msrc, &zone->masq_src)
 			fw3_foreach(mdest, &zone->masq_dest)

diff --git a/options.h b/options.h
index a2bacce..20188c6 100644
--- a/options.h
+++ b/options.h
@@ -302,6 +302,7 @@ struct fw3_zone
 	const char *extra_dest;
  	bool masq;
+	bool masq6;
 	struct list_head masq_src;
 	struct list_head masq_dest;
 diff --git a/zones.c b/zones.c
index 2ddd7b4..c902ebc 100644
--- a/zones.c
+++ b/zones.c
@@ -66,6 +66,7 @@ const struct fw3_option fw3_zone_opts[] = {
 	FW3_OPT("output",              target,   zone,     policy_output),
  	FW3_OPT("masq",                bool,     zone,     masq),
+	FW3_OPT("masq6",               bool,     zone,     masq6),
 	FW3_LIST("masq_src",           network,  zone,     masq_src),
 	FW3_LIST("masq_dest",          network,  zone,     masq_dest),
 @@ -220,6 +221,12 @@ fw3_load_zones(struct fw3_state *state, struct
uci_package *p)