From 681945a3bfe9b379c76ecc6160a102a3dd7d5e59 Mon Sep 17 00:00:00 2001 From: sven-ola Date: Wed, 13 Oct 2010 13:16:44 +0000 Subject: fix git-svn-id: https://map66.svn.sourceforge.net/svnroot/map66@22 3484d885-4da6-438d-b19d-107d078dd756 --- README.dbk | 119 ++++++++++++++++++++++++++++++++++---------------------- ip6t_MAP66.c | 1 - libip6t_MAP66.c | 2 + 3 files changed, 74 insertions(+), 48 deletions(-) diff --git a/README.dbk b/README.dbk index 5009c94..4c58cb5 100644 --- a/README.dbk +++ b/README.dbk @@ -41,8 +41,8 @@ may cause oopses. -
- Installation +
+ Installation MAP66 implements two pieces of software: a shared library that extends the ip6tables command and a Linux kernel module. The shared @@ -70,8 +70,8 @@
-
- DKMS Integration +
+ DKMS Integration If the next system update needs to install a new kernel version, you also need to re-compile/re-install the MAP66 kernel module. With @@ -94,11 +94,11 @@ sudo dkms install -m ip6t_MAP66 -v &VERSION; url="Read DKMS details here: https://wiki.kubuntu.org/Kernel/Dev/DKMSPackaging">https://wiki.kubuntu.org/Kernel/Dev/DKMSPackaging
-
- Configuration +
+ Configuration -
- Brief Version +
+ Brief Version You always need to add two ip6tables-rules to your netfilter configuration. One rule matches outgoing packets and changes their IPv6 @@ -128,8 +128,8 @@ ip6tables -t mangle -I PREROUTING -i eth0 -d 2001:0DB8:0001::/48 -j MAP66 &OPTD this.
-
- Detailed Version +
+ Detailed Version The following explanation details a living example from the wireless mesh network that is mentioned under
-
- IPv6/IPv4 Precedence +
+ IPv6/IPv4 Precedence With (EKU)buntu and eventually with RedHat, you will notice that your browser does not show the IPv6 version of a web site that is @@ -240,9 +240,14 @@ ip6tables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp- address higher than the ULA IPv6 address when choosing the transport protocol for a new Internet connection if this add on to the RFC 3484 rules is compiled in. For this reason, you may want to change the - precedence rules within /etc/gai.conf. + precedence rules within /etc/gai.conf (see ) or use another + prefix (see ). + +
+ Change gai.conf - The getaddrinfo() library function manages lists of label, precedence, and scope4 type entries. If the /etc/gai.conf file does not provide a single entry @@ -251,40 +256,60 @@ ip6tables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp- to uncomment all entries of a particular type for this. The label lines compare source addresses, the precedence lines compare destination addresses. - - - Change IPv6 Precedence - - - Open the /etc/gai.conf file as root user, - e.g. by executing sudo nano - /etc/gai.conf. - - - - Remove the leading hash character from the 8 lines starting with - #label. - - - - Re-add the hash character to the line stating #label - fc00::/7 6. - - - - Save the file. - - - - Restart your browser and re-try to browse to a multi-homed web - site. - - - - The above procedure removes the difference between standard IPv6 - source addresses and ULA type private IPv6 source addresses. Anything else - is unchanged. + + Change IPv6 Precedence + + + Open the /etc/gai.conf file as root user, + e.g. by executing sudo nano + /etc/gai.conf. + + + + Remove the leading hash character from the 8 lines starting + with #label. + + + + Re-add the hash character to the line stating #label + fc00::/7 6. + + + + Save the file. + + + + Restart your browser and re-try to browse to a multi-homed web + site. + + + + The above procedure removes the difference between standard IPv6 + source addresses and ULA type private IPv6 source addresses. Anything + else is unchanged. +
+ +
+ Use 6to4 Internal Address + + As an alternative solution, you may use 6to4 addresses in your + LAN. While the well known IPv4 adresses 10.0.0.0/8, 172.16.0.0/12, and + 192.168.0.0/16 still exist, it is unlikely that their 6to4 counterparts + 2002:0a00::/24, 2002:ac10::/28, and 2002:c0a8::/32 will be routed on the + Internet. Because 6to4 adresses are part of the official 2002::/3 + address prefix for the Internet, no difference between these addresses + and other Internet addresses are made by getaddrinfo(). + + If you already deployed ULA adresses in your network, you may be + interested in a solution that runs on my Freifunk router. The router + uses the IPv4 192.168.65.65/26 on it's LAN interface. The OLSR-based + mesh network uses an fdca:ffee:babe::/64 prefix. The following internal + mapping is configured for this: + + +
diff --git a/ip6t_MAP66.c b/ip6t_MAP66.c index 5f94f81..6446927 100644 --- a/ip6t_MAP66.c +++ b/ip6t_MAP66.c @@ -165,7 +165,6 @@ static bool MAP66_tg6_check( { const struct ip6t_MAP66_info *info = par->targinfo; - if (0 == ((IP6T_MAP66_OPT_DST_TO | IP6T_MAP66_OPT_SRC_TO) & info->mapflags)) { printk("MAP66: No --" IP6T_MAP66_DST_TO " nor --" IP6T_MAP66_SRC_TO "\n"); return false; diff --git a/libip6t_MAP66.c b/libip6t_MAP66.c index 219252d..a5502c3 100644 --- a/libip6t_MAP66.c +++ b/libip6t_MAP66.c @@ -100,6 +100,7 @@ static int MAP66_parse( xtables_error(PARAMETER_PROBLEM, "Multiple --" IP6T_MAP66_DST_TO " not supported"); } *flags |= IP6T_MAP66_OPT_DST_TO; + info->mapflags |= IP6T_MAP66_OPT_DST_TO; if (NULL == (p = strchr(optarg, '/'))) { xtables_error(PARAMETER_PROBLEM, "Missing '/' character in --" IP6T_MAP66_DST_TO ": \"%s\"", optarg); } @@ -130,6 +131,7 @@ static int MAP66_parse( xtables_error(PARAMETER_PROBLEM, "Multiple --" IP6T_MAP66_SRC_TO " not supported"); } *flags |= IP6T_MAP66_OPT_SRC_TO; + info->mapflags |= IP6T_MAP66_OPT_SRC_TO; if (NULL == (p = strchr(optarg, '/'))) { xtables_error(PARAMETER_PROBLEM, "Missing '/' character in --" IP6T_MAP66_SRC_TO ": \"%s\"", optarg); } -- cgit v1.2.3