-
-
Save Arduous/8b572bbbcc9f65aad585 to your computer and use it in GitHub Desktop.
Swisscom 6rd script for DD-WRT 2.6 kernel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# This adds the appropriate 6rd tunnel for Swisscom users with a DD-WRT based router. | |
# Script forked from | |
# https://gist.github.com/VictorLowther/2969270 | |
# using info from | |
# http://vincent.bernat.im/en/blog/2014-swisscom-router.html | |
# Get it copied to /tmp/etc/config/(whatever).wanup, | |
# The following is relevant for PPP, not sure it is for DHCP | |
# and then ln -s /tmp/etc/config/(whatever).ipup to it. | |
# The Swisscom customer 6rd gateway. | |
REMOTE=193.5.29.1 | |
# Your local IP address. | |
LOCAL="$(nvram get wan_ipaddr)" | |
# Your local IP address as a Swisscom specific 6rd prefix. | |
# With Swisscom's prefix length of 28 bits and 32 bits of IP subnet is only 4 bits. | |
# SUBNET's value is [0..15] | |
SUBNET=1 | |
V6PREFIX="$(printf '%02X%02X%02X%02X%X' $(echo $LOCAL $SUBNET | tr '.' ' ') | awk '{print "2a02:120" substr($1,1,1) ":" substr($1,2,4) ":" substr($1,6,7) }')" | |
# The local address that will wind up assigned to your bridge | |
V6LOCAL=$V6PREFIX::1/64 | |
# The remote address bound to the sit tunnel to the 6rd gateway | |
V6REMOTE=$V6PREFIX::2/28 | |
# The name of the tunnel | |
TUNNEL=6rd | |
# The MTU of the tunnel. See references | |
MTU=1472 | |
# Make sure we have needed kernel modules | |
insmod ipv6 | |
insmod sit | |
# Stock modules are too old for proper firewall operations. | |
# These were found from http://www.dd-wrt.com/phpBB2/viewtopic.php?p=732628 | |
insmod /opt/home/root/ip6tables.ko | |
insmod /opt/home/root/ip6_tables.ko | |
insmod /opt/home/root/ip6table_filter.ko | |
insmod /opt/home/root/ip6t_rt.ko | |
insmod /opt/home/root/nf_conntrack_ipv6.ko | |
# Set up the IPv6 firewall | |
ip6tables-restore < /opt/etc/ip6tables.rules | |
# Clean up any leftovers. This ensures we start with a fresh tunnel the script is starting. | |
killall radvd | |
ip -6 addr flush dev br0 scope global | |
ip -6 addr flush dev $TUNNEL scope global | |
ip -6 route flush dev br0 | |
ip -6 route flush dev $TUNNEL | |
ip link set $TUNNEL down | |
ip tunnel del $TUNNEL | |
# Create our tunnel. | |
ip tunnel add $TUNNEL mode sit remote $REMOTE local $LOCAL ttl 64 | |
ip link set $TUNNEL up | |
ip link set mtu $MTU dev $TUNNEL | |
ip addr add $V6REMOTE dev $TUNNEL | |
ip addr add $V6LOCAL dev br0 | |
ip route add ::/0 dev $TUNNEL | |
# Make sure we forward IPv6 packets | |
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding | |
# Create an RADVD config file and start radvd to let everyone on our local network get an auto-assigned IP6 address. | |
cat >/tmp/radvd.conf <<EOF | |
interface br0 { | |
AdvLinkMTU $MTU; | |
AdvSendAdvert on; | |
prefix $V6PREFIX::/64 { | |
AdvOnLink on; | |
AdvAutonomous on; | |
AdvRouterAddr on; | |
}; | |
}; | |
EOF | |
radvd -C /tmp/radvd.conf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment