1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 |
- #!/usr/bin/lua
- -- This script must be ordered after 300-gluon-client-bridge-network, as
- -- it overrides parts of network.client
- local site = require 'gluon.site_config'
- local sysconfig = require 'gluon.sysconfig'
- local sysctl = require 'gluon.sysctl'
- local uci = require('simple-uci').cursor()
- uci:section('network', 'interface', 'client', {
- ipv6 = true,
- proto = 'dhcpv6',
- reqprefix = 'no',
- peerdns = not (site.dns and site.dns.servers),
- sourcefilter = false,
- keep_ra_dnslifetime = true,
- robustness = 3,
- query_interval = 2000,
- query_response_interval = 500,
- })
- uci:delete('network', 'client_lan')
- if sysconfig.lan_ifname then
- uci:section('network', 'interface', 'client_lan', {
- unicast_flood = false,
- ifname = sysconfig.lan_ifname,
- })
- end
- uci:delete('network', 'local_node_route6')
- uci:section('network', 'route6', 'local_node_route6', {
- interface = 'client',
- target = site.prefix6,
- gateway = '::',
- })
- uci:save('network')
- uci:section('firewall', 'zone', 'client', {
- input = 'ACCEPT',
- output = 'ACCEPT',
- forward = 'REJECT',
- })
- uci:section('firewall', 'rule', 'client_dns', {
- name = 'client_dns',
- src = 'client',
- dest_port = '53',
- target = 'REJECT',
- })
- uci:delete('firewall', 'local_node')
- uci:section('firewall', 'zone', 'local_node', {
- name = 'local_node',
- network = {'local_node'},
- input = 'ACCEPT',
- output = 'ACCEPT',
- forward = 'REJECT',
- })
- uci:delete('firewall', 'local_node_dns')
- uci:save('firewall')
- sysctl.set('net.ipv6.conf.local-node.forwarding', 0)
|