From 40b4fb4f14a8e8bc2659aeddfdd23d3d63bb0ccb Mon Sep 17 00:00:00 2001
From: Maurice Walker <maurice@walker.earth>
Date: Wed, 29 Jun 2022 15:16:17 +0200
Subject: [PATCH] net/tayga: add custom IPv6 routing feature (#2313)

* Convert TAYGA virtual interface to interface group

Allows nat64 interface assignment (required for adding custom routes).

* Add nat64 interface to tayga interface group

Required because TAYGA virtual interface was converted to interface group in c350c81e49a89b9d57d3a86355907910b589a098.

* Add TAYGA configuration item to disable IPv6 route

* Add TAYGA GUI option to disable IPv6 prefix route

Required for adding custom routes.

* Add variable for disabling TAYGA IPv6 route

Required for adding custom routes.

* Add IPv6 route disable switch to TAYGA rc.d

Required for adding custom routes.

* Update TAYGA plugin to version 1.2

New feature: Custom IPv6 Routing

* Update TAYGA plugin to version 1.2

New feature: Custom IPv6 Routing

* Configure routes after TAYGA start

Required for custom routes.
---
 net/tayga/Makefile                                    |  3 +--
 net/tayga/pkg-descr                                   |  4 ++++
 net/tayga/src/etc/inc/plugins.inc.d/tayga.inc         |  4 ++--
 net/tayga/src/etc/rc.d/opnsense-tayga                 |  5 ++++-
 .../app/controllers/OPNsense/Tayga/forms/general.xml  |  6 ++++++
 .../mvc/app/models/OPNsense/Tayga/General.xml         |  6 +++++-
 .../service/conf/actions.d/actions_tayga.conf         | 11 +++++++++--
 .../opnsense/service/templates/OPNsense/Tayga/tayga   |  5 +++++
 8 files changed, 36 insertions(+), 8 deletions(-)

diff --git a/net/tayga/Makefile b/net/tayga/Makefile
index e350d4580..78cffb74a 100644
--- a/net/tayga/Makefile
+++ b/net/tayga/Makefile
@@ -1,6 +1,5 @@
 PLUGIN_NAME=		tayga
-PLUGIN_VERSION=		1.1
-PLUGIN_REVISION=	2
+PLUGIN_VERSION=		1.2
 PLUGIN_COMMENT=		Tayga NAT64
 PLUGIN_DEPENDS=		tayga
 PLUGIN_MAINTAINER=	m.muenz@gmail.com
diff --git a/net/tayga/pkg-descr b/net/tayga/pkg-descr
index 0ba5d319c..4ff06aba2 100644
--- a/net/tayga/pkg-descr
+++ b/net/tayga/pkg-descr
@@ -7,6 +7,10 @@ networks where dedicated NAT64 hardware would be overkill.
 Plugin Changelog
 ================
 
+1.2
+
+* Custom IPv6 routing option
+
 1.1
 
 * Register Tayga virtual interface
diff --git a/net/tayga/src/etc/inc/plugins.inc.d/tayga.inc b/net/tayga/src/etc/inc/plugins.inc.d/tayga.inc
index e27304334..8efe00f86 100644
--- a/net/tayga/src/etc/inc/plugins.inc.d/tayga.inc
+++ b/net/tayga/src/etc/inc/plugins.inc.d/tayga.inc
@@ -70,9 +70,9 @@ function tayga_interfaces()
         return $interfaces;
     }
     $oic = array('enable' => true);
-    $oic['if'] = 'nat64';
+    $oic['if'] = 'tayga';
     $oic['descr'] = 'Tayga';
-    $oic['type'] = 'none';
+    $oic['type'] = 'group';
     $oic['virtual'] = true;
     $oic['networks'] = array();
     $interfaces['tayga'] = $oic;
diff --git a/net/tayga/src/etc/rc.d/opnsense-tayga b/net/tayga/src/etc/rc.d/opnsense-tayga
index d86a7dca3..d911e8a69 100755
--- a/net/tayga/src/etc/rc.d/opnsense-tayga
+++ b/net/tayga/src/etc/rc.d/opnsense-tayga
@@ -29,8 +29,11 @@ tayga_start()
         sleep 1
         ifconfig nat64 inet ${tayga_v4destination}/32 ${tayga_v4address}
         ifconfig nat64 inet6 ${tayga_v6destination}/128
-        route -6 add ${tayga_v6prefix} -interface nat64
+        ifconfig nat64 group tayga
         route -4 add ${tayga_v4pool} -interface nat64
+        if [ "$tayga_v6routedisabled" != "YES" ]; then
+            route -6 add ${tayga_v6prefix} -interface nat64
+        fi
 }
 
 tayga_stop()
diff --git a/net/tayga/src/opnsense/mvc/app/controllers/OPNsense/Tayga/forms/general.xml b/net/tayga/src/opnsense/mvc/app/controllers/OPNsense/Tayga/forms/general.xml
index 14a6c5272..db60e2fc7 100644
--- a/net/tayga/src/opnsense/mvc/app/controllers/OPNsense/Tayga/forms/general.xml
+++ b/net/tayga/src/opnsense/mvc/app/controllers/OPNsense/Tayga/forms/general.xml
@@ -41,4 +41,10 @@
         <type>text</type>
         <help>IPv6 hosts which send traffic through Tayga will be dynamically assigned an IPv4 address from this pool. Can be any size, but each IPv6 host requires one address.</help>
     </field>
+    <field>
+        <id>general.v6routedisabled</id>
+        <label>Custom IPv6 Routing</label>
+        <type>checkbox</type>
+        <help>This is an advanced setting for selective routing scenarios. It will prevent installing the route which routes the IPv6 Prefix to Tayga. This requires assigning and locking the nat64 interface, enabling dynamic gateway policy, configuring a dynamic IPv6 gateway and adding custom routes.</help>
+    </field>
 </form>
diff --git a/net/tayga/src/opnsense/mvc/app/models/OPNsense/Tayga/General.xml b/net/tayga/src/opnsense/mvc/app/models/OPNsense/Tayga/General.xml
index 63680a3db..3b8931b41 100644
--- a/net/tayga/src/opnsense/mvc/app/models/OPNsense/Tayga/General.xml
+++ b/net/tayga/src/opnsense/mvc/app/models/OPNsense/Tayga/General.xml
@@ -1,7 +1,7 @@
 <model>
     <mount>//OPNsense/tayga/general</mount>
     <description>Tayga configuration</description>
-    <version>0.0.4</version>
+    <version>1.2.0</version>
     <items>
         <enabled type="BooleanField">
             <default>0</default>
@@ -30,5 +30,9 @@
             <default>192.168.255.0/24</default>
             <Required>Y</Required>
         </v4pool>
+        <v6routedisabled type="BooleanField">
+            <default>0</default>
+            <Required>Y</Required>
+        </v6routedisabled>
     </items>
 </model>
diff --git a/net/tayga/src/opnsense/service/conf/actions.d/actions_tayga.conf b/net/tayga/src/opnsense/service/conf/actions.d/actions_tayga.conf
index 5d4cf502a..9b114dff9 100644
--- a/net/tayga/src/opnsense/service/conf/actions.d/actions_tayga.conf
+++ b/net/tayga/src/opnsense/service/conf/actions.d/actions_tayga.conf
@@ -5,13 +5,20 @@ type:script_output
 message:stopping tayga
 
 [start]
-command:/usr/local/opnsense/scripts/OPNsense/Tayga/setup.sh; /usr/local/etc/rc.d/opnsense-tayga start
+command:
+    /usr/local/opnsense/scripts/OPNsense/Tayga/setup.sh;
+    /usr/local/etc/rc.d/opnsense-tayga start;
+    /usr/local/etc/rc.routing_configure
 parameters:
 type:script_output
 message:starting tayga
 
 [restart]
-command:/usr/local/etc/rc.d/opnsense-tayga stop; /usr/local/opnsense/scripts/OPNsense/Tayga/setup.sh; /usr/local/etc/rc.d/opnsense-tayga start
+command:
+    /usr/local/etc/rc.d/opnsense-tayga stop;
+    /usr/local/opnsense/scripts/OPNsense/Tayga/setup.sh;
+    /usr/local/etc/rc.d/opnsense-tayga start;
+    /usr/local/etc/rc.routing_configure
 parameters:
 type:script_output
 message:restarting tayga
diff --git a/net/tayga/src/opnsense/service/templates/OPNsense/Tayga/tayga b/net/tayga/src/opnsense/service/templates/OPNsense/Tayga/tayga
index c84c7881d..93cae0d9e 100644
--- a/net/tayga/src/opnsense/service/templates/OPNsense/Tayga/tayga
+++ b/net/tayga/src/opnsense/service/templates/OPNsense/Tayga/tayga
@@ -7,6 +7,11 @@ tayga_v4pool={{ OPNsense.tayga.general.v4pool }}
 tayga_v6prefix={{ OPNsense.tayga.general.v6prefix }}
 tayga_v6address={{ OPNsense.tayga.general.v6address }}
 tayga_v6destination={{ OPNsense.tayga.general.v6destination }}
+{% if helpers.exists('OPNsense.tayga.general.v6routedisabled') and OPNsense.tayga.general.v6routedisabled == '1' %}
+tayga_v6routedisabled="YES"
+{% else %}
+tayga_v6routedisabled="NO"
+{% endif %}
 {% else %}
 tayga_enable="NO"
 {% endif %}