From 864af63f4e4192b3aea5a5310d6bc3f1bad5c13d Mon Sep 17 00:00:00 2001
From: Monviech <79600909+Monviech@users.noreply.github.com>
Date: Tue, 12 Nov 2024 13:59:52 +0100
Subject: [PATCH] net/ndproxy: Add os-ndproxy plugin (#4348)

* net/ndproxy: Add os-ndproxy plugin

* net/ndproxy: Fix a few small errors.

* net/ndproxy: Fix a few small errors.

* Update net/ndproxy/src/etc/inc/plugins.inc.d/ndproxy.inc

Co-authored-by: Franco Fichtner <franco@lastsummer.de>

* Update net/ndproxy/src/etc/inc/plugins.inc.d/ndproxy.inc

Co-authored-by: Franco Fichtner <franco@lastsummer.de>

* net/ndproxy: Cleanup view to use base_form and SimpleActionButton

---------

Co-authored-by: Franco Fichtner <franco@lastsummer.de>
---
 net/ndproxy/Makefile                          |  7 ++
 net/ndproxy/pkg-descr                         |  8 ++
 .../src/etc/inc/plugins.inc.d/ndproxy.inc     | 64 ++++++++++++++++
 .../Ndproxy/Api/GeneralController.php         | 40 ++++++++++
 .../Ndproxy/Api/ServiceController.php         | 41 +++++++++++
 .../OPNsense/Ndproxy/GeneralController.php    | 42 +++++++++++
 .../Ndproxy/forms/Api/GeneralController.php   | 40 ++++++++++
 .../Ndproxy/forms/Api/ServiceController.php   | 41 +++++++++++
 .../Ndproxy/forms/GeneralController.php       | 42 +++++++++++
 .../OPNsense/Ndproxy/forms/general.xml        | 40 ++++++++++
 .../app/models/OPNsense/Ndproxy/ACL/ACL.xml   | 10 +++
 .../app/models/OPNsense/Ndproxy/Menu/Menu.xml |  5 ++
 .../app/models/OPNsense/Ndproxy/Ndproxy.php   | 66 +++++++++++++++++
 .../app/models/OPNsense/Ndproxy/Ndproxy.xml   | 27 +++++++
 .../app/views/OPNsense/Ndproxy/general.volt   | 73 +++++++++++++++++++
 .../conf/actions.d/actions_ndproxy.conf       | 24 ++++++
 .../templates/OPNsense/Ndproxy/+TARGETS       |  1 +
 .../OPNsense/Ndproxy/rc.conf.d/ndproxy        | 19 +++++
 18 files changed, 590 insertions(+)
 create mode 100644 net/ndproxy/Makefile
 create mode 100644 net/ndproxy/pkg-descr
 create mode 100644 net/ndproxy/src/etc/inc/plugins.inc.d/ndproxy.inc
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/GeneralController.php
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/ServiceController.php
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/GeneralController.php
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/GeneralController.php
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/ServiceController.php
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/GeneralController.php
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/general.xml
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/ACL/ACL.xml
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Menu/Menu.xml
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.php
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.xml
 create mode 100644 net/ndproxy/src/opnsense/mvc/app/views/OPNsense/Ndproxy/general.volt
 create mode 100644 net/ndproxy/src/opnsense/service/conf/actions.d/actions_ndproxy.conf
 create mode 100644 net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/+TARGETS
 create mode 100644 net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/rc.conf.d/ndproxy

diff --git a/net/ndproxy/Makefile b/net/ndproxy/Makefile
new file mode 100644
index 000000000..17d690256
--- /dev/null
+++ b/net/ndproxy/Makefile
@@ -0,0 +1,7 @@
+PLUGIN_NAME=		ndproxy
+PLUGIN_VERSION=		1.0
+PLUGIN_DEPENDS=		ndproxy
+PLUGIN_COMMENT=		Neighbor Discovery Proxy
+PLUGIN_MAINTAINER=	cedrik@pischem.com
+
+.include "../../Mk/plugins.mk"
diff --git a/net/ndproxy/pkg-descr b/net/ndproxy/pkg-descr
new file mode 100644
index 000000000..ee59b68dd
--- /dev/null
+++ b/net/ndproxy/pkg-descr
@@ -0,0 +1,8 @@
+Ndproxy is a kernel module that implements IPv6 Neighbor Discovery proxying over Ethernet-like access networks.
+
+Plugin Changelog
+================
+
+1.0
+
+* Initial Release
diff --git a/net/ndproxy/src/etc/inc/plugins.inc.d/ndproxy.inc b/net/ndproxy/src/etc/inc/plugins.inc.d/ndproxy.inc
new file mode 100644
index 000000000..aead8fa56
--- /dev/null
+++ b/net/ndproxy/src/etc/inc/plugins.inc.d/ndproxy.inc
@@ -0,0 +1,64 @@
+<?php
+
+/*
+ * Copyright (C) 2024 Cedrik Pischem
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+function ndproxy_services()
+{
+    global $config;
+
+    $services = [];
+
+    if (isset($config['OPNsense']['ndproxy']['general']['enabled']) &&
+        $config['OPNsense']['ndproxy']['general']['enabled'] == 1) {
+        $services[] = [
+            'description' => gettext('Ndproxy'),
+            'configd' => [
+                'start' => ['ndproxy start'],
+                'restart' => ['ndproxy restart'],
+                'stop' => ['ndproxy stop'],
+            ],
+            'name' => 'ndproxy',
+            'nocheck' => true,
+        ];
+    }
+
+    return $services;
+}
+
+function ndproxy_xmlrpc_sync()
+{
+    $result = [];
+
+    $result[] = array(
+        'description' => gettext('Ndproxy'),
+        'section' => 'OPNsense.ndproxy',
+        'id' => 'ndproxy',
+        'services' => ["ndproxy"],
+    );
+
+    return $result;
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/GeneralController.php b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/GeneralController.php
new file mode 100644
index 000000000..3fe747dc6
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/GeneralController.php
@@ -0,0 +1,40 @@
+<?php
+
+/**
+ *    Copyright (C) 2024 Cedrik Pischem
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Ndproxy\Api;
+
+use OPNsense\Base\ApiMutableModelControllerBase;
+use OPNsense\Core\Config;
+
+class GeneralController extends ApiMutableModelControllerBase
+{
+    protected static $internalModelName = 'ndproxy';
+    protected static $internalModelClass = 'OPNsense\Ndproxy\Ndproxy';
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/ServiceController.php b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/ServiceController.php
new file mode 100644
index 000000000..55d3983dc
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/Api/ServiceController.php
@@ -0,0 +1,41 @@
+<?php
+
+/**
+ *    Copyright (C) 2024 Cedrik Pischem
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Ndproxy\Api;
+
+use OPNsense\Base\ApiMutableServiceControllerBase;
+
+class ServiceController extends ApiMutableServiceControllerBase
+{
+    protected static $internalServiceClass = '\OPNsense\Ndproxy\Ndproxy';
+    protected static $internalServiceTemplate = 'OPNsense/Ndproxy';
+    protected static $internalServiceEnabled = 'general.enabled';
+    protected static $internalServiceName = 'ndproxy';
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/GeneralController.php b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/GeneralController.php
new file mode 100644
index 000000000..d97a29a22
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/GeneralController.php
@@ -0,0 +1,42 @@
+<?php
+
+/**
+ *    Copyright (C) 2024 Cedrik Pischem
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Ndproxy;
+
+use OPNsense\Base\IndexController;
+
+class GeneralController extends IndexController
+{
+    public function indexAction()
+    {
+        $this->view->pick('OPNsense/Ndproxy/general');
+        $this->view->generalForm = $this->getForm("general");
+    }
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/GeneralController.php b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/GeneralController.php
new file mode 100644
index 000000000..3fe747dc6
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/GeneralController.php
@@ -0,0 +1,40 @@
+<?php
+
+/**
+ *    Copyright (C) 2024 Cedrik Pischem
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Ndproxy\Api;
+
+use OPNsense\Base\ApiMutableModelControllerBase;
+use OPNsense\Core\Config;
+
+class GeneralController extends ApiMutableModelControllerBase
+{
+    protected static $internalModelName = 'ndproxy';
+    protected static $internalModelClass = 'OPNsense\Ndproxy\Ndproxy';
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/ServiceController.php b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/ServiceController.php
new file mode 100644
index 000000000..55d3983dc
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/Api/ServiceController.php
@@ -0,0 +1,41 @@
+<?php
+
+/**
+ *    Copyright (C) 2024 Cedrik Pischem
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Ndproxy\Api;
+
+use OPNsense\Base\ApiMutableServiceControllerBase;
+
+class ServiceController extends ApiMutableServiceControllerBase
+{
+    protected static $internalServiceClass = '\OPNsense\Ndproxy\Ndproxy';
+    protected static $internalServiceTemplate = 'OPNsense/Ndproxy';
+    protected static $internalServiceEnabled = 'general.enabled';
+    protected static $internalServiceName = 'ndproxy';
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/GeneralController.php b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/GeneralController.php
new file mode 100644
index 000000000..d97a29a22
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/GeneralController.php
@@ -0,0 +1,42 @@
+<?php
+
+/**
+ *    Copyright (C) 2024 Cedrik Pischem
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Ndproxy;
+
+use OPNsense\Base\IndexController;
+
+class GeneralController extends IndexController
+{
+    public function indexAction()
+    {
+        $this->view->pick('OPNsense/Ndproxy/general');
+        $this->view->generalForm = $this->getForm("general");
+    }
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/general.xml b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/general.xml
new file mode 100644
index 000000000..09f6ed144
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/controllers/OPNsense/Ndproxy/forms/general.xml
@@ -0,0 +1,40 @@
+<form>
+    <field>
+        <type>header</type>
+        <label>General Settings</label>
+    </field>
+    <field>
+        <id>ndproxy.general.enabled</id>
+        <label>Enable</label>
+        <type>checkbox</type>
+        <help><![CDATA[Enable or disable ndproxy.]]></help>
+    </field>
+    <field>
+        <id>ndproxy.general.ndproxy_uplink_interface</id>
+        <label>Uplink Interface</label>
+        <type>dropdown</type>
+        <help><![CDATA[Choose the uplink interface which receives the external IPv6 prefix from the ISP. Usually, this is the WAN interface.]]></help>
+    </field>
+    <field>
+        <id>ndproxy.general.ndproxy_downlink_mac_address</id>
+        <label>Downlink MAC Address</label>
+        <type>text</type>
+        <help><![CDATA[Enter the MAC address of the downlink interface that will distribute the external IPv6 prefix of the upstream interface. Usually, this is the LAN interface.]]></help>
+    </field>
+    <field>
+        <id>ndproxy.general.ndproxy_uplink_ipv6_addresses</id>
+        <label>Uplink IPv6 Addresses</label>
+        <type>select_multiple</type>
+        <style>tokenize</style>
+        <allownew>true</allownew>
+        <help><![CDATA[Define IPv6 addresses of the Provider Edge (PE) router(s). These addresses represent the sources from which ndproxy will handle and respond to NDP traffic. Defining these addresses ensures that ndproxy only proxies traffic from trusted upstream routers.]]></help>
+    </field>
+    <field>
+        <id>ndproxy.general.ndproxy_exception_ipv6_addresses</id>
+        <label>Exception IPv6 Addresses</label>
+        <type>select_multiple</type>
+        <style>tokenize</style>
+        <allownew>true</allownew>
+        <help><![CDATA[Define IPv6 addresses that should be excepted from proxying. This is to prevent ndproxy from handling NDP requests for specific addresses on the network that should be managed by other devices. Can be left empty for simple networks.]]></help>
+    </field>
+</form>
diff --git a/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/ACL/ACL.xml b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/ACL/ACL.xml
new file mode 100644
index 000000000..a2aa1cba5
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/ACL/ACL.xml
@@ -0,0 +1,10 @@
+<acl>
+    <page-ndproxy-general>
+        <name>Services: Ndproxy: General Settings</name>
+        <description>Allow access to Ndproxy General Settings</description>
+        <patterns>
+            <pattern>ui/ndproxy/general/*</pattern>
+            <pattern>api/ndproxy/general/*</pattern>
+        </patterns>
+    </page-ndproxy-general>
+</acl>
diff --git a/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Menu/Menu.xml b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Menu/Menu.xml
new file mode 100644
index 000000000..32ba653a7
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Menu/Menu.xml
@@ -0,0 +1,5 @@
+<menu>
+    <Services>
+        <Ndproxy VisibleName="Ndproxy" cssClass="fa fa-bullseye fa-fw" url="/ui/ndproxy/general"/>
+    </Services>
+</menu>
diff --git a/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.php b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.php
new file mode 100644
index 000000000..1db32ccfc
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.php
@@ -0,0 +1,66 @@
+<?php
+
+/**
+ *    Copyright (C) 2024 Cedrik Pischem
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Ndproxy;
+
+use OPNsense\Base\BaseModel;
+use OPNsense\Base\Messages\Message;
+
+class Ndproxy extends BaseModel
+{
+    private function checkConfiguration($messages)
+    {
+        if ((string)$this->general->enabled === '1') {
+            $requiredFields = [
+                'ndproxy_uplink_interface',
+                'ndproxy_downlink_mac_address',
+                'ndproxy_uplink_ipv6_addresses'
+            ];
+
+            foreach ($requiredFields as $field) {
+                if (empty((string)$this->general->$field)) {
+                    $messages->appendMessage(new Message(
+                        gettext('Field is required to enable Ndproxy.'),
+                        "general." . $field
+                    ));
+                }
+            }
+        }
+    }
+
+    public function performValidation($validateFullModel = false)
+    {
+        $messages = parent::performValidation($validateFullModel);
+
+        $this->checkConfiguration($messages);
+
+        return $messages;
+    }
+}
diff --git a/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.xml b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.xml
new file mode 100644
index 000000000..1076dd811
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/models/OPNsense/Ndproxy/Ndproxy.xml
@@ -0,0 +1,27 @@
+<model>
+    <mount>//OPNsense/ndproxy</mount>
+    <description>ndproxy configuration model</description>
+    <version>1.0</version>
+    <items>
+        <general>
+            <enabled type="BooleanField">
+                <Default>0</Default>
+                <Required>Y</Required>
+            </enabled>
+            <ndproxy_uplink_interface type="InterfaceField"/>
+            <ndproxy_downlink_mac_address type="MacAddressField"/>
+            <ndproxy_exception_ipv6_addresses type="NetworkField">
+                <AddressFamily>ipv6</AddressFamily>
+                <FieldSeparator>,</FieldSeparator>
+                <AsList>Y</AsList>
+                <ValidationMessage>Please enter one or multiple valid IPv6 addresses.</ValidationMessage>
+            </ndproxy_exception_ipv6_addresses>
+            <ndproxy_uplink_ipv6_addresses type="NetworkField">
+                <AddressFamily>ipv6</AddressFamily>
+                <FieldSeparator>,</FieldSeparator>
+                <AsList>Y</AsList>
+                <ValidationMessage>Please enter one or multiple valid IPv6 addresses.</ValidationMessage>
+            </ndproxy_uplink_ipv6_addresses>
+        </general>
+    </items>
+</model>
diff --git a/net/ndproxy/src/opnsense/mvc/app/views/OPNsense/Ndproxy/general.volt b/net/ndproxy/src/opnsense/mvc/app/views/OPNsense/Ndproxy/general.volt
new file mode 100644
index 000000000..5e212445b
--- /dev/null
+++ b/net/ndproxy/src/opnsense/mvc/app/views/OPNsense/Ndproxy/general.volt
@@ -0,0 +1,73 @@
+{#
+ # Copyright (c) 2024 Cedrik Pischem
+ # All rights reserved.
+ #
+ # Redistribution and use in source and binary forms, with or without modification,
+ # are permitted provided that the following conditions are met:
+ #
+ # 1. Redistributions of source code must retain the above copyright notice,
+ #    this list of conditions and the following disclaimer.
+ #
+ # 2. Redistributions in binary form must reproduce the above copyright notice,
+ #    this list of conditions and the following disclaimer in the documentation
+ #    and/or other materials provided with the distribution.
+ #
+ # THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ # INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ # AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ # AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ # POSSIBILITY OF SUCH DAMAGE.
+ #}
+
+<script>
+    $(document).ready(function() {
+        mapDataToFormUI({'frm_GeneralSettings': "/api/ndproxy/general/get"}).done(function() {
+            formatTokenizersUI();
+            $('.selectpicker').selectpicker('refresh');
+            updateServiceControlUI('ndproxy');
+        });
+
+        $("#reconfigureAct").SimpleActionButton({
+            onPreAction: function() {
+                const dfObj = $.Deferred();
+                saveFormToEndpoint("/api/ndproxy/general/set", 'frm_GeneralSettings', dfObj.resolve, true, dfObj.reject);
+                return dfObj;
+            },
+            onAction: function(data, status) {
+                if (status === "success" && data.status === 'ok') {
+                    ajaxCall("/api/ndproxy/service/reconfigure", {}, function(reconfigData, reconfigStatus) {
+                        if (reconfigStatus === "success" && reconfigData.status === 'ok') {
+                            updateServiceControlUI('ndproxy');
+                        }
+                    });
+                }
+            }
+        });
+
+        updateServiceControlUI('ndproxy');
+    });
+</script>
+
+<section class="page-content-main">
+    <div class="content-box">
+        {{ partial("layout_partials/base_form", ['fields': generalForm, 'id': 'frm_GeneralSettings']) }}
+    </div>
+    <br/>
+    <div class="content-box">
+        <div class="col-md-12">
+            <br/>
+            <button class="btn btn-primary" id="reconfigureAct"
+                    data-endpoint="/api/ndproxy/service/reconfigure"
+                    data-label="{{ lang._('Apply') }}"
+                    type="button">
+                {{ lang._('Apply') }}
+            </button>
+            <br/><br/>
+        </div>
+    </div>
+</section>
diff --git a/net/ndproxy/src/opnsense/service/conf/actions.d/actions_ndproxy.conf b/net/ndproxy/src/opnsense/service/conf/actions.d/actions_ndproxy.conf
new file mode 100644
index 000000000..eeb5174bb
--- /dev/null
+++ b/net/ndproxy/src/opnsense/service/conf/actions.d/actions_ndproxy.conf
@@ -0,0 +1,24 @@
+[start]
+command:service ndproxy start
+parameters:
+type:script
+message:Starting ndproxy service
+
+[stop]
+command:service ndproxy stop
+parameters:
+type:script
+message:Stopping ndproxy service
+
+[restart]
+command:service ndproxy restart
+parameters:
+type:script
+message:Restarting ndproxy service
+description:Restart ndproxy service
+
+[status]
+command:/usr/local/sbin/pluginctl -s ndproxy status
+parameters:
+type:script_output
+message:Request ndproxy status
diff --git a/net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/+TARGETS b/net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/+TARGETS
new file mode 100644
index 000000000..181513c0d
--- /dev/null
+++ b/net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/+TARGETS
@@ -0,0 +1 @@
+rc.conf.d/ndproxy:/etc/rc.conf.d/ndproxy
diff --git a/net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/rc.conf.d/ndproxy b/net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/rc.conf.d/ndproxy
new file mode 100644
index 000000000..f907ee032
--- /dev/null
+++ b/net/ndproxy/src/opnsense/service/templates/OPNsense/Ndproxy/rc.conf.d/ndproxy
@@ -0,0 +1,19 @@
+# DO NOT EDIT THIS FILE -- OPNsense auto-generated file
+{% set generalSettings = helpers.getNodeByTag('OPNsense.ndproxy.general') %}
+{% if generalSettings.enabled|default("0") == "1" %}
+ndproxy_enable="YES"
+{%     if generalSettings.ndproxy_uplink_interface %}
+ndproxy_uplink_interface="{{ helpers.physical_interface(generalSettings.ndproxy_uplink_interface) }}"
+{%     endif %}
+{%     if generalSettings.ndproxy_downlink_mac_address %}
+ndproxy_downlink_mac_address="{{ generalSettings.ndproxy_downlink_mac_address }}"
+{%     endif %}
+{%     if generalSettings.ndproxy_exception_ipv6_addresses %}
+ndproxy_exception_ipv6_addresses="{{ generalSettings.ndproxy_exception_ipv6_addresses | replace(',', ';') }}"
+{%     endif %}
+{%     if generalSettings.ndproxy_uplink_ipv6_addresses %}
+ndproxy_uplink_ipv6_addresses="{{ generalSettings.ndproxy_uplink_ipv6_addresses | replace(',', ';') }}"
+{%     endif %}
+{% else %}
+ndproxy_enable="NO"
+{% endif %}