Make sure you do ipkg -d root -force-depends install {package}
Code:
insmod ipv6
#don't load these if you have kernel 2.6, wait on working modules
insmod /jffs/lib/modules/2.4.34/ip6_tables.o
insmod /jffs/lib/modules/2.4.34/ip6table_filter.o
insmod /jffs/lib/modules/2.4.34/ip6t_multiport.o
#if you are using 2.6, comment the above 3 lines and uncomment this
#insmod sit
# The IPv6 prefix (/64) of the tunnel initially assigned to you (including the ::).
TUNNELPREFIX="2001:4830:1600:200::"
# The IPv4 address of the PoP you're using
SIXXS4="66.117.47.200"
# The Routed IPv6 Subnet (/48 or /64)
#TUNNELSUBNET="2001:4830:1600::/48"
# MTU - must match your SixXS tunnel settings and radvd's "AdvLinkMTU" value
MTU=1480
# Which interface are you using? sixxs or he-ipv6? You can keep it to something else but to stay consistent with other scripts, use one of those.
INTERFACE="sixxs"
# Get the tunnel endpoint addresses
MYTUNNELIP="${TUNNELPREFIX}2"
SIXXSTUNNELIP="${TUNNELPREFIX}1"
# Create tunnel, fix MTU and bring up and configure endpoint
ip tunnel add ${INTERFACE} mode sit remote ${SIXXS4} ttl 64
ip link set mtu ${MTU} dev ${INTERFACE}
ip link set ${INTERFACE} up
ip addr add ${MYTUNNELIP}/64 dev ${INTERFACE}
# Configure IPv6 endpoint on br0
if [ ! -z ${TUNNELSUBNET} ]; then
ip addr add ${TUNNELSUBNET} dev br0
# uncomment if you want to manually start radvd instance and not use web interface
# radvd -C /jffs/radvd.conf &
fi
# Add default routes
ip route add default via ${SIXXSTUNNELIP} dev ${INTERFACE} metric 1
ip route add 2000::/3 via ${SIXXSTUNNELIP} dev ${INTERFACE} metric 1
# make sure to accept proto-41
iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT
# uncomment if you are using repeater mode
# iptables -I INPUT 2 -p ipv6 -i eth0 -j ACCEPT
#make sure to not NAT proto-41
iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE
# uncomment if you are using repeater mode
# iptables -t nat -A POSTROUTING --proto ! 41 -o vlan1 -j MASQUERADE
# Set firewall directory and correct path
export IP6TABLES_LIB_DIR=/jffs/usr/lib/iptables
PATH="$PATH":/jffs/usr/sbin
#flush tables
ip6tables -F
#drop invalid
ip6tables -A INPUT -m rt --rt-type 0 -j DROP
ip6tables -A FORWARD -m rt --rt-type 0 -j DROP
ip6tables -A OUTPUT -m rt --rt-type 0 -j DROP
#allow common ports
ip6tables -A FORWARD -p tcp -i ${INTERFACE} --syn -m multiport --dports ftp-data,ftp,http,https,ntp,domain -j ACCEPT
ip6tables -A FORWARD -p tcp -i ${INTERFACE} --syn -j DROP
ip6tables -A FORWARD -p udp -i ${INTERFACE} -m multiport --dports ntp,domain -j ACCEPT
ip6tables -A FORWARD -p udp -i ${INTERFACE} -j DROP
Then hit save startup, then go to Management and enable ipv6.
Then enable radvd (only if you have a routed subnet!) and in the config put: !! make sure to change the prefix to a /64 subnet assigned to you !!
The AdvLinkMTU should match the max MTU on the device and not just the one above. (From Jeroen Massar at Sixxs)
MAKE SURE YOU DO NOT RUN tcpdump WITHOUT AN INTERFACE! Run tcpdump -i sixxs or tcpdump -i he-ipv6 otherwise your router will crash. Also, if you are dumping to a file, it doesn't save the file till tcpdump quits so you have to Ctrl-C to push output to file
I finally found and posted the ipk packages for the IPv6 tools, I added a few new firewall rules to drop packets that are not going to the correct subnet, or are invalid packets. Also, added firewall rule to make sure that the pronto-41 packets are not stored in the state table.
Added support for routers in repeater mode.
Made it a little easier by putting everything in a startup script instead of splitting everything up and thus you only have to change 1 set of variables (excluding radvd).
Good point and I'm sorry if some of it is duplicated, I was asked by a few friends for a quick and easy script to just throw into the startup script column. I would have emailed it but I thought I should just post it on here so other people could see/comment on it. It has the variables and the firewall config all in one area so people can just change the variables at the top and not have to worry about what else is going on.
Here are Pandora's instructions for LOCAL 6to4, no tunneling needed. You CAN copy and paste these, they are not specific meaning anyone can use them on their rig. Just pay attention to the WAN VLAN bit.
FOR K24:
Pandora-Box wrote:
Hi,
this is for those interested.
I have IPv6 working on WRT610N.
There were some changes since IPv6 Wiki was written.
So here it is how I managed.
BTW, I use only 6to4 (no SixXS, no AICCU).
Note: since sometime radvd.conf has to be started from /tmp location (I experienced IPv6 issues, thus two entries in startup command, what resolved my issues).
Also, on WRT610N I have noticed that I get external IP from vlan2 (not from vlan1), what had to be adjusted accordingly in both radvd.conf and startup cmd.
Here they are:
insmod /lib/modules/2.4.37/ipv6.o
sleep 5
radvd -C /tmp/radvd.conf start
sleep 5
WANIP=$(ip -4 addr show dev vlan2 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1)
if [ -n "$WANIP" ]
then
V6PREFIX=$(printf '2002:%02x%02x:%02x%02x' $(echo $WANIP | tr . ' '))
ip tunnel add tun6to4 mode sit ttl 255 remote any local $WANIP
ip link set tun6to4 mtu 1280
ip link set tun6to4 up
ip addr add $V6PREFIX:0::1/16 dev tun6to4
ip addr add $V6PREFIX:1::1/64 dev br0
ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4
kill -HUP $(cat /var/run/radvd.pid)
fi
radvd -C /tmp/radvd.conf start
Check which vlan is your router's WAN interface on (on wrt610n this is vlan2)
in Startup Script under Commands
insert:
insmod /lib/modules/2.6.24.111/kernel/net/ipv6/sit.ko
sit module is not loaded automatically, but ipv6 module seems to load automatically
just check that both of these modules are loaded (lsmod)
and after router is back up check if you have tun6to4 interface up
Command startup script I have and it is working on wrt610n is:
insmod /lib/modules/2.6.24.111/kernel/net/ipv6/sit.ko
sleep 5
radvd -C /tmp/radvd.conf start
sleep 5
WANIP=$(ip -4 addr show dev vlan2 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1)
if [ -n "$WANIP" ]
then
V6PREFIX=$(printf '2002:%02x%02x:%02x%02x' $(echo $WANIP | tr . ' '))
ip tunnel add tun6to4 mode sit ttl 255 remote any local $WANIP
ip link set tun6to4 mtu 1480
ip link set tun6to4 up
ip addr add $V6PREFIX:0::1/16 dev tun6to4
ip addr add $V6PREFIX:1::1/64 dev br0
ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4
kill -HUP $(cat /var/run/radvd.pid)
fi
sleep 10
radvd -C /tmp/radvd.conf start
Can 6to4 be used without having to sign up or register any where?
Read it again, dude...the above scripts from Pandora-box are for local 6to4 only, no tunnel, no signing up. I have a Hurricane Electric account but I've only utilized the tunnel a few times, I found local 6to4 much simpler and easier. _________________ Click here for Eko beta Click here for Brainslayer beta >>>PEACOCK THREAD!<<<
I do NOT offer personal assistance.
Please do not PM me for help.
Joined: 31 Aug 2009 Posts: 2448 Location: Third Rock from the Sun
Posted: Sat Apr 03, 2010 5:07 Post subject:
socal87 wrote:
Dark_Shadow wrote:
Can 6to4 be used without having to sign up or register any where?
Read it again, dude...the above scripts from Pandora-box are for local 6to4 only, no tunnel, no signing up. I have a Hurricane Electric account but I've only utilized the tunnel a few times, I found local 6to4 much simpler and easier.
Sorry for my lack of understanding. That is why I ask questions. What are you meaning local? Like your LAN?
EDIT: I guess I don't understand how it works. Does it allow you to browse the IPv6 internet? Is it just for routing the IPv6 internet to IPv4 servers?
I am still very new when it comes to Linux, scripting and IPv6. I know enough about IPv4 to make me dangerous, but I want to learn.
EDIT2: Found it on Wikipedia, gonna read up. Any and all insight would be helpful as sometimes Wiki articles tend to get way too technical. _________________ Peacock Thread-FAQ -- dd-wrt Wiki
See the odd looking IP address stated in the script (192.88.99.1)? It's the anycast address that basically tells the destination network that the packets are intended for the ipv6 network.
By local, I mean two things: 1, the radvd configuration enables the router to assign ipv6 addresses based on your computer's ipv4 address (so your internal network can essentially be in a sense native ipv6), and 2, the encapsulation of ipv6 packets within ipv4 packets takes place at the router itself, instead of ipv4 traffic being sent through a tunnel to somewhere like Hurricane Electric, who translates it to ipv6.
And yes, once you get it set up and your computer gets an ipv6 address, you can browse the ipv6 Internet. Try pointing a browser at ipv6.google.com once you've got the script running and have reset your network adapter. _________________ Click here for Eko beta Click here for Brainslayer beta >>>PEACOCK THREAD!<<<
I do NOT offer personal assistance.
Please do not PM me for help.
with the latest eko builds, the insmod kmod-ip6tables will not work because the new builds are running kernel version 2.4.37 and the ip6tables module is compiled for kernel 2.4.34.
see here: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=61183
Updates: I have added working K 2.6 installation packages to the instructions.
Note:
There are no working 2.6.24.111 ip6tables modules from what I can tell. I have the application ip6tables working but I cannot load any 2.6.x module and I cannot find the kernel 2.6.24.111.