Help understanding netifd scripts and nfttables

Hello everyone, I am trying to build a fork of OpenWRT with some tweaks optimized to work with a specific ISP (Sky) which uses a pretty uncommon protocol (MAP-T) for providing IPv4 access over an IPv4 network.

OpenWRT natively supports it but it does needs a few tweaks to improve the user experience, and that is what I was trying to achieve.

The first thing that I wanted to change is adding MAP-T specific info in to LUCI and to achieve that I modified the netifd script (which sets up nat46 and the map) virtual interface to output some MAP-T into the status of the interface (source code here), and another person (@hitech95) worked into incorporating that data into LuCi


It all worked fine until five or six month ago on snapshot builds, now I have tried to rebase onto the new 22.03 branch and it all came crashing down.

It seems as if adding a new field into "data" of the interface makes fw4/nfttables not do SNAT anymore since I see packets with untranslated IPs appear into nat46 logs so I was wondering if what I did was the right way to do it and if there was any change in that regard from 21.02 to 22.03.

Thanks in advance


@jow told me in IRC some months ago that the structure might be put into the highter level.
but in my understanding the issue should not come unless you write into the data.firewall structure.

Unfortunatly I didn't get any reply with comments or suggestions on how to properly upstream the changes into openwrt:

1 Like