e9c59070ff95c1e36b1ca21ecdd1d90eefc26314
2 // $Id: l2tpns.h,v 1.1 2003/12/16 07:07:39 fred_nerk Exp $
4 #include <netinet/in.h>
12 #define MAXTUNNEL 500 // could be up to 65535
13 #define MAXSESSION 50000 // could be up to 65535
15 #define MAXCONTROL 1000 // max length control message we ever send...
16 #define MAXETHER (1500+18) // max packet we try sending to tap
17 #define MAXTEL 96 // telephone number
18 #define MAXRADSERVER 10 // max radius servers
19 #define MAXROUTE 10 // max static routes per session
20 #define MAXIPPOOL 131072 // max number of ip addresses in pool
21 #define RINGBUFFER_SIZE 10000 // Number of ringbuffer entries to allocate
22 #define MAX_LOG_LENGTH 512 // Maximum size of log message
23 #define ECHO_TIMEOUT 60 // Time between last packet sent and LCP ECHO generation
24 #define IDLE_TIMEOUT 240 // Time between last packet sent and LCP ECHO generation
31 #define TAPDEVICE "/dev/net/tun"
32 #define CLIUSERS ETCDIR "l2tpns.users" // CLI Users file
33 #define CONFIGFILE ETCDIR "l2tpns.cfg" // Configuration file
34 #define IPPOOLFILE ETCDIR "l2tpns.ip_pool" // Address pool configuration
35 #define STATEFILE "/tmp/l2tpns.dump" // State dump file
38 #define LIBDIR "/usr/lib/l2tpns"
41 #define ACCT_TIME 3000 // 5 minute accounting interval
42 #define L2TPPORT 1701 // L2TP port
43 #define RADPORT 1645 // old radius port...
44 #define RADAPORT 1646 // old radius accounting port
45 #define PKTARP 0x0806 // ARP packet type
46 #define PKTIP 0x0800 // IP packet type
47 #define PSEUDOMAC 0x0200 // pseudo MAC prefix (local significant MAC)
49 #define PPPCHAP 0xC223
51 #define PPPIPCP 0x8021
59 #define TerminateReq 5
60 #define TerminateAck 6
65 #define DiscardRequest 11
71 typedef unsigned short u16
;
72 typedef unsigned int u32
;
73 typedef unsigned char u8
;
76 typedef u16 sessionidt
;
77 typedef u16 tunnelidt
;
82 typedef struct routes
// route
89 typedef struct controls
// control message
91 struct controls
*next
; // next in queue
106 // 336 bytes per session
107 typedef struct sessions
109 sessionidt next
; // next session in linked list
110 sessionidt far
; // far end session ID
111 tunnelidt tunnel
; // tunnel ID
112 ipt ip
; // IP of session set by RADIUS response
113 unsigned long sid
; // session id for hsddb
114 u16 nr
; // next receive
116 u32 magic
; // ppp magic number
117 u32 cin
, cout
; // byte counts
118 u32 pin
, pout
; // packet counts
119 u32 id
; // session id
120 clockt opened
; // when started
121 clockt die
; // being closed, when to finally free
122 time_t last_packet
; // Last packet from the user (used for idle timeouts)
123 ipt dns1
, dns2
; // DNS servers
124 routet route
[MAXROUTE
]; // static routes
125 u8 radius
; // which radius session is being used (0 for not waiting on authentication)
126 u8 flags
; // various bit flags
127 u8 snoop
; // are we snooping this session?
128 u8 throttle
; // is this session throttled?
129 u8 walled_garden
; // is this session stuck in the walled garden?
130 u16 mru
; // maximum receive unit
131 u16 tbf
; // filter bucket for throttling
132 char random_vector
[MAXTEL
];
133 int random_vector_length
;
134 char user
[129]; // user (needed in seesion for radius stop messages)
135 char called
[MAXTEL
]; // called number
136 char calling
[MAXTEL
]; // calling number
137 unsigned long tx_connect_speed
;
138 unsigned long rx_connect_speed
;
142 #define SESSIONPFC 1 // PFC negotiated flags
143 #define SESSIONACFC 2 // ACFC negotiated flags
145 // 168 bytes per tunnel
146 typedef struct tunnels
148 tunnelidt next
; // next tunnel in linked list
149 tunnelidt far
; // far end tunnel ID
150 ipt ip
; // Ip for far end
151 portt port
; // port for far end
152 u16 window
; // Rx window
153 u16 nr
; // next receive
155 clockt last
; // when last control message sent (used for resend timeout)
156 clockt retry
; // when to try resenting pending control
157 clockt die
; // being closed, when to finally free
158 char hostname
[128]; // tunnel hostname
159 char vendor
[128]; // LAC vendor
160 u8
try; // number of retrys on a control message
161 u16 controlc
; // outstaind messages in queue
162 controlt
*controls
; // oldest message
163 controlt
*controle
; // newest message
167 // 180 bytes per radius session
168 typedef struct radiuss
// outstanding RADIUS requests
170 u8 next
; // next in free list
171 sessionidt session
; // which session this applies to
172 hasht auth
; // request authenticator
173 clockt retry
; // ehwne to try next
174 char calling
[MAXTEL
]; // calling number
175 char pass
[129]; // password
176 u8 id
; // ID for PPP response
177 u8
try; // which try we are on
178 u8 state
; // state of radius requests
179 u8 chap
; // set if CHAP used (is CHAP identifier)
186 char assigned
; // 1 if assigned, 0 if free
198 char message
[MAX_LOG_LENGTH
];
199 } buffer
[RINGBUFFER_SIZE
];
207 RADIUSNULL
, // Not in use
208 RADIUSCHAP
, // sending CHAP down PPP
209 RADIUSAUTH
, // sending auth to RADIUS server
210 RADIUSIPCP
, // sending IPCP to end user
211 RADIUSSTART
, // sending start accounting to RADIUS server
212 RADIUSSTOP
, // sending stop accounting to RADIUS server
213 RADIUSWAIT
// waiting timeout before available, in case delayed replies
221 unsigned long tap_rx_packets
;
222 unsigned long tap_tx_packets
;
223 unsigned long tap_rx_bytes
;
224 unsigned long tap_tx_bytes
;
225 unsigned long tap_rx_errors
;
226 unsigned long tap_tx_errors
;
228 unsigned long tunnel_rx_packets
;
229 unsigned long tunnel_tx_packets
;
230 unsigned long tunnel_rx_bytes
;
231 unsigned long tunnel_tx_bytes
;
232 unsigned long tunnel_rx_errors
;
233 unsigned long tunnel_tx_errors
;
235 unsigned long tunnel_retries
;
236 unsigned long radius_retries
;
238 unsigned long arp_errors
;
239 unsigned long arp_replies
;
240 unsigned long arp_discarded
;
241 unsigned long arp_sent
;
242 unsigned long arp_recv
;
244 unsigned long packets_snooped
;
246 unsigned long tunnel_created
;
247 unsigned long session_created
;
248 unsigned long tunnel_timeout
;
249 unsigned long session_timeout
;
250 unsigned long radius_timeout
;
251 unsigned long radius_overflow
;
252 unsigned long tunnel_overflow
;
253 unsigned long session_overflow
;
255 unsigned long ip_allocated
;
256 unsigned long ip_freed
;
258 unsigned long call_processtap
;
259 unsigned long call_processarp
;
260 unsigned long call_processipout
;
261 unsigned long call_processudp
;
262 unsigned long call_sessionbyip
;
263 unsigned long call_sessionbyuser
;
264 unsigned long call_sendarp
;
265 unsigned long call_sendipcp
;
266 unsigned long call_tunnelsend
;
267 unsigned long call_sessionkill
;
268 unsigned long call_sessionshutdown
;
269 unsigned long call_tunnelkill
;
270 unsigned long call_tunnelshutdown
;
271 unsigned long call_assign_ip_address
;
272 unsigned long call_free_ip_address
;
273 unsigned long call_dump_acct_info
;
274 unsigned long call_sessionsetup
;
275 unsigned long call_processpap
;
276 unsigned long call_processchap
;
277 unsigned long call_processlcp
;
278 unsigned long call_processipcp
;
279 unsigned long call_processipin
;
280 unsigned long call_processccp
;
281 unsigned long call_sendchap
;
282 unsigned long call_processrad
;
283 unsigned long call_radiussend
;
284 unsigned long call_radiusretry
;
289 #define STAT(x) _statistics->x++
290 #define INC_STAT(x,y) _statistics->x += y
291 #define GET_STAT(x) _statistics->x
292 #define SET_STAT(x, y) _statistics->x = y
295 #define INC_STAT(x,y)
296 #define GET_STAT(x) 0
297 #define SET_STAT(x, y)
301 void sendarp(int ifr_idx
, const unsigned char* mac
, ipt ip
);
305 void processpap(tunnelidt t
, sessionidt s
, u8
* p
, u16 l
);
306 void processchap(tunnelidt t
, sessionidt s
, u8
* p
, u16 l
);
307 void processlcp(tunnelidt t
, sessionidt s
, u8
* p
, u16 l
);
308 void processipcp(tunnelidt t
, sessionidt s
, u8
* p
, u16 l
);
309 void processipin(tunnelidt t
, sessionidt s
, u8
* p
, u16 l
);
310 void processccp(tunnelidt t
, sessionidt s
, u8
* p
, u16 l
);
311 void sendchap(tunnelidt t
, sessionidt s
);
312 u8
*makeppp(u8
* b
, u8
* p
, int l
, tunnelidt t
, sessionidt s
, u16 mtype
);
313 u8
*findppp(u8
* b
, u8 mtype
);
314 void initlcp(tunnelidt t
, sessionidt s
);
315 void dumplcp(char *p
, int l
);
320 void radiussend(u8 r
, u8 state
);
321 void processrad(u8
*buf
, int len
);
322 void radiusretry(u8 r
);
323 u8
radiusnew(sessionidt s
);
326 int throttle_session(sessionidt s
, int throttle
);
333 void rl_done_tbf(u16 t
);
334 void rl_destroy_tbf(u16 t
);
339 clockt
backoff(u8
try);
340 void routeset(ipt ip
, ipt mask
, ipt gw
, u8 add
);
345 sessionidt
sessionbyip(ipt ip
);
346 /* NB - sessionbyuser ignores walled garden'd sessions */
347 sessionidt
sessionbyuser(char *username
);
348 void sessionshutdown(sessionidt s
, char *reason
);
349 void sessionsendarp(sessionidt s
);
350 void send_garp(ipt ip
);
351 void sessionkill(sessionidt s
, char *reason
);
352 void control16(controlt
* c
, u16 avp
, u16 val
, u8 m
);
353 void control32(controlt
* c
, u16 avp
, u32 val
, u8 m
);
354 void controls(controlt
* c
, u16 avp
, char *val
, u8 m
);
355 void controlb(controlt
* c
, u16 avp
, char *val
, unsigned int len
, u8 m
);
356 controlt
*controlnew(u16 mtype
);
357 void controlnull(tunnelidt t
);
358 void controladd(controlt
* c
, tunnelidt t
, sessionidt s
);
359 void tunnelsend(u8
* buf
, u16 l
, tunnelidt t
);
360 void tunnelkill(tunnelidt t
, char *reason
);
361 void tunnelshutdown(tunnelidt t
, char *reason
);
362 void sendipcp(tunnelidt t
, sessionidt s
);
363 void processipout(u8
* buf
, int len
);
364 void processarp(u8
* buf
, int len
);
365 void processudp(u8
* buf
, int len
, struct sockaddr_in
*addr
);
366 void processtap(u8
* buf
, int len
);
367 void processcontrol(u8
* buf
, int len
, struct sockaddr_in
*addr
);
368 ipt
assign_ip_address();
369 void free_ip_address(ipt address
);
370 void snoop_send_packet(char *packet
, u16 size
);
371 void dump_acct_info();
375 #define log_hex(a,b,c,d) do{if (a <= debug) _log_hex(a,0,0,0,b,c,d);}while (0)
377 void _log(int level
, ipt address
, sessionidt s
, tunnelidt t
, const char *format
, ...);
378 void _log_hex(int level
, ipt address
, sessionidt s
, tunnelidt t
, const char *title
, const char *data
, int maxsize
);
379 void build_chap_response(char *challenge
, u8 id
, u16 challenge_length
, char **challenge_response
);
380 int sessionsetup(tunnelidt t
, sessionidt s
, u8 routes
);
381 int cluster_send_session(int s
);
382 int cluster_send_tunnel(int t
);
385 void cli_do(int sockfd
);
388 void ringbuffer_dump(FILE *stream
);
391 int run_plugins(int plugin_type
, void *data
);
392 void add_plugin(char *plugin_name
);
393 void remove_plugin(char *plugin_name
);