e9c59070ff95c1e36b1ca21ecdd1d90eefc26314
[l2tpns.git] / l2tpns.h
1 // L2TPNS Global Stuff
2 // $Id: l2tpns.h,v 1.1 2003/12/16 07:07:39 fred_nerk Exp $
3
4 #include <netinet/in.h>
5 #include <stdio.h>
6
7 #include "config.h"
8
9 #define VERSION "1.0"
10
11 // Limits
12 #define MAXTUNNEL 500 // could be up to 65535
13 #define MAXSESSION 50000 // could be up to 65535
14 #define MAXRADIUS 255
15 #define MAXCONTROL 1000 // max length control message we ever send...
16 #define MAXETHER (1500+18) // max packet we try sending to tap
17 #define MAXTEL 96 // telephone number
18 #define MAXRADSERVER 10 // max radius servers
19 #define MAXROUTE 10 // max static routes per session
20 #define MAXIPPOOL 131072 // max number of ip addresses in pool
21 #define RINGBUFFER_SIZE 10000 // Number of ringbuffer entries to allocate
22 #define MAX_LOG_LENGTH 512 // Maximum size of log message
23 #define ECHO_TIMEOUT 60 // Time between last packet sent and LCP ECHO generation
24 #define IDLE_TIMEOUT 240 // Time between last packet sent and LCP ECHO generation
25
26 // Constants
27 #define STATISTICS
28 #define STAT_CALLS
29 #define RINGBUFFER
30 #define UDP 17
31 #define TAPDEVICE "/dev/net/tun"
32 #define CLIUSERS ETCDIR "l2tpns.users" // CLI Users file
33 #define CONFIGFILE ETCDIR "l2tpns.cfg" // Configuration file
34 #define IPPOOLFILE ETCDIR "l2tpns.ip_pool" // Address pool configuration
35 #define STATEFILE "/tmp/l2tpns.dump" // State dump file
36
37 #ifndef LIBDIR
38 #define LIBDIR "/usr/lib/l2tpns"
39 #endif
40
41 #define ACCT_TIME 3000 // 5 minute accounting interval
42 #define L2TPPORT 1701 // L2TP port
43 #define RADPORT 1645 // old radius port...
44 #define RADAPORT 1646 // old radius accounting port
45 #define PKTARP 0x0806 // ARP packet type
46 #define PKTIP 0x0800 // IP packet type
47 #define PSEUDOMAC 0x0200 // pseudo MAC prefix (local significant MAC)
48 #define PPPPAP 0xC023
49 #define PPPCHAP 0xC223
50 #define PPPLCP 0xC021
51 #define PPPIPCP 0x8021
52 #define PPPCCP 0x80FD
53 #define PPPIP 0x0021
54 #define PPPMP 0x003D
55 #define ConfigReq 1
56 #define ConfigAck 2
57 #define ConfigNak 3
58 #define ConfigRej 4
59 #define TerminateReq 5
60 #define TerminateAck 6
61 #define CodeRej 7
62 #define ProtocolRej 8
63 #define EchoReq 9
64 #define EchoReply 10
65 #define DiscardRequest 11
66
67 #undef TC_TBF
68 #define TC_HTB
69
70 // Types
71 typedef unsigned short u16;
72 typedef unsigned int u32;
73 typedef unsigned char u8;
74 typedef u32 ipt;
75 typedef u16 portt;
76 typedef u16 sessionidt;
77 typedef u16 tunnelidt;
78 typedef u32 clockt;
79 typedef u8 hasht[16];
80
81 // structures
82 typedef struct routes // route
83 {
84 ipt ip;
85 ipt mask;
86 }
87 routet;
88
89 typedef struct controls // control message
90 {
91 struct controls *next; // next in queue
92 u16 length; // length
93 u8 buf[MAXCONTROL];
94 }
95 controlt;
96
97 typedef struct stbft
98 {
99 struct stbft *next;
100 char handle[10];
101 char in_use;
102 int mark;
103 } tbft;
104
105
106 // 336 bytes per session
107 typedef struct sessions
108 {
109 sessionidt next; // next session in linked list
110 sessionidt far; // far end session ID
111 tunnelidt tunnel; // tunnel ID
112 ipt ip; // IP of session set by RADIUS response
113 unsigned long sid; // session id for hsddb
114 u16 nr; // next receive
115 u16 ns; // next send
116 u32 magic; // ppp magic number
117 u32 cin, cout; // byte counts
118 u32 pin, pout; // packet counts
119 u32 id; // session id
120 clockt opened; // when started
121 clockt die; // being closed, when to finally free
122 time_t last_packet; // Last packet from the user (used for idle timeouts)
123 ipt dns1, dns2; // DNS servers
124 routet route[MAXROUTE]; // static routes
125 u8 radius; // which radius session is being used (0 for not waiting on authentication)
126 u8 flags; // various bit flags
127 u8 snoop; // are we snooping this session?
128 u8 throttle; // is this session throttled?
129 u8 walled_garden; // is this session stuck in the walled garden?
130 u16 mru; // maximum receive unit
131 u16 tbf; // filter bucket for throttling
132 char random_vector[MAXTEL];
133 int random_vector_length;
134 char user[129]; // user (needed in seesion for radius stop messages)
135 char called[MAXTEL]; // called number
136 char calling[MAXTEL]; // calling number
137 unsigned long tx_connect_speed;
138 unsigned long rx_connect_speed;
139 }
140 sessiont;
141
142 #define SESSIONPFC 1 // PFC negotiated flags
143 #define SESSIONACFC 2 // ACFC negotiated flags
144
145 // 168 bytes per tunnel
146 typedef struct tunnels
147 {
148 tunnelidt next; // next tunnel in linked list
149 tunnelidt far; // far end tunnel ID
150 ipt ip; // Ip for far end
151 portt port; // port for far end
152 u16 window; // Rx window
153 u16 nr; // next receive
154 u16 ns; // next send
155 clockt last; // when last control message sent (used for resend timeout)
156 clockt retry; // when to try resenting pending control
157 clockt die; // being closed, when to finally free
158 char hostname[128]; // tunnel hostname
159 char vendor[128]; // LAC vendor
160 u8 try; // number of retrys on a control message
161 u16 controlc; // outstaind messages in queue
162 controlt *controls; // oldest message
163 controlt *controle; // newest message
164 }
165 tunnelt;
166
167 // 180 bytes per radius session
168 typedef struct radiuss // outstanding RADIUS requests
169 {
170 u8 next; // next in free list
171 sessionidt session; // which session this applies to
172 hasht auth; // request authenticator
173 clockt retry; // ehwne to try next
174 char calling[MAXTEL]; // calling number
175 char pass[129]; // password
176 u8 id; // ID for PPP response
177 u8 try; // which try we are on
178 u8 state; // state of radius requests
179 u8 chap; // set if CHAP used (is CHAP identifier)
180 }
181 radiust;
182
183 typedef struct
184 {
185 ipt address;
186 char assigned; // 1 if assigned, 0 if free
187 }
188 ippoolt;
189
190 #ifdef RINGBUFFER
191 struct Tringbuffer
192 {
193 struct {
194 char level;
195 sessionidt session;
196 tunnelidt tunnel;
197 ipt address;
198 char message[MAX_LOG_LENGTH];
199 } buffer[RINGBUFFER_SIZE];
200 int head;
201 int tail;
202 };
203 #endif
204
205 enum
206 {
207 RADIUSNULL, // Not in use
208 RADIUSCHAP, // sending CHAP down PPP
209 RADIUSAUTH, // sending auth to RADIUS server
210 RADIUSIPCP, // sending IPCP to end user
211 RADIUSSTART, // sending start accounting to RADIUS server
212 RADIUSSTOP, // sending stop accounting to RADIUS server
213 RADIUSWAIT // waiting timeout before available, in case delayed replies
214 };
215
216 struct Tstats
217 {
218 time_t start_time;
219 time_t last_reset;
220
221 unsigned long tap_rx_packets;
222 unsigned long tap_tx_packets;
223 unsigned long tap_rx_bytes;
224 unsigned long tap_tx_bytes;
225 unsigned long tap_rx_errors;
226 unsigned long tap_tx_errors;
227
228 unsigned long tunnel_rx_packets;
229 unsigned long tunnel_tx_packets;
230 unsigned long tunnel_rx_bytes;
231 unsigned long tunnel_tx_bytes;
232 unsigned long tunnel_rx_errors;
233 unsigned long tunnel_tx_errors;
234
235 unsigned long tunnel_retries;
236 unsigned long radius_retries;
237
238 unsigned long arp_errors;
239 unsigned long arp_replies;
240 unsigned long arp_discarded;
241 unsigned long arp_sent;
242 unsigned long arp_recv;
243
244 unsigned long packets_snooped;
245
246 unsigned long tunnel_created;
247 unsigned long session_created;
248 unsigned long tunnel_timeout;
249 unsigned long session_timeout;
250 unsigned long radius_timeout;
251 unsigned long radius_overflow;
252 unsigned long tunnel_overflow;
253 unsigned long session_overflow;
254
255 unsigned long ip_allocated;
256 unsigned long ip_freed;
257 #ifdef STAT_CALLS
258 unsigned long call_processtap;
259 unsigned long call_processarp;
260 unsigned long call_processipout;
261 unsigned long call_processudp;
262 unsigned long call_sessionbyip;
263 unsigned long call_sessionbyuser;
264 unsigned long call_sendarp;
265 unsigned long call_sendipcp;
266 unsigned long call_tunnelsend;
267 unsigned long call_sessionkill;
268 unsigned long call_sessionshutdown;
269 unsigned long call_tunnelkill;
270 unsigned long call_tunnelshutdown;
271 unsigned long call_assign_ip_address;
272 unsigned long call_free_ip_address;
273 unsigned long call_dump_acct_info;
274 unsigned long call_sessionsetup;
275 unsigned long call_processpap;
276 unsigned long call_processchap;
277 unsigned long call_processlcp;
278 unsigned long call_processipcp;
279 unsigned long call_processipin;
280 unsigned long call_processccp;
281 unsigned long call_sendchap;
282 unsigned long call_processrad;
283 unsigned long call_radiussend;
284 unsigned long call_radiusretry;
285 #endif
286 };
287
288 #ifdef STATISTICS
289 #define STAT(x) _statistics->x++
290 #define INC_STAT(x,y) _statistics->x += y
291 #define GET_STAT(x) _statistics->x
292 #define SET_STAT(x, y) _statistics->x = y
293 #else
294 #define STAT(x)
295 #define INC_STAT(x,y)
296 #define GET_STAT(x) 0
297 #define SET_STAT(x, y)
298 #endif
299
300 // arp.c
301 void sendarp(int ifr_idx, const unsigned char* mac, ipt ip);
302
303
304 // ppp.c
305 void processpap(tunnelidt t, sessionidt s, u8 * p, u16 l);
306 void processchap(tunnelidt t, sessionidt s, u8 * p, u16 l);
307 void processlcp(tunnelidt t, sessionidt s, u8 * p, u16 l);
308 void processipcp(tunnelidt t, sessionidt s, u8 * p, u16 l);
309 void processipin(tunnelidt t, sessionidt s, u8 * p, u16 l);
310 void processccp(tunnelidt t, sessionidt s, u8 * p, u16 l);
311 void sendchap(tunnelidt t, sessionidt s);
312 u8 *makeppp(u8 * b, u8 * p, int l, tunnelidt t, sessionidt s, u16 mtype);
313 u8 *findppp(u8 * b, u8 mtype);
314 void initlcp(tunnelidt t, sessionidt s);
315 void dumplcp(char *p, int l);
316
317
318 // radius.c
319 void initrad(void);
320 void radiussend(u8 r, u8 state);
321 void processrad(u8 *buf, int len);
322 void radiusretry(u8 r);
323 u8 radiusnew(sessionidt s);
324
325 // throttle.c
326 int throttle_session(sessionidt s, int throttle);
327
328
329 // rl.c
330 void init_rl();
331 u16 rl_create_tbf();
332 u16 rl_get_tbf();
333 void rl_done_tbf(u16 t);
334 void rl_destroy_tbf(u16 t);
335
336
337 // l2tpns.c
338 clockt now(void);
339 clockt backoff(u8 try);
340 void routeset(ipt ip, ipt mask, ipt gw, u8 add);
341 void inittap(void);
342 void initudp(void);
343 void initdata(void);
344 void initippool();
345 sessionidt sessionbyip(ipt ip);
346 /* NB - sessionbyuser ignores walled garden'd sessions */
347 sessionidt sessionbyuser(char *username);
348 void sessionshutdown(sessionidt s, char *reason);
349 void sessionsendarp(sessionidt s);
350 void send_garp(ipt ip);
351 void sessionkill(sessionidt s, char *reason);
352 void control16(controlt * c, u16 avp, u16 val, u8 m);
353 void control32(controlt * c, u16 avp, u32 val, u8 m);
354 void controls(controlt * c, u16 avp, char *val, u8 m);
355 void controlb(controlt * c, u16 avp, char *val, unsigned int len, u8 m);
356 controlt *controlnew(u16 mtype);
357 void controlnull(tunnelidt t);
358 void controladd(controlt * c, tunnelidt t, sessionidt s);
359 void tunnelsend(u8 * buf, u16 l, tunnelidt t);
360 void tunnelkill(tunnelidt t, char *reason);
361 void tunnelshutdown(tunnelidt t, char *reason);
362 void sendipcp(tunnelidt t, sessionidt s);
363 void processipout(u8 * buf, int len);
364 void processarp(u8 * buf, int len);
365 void processudp(u8 * buf, int len, struct sockaddr_in *addr);
366 void processtap(u8 * buf, int len);
367 void processcontrol(u8 * buf, int len, struct sockaddr_in *addr);
368 ipt assign_ip_address();
369 void free_ip_address(ipt address);
370 void snoop_send_packet(char *packet, u16 size);
371 void dump_acct_info();
372 void mainloop(void);
373 #define log _log
374 #ifndef log_hex
375 #define log_hex(a,b,c,d) do{if (a <= debug) _log_hex(a,0,0,0,b,c,d);}while (0)
376 #endif
377 void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...);
378 void _log_hex(int level, ipt address, sessionidt s, tunnelidt t, const char *title, const char *data, int maxsize);
379 void build_chap_response(char *challenge, u8 id, u16 challenge_length, char **challenge_response);
380 int sessionsetup(tunnelidt t, sessionidt s, u8 routes);
381 int cluster_send_session(int s);
382 int cluster_send_tunnel(int t);
383 #ifdef HAVE_LIBCLI
384 void init_cli();
385 void cli_do(int sockfd);
386 #endif
387 #ifdef RINGBUFFER
388 void ringbuffer_dump(FILE *stream);
389 #endif
390 void initplugins();
391 int run_plugins(int plugin_type, void *data);
392 void add_plugin(char *plugin_name);
393 void remove_plugin(char *plugin_name);