projects / l2tpns.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
* Fri Mar 5 2004 David Parrish <david@dparrish.com> 1.1.0
[l2tpns.git] / l2tpns.h
1 // L2TPNS Global Stuff
2 // $Id: l2tpns.h,v 1.2 2004-03-05 00:09:03 fred_nerk Exp $
3
4 #include <netinet/in.h>
5 #include <stdio.h>
6 #include "config.h"
7
8 #define VERSION "1.1.0"
9
10 // Limits
11 #define MAXTUNNEL 500 // could be up to 65535
12 #define MAXSESSION 50000 // could be up to 65535
13 #define MAXRADIUS 255
14 #define MAXCONTROL 1000 // max length control message we ever send...
15 #define MAXETHER (1500+18) // max packet we try sending to tap
16 #define MAXTEL 96 // telephone number
17 #define MAXPLUGINS 20 // maximum number of plugins to load
18 #define MAXRADSERVER 10 // max radius servers
19 #define MAXROUTE 10 // max static routes per session
20 #define MAXIPPOOL 131072 // max number of ip addresses in pool
21 #define RINGBUFFER_SIZE 10000 // Number of ringbuffer entries to allocate
22 #define MAX_LOG_LENGTH 512 // Maximum size of log message
23 #define ECHO_TIMEOUT 60 // Time between last packet sent and LCP ECHO generation
24 #define IDLE_TIMEOUT 240 // Time between last packet sent and LCP ECHO generation
25
26 // Constants
27 #define STATISTICS
28 #define STAT_CALLS
29 #define RINGBUFFER
30 #define TAPDEVICE "/dev/net/tun"
31 #define UDP 17
32 #define HOMEDIR "/home/l2tpns/" // Base dir for data
33 #define STATEFILE "/tmp/l2tpns.dump" // State dump file
34 #define NOSTATEFILE "/tmp/l2tpns.no_state_reload" // If exists, state will not be reloaded
35 #define CONFIGFILE ETCDIR "l2tpns.cfg" // Configuration file
36 #define CLIUSERS ETCDIR "l2tpns.users" // CLI Users file
37 #define IPPOOLFILE ETCDIR "l2tpns.ip_pool" // Address pool configuration
38 #ifndef LIBDIR
39 #define LIBDIR "/usr/lib/l2tpns"
40 #endif
41 #define ACCT_TIME 3000 // 5 minute accounting interval
42 #define L2TPPORT 1701 // L2TP port
43 #define RADPORT 1645 // old radius port...
44 #define RADAPORT 1646 // old radius accounting port
45 #define PKTARP 0x0806 // ARP packet type
46 #define PKTIP 0x0800 // IP packet type
47 #define PSEUDOMAC 0x0200 // pseudo MAC prefix (local significant MAC)
48 #define PPPPAP 0xC023
49 #define PPPCHAP 0xC223
50 #define PPPLCP 0xC021
51 #define PPPIPCP 0x8021
52 #define PPPCCP 0x80FD
53 #define PPPIP 0x0021
54 #define PPPMP 0x003D
55 enum
56 {
57 ConfigReq = 1,
58 ConfigAck,
59 ConfigNak,
60 ConfigRej,
61 TerminateReq,
62 TerminateAck,
63 CodeRej,
64 ProtocolRej,
65 EchoReq,
66 EchoReply,
67 DiscardRequest
68 };
69
70 // Types
71 typedef unsigned short u16;
72 typedef unsigned int u32;
73 typedef unsigned char u8;
74 typedef u32 ipt;
75 typedef u16 portt;
76 typedef u16 sessionidt;
77 typedef u16 tunnelidt;
78 typedef u32 clockt;
79 typedef u8 hasht[16];
80
81 // dump header: update number if internal format changes
82 #define DUMP_MAGIC "L2TPNS#" VERSION "#"
83
84 // structures
85 typedef struct routes // route
86 {
87 ipt ip;
88 ipt mask;
89 }
90 routet;
91
92 typedef struct controls // control message
93 {
94 struct controls *next; // next in queue
95 u16 length; // length
96 u8 buf[MAXCONTROL];
97 }
98 controlt;
99
100 typedef struct stbft
101 {
102 struct stbft *next;
103 char handle[10];
104 char in_use;
105 int mark;
106 } tbft;
107
108
109 // 336 bytes per session
110 typedef struct sessions
111 {
112 sessionidt next; // next session in linked list
113 sessionidt far; // far end session ID
114 tunnelidt tunnel; // tunnel ID
115 ipt ip; // IP of session set by RADIUS response
116 int ip_pool_index; // index to IP pool
117 unsigned long sid; // session id for hsddb
118 u16 nr; // next receive
119 u16 ns; // next send
120 u32 magic; // ppp magic number
121 u32 cin, cout; // byte counts
122 u32 pin, pout; // packet counts
123 u32 total_cin; // This counter is never reset while a session is open
124 u32 total_cout; // This counter is never reset while a session is open
125 u32 id; // session id
126 clockt opened; // when started
127 clockt die; // being closed, when to finally free
128 time_t last_packet; // Last packet from the user (used for idle timeouts)
129 ipt dns1, dns2; // DNS servers
130 routet route[MAXROUTE]; // static routes
131 u8 radius; // which radius session is being used (0 for not waiting on authentication)
132 u8 flags; // various bit flags
133 u8 snoop; // are we snooping this session?
134 u8 throttle; // is this session throttled?
135 u8 servicenet; // is this session servicenetted?
136 u16 mru; // maximum receive unit
137 u16 tbf; // filter bucket for throttling
138 char random_vector[MAXTEL];
139 int random_vector_length;
140 char user[129]; // user (needed in seesion for radius stop messages)
141 char called[MAXTEL]; // called number
142 char calling[MAXTEL]; // calling number
143 unsigned long tx_connect_speed;
144 unsigned long rx_connect_speed;
145 }
146 sessiont;
147
148 #define SESSIONPFC 1 // PFC negotiated flags
149 #define SESSIONACFC 2 // ACFC negotiated flags
150
151 // 168 bytes per tunnel
152 typedef struct tunnels
153 {
154 tunnelidt far; // far end tunnel ID
155 ipt ip; // Ip for far end
156 portt port; // port for far end
157 u16 window; // Rx window
158 u16 nr; // next receive
159 u16 ns; // next send
160 int state; // current state (tunnelstate enum)
161 clockt last; // when last control message sent (used for resend timeout)
162 clockt retry; // when to try resenting pending control
163 clockt die; // being closed, when to finally free
164 clockt lastrec; // when the last control message was received
165 char hostname[128]; // tunnel hostname
166 char vendor[128]; // LAC vendor
167 u8 try; // number of retrys on a control message
168 u16 controlc; // outstaind messages in queue
169 controlt *controls; // oldest message
170 controlt *controle; // newest message
171 }
172 tunnelt;
173
174 // 180 bytes per radius session
175 typedef struct radiuss // outstanding RADIUS requests
176 {
177 sessionidt session; // which session this applies to
178 hasht auth; // request authenticator
179 clockt retry; // when to try next
180 char calling[MAXTEL]; // calling number
181 char pass[129]; // password
182 u8 id; // ID for PPP response
183 u8 try; // which try we are on
184 u8 state; // state of radius requests
185 u8 chap; // set if CHAP used (is CHAP identifier)
186 }
187 radiust;
188
189 typedef struct
190 {
191 ipt address;
192 char assigned; // 1 if assigned, 0 if free
193 clockt last; // last used
194 char user[129]; // user (try to have ip addresses persistent)
195 }
196 ippoolt;
197
198 #ifdef RINGBUFFER
199 struct Tringbuffer
200 {
201 struct {
202 char level;
203 sessionidt session;
204 tunnelidt tunnel;
205 ipt address;
206 char message[MAX_LOG_LENGTH];
207 } buffer[RINGBUFFER_SIZE];
208 int head;
209 int tail;
210 };
211 #endif
212
213 /*
214 * Possible tunnel states
215 * TUNNELFREE -> TUNNELOPEN -> TUNNELDIE -> TUNNELFREE
216 */
217 enum
218 {
219 TUNNELFREE, // Not in use
220 TUNNELOPEN, // Active tunnel
221 TUNNELDIE, // Currently closing
222 TUNNELOPENING // Busy opening
223 };
224
225 enum
226 {
227 RADIUSNULL, // Not in use
228 RADIUSCHAP, // sending CHAP down PPP
229 RADIUSAUTH, // sending auth to RADIUS server
230 RADIUSIPCP, // sending IPCP to end user
231 RADIUSSTART, // sending start accounting to RADIUS server
232 RADIUSSTOP, // sending stop accounting to RADIUS server
233 RADIUSWAIT // waiting timeout before available, in case delayed replies
234 };
235
236 struct Tstats
237 {
238 time_t start_time;
239 time_t last_reset;
240
241 unsigned long tap_rx_packets;
242 unsigned long tap_tx_packets;
243 unsigned long tap_rx_bytes;
244 unsigned long tap_tx_bytes;
245 unsigned long tap_rx_errors;
246 unsigned long tap_tx_errors;
247
248 unsigned long tunnel_rx_packets;
249 unsigned long tunnel_tx_packets;
250 unsigned long tunnel_rx_bytes;
251 unsigned long tunnel_tx_bytes;
252 unsigned long tunnel_rx_errors;
253 unsigned long tunnel_tx_errors;
254
255 unsigned long tunnel_retries;
256 unsigned long radius_retries;
257
258 unsigned long arp_errors;
259 unsigned long arp_replies;
260 unsigned long arp_discarded;
261 unsigned long arp_sent;
262 unsigned long arp_recv;
263
264 unsigned long packets_snooped;
265
266 unsigned long tunnel_created;
267 unsigned long session_created;
268 unsigned long tunnel_timeout;
269 unsigned long session_timeout;
270 unsigned long radius_timeout;
271 unsigned long radius_overflow;
272 unsigned long tunnel_overflow;
273 unsigned long session_overflow;
274
275 unsigned long ip_allocated;
276 unsigned long ip_freed;
277 #ifdef STAT_CALLS
278 unsigned long call_processtap;
279 unsigned long call_processarp;
280 unsigned long call_processipout;
281 unsigned long call_processudp;
282 unsigned long call_sessionbyip;
283 unsigned long call_sessionbyuser;
284 unsigned long call_sendarp;
285 unsigned long call_sendipcp;
286 unsigned long call_tunnelsend;
287 unsigned long call_sessionkill;
288 unsigned long call_sessionshutdown;
289 unsigned long call_tunnelkill;
290 unsigned long call_tunnelshutdown;
291 unsigned long call_assign_ip_address;
292 unsigned long call_free_ip_address;
293 unsigned long call_dump_acct_info;
294 unsigned long call_sessionsetup;
295 unsigned long call_processpap;
296 unsigned long call_processchap;
297 unsigned long call_processlcp;
298 unsigned long call_processipcp;
299 unsigned long call_processipin;
300 unsigned long call_processccp;
301 unsigned long call_sendchap;
302 unsigned long call_processrad;
303 unsigned long call_radiussend;
304 unsigned long call_radiusretry;
305 #endif
306 };
307
308 #ifdef STATISTICS
309 #define STAT(x) _statistics->x++
310 #define INC_STAT(x,y) _statistics->x += y
311 #define GET_STAT(x) _statistics->x
312 #define SET_STAT(x, y) _statistics->x = y
313 #else
314 #define STAT(x)
315 #define INC_STAT(x,y)
316 #define GET_STAT(x) 0
317 #define SET_STAT(x, y)
318 #endif
319
320 struct configt
321 {
322 int debug; // debugging level
323 time_t start_time; // time when l2tpns was started
324 char bandwidth[256]; // current bandwidth
325
326 char config_file[128];
327 int reload_config; // flag to re-read config (set by cli)
328
329 char tapdevice[10]; // tap device name
330 char log_filename[128];
331 char l2tpsecret[64];
332
333 char radiussecret[64];
334 int radius_accounting;
335 ipt radiusserver[MAXRADSERVER]; // radius servers
336 u8 numradiusservers; // radius server count
337
338 ipt default_dns1, default_dns2;
339
340 ipt snoop_destination_host;
341 u16 snoop_destination_port;
342
343 unsigned long rl_rate;
344 int save_state;
345 uint32_t cluster_address;
346 int ignore_cluster_updates;
347 char accounting_dir[128];
348 ipt bind_address;
349 int target_uid;
350 int dump_speed;
351 char plugins[64][MAXPLUGINS];
352 char old_plugins[64][MAXPLUGINS];
353 };
354
355 struct config_descriptt
356 {
357 char *key;
358 int offset;
359 int size;
360 enum { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IP } type;
361 };
362
363 // arp.c
364 void sendarp(int ifr_idx, const unsigned char* mac, ipt ip);
365
366
367 // ppp.c
368 void processpap(tunnelidt t, sessionidt s, u8 * p, u16 l);
369 void processchap(tunnelidt t, sessionidt s, u8 * p, u16 l);
370 void processlcp(tunnelidt t, sessionidt s, u8 * p, u16 l);
371 void processipcp(tunnelidt t, sessionidt s, u8 * p, u16 l);
372 void processipin(tunnelidt t, sessionidt s, u8 * p, u16 l);
373 void processccp(tunnelidt t, sessionidt s, u8 * p, u16 l);
374 void sendchap(tunnelidt t, sessionidt s);
375 u8 *makeppp(u8 * b, u8 * p, int l, tunnelidt t, sessionidt s, u16 mtype);
376 u8 *findppp(u8 * b, u8 mtype);
377 void initlcp(tunnelidt t, sessionidt s);
378 void dumplcp(char *p, int l);
379
380
381 // radius.c
382 void initrad(void);
383 void radiussend(u8 r, u8 state);
384 void processrad(u8 *buf, int len);
385 void radiusretry(u8 r);
386 u8 radiusnew(sessionidt s);
387 void radiusclear(u8 r, sessionidt s);
388
389 // throttle.c
390 int throttle_session(sessionidt s, int throttle);
391
392
393 // rl.c
394 void init_rl();
395 u16 rl_create_tbf();
396 u16 rl_get_tbf();
397 void rl_done_tbf(u16 t);
398 void rl_destroy_tbf(u16 t);
399
400
401 // l2tpns.c
402 clockt now(void);
403 clockt backoff(u8 try);
404 void routeset(ipt ip, ipt mask, ipt gw, u8 add);
405 void inittap(void);
406 void initudp(void);
407 void initdata(void);
408 void initippool();
409 sessionidt sessionbyip(ipt ip);
410 sessionidt sessionbyuser(char *username);
411 void sessionshutdown(sessionidt s, char *reason);
412 void sessionsendarp(sessionidt s);
413 void send_garp(ipt ip);
414 void sessionkill(sessionidt s, char *reason);
415 void control16(controlt * c, u16 avp, u16 val, u8 m);
416 void control32(controlt * c, u16 avp, u32 val, u8 m);
417 void controls(controlt * c, u16 avp, char *val, u8 m);
418 void controlb(controlt * c, u16 avp, char *val, unsigned int len, u8 m);
419 controlt *controlnew(u16 mtype);
420 void controlnull(tunnelidt t);
421 void controladd(controlt * c, tunnelidt t, sessionidt s);
422 void tunnelsend(u8 * buf, u16 l, tunnelidt t);
423 void tunnelkill(tunnelidt t, char *reason);
424 void tunnelshutdown(tunnelidt t, char *reason);
425 void sendipcp(tunnelidt t, sessionidt s);
426 void processipout(u8 * buf, int len);
427 void processarp(u8 * buf, int len);
428 void processudp(u8 * buf, int len, struct sockaddr_in *addr);
429 void processtap(u8 * buf, int len);
430 void processcontrol(u8 * buf, int len, struct sockaddr_in *addr);
431 int assign_ip_address(sessionidt s);
432 void free_ip_address(sessionidt s);
433 void snoop_send_packet(char *packet, u16 size);
434 void dump_acct_info();
435 void mainloop(void);
436 #define log _log
437 #ifndef log_hex
438 #define log_hex(a,b,c,d) do{if (a <= config->debug) _log_hex(a,0,0,0,b,c,d);}while (0)
439 #endif
440 void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...);
441 void _log_hex(int level, ipt address, sessionidt s, tunnelidt t, const char *title, const char *data, int maxsize);
442 void build_chap_response(char *challenge, u8 id, u16 challenge_length, char **challenge_response);
443 int sessionsetup(tunnelidt t, sessionidt s, u8 routes);
444 int cluster_send_session(int s);
445 int cluster_send_tunnel(int t);
446 int cluster_send_goodbye();
447 void init_cli();
448 void cli_do_file(FILE *fh);
449 void cli_do(int sockfd);
450 #ifdef RINGBUFFER
451 void ringbuffer_dump(FILE *stream);
452 #endif
453 void initplugins();
454 int run_plugins(int plugin_type, void *data);
455 void add_plugin(char *plugin_name);
456 void remove_plugin(char *plugin_name);
457 void tunnelclear(tunnelidt t);
458 void host_unreachable(ipt destination, u16 id, ipt source, char *packet, int packet_len);
459
460 extern tunnelt *tunnel;
461 extern sessiont *session;
462 #define sessionfree (session[0].next)
for cloning use: "git clone git://git.sameswireless.fr/l2tpns.git" ; For add to your sources.list: "deb http://package.sameswifi.fr/ jessie main"