#include <fcntl.h>
#include <linux/if_tun.h>
#define SYSLOG_NAMES
+#include <stdio.h>
#include <syslog.h>
#include <malloc.h>
#include <net/route.h>
#include <netinet/ip6.h>
#include <stdarg.h>
#include <stdlib.h>
-#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <sys/ioctl.h>
#include <linux/rtnetlink.h>
#include "md5.h"
+#include "dhcp6.h"
#include "l2tpns.h"
#include "cluster.h"
#include "plugin.h"
#include "l2tplac.h"
#include "pppoe.h"
+#include "dhcp6.h"
char * Vendor_name = "Linux L2TPNS";
uint32_t call_serial_number = 0;
struct ipv6radix {
sessionidt sess;
struct ipv6radix *branch;
-} ipv6_hash[256]; // Mapping from IPv6 address to session structures.
+} ipv6_hash[16]; // Mapping from IPv6 address to session structures.
// Traffic counters.
static uint32_t udp_rx = 0, udp_rx_pkt = 0, udp_tx = 0;
CONFIG("ppp_restart_time", ppp_restart_time, INT),
CONFIG("ppp_max_configure", ppp_max_configure, INT),
CONFIG("ppp_max_failure", ppp_max_failure, INT),
+ CONFIG("ppp_keepalive", ppp_keepalive, BOOL),
CONFIG("primary_dns", default_dns1, IPv4),
CONFIG("secondary_dns", default_dns2, IPv4),
CONFIG("primary_radius", radiusserver[0], IPv4),
CONFIG("throttle_speed", rl_rate, UNSIGNED_LONG),
CONFIG("throttle_buckets", num_tbfs, INT),
CONFIG("accounting_dir", accounting_dir, STRING),
+ CONFIG("account_all_origin", account_all_origin, BOOL),
CONFIG("dump_speed", dump_speed, BOOL),
CONFIG("multi_read_count", multi_read_count, INT),
CONFIG("scheduler_fifo", scheduler_fifo, BOOL),
CONFIG("icmp_rate", icmp_rate, INT),
CONFIG("packet_limit", max_packets, INT),
CONFIG("cluster_address", cluster_address, IPv4),
+ CONFIG("cluster_port", cluster_port, INT),
CONFIG("cluster_interface", cluster_interface, STRING),
CONFIG("cluster_mcast_ttl", cluster_mcast_ttl, INT),
CONFIG("cluster_hb_interval", cluster_hb_interval, INT),
CONFIG("disable_no_spoof", disable_no_spoof, BOOL),
CONFIG("bind_multi_address", bind_multi_address, STRING),
CONFIG("pppoe_only_equal_svc_name", pppoe_only_equal_svc_name, BOOL),
+ CONFIG("multi_hostname", multi_hostname, STRING),
+ CONFIG("no_throttle_local_IP", no_throttle_local_IP, BOOL),
+ CONFIG("dhcp6_preferred_lifetime", dhcp6_preferred_lifetime, INT),
+ CONFIG("dhcp6_valid_lifetime", dhcp6_valid_lifetime, INT),
+ CONFIG("dhcp6_server_duid", dhcp6_server_duid, INT),
+ CONFIG("dns6_lifetime", dns6_lifetime, INT),
+ CONFIG("primary_ipv6_dns", default_ipv6_dns1, IPv6),
+ CONFIG("secondary_ipv6_dns", default_ipv6_dns2, IPv6),
+ CONFIG("default_ipv6_domain_list", default_ipv6_domain_list, STRING),
{ NULL, 0, 0, 0 }
};
int s;
char ipv6addr[INET6_ADDRSTRLEN];
- curnode = &ipv6_hash[ip.s6_addr[0]];
+ curnode = &ipv6_hash[((ip.s6_addr[0]) & 0xF0)>>4];
i = 1;
s = curnode->sess;
- while (s == 0 && i < 15 && curnode->branch != NULL)
+ while (s == 0 && i < 32 && curnode->branch != NULL)
{
- curnode = &curnode->branch[ip.s6_addr[i]];
+ if (i & 1)
+ curnode = &curnode->branch[ip.s6_addr[i>>1] & 0x0F];
+ else
+ curnode = &curnode->branch[(ip.s6_addr[i>>1] & 0xF0)>>4];
+
s = curnode->sess;
i++;
}
LOG(4, s, session[s].tunnel, "Looking up address %s and got %d\n",
- inet_ntop(AF_INET6, &ip, ipv6addr,
- INET6_ADDRSTRLEN),
+ inet_ntop(AF_INET6, &ip, ipv6addr,
+ INET6_ADDRSTRLEN),
s);
return s;
ip.s6_addr[1] == 0x80 &&
ip.s6_addr16[1] == 0 &&
ip.s6_addr16[2] == 0 &&
- ip.s6_addr16[3] == 0)) {
- s = lookup_ipmap(*(in_addr_t *) &ip.s6_addr[8]);
+ ip.s6_addr16[3] == 0))
+ {
+ in_addr_t *pipv4 = (in_addr_t *) &ip.s6_addr[8];
+ s = lookup_ipmap(*pipv4);
} else {
s = lookup_ipv6map(ip);
}
return 0;
}
+sessionidt sessionbyipv6new(struct in6_addr ip)
+{
+ sessionidt s;
+ CSTAT(sessionbyipv6new);
+
+ s = lookup_ipv6map(ip);
+
+ if (s > 0 && s < MAXSESSION && session[s].opened)
+ return s;
+
+ return 0;
+}
+
//
// Take an IP address in HOST byte order and
// add it to the sessionid by IP cache.
static void cache_ipv6map(struct in6_addr ip, int prefixlen, sessionidt s)
{
int i;
- int bytes;
+ int niblles;
struct ipv6radix *curnode;
char ipv6addr[INET6_ADDRSTRLEN];
- curnode = &ipv6_hash[ip.s6_addr[0]];
+ curnode = &ipv6_hash[((ip.s6_addr[0]) & 0xF0)>>4];
- bytes = prefixlen >> 3;
+ niblles = prefixlen >> 2;
i = 1;
- while (i < bytes) {
+
+ while (i < niblles)
+ {
if (curnode->branch == NULL)
{
- if (!(curnode->branch = calloc(256,
- sizeof (struct ipv6radix))))
+ if (!(curnode->branch = calloc(16, sizeof (struct ipv6radix))))
return;
}
- curnode = &curnode->branch[ip.s6_addr[i]];
+
+ if (i & 1)
+ curnode = &curnode->branch[ip.s6_addr[i>>1] & 0x0F];
+ else
+ curnode = &curnode->branch[(ip.s6_addr[i>>1] & 0xF0)>>4];
+
i++;
}
if (s > 0)
LOG(4, s, session[s].tunnel, "Caching ip address %s/%d\n",
- inet_ntop(AF_INET6, &ip, ipv6addr,
- INET6_ADDRSTRLEN),
+ inet_ntop(AF_INET6, &ip, ipv6addr,
+ INET6_ADDRSTRLEN),
prefixlen);
else if (s == 0)
LOG(4, 0, 0, "Un-caching ip address %s/%d\n",
- inet_ntop(AF_INET6, &ip, ipv6addr,
- INET6_ADDRSTRLEN),
+ inet_ntop(AF_INET6, &ip, ipv6addr,
+ INET6_ADDRSTRLEN),
prefixlen);
}
//
// CLI list to dump current ipcache.
//
-int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc)
+int cmd_show_ipcache(struct cli_def *cli, const char *command, char **argv, int argc)
{
union iphash *d = ip_hash, *e, *f, *g;
int i, j, k, l;
return CLI_OK;
}
-
// Find session by username, 0 for not found
// walled garden users aren't authenticated, so the username is
// reasonably useless. Ignore them to avoid incorrect actions
sessionidt s;
sessiont *sp;
tunnelidt t;
- in_addr_t ip;
+ in_addr_t ip, ip_src;
uint8_t *data = buf; // Keep a copy of the originals.
int size = len;
return;
}
+ ip_src = *(uint32_t *)(buf + 12);
ip = *(uint32_t *)(buf + 16);
if (!(s = sessionbyip(ip)))
{
if (sp->tbf_out)
{
- // Are we throttling this session?
- if (config->cluster_iam_master)
- tbf_queue_packet(sp->tbf_out, data, size);
- else
- master_throttle_packet(sp->tbf_out, data, size);
- return;
+ if (!config->no_throttle_local_IP || !sessionbyip(ip_src))
+ {
+ // Are we throttling this session?
+ if (config->cluster_iam_master)
+ tbf_queue_packet(sp->tbf_out, data, size);
+ else
+ master_throttle_packet(sp->tbf_out, data, size);
+ return;
+ }
}
if (sp->walled_garden && !config->cluster_iam_master)
sessionidt s;
sessiont *sp;
tunnelidt t;
- in_addr_t ip;
struct in6_addr ip6;
uint8_t *data = buf; // Keep a copy of the originals.
if (s == 0)
{
- ip = *(uint32_t *)(buf + 32);
- s = sessionbyip(ip);
+ s = sessionbyipv6new(ip6);
}
-
+
if (s == 0)
{
// Is this a packet for a session that doesn't exist?
{
sessiont *sp;
tunnelidt t;
+ uint8_t *p;
+ uint8_t *data = buf; // Keep a copy of the originals.
uint8_t b[MAXETHER + 20];
LOG(5, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
// Add on L2TP header
- {
- uint8_t *p = makeppp(b, sizeof(b), buf, len, s, t, PPPIP, 0, 0, 0);
- if (!p) return;
- tunnelsend(b, len + (p-b), t); // send it...
- }
+ if (*(uint16_t *) (data + 2) == htons(PKTIPV6))
+ p = makeppp(b, sizeof(b), buf, len, s, t, PPPIPV6, 0, 0, 0); // IPV6
+ else
+ p = makeppp(b, sizeof(b), buf, len, s, t, PPPIP, 0, 0, 0); // IPV4
+
+ if (!p) return;
+
+ tunnelsend(b, len + (p-b), t); // send it...
// Snooping this session.
if (sp->snoop_ip && sp->snoop_port)
static void control16(controlt * c, uint16_t avp, uint16_t val, uint8_t m)
{
uint16_t l = (m ? 0x8008 : 0x0008);
- *(uint16_t *) (c->buf + c->length + 0) = htons(l);
- *(uint16_t *) (c->buf + c->length + 2) = htons(0);
- *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
- *(uint16_t *) (c->buf + c->length + 6) = htons(val);
+ uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+ pint16[0] = htons(l);
+ pint16[1] = htons(0);
+ pint16[2] = htons(avp);
+ pint16[3] = htons(val);
c->length += 8;
}
static void control32(controlt * c, uint16_t avp, uint32_t val, uint8_t m)
{
uint16_t l = (m ? 0x800A : 0x000A);
- *(uint16_t *) (c->buf + c->length + 0) = htons(l);
- *(uint16_t *) (c->buf + c->length + 2) = htons(0);
- *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
- *(uint32_t *) (c->buf + c->length + 6) = htonl(val);
+ uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+ uint32_t *pint32 = (uint32_t *) (c->buf + c->length + 6);
+ pint16[0] = htons(l);
+ pint16[1] = htons(0);
+ pint16[2] = htons(avp);
+ pint32[0] = htonl(val);
c->length += 10;
}
static void controls(controlt * c, uint16_t avp, char *val, uint8_t m)
{
uint16_t l = ((m ? 0x8000 : 0) + strlen(val) + 6);
- *(uint16_t *) (c->buf + c->length + 0) = htons(l);
- *(uint16_t *) (c->buf + c->length + 2) = htons(0);
- *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
+ uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+ pint16[0] = htons(l);
+ pint16[1] = htons(0);
+ pint16[2] = htons(avp);
memcpy(c->buf + c->length + 6, val, strlen(val));
c->length += 6 + strlen(val);
}
static void controlb(controlt * c, uint16_t avp, uint8_t *val, unsigned int len, uint8_t m)
{
uint16_t l = ((m ? 0x8000 : 0) + len + 6);
- *(uint16_t *) (c->buf + c->length + 0) = htons(l);
- *(uint16_t *) (c->buf + c->length + 2) = htons(0);
- *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
+ uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+ pint16[0] = htons(l);
+ pint16[1] = htons(0);
+ pint16[2] = htons(avp);
memcpy(c->buf + c->length + 6, val, len);
c->length += 6 + len;
}
// add a control message to a tunnel, and send if within window
static void controladd(controlt *c, sessionidt far, tunnelidt t)
{
- *(uint16_t *) (c->buf + 2) = htons(c->length); // length
- *(uint16_t *) (c->buf + 4) = htons(tunnel[t].far); // tunnel
- *(uint16_t *) (c->buf + 6) = htons(far); // session
- *(uint16_t *) (c->buf + 8) = htons(tunnel[t].ns); // sequence
+ uint16_t *pint16 = (uint16_t *) (c->buf + 2);
+ pint16[0] = htons(c->length); // length
+ pint16[1] = htons(tunnel[t].far); // tunnel
+ pint16[2] = htons(far); // session
+ pint16[3] = htons(tunnel[t].ns); // sequence
tunnel[t].ns++; // advance sequence
// link in message in to queue
if (tunnel[t].controlc)
free_ip_address(s);
// unroute IPv6, if setup
- if (session[s].ppp.ipv6cp == Opened && session[s].ipv6prefixlen && del_routes)
- route6set(s, session[s].ipv6route, session[s].ipv6prefixlen, 0);
-
+ for (r = 0; r < MAXROUTE6 && session[s].route6[r].ipv6route.s6_addr[0] && session[s].route6[r].ipv6prefixlen; r++)
+ {
+ if (del_routes) route6set(s, session[s].route6[r].ipv6route, session[s].route6[r].ipv6prefixlen, 0);
+ memset(&session[s].route6[r], 0, sizeof(session[s].route6[r]));
+ }
+
+ if (session[s].ipv6address.s6_addr[0] && del_routes)
+ {
+ route6set(s, session[s].ipv6address, 128, 0);
+ }
+
if (b)
{
// This session was part of a bundle
cache_ipmap(session[new_s].ip, new_s);
// IPV6 route
- if (session[new_s].ipv6prefixlen)
- cache_ipv6map(session[new_s].ipv6route, session[new_s].ipv6prefixlen, new_s);
+ for (r = 0; r < MAXROUTE6 && session[new_s].route6[r].ipv6prefixlen; r++)
+ {
+ cache_ipv6map(session[new_s].route6[r].ipv6route, session[new_s].route6[r].ipv6prefixlen, new_s);
+ }
+
+ if (session[new_s].ipv6address.s6_addr[0])
+ {
+ cache_ipv6map(session[new_s].ipv6address, 128, new_s);
+ }
}
}
}
// read and process packet on tunnel (UDP)
void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexudpfd)
{
- uint8_t *chapresponse = NULL;
+ uint8_t *sendchalresponse = NULL;
+ uint8_t *recvchalresponse = NULL;
uint16_t l = len, t = 0, s = 0, ns = 0, nr = 0;
uint8_t *p = buf + 2;
result = 2; // general error
error = 3; // reserved field non-zero
msg = 0;
- continue; // next
+ if (n == 0)
+ {
+ // if continue a infinity loop is created.
+ LOG(1, s, t, "It's infinite loop protection %02X\n", *b);
+ return;
+ }
+ else
+ continue; // next
}
b += 2;
if (*(uint16_t *) (b))
result = 2; // general error
error = 6; // generic vendor-specific error
msg = "unsupported vendor-specific";
- continue; // next
+ if (n == 0)
+ {
+ // if continue a infinity loop is created.
+ LOG(1, s, t, "It's infinite loop protection %02X\n", *b);
+ return;
+ }
+ else
+ continue; // next
}
b += 2;
mtype = ntohs(*(uint16_t *) (b));
n = orig_len;
}
- LOG(4, s, t, " AVP %u (%s) len %d%s%s\n", mtype, l2tp_avp_name(mtype), n,
+ LOG(3, s, t, " AVP %u (%s) len %d%s%s\n", mtype, l2tp_avp_name(mtype), n,
flags & 0x40 ? ", hidden" : "", flags & 0x80 ? ", mandatory" : "");
switch (mtype)
case 0: // message type
message = ntohs(*(uint16_t *) b);
mandatory = flags & 0x80;
- LOG(4, s, t, " Message type = %u (%s)\n", message, l2tp_code(message));
+ LOG(3, s, t, " Message type = %u (%s)\n", message, l2tp_code(message));
break;
case 1: // result code
{
cause = TERM_ADMIN_RESET;
}
- LOG(4, s, t, " Result Code %u: %s\n", rescode, resdesc);
+ LOG(3, s, t, " Result Code %u: %s\n", rescode, resdesc);
if (n >= 4)
{
uint16_t errcode = ntohs(*(uint16_t *)(b + 2));
errdesc = l2tp_error_code(errcode);
- LOG(4, s, t, " Error Code %u: %s\n", errcode, errdesc);
+ LOG(3, s, t, " Error Code %u: %s\n", errcode, errdesc);
}
if (n > 4)
- LOG(4, s, t, " Error String: %.*s\n", n-4, b+4);
+ LOG(3, s, t, " Error String: %.*s\n", n-4, b+4);
if (cause && disc_cause_set < mtype) // take cause from attrib 46 in preference
{
case 2: // protocol version
{
version = ntohs(*(uint16_t *) (b));
- LOG(4, s, t, " Protocol version = %u\n", version);
+ LOG(3, s, t, " Protocol version = %u\n", version);
if (version && version != 0x0100)
{ // allow 0.0 and 1.0
LOG(1, s, t, " Bad protocol version %04X\n", version);
case 7: // host name
memset(tunnel[t].hostname, 0, sizeof(tunnel[t].hostname));
memcpy(tunnel[t].hostname, b, (n < sizeof(tunnel[t].hostname)) ? n : sizeof(tunnel[t].hostname) - 1);
- LOG(4, s, t, " Tunnel hostname = \"%s\"\n", tunnel[t].hostname);
+ LOG(3, s, t, " Tunnel hostname = \"%s\"\n", tunnel[t].hostname);
// TBA - to send to RADIUS
break;
case 8: // vendor name
memset(tunnel[t].vendor, 0, sizeof(tunnel[t].vendor));
memcpy(tunnel[t].vendor, b, (n < sizeof(tunnel[t].vendor)) ? n : sizeof(tunnel[t].vendor) - 1);
- LOG(4, s, t, " Vendor name = \"%s\"\n", tunnel[t].vendor);
+ LOG(3, s, t, " Vendor name = \"%s\"\n", tunnel[t].vendor);
break;
case 9: // assigned tunnel
tunnel[t].far = ntohs(*(uint16_t *) (b));
- LOG(4, s, t, " Remote tunnel id = %u\n", tunnel[t].far);
+ LOG(3, s, t, " Remote tunnel id = %u\n", tunnel[t].far);
break;
case 10: // rx window
tunnel[t].window = ntohs(*(uint16_t *) (b));
if (!tunnel[t].window)
tunnel[t].window = 1; // window of 0 is silly
- LOG(4, s, t, " rx window = %u\n", tunnel[t].window);
+ LOG(3, s, t, " rx window = %u\n", tunnel[t].window);
break;
- case 11: // Challenge
+ case 11: // Request Challenge
{
- LOG(4, s, t, " LAC requested CHAP authentication for tunnel\n");
- build_chap_response(b, 2, n, &chapresponse);
+ LOG(3, s, t, " LAC requested CHAP authentication for tunnel\n");
+ if (message == 1)
+ build_chap_response(b, 2, n, &sendchalresponse);
+ else if (message == 2)
+ build_chap_response(b, 3, n, &sendchalresponse);
}
break;
- case 13: // Response
+ case 13: // receive challenge Response
if (tunnel[t].isremotelns)
{
- chapresponse = calloc(17, 1);
- memcpy(chapresponse, b, (n < 17) ? n : 16);
+ recvchalresponse = calloc(17, 1);
+ memcpy(recvchalresponse, b, (n < 17) ? n : 16);
LOG(3, s, t, "received challenge response from REMOTE LNS\n");
}
else
case 14: // assigned session
asession = session[s].far = ntohs(*(uint16_t *) (b));
- LOG(4, s, t, " assigned session = %u\n", asession);
+ LOG(3, s, t, " assigned session = %u\n", asession);
break;
case 15: // call serial number
- LOG(4, s, t, " call serial number = %u\n", ntohl(*(uint32_t *)b));
+ LOG(3, s, t, " call serial number = %u\n", ntohl(*(uint32_t *)b));
break;
case 18: // bearer type
- LOG(4, s, t, " bearer type = %u\n", ntohl(*(uint32_t *)b));
+ LOG(3, s, t, " bearer type = %u\n", ntohl(*(uint32_t *)b));
// TBA - for RADIUS
break;
case 19: // framing type
- LOG(4, s, t, " framing type = %u\n", ntohl(*(uint32_t *)b));
+ LOG(3, s, t, " framing type = %u\n", ntohl(*(uint32_t *)b));
// TBA
break;
case 21: // called number
memset(called, 0, sizeof(called));
memcpy(called, b, (n < sizeof(called)) ? n : sizeof(called) - 1);
- LOG(4, s, t, " Called <%s>\n", called);
+ LOG(3, s, t, " Called <%s>\n", called);
break;
case 22: // calling number
memset(calling, 0, sizeof(calling));
memcpy(calling, b, (n < sizeof(calling)) ? n : sizeof(calling) - 1);
- LOG(4, s, t, " Calling <%s>\n", calling);
+ LOG(3, s, t, " Calling <%s>\n", calling);
break;
case 23: // subtype
break;
memcpy(tmp, b, (n < sizeof(tmp)) ? n : sizeof(tmp) - 1);
session[s].tx_connect_speed = atol(tmp);
}
- LOG(4, s, t, " TX connect speed <%u>\n", session[s].tx_connect_speed);
+ LOG(3, s, t, " TX connect speed <%u>\n", session[s].tx_connect_speed);
break;
case 38: // rx connect speed
if (n == 4)
memcpy(tmp, b, (n < sizeof(tmp)) ? n : sizeof(tmp) - 1);
session[s].rx_connect_speed = atol(tmp);
}
- LOG(4, s, t, " RX connect speed <%u>\n", session[s].rx_connect_speed);
+ LOG(3, s, t, " RX connect speed <%u>\n", session[s].rx_connect_speed);
break;
case 25: // Physical Channel ID
{
uint32_t tmp = ntohl(*(uint32_t *) b);
- LOG(4, s, t, " Physical Channel ID <%X>\n", tmp);
+ LOG(3, s, t, " Physical Channel ID <%X>\n", tmp);
break;
}
case 29: // Proxy Authentication Type
{
uint16_t atype = ntohs(*(uint16_t *)b);
- LOG(4, s, t, " Proxy Auth Type %u (%s)\n", atype, ppp_auth_type(atype));
+ LOG(3, s, t, " Proxy Auth Type %u (%s)\n", atype, ppp_auth_type(atype));
break;
}
case 30: // Proxy Authentication Name
char authname[64];
memset(authname, 0, sizeof(authname));
memcpy(authname, b, (n < sizeof(authname)) ? n : sizeof(authname) - 1);
- LOG(4, s, t, " Proxy Auth Name (%s)\n",
+ LOG(3, s, t, " Proxy Auth Name (%s)\n",
authname);
break;
}
case 31: // Proxy Authentication Challenge
{
- LOG(4, s, t, " Proxy Auth Challenge\n");
+ LOG(3, s, t, " Proxy Auth Challenge\n");
break;
}
case 32: // Proxy Authentication ID
{
uint16_t authid = ntohs(*(uint16_t *)(b));
- LOG(4, s, t, " Proxy Auth ID (%u)\n", authid);
+ LOG(3, s, t, " Proxy Auth ID (%u)\n", authid);
break;
}
case 33: // Proxy Authentication Response
- LOG(4, s, t, " Proxy Auth Response\n");
+ LOG(3, s, t, " Proxy Auth Response\n");
break;
case 27: // last sent lcp
{ // find magic number
case 39: // seq required - we control it as an LNS anyway...
break;
case 36: // Random Vector
- LOG(4, s, t, " Random Vector received. Enabled AVP Hiding.\n");
+ LOG(3, s, t, " Random Vector received. Enabled AVP Hiding.\n");
memset(session[s].random_vector, 0, sizeof(session[s].random_vector));
if (n > sizeof(session[s].random_vector))
n = sizeof(session[s].random_vector);
uint16_t proto = ntohs(*(uint16_t *) (b + 2));
uint8_t dir = *(b + 4);
- LOG(4, s, t, " PPP disconnect cause "
+ LOG(3, s, t, " PPP disconnect cause "
"(code=%u, proto=%04X, dir=%u, msg=\"%.*s\")\n",
code, proto, dir, n - 5, b + 5);
controlt *c = controlnew(2); // sending SCCRP
control16(c, 2, version, 1); // protocol version
control32(c, 3, 3, 1); // framing
- controls(c, 7, hostname, 1); // host name
- if (chapresponse) controlb(c, 13, chapresponse, 16, 1); // Challenge response
+ controls(c, 7, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname, 1); // host name
+ if (sendchalresponse) controlb(c, 13, sendchalresponse, 16, 1); // Send Challenge response
control16(c, 9, t, 1); // assigned tunnel
controladd(c, 0, t); // send the resply
}
LOG(3, s, t, "Received SCCRP\n");
if (main_quit != QUIT_SHUTDOWN)
{
- if (tunnel[t].isremotelns && chapresponse)
+ if (tunnel[t].isremotelns && recvchalresponse)
{
hasht hash;
lac_calc_rlns_auth(t, 2, hash); // id = 2 (SCCRP)
// check authenticator
- if (memcmp(hash, chapresponse, 16) == 0)
+ if (memcmp(hash, recvchalresponse, 16) == 0)
{
LOG(3, s, t, "sending SCCCN to REMOTE LNS\n");
controlt *c = controlnew(3); // sending SCCCN
- controls(c, 7, hostname, 1); // host name
+ controls(c, 7, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname, 1); // host name
controls(c, 8, Vendor_name, 1); // Vendor name
control16(c, 2, version, 1); // protocol version
control32(c, 3, 3, 1); // framing Capabilities
+ if (sendchalresponse) controlb(c, 13, sendchalresponse, 16, 1); // Challenge response
control16(c, 9, t, 1); // assigned tunnel
controladd(c, 0, t); // send
}
// Set multilink options before sending initial LCP packet
sess_local[s].mp_mrru = 1614;
- sess_local[s].mp_epdis = ntohl(config->iftun_n_address[tunnel[t].indexudp] ? config->iftun_n_address[tunnel[t].indexudp] : my_address);
+ sess_local[s].mp_epdis = ntohl(config->iftun_address ? config->iftun_address : my_address);
sendlcp(s, t);
change_state(s, lcp, RequestSent);
LOG(1, s, t, "Unknown message type %u\n", message);
break;
}
- if (chapresponse) free(chapresponse);
+ if (sendchalresponse) free(sendchalresponse);
+ if (recvchalresponse) free(recvchalresponse);
cluster_send_tunnel(t);
}
else
return;
}
+ if (!config->cluster_iam_master)
+ {
+ // Check if DhcpV6, IP dst: FF02::1:2, Src Port 0x0222 (546), Dst Port 0x0223 (547)
+ if (*(p + 6) == 17 && *(p + 24) == 0xFF && *(p + 25) == 2 &&
+ *(uint32_t *)(p + 26) == 0 && *(uint32_t *)(p + 30) == 0 &&
+ *(uint16_t *)(p + 34) == 0 && *(p + 36) == 0 && *(p + 37) == 1 && *(p + 38) == 0 && *(p + 39) == 2 &&
+ *(p + 40) == 2 && *(p + 41) == 0x22 && *(p + 42) == 2 && *(p + 43) == 0x23)
+ {
+ // DHCPV6 must be managed by the Master.
+ master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd);
+ return;
+ }
+ }
+
processipv6in(s, t, p, l);
}
else if (session[s].ppp.lcp == Opened)
}
// No data in ECHO_TIMEOUT seconds, send LCP ECHO
- if (session[s].ppp.phase >= Establish && (time_now - session[s].last_packet >= config->echo_timeout) &&
- (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT))
+ if (session[s].ppp.phase >= Establish &&
+ ((!config->ppp_keepalive) ||
+ (time_now - session[s].last_packet >= config->echo_timeout)) &&
+ (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT))
{
uint8_t b[MAXETHER];
// Set default value echo_timeout and idle_echo_timeout
config->echo_timeout = ECHO_TIMEOUT;
config->idle_echo_timeout = IDLE_ECHO_TIMEOUT;
+ config->ppp_keepalive = 1;
+ // Set default RDNSS lifetime
+ config->dns6_lifetime = 1200;
log_stream = stderr;
}
LOG(3, 0, 0, "Dumping accounting information to %s\n", filename);
+ if(config->account_all_origin)
+ {
+ fprintf(*f, "# dslwatch.pl dump file V1.01\n"
+ "# host: %s\n"
+ "# endpoint: %s\n"
+ "# time: %ld\n"
+ "# uptime: %ld\n"
+ "# format: username ip qos uptxoctets downrxoctets origin(L=LAC, R=Remote LNS, P=PPPOE)\n",
+ hostname,
+ fmtaddr(config->iftun_n_address[tunnel[s->tunnel].indexudp] ? config->iftun_n_address[tunnel[s->tunnel].indexudp] : my_address, 0),
+ now,
+ now - basetime);
+ }
+ else
+ {
fprintf(*f, "# dslwatch.pl dump file V1.01\n"
"# host: %s\n"
"# endpoint: %s\n"
fmtaddr(config->iftun_n_address[tunnel[s->tunnel].indexudp] ? config->iftun_n_address[tunnel[s->tunnel].indexudp] : my_address, 0),
now,
now - basetime);
+ }
}
LOG(4, 0, 0, "Dumping accounting information for %s\n", s->user);
+ if(config->account_all_origin)
+ {
+ fprintf(*f, "%s %s %d %u %u %s\n",
+ s->user, // username
+ fmtaddr(htonl(s->ip), 0), // ip
+ (s->throttle_in || s->throttle_out) ? 2 : 1, // qos
+ (uint32_t) s->cin_delta, // uptxoctets
+ (uint32_t) s->cout_delta, // downrxoctets
+ (s->tunnel == TUNNEL_ID_PPPOE)?"P":(tunnel[s->tunnel].isremotelns?"R":"L")); // Origin
+ }
+ else if (!tunnel[s->tunnel].isremotelns && (s->tunnel != TUNNEL_ID_PPPOE))
+ {
fprintf(*f, "%s %s %d %u %u\n",
s->user, // username
fmtaddr(htonl(s->ip), 0), // ip
(s->throttle_in || s->throttle_out) ? 2 : 1, // qos
(uint32_t) s->cin_delta, // uptxoctets
(uint32_t) s->cout_delta); // downrxoctets
+ }
s->cin_delta = s->cout_delta = 0;
case 'd':
if (fork()) exit(0);
setsid();
- freopen("/dev/null", "r", stdin);
- freopen("/dev/null", "w", stdout);
- freopen("/dev/null", "w", stderr);
+ if(!freopen("/dev/null", "r", stdin)) LOG(0, 0, 0, "Error freopen stdin: %s\n", strerror(errno));
+ if(!freopen("/dev/null", "w", stdout)) LOG(0, 0, 0, "Error freopen stdout: %s\n", strerror(errno));
+ if(!freopen("/dev/null", "w", stderr)) LOG(0, 0, 0, "Error freopen stderr: %s\n", strerror(errno));
break;
case 'v':
optdebug++;
init_tbf(config->num_tbfs);
LOG(0, 0, 0, "L2TPNS version " VERSION "\n");
+ LOG(0, 0, 0, "Copyright (c) 2012, 2013, 2014 ISP FDN & SAMESWIRELESS\n");
LOG(0, 0, 0, "Copyright (c) 2003, 2004, 2005, 2006 Optus Internet Engineering\n");
LOG(0, 0, 0, "Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced\n");
{
LOG(0, 0, 0, "Can't set ulimit: %s\n", strerror(errno));
// Make core dumps go to /tmp
- chdir("/tmp");
+ if(chdir("/tmp")) LOG(0, 0, 0, "Error chdir /tmp: %s\n", strerror(errno));
}
if (config->scheduler_fifo)
initrad();
initippool();
+ dhcpv6_init();
// seed prng
{
config->iftun_n_address[config->nbmultiaddress] = htonl(ip);
config->nbmultiaddress++;
LOG(1, 0, 0, "Bind address %s\n", fmtaddr(htonl(ip), 0));
+
+ if (config->nbmultiaddress >= MAX_BINDADDR) break;
}
sip = n;
config->iftun_n_address[0] = config->iftun_address;
}
+ if (*config->multi_hostname)
+ {
+ char *shost = config->multi_hostname;
+ char *n = shost;
+ char *e = config->multi_hostname + strlen(config->multi_hostname);
+ config->nbmultihostname = 0;
+
+ while (*shost && (shost < e))
+ {
+ while ((n < e) && (*n == ' ' || *n == ',' || *n == '\t')) n++;
+
+ i = 0;
+ while (n < e && (*n != ',') && (*n != '\t'))
+ {
+ config->multi_n_hostname[config->nbmultihostname][i] = *n;
+ n++;i++;
+ }
+
+ if (i > 0)
+ {
+ config->multi_n_hostname[config->nbmultihostname][i] = 0;
+ LOG(1, 0, 0, "Bind Hostname %s\n", config->multi_n_hostname[config->nbmultihostname]);
+ config->nbmultihostname++;
+ if (config->nbmultihostname >= MAX_NBHOSTNAME) break;
+ }
+
+ shost = n;
+ }
+
+ if (config->nbmultihostname >= 1)
+ {
+ strcpy(hostname, config->multi_n_hostname[0]);
+ strcpy(config->hostname, hostname);
+ }
+ }
+
if (!*config->pppoe_ac_name)
strncpy(config->pppoe_ac_name, DEFAULT_PPPOE_AC_NAME, sizeof(config->pppoe_ac_name) - 1);
memcpy(config->old_plugins, config->plugins, sizeof(config->plugins));
if (!config->multi_read_count) config->multi_read_count = 10;
if (!config->cluster_address) config->cluster_address = inet_addr(DEFAULT_MCAST_ADDR);
+ if (!config->cluster_port) config->cluster_port = CLUSTERPORT;
if (!*config->cluster_interface)
strncpy(config->cluster_interface, DEFAULT_MCAST_INTERFACE, sizeof(config->cluster_interface) - 1);
// needs update
if (newip)
{
- int routed = 0;
+ int routed = 0;
// remove old routes...
for (i = 0; i < MAXROUTE && session[s].route[i].ip; i++)
uncache_ipmap(session[s].ip);
}
+ // remove old IPV6 routes...
+ for (i = 0; i < MAXROUTE6 && session[s].route6[i].ipv6route.s6_addr[0] && session[s].route6[i].ipv6prefixlen; i++)
+ {
+ route6set(s, session[s].route6[i].ipv6route, session[s].route6[i].ipv6prefixlen, 0);
+ }
+
+ if (session[s].ipv6address.s6_addr[0])
+ {
+ route6set(s, session[s].ipv6address, 128, 0);
+ }
+
routed = 0;
// add new routes...
}
// check v6 routing
- if (new->ipv6prefixlen && new->ppp.ipv6cp == Opened && session[s].ppp.ipv6cp != Opened)
- route6set(s, new->ipv6route, new->ipv6prefixlen, 1);
+ if (new->ppp.ipv6cp == Opened && session[s].ppp.ipv6cp != Opened)
+ {
+ for (i = 0; i < MAXROUTE6 && new->route6[i].ipv6prefixlen; i++)
+ {
+ route6set(s, new->route6[i].ipv6route, new->route6[i].ipv6prefixlen, 1);
+ }
+ }
+
+ if (new->ipv6address.s6_addr[0] && new->ppp.ipv6cp == Opened && session[s].ppp.ipv6cp != Opened)
+ {
+ // Check if included in prefix
+ if (sessionbyipv6(new->ipv6address) != s)
+ route6set(s, new->ipv6address, 128, 1);
+ }
// check filters
if (new->filter_in && (new->filter_in > MAXFILTER || !ip_filters[new->filter_in - 1].name[0]))
}
}
-int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc)
+int cmd_show_hist_idle(struct cli_def *cli, const char *command, char **argv, int argc)
{
int s, i;
int count = 0;
return CLI_OK;
}
-int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc)
+int cmd_show_hist_open(struct cli_def *cli, const char *command, char **argv, int argc)
{
int s, i;
int count = 0;
// Sent SCCRQ - Start Control Connection Request
controlt *c = controlnew(1); // sending SCCRQ
- controls(c, 7, hostname, 1); // host name
+ controls(c, 7, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname, 1); // host name
controls(c, 8, Vendor_name, 1); // Vendor name
control16(c, 2, version, 1); // protocol version
control32(c, 3, 3, 1); // framing Capabilities
projects / l2tpns.git / blobdiff