// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.55 2005/02/09 00:16:19 bodea Exp $
+// $Id: l2tpns.h,v 1.68 2005/05/08 07:13:56 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
// Limits
#define MAXTUNNEL 500 // could be up to 65535
-#define MAXSESSION 50000 // could be up to 65535
+#define MAXSESSION 60000 // could be up to 65535
#define MAXTBFS 6000 // Maximum token bucket filters. Might need up to 2 * session.
#define RADIUS_SHIFT 5
#define MAXCONTROL 1000 // max length control message we ever send...
#define MAXETHER (1500+18) // max packet we try sending to tun
#define MAXTEL 96 // telephone number
+#define MAXUSER 128 // username
+#define MAXPASS 128 // password
#define MAXPLUGINS 20 // maximum number of plugins to load
#define MAXRADSERVER 10 // max radius servers
#define MAXROUTE 10 // max static routes per session
#define ECHO_TIMEOUT 60 // Time between last packet sent and LCP ECHO generation
#define IDLE_TIMEOUT 240 // Time between last packet sent and LCP ECHO generation
#define BUSY_WAIT_TIME 3000 // 5 minutes in 1/10th seconds to wait for radius to cleanup on shutdown
+#define DEFAULT_MRU 1458 // maximum packet size to avoid fragmentation when LNS ethernet MTU is 1500
// Constants
#ifndef ETCDIR
#define LIBDIR "/usr/lib/l2tpns"
#endif
-#ifndef STATEDIR
-#define STATEDIR "/var/lib/l2tpns"
-#endif
-
#ifndef PLUGINDIR
#define PLUGINDIR LIBDIR // Plugins
#endif
#define FLASHDIR ETCDIR
#endif
-#ifndef DATADIR
-#define DATADIR STATEDIR
-#endif
-
#define TUNDEVICE "/dev/net/tun"
#define RANDOMDEVICE "/dev/urandom" // default, not as secure as /dev/random but non-blocking
-#define STATEFILE DATADIR "/state.dump" // State dump file
#define CONFIGFILE FLASHDIR "/startup-config" // Configuration file
#define CLIUSERS FLASHDIR "/users" // CLI Users file
#define IPPOOLFILE FLASHDIR "/ip_pool" // Address pool configuration
#define CLI_TUN_KILL 0x01
-// dump header: update number if internal format changes
-#define DUMP_MAGIC "L2TPNS#" VERSION "#"
-
// structures
typedef struct // route
{
sessionidt next; // next session in linked list
sessionidt far; // far end session ID
tunnelidt tunnel; // near end tunnel ID
+ uint8_t l2tp_flags; // various bit flags from the ICCN on the l2tp tunnel.
+ uint8_t flags; // Various session flags.
in_addr_t ip; // IP of session set by RADIUS response (host byte order).
int ip_pool_index; // index to IP pool
- unsigned long unique_id; // unique session id
+ uint32_t unique_id; // unique session id
uint16_t nr; // next receive
uint16_t ns; // next send
uint32_t magic; // ppp magic number
uint32_t pin, pout; // packet counts
uint32_t total_cin; // This counter is never reset while a session is open
uint32_t total_cout; // This counter is never reset while a session is open
- uint32_t id; // session id
uint16_t throttle_in; // upstream throttle rate (kbps)
uint16_t throttle_out; // downstream throttle rate
+ uint8_t filter_in; // input filter index (to ip_filters[N-1]; 0 if none)
+ uint8_t filter_out; // output filter index
+ uint16_t mru; // maximum receive unit
clockt opened; // when started
clockt die; // being closed, when to finally free
time_t last_packet; // Last packet from the user (used for idle timeouts)
in_addr_t dns1, dns2; // DNS servers
routet route[MAXROUTE]; // static routes
- uint16_t radius; // which radius session is being used (0 for not waiting on authentication)
- uint16_t mru; // maximum receive unit
uint16_t tbf_in; // filter bucket for throttling in from the user.
uint16_t tbf_out; // filter bucket for throttling out to the user.
- uint8_t l2tp_flags; // various bit flags from the ICCN on the l2tp tunnel.
- uint8_t reserved_old_snoop; // No longer used - remove at some time
- uint8_t walled_garden; // is this session gardened?
- uint8_t flags1; // additional flags (currently unused);
- char random_vector[MAXTEL];
int random_vector_length;
- char user[129]; // user (needed in seesion for radius stop messages) (can we reduce this? --mo)
+ char random_vector[MAXTEL];
+ char user[MAXUSER]; // user (needed in seesion for radius stop messages)
char called[MAXTEL]; // called number
char calling[MAXTEL]; // calling number
uint32_t tx_connect_speed;
uint32_t rx_connect_speed;
- uint32_t flags; // Various session flags.
in_addr_t snoop_ip; // Interception destination IP
uint16_t snoop_port; // Interception destination port
- uint16_t sid; // near end session id.
- uint8_t filter_in; // input filter index (to ip_filters[N-1]; 0 if none)
- uint8_t filter_out; // output filter index
- struct in6_addr ipv6route; // Static IPv6 route
+ uint8_t walled_garden; // is this session gardened?
uint8_t ipv6prefixlen; // IPv6 route prefix length
- char reserved[1]; // Space to expand structure without changing HB_VERSION
+ struct in6_addr ipv6route; // Static IPv6 route
+ char reserved[24]; // Space to expand structure without changing HB_VERSION
}
sessiont;
clockt last_packet_out;
uint32_t packets_out;
uint32_t packets_dropped;
+
+ // RADIUS session in use
+ uint16_t radius;
+
+ // interim RADIUS
+ time_t last_interim;
} sessionlocalt;
#define SESSIONPFC 1 // PFC negotiated flags
RADIUSIPCP, // sending IPCP to end user
RADIUSSTART, // sending start accounting to RADIUS server
RADIUSSTOP, // sending stop accounting to RADIUS server
+ RADIUSINTERIM, // sending interim accounting to RADIUS server
RADIUSWAIT, // waiting timeout before available, in case delayed replies
- RADIUSDEAD, // errored while talking to radius server.
};
struct Tstats
char radiussecret[64];
int radius_accounting;
+ int radius_interim;
in_addr_t radiusserver[MAXRADSERVER]; // radius servers
uint16_t radiusport[MAXRADSERVER]; // radius base ports
uint8_t numradiusservers; // radius server count
void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
void sendchap(tunnelidt t, sessionidt s);
uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, tunnelidt t, sessionidt s, uint16_t mtype);
-void initlcp(tunnelidt t, sessionidt s);
+void sendlcp(tunnelidt t, sessionidt s, int authtype);
void send_ipin(sessionidt s, uint8_t *buf, int len);
sessionidt sessionbyipv6(struct in6_addr ip);
sessionidt sessionbyuser(char *username);
void random_data(uint8_t *buf, int len);
-void sessionshutdown(sessionidt s, char *reason);
+void sessionkill(sessionidt s, char *reason);
+void sessionshutdown(sessionidt s, char *reason, int result, int error);
void send_garp(in_addr_t ip);
void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t);
void sendipcp(tunnelidt t, sessionidt s);