// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.49.2.1 2005/01/06 01:39:23 bodea Exp $
+// $Id: l2tpns.h,v 1.49.2.16 2005/07/03 02:40:22 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
#include <sys/types.h>
#include <libcli.h>
-#define VERSION "2.0.14"
+#define VERSION "2.0.23"
// Limits
#define MAXTUNNEL 500 // could be up to 65535
-#define MAXSESSION 50000 // could be up to 65535
+#define MAXSESSION 60000 // could be up to 65535
#define MAXTBFS 6000 // Maximum token bucket filters. Might need up to 2 * session.
-#define RADIUS_SHIFT 5
-#define RADIUS_MASK ((unsigned short)(((unsigned short)~0) >> (16 - RADIUS_SHIFT)))
-#define MAXRADIUS ((unsigned long)(1L << RADIUS_SHIFT) * 255)
+#define RADIUS_SHIFT 6
+#define RADIUS_MASK ((1 << RADIUS_SHIFT) - 1)
+#define MAXRADIUS (1 << (8 + RADIUS_SHIFT))
#define T_UNDEF (0xffff) // A tunnel ID that won't ever be used. Mark session as undefined.
#define T_FREE (0) // A tunnel ID that won't ever be used. Mark session as free.
typedef struct
{
+ // byte counters
uint32_t cin;
uint32_t cout;
-} sessioncountt;
+
+ // DoS prevention
+ clockt last_packet_out;
+ uint32_t packets_out;
+ uint32_t packets_dropped;
+} sessionlocalt;
#define SESSIONPFC 1 // PFC negotiated flags
#define SESSIONACFC 2 // ACFC negotiated flags
uint32_t tun_tx_bytes;
uint32_t tun_rx_errors;
uint32_t tun_tx_errors;
+ uint32_t tun_rx_dropped;
uint32_t tunnel_rx_packets;
uint32_t tunnel_tx_packets;
char old_plugins[64][MAXPLUGINS];
int next_tbf; // Next HTB id available to use
- int scheduler_fifo; // If the system has multiple CPUs, use FIFO scheduling policy for this process.
+ int scheduler_fifo; // If the system has multiple CPUs, use FIFO scheduling
+ // policy for this process.
int lock_pages; // Lock pages into memory.
- int icmp_rate; // Max number of ICMP unreachable per second to send>
+ int icmp_rate; // Max number of ICMP unreachable per second to send
+ int max_packets; // DoS prevention: per session limit of packets/0.1s
in_addr_t cluster_address; // Multicast address of cluster.
// Send to this address to have everyone hear.
int cluster_hb_timeout; // How many missed heartbeats trigger an election.
uint64_t cluster_table_version; // # state changes processed by cluster
+
+ int cluster_master_min_adv; // Master advertises routes while the number of up to date
+ // slaves is less than this value.
+
#ifdef BGP
#define BGP_NUM_PEERS 2
uint16_t as_number;
clockt backoff(uint8_t try);
sessionidt sessionbyip(in_addr_t ip);
sessionidt sessionbyuser(char *username);
+void sessionkill(sessionidt s, char *reason);
void sessionshutdown(sessionidt s, char *reason);
void send_garp(in_addr_t ip);
void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t);
extern tunnelt *tunnel;
extern sessiont *session;
-extern sessioncountt *sess_count;
+extern sessionlocalt *sess_local;
extern ippoolt *ip_address_pool;
#define sessionfree (session[0].next)
extern configt *config;
extern time_t basetime; // Time when this process started.
extern time_t time_now; // Seconds since EPOCH.
+extern char main_quit;
extern uint32_t last_id;
extern struct Tstats *_statistics;
extern in_addr_t my_address;