// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.49 2004/12/17 00:28:00 bodea Exp $
+// $Id: l2tpns.h,v 1.49.2.5 2005/04/01 08:54:12 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
#include <sys/types.h>
#include <libcli.h>
-#define VERSION "2.0.13"
+#define VERSION "2.0.17"
// Limits
#define MAXTUNNEL 500 // could be up to 65535
-#define MAXSESSION 50000 // could be up to 65535
+#define MAXSESSION 60000 // could be up to 65535
#define MAXTBFS 6000 // Maximum token bucket filters. Might need up to 2 * session.
#define RADIUS_SHIFT 5
typedef struct
{
+ // byte counters
uint32_t cin;
uint32_t cout;
-} sessioncountt;
+
+ // DoS prevention
+ clockt last_packet_out;
+ uint32_t packets_out;
+ uint32_t packets_dropped;
+} sessionlocalt;
#define SESSIONPFC 1 // PFC negotiated flags
#define SESSIONACFC 2 // ACFC negotiated flags
uint32_t tun_tx_bytes;
uint32_t tun_rx_errors;
uint32_t tun_tx_errors;
+ uint32_t tun_rx_dropped;
uint32_t tunnel_rx_packets;
uint32_t tunnel_tx_packets;
int next_tbf; // Next HTB id available to use
int scheduler_fifo; // If the system has multiple CPUs, use FIFO scheduling policy for this process.
int lock_pages; // Lock pages into memory.
- int icmp_rate; // Max number of ICMP unreachable per second to send>
+ int icmp_rate; // Max number of ICMP unreachable per second to send
+ int max_packets; // DoS prevention: per session limit of packets/0.1s
in_addr_t cluster_address; // Multicast address of cluster.
// Send to this address to have everyone hear.
clockt backoff(uint8_t try);
sessionidt sessionbyip(in_addr_t ip);
sessionidt sessionbyuser(char *username);
+void sessionkill(sessionidt s, char *reason);
void sessionshutdown(sessionidt s, char *reason);
void send_garp(in_addr_t ip);
void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t);
extern tunnelt *tunnel;
extern sessiont *session;
-extern sessioncountt *sess_count;
+extern sessionlocalt *sess_local;
extern ippoolt *ip_address_pool;
#define sessionfree (session[0].next)