// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.39 2004-11-28 02:53:11 bodea Exp $
+// $Id: l2tpns.h,v 1.46 2004-12-13 02:27:31 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
#include <sys/types.h>
#include <libcli.h>
-#define VERSION "2.0.9"
+#define VERSION "2.0.13"
// Limits
#define MAXTUNNEL 500 // could be up to 65535
#define CLIUSERS FLASHDIR "/users" // CLI Users file
#define IPPOOLFILE FLASHDIR "/ip_pool" // Address pool configuration
#define ACCT_TIME 3000 // 5 minute accounting interval
+#define ACCT_SHUT_TIME 600 // 1 minute for counters of shutdown sessions
#define L2TPPORT 1701 // L2TP port
#define RADPORT 1645 // old radius port...
#define PKTARP 0x0806 // ARP packet type
// Types
typedef unsigned short u16;
typedef unsigned int u32;
+typedef unsigned long long u64;
typedef unsigned char u8;
typedef u32 ipt;
typedef u16 portt;
char level;
sessionidt session;
tunnelidt tunnel;
- ipt address;
char message[MAX_LOG_LENGTH];
} buffer[RINGBUFFER_SIZE];
int head;
int cluster_hb_interval; // How often to send a heartbeat.
int cluster_hb_timeout; // How many missed heartbeats trigger an election.
+ u64 cluster_table_version; // # state changes processed by cluster
#ifdef BGP
#define BGP_NUM_PEERS 2
#define FILTER_PORT_OP_GT 3
#define FILTER_PORT_OP_LT 4
#define FILTER_PORT_OP_RANGE 5
- portt port;
- portt port2; // for range
+ portt port; // port (host byte order)
+ portt port2; // range
} ip_filter_portt;
typedef struct
int action; // permit/deny
#define FILTER_ACTION_DENY 1
#define FILTER_ACTION_PERMIT 2
- int proto; // protocol: IPPROTO_* (netinet/in.h)
- ipt src_ip; // source ip
+ u8 proto; // protocol: IPPROTO_* (netinet/in.h)
+ ipt src_ip; // source ip (network byte order)
ipt src_wild;
ip_filter_portt src_ports;
ipt dst_ip; // dest ip
ipt dst_wild;
ip_filter_portt dst_ports;
- u8 tcp_flag_op; // match type: any, all
-#define FILTER_FLAG_OP_ANY 0
-#define FILTER_FLAG_OP_ALL 1
+ u8 frag; // apply to non-initial fragments
+ u8 tcp_flag_op; // match type: any, all, established
+#define FILTER_FLAG_OP_ANY 1
+#define FILTER_FLAG_OP_ALL 2
+#define FILTER_FLAG_OP_EST 3
u8 tcp_sflags; // flags set
u8 tcp_cflags; // flags clear
+ u32 counter; // match count
} ip_filter_rulet;
#define TCP_FLAG_FIN 0x01
void sendipcp(tunnelidt t, sessionidt s);
void processudp(u8 * buf, int len, struct sockaddr_in *addr);
void snoop_send_packet(char *packet, u16 size, ipt destination, u16 port);
+int ip_filter(u8 *buf, int len, u8 filter);
int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc);
int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc);
int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc);
#undef LOG
#undef LOG_HEX
-#define LOG(D, a, s, t, f, ...) ({ if (D <= config->debug) _log(D, a, s, t, f, ## __VA_ARGS__); })
+#define LOG(D, s, t, f, ...) ({ if (D <= config->debug) _log(D, s, t, f, ## __VA_ARGS__); })
#define LOG_HEX(D, t, d, s) ({ if (D <= config->debug) _log_hex(D, t, d, s); })
-void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 5, 6)));
+void _log(int level, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 4, 5)));
void _log_hex(int level, const char *title, const char *data, int maxsize);
int sessionsetup(tunnelidt t, sessionidt s);
void *array[20]; \
char **strings; \
int size, i; \
- LOG(0, 0, 0, t, "Backtrace follows"); \
+ LOG(0, 0, t, "Backtrace follows"); \
size = backtrace(array, 10); \
strings = backtrace_symbols(array, size); \
if (strings) for (i = 0; i < size; i++) \
{ \
- LOG(0, 0, 0, t, "%s\n", strings[i]); \
+ LOG(0, 0, t, "%s\n", strings[i]); \
} \
free(strings); \
}