Change log level
[l2tpns.git] / l2tpns.c
index ec224bd..0838607 100644 (file)
--- a/l2tpns.c
+++ b/l2tpns.c
@@ -10,6 +10,7 @@
 #include <fcntl.h>
 #include <linux/if_tun.h>
 #define SYSLOG_NAMES
+#include <stdio.h>
 #include <syslog.h>
 #include <malloc.h>
 #include <net/route.h>
@@ -19,7 +20,6 @@
 #include <netinet/ip6.h>
 #include <stdarg.h>
 #include <stdlib.h>
-#include <stdio.h>
 #include <string.h>
 #include <ctype.h>
 #include <sys/ioctl.h>
@@ -40,6 +40,7 @@
 #include <linux/rtnetlink.h>
 
 #include "md5.h"
+#include "dhcp6.h"
 #include "l2tpns.h"
 #include "cluster.h"
 #include "plugin.h"
@@ -55,6 +56,7 @@
 
 #include "l2tplac.h"
 #include "pppoe.h"
+#include "dhcp6.h"
 
 char * Vendor_name = "Linux L2TPNS";
 uint32_t call_serial_number = 0;
@@ -100,7 +102,7 @@ union iphash {
 struct ipv6radix {
        sessionidt sess;
        struct ipv6radix *branch;
-} ipv6_hash[256];              // Mapping from IPv6 address to session structures.
+} ipv6_hash[16];               // Mapping from IPv6 address to session structures.
 
 // Traffic counters.
 static uint32_t udp_rx = 0, udp_rx_pkt = 0, udp_tx = 0;
@@ -130,6 +132,7 @@ config_descriptt config_values[] = {
        CONFIG("ppp_restart_time", ppp_restart_time, INT),
        CONFIG("ppp_max_configure", ppp_max_configure, INT),
        CONFIG("ppp_max_failure", ppp_max_failure, INT),
+       CONFIG("ppp_keepalive", ppp_keepalive, BOOL),
        CONFIG("primary_dns", default_dns1, IPv4),
        CONFIG("secondary_dns", default_dns2, IPv4),
        CONFIG("primary_radius", radiusserver[0], IPv4),
@@ -160,6 +163,7 @@ config_descriptt config_values[] = {
        CONFIG("icmp_rate", icmp_rate, INT),
        CONFIG("packet_limit", max_packets, INT),
        CONFIG("cluster_address", cluster_address, IPv4),
+       CONFIG("cluster_port", cluster_port, INT),
        CONFIG("cluster_interface", cluster_interface, STRING),
        CONFIG("cluster_mcast_ttl", cluster_mcast_ttl, INT),
        CONFIG("cluster_hb_interval", cluster_hb_interval, INT),
@@ -188,6 +192,14 @@ config_descriptt config_values[] = {
        CONFIG("bind_multi_address", bind_multi_address, STRING),
        CONFIG("pppoe_only_equal_svc_name", pppoe_only_equal_svc_name, BOOL),
        CONFIG("multi_hostname", multi_hostname, STRING),
+       CONFIG("no_throttle_local_IP", no_throttle_local_IP, BOOL),
+       CONFIG("dhcp6_preferred_lifetime", dhcp6_preferred_lifetime, INT),
+       CONFIG("dhcp6_valid_lifetime", dhcp6_valid_lifetime, INT),
+       CONFIG("dhcp6_server_duid", dhcp6_server_duid, INT),
+       CONFIG("dns6_lifetime", dns6_lifetime, INT),
+       CONFIG("primary_ipv6_dns", default_ipv6_dns1, IPv6),
+       CONFIG("secondary_ipv6_dns", default_ipv6_dns2, IPv6),
+       CONFIG("default_ipv6_domain_list", default_ipv6_domain_list, STRING),
        { NULL, 0, 0, 0 }
 };
 
@@ -973,20 +985,24 @@ static sessionidt lookup_ipv6map(struct in6_addr ip)
        int s;
        char ipv6addr[INET6_ADDRSTRLEN];
 
-       curnode = &ipv6_hash[ip.s6_addr[0]];
+       curnode = &ipv6_hash[((ip.s6_addr[0]) & 0xF0)>>4];
        i = 1;
        s = curnode->sess;
 
-       while (s == 0 && i < 15 && curnode->branch != NULL)
+       while (s == 0 && i < 32 && curnode->branch != NULL)
        {
-               curnode = &curnode->branch[ip.s6_addr[i]];
+               if (i & 1)
+                       curnode = &curnode->branch[ip.s6_addr[i>>1] & 0x0F];
+               else
+                       curnode = &curnode->branch[(ip.s6_addr[i>>1] & 0xF0)>>4];
+
                s = curnode->sess;
                i++;
        }
 
        LOG(4, s, session[s].tunnel, "Looking up address %s and got %d\n",
-                       inet_ntop(AF_INET6, &ip, ipv6addr,
-                               INET6_ADDRSTRLEN),
+                       inet_ntop(AF_INET6, &ip, ipv6addr,
+                       INET6_ADDRSTRLEN),
                        s);
 
        return s;
@@ -1013,8 +1029,10 @@ sessionidt sessionbyipv6(struct in6_addr ip)
                 ip.s6_addr[1] == 0x80 &&
                 ip.s6_addr16[1] == 0 &&
                 ip.s6_addr16[2] == 0 &&
-                ip.s6_addr16[3] == 0)) {
-               s = lookup_ipmap(*(in_addr_t *) &ip.s6_addr[8]);
+                ip.s6_addr16[3] == 0))
+       {
+               in_addr_t *pipv4 = (in_addr_t *) &ip.s6_addr[8];
+               s = lookup_ipmap(*pipv4);
        } else {
                s = lookup_ipv6map(ip);
        }
@@ -1025,6 +1043,19 @@ sessionidt sessionbyipv6(struct in6_addr ip)
        return 0;
 }
 
+sessionidt sessionbyipv6new(struct in6_addr ip)
+{
+       sessionidt s;
+       CSTAT(sessionbyipv6new);
+
+       s = lookup_ipv6map(ip);
+
+       if (s > 0 && s < MAXSESSION && session[s].opened)
+               return s;
+
+       return 0;
+}
+
 //
 // Take an IP address in HOST byte order and
 // add it to the sessionid by IP cache.
@@ -1064,22 +1095,28 @@ static void uncache_ipmap(in_addr_t ip)
 static void cache_ipv6map(struct in6_addr ip, int prefixlen, sessionidt s)
 {
        int i;
-       int bytes;
+       int niblles;
        struct ipv6radix *curnode;
        char ipv6addr[INET6_ADDRSTRLEN];
 
-       curnode = &ipv6_hash[ip.s6_addr[0]];
+       curnode = &ipv6_hash[((ip.s6_addr[0]) & 0xF0)>>4];
 
-       bytes = prefixlen >> 3;
+       niblles = prefixlen >> 2;
        i = 1;
-       while (i < bytes) {
+
+       while (i < niblles)
+       {
                if (curnode->branch == NULL)
                {
-                       if (!(curnode->branch = calloc(256,
-                                       sizeof (struct ipv6radix))))
+                       if (!(curnode->branch = calloc(16, sizeof (struct ipv6radix))))
                                return;
                }
-               curnode = &curnode->branch[ip.s6_addr[i]];
+
+               if (i & 1)
+                       curnode = &curnode->branch[ip.s6_addr[i>>1] & 0x0F];
+               else
+                       curnode = &curnode->branch[(ip.s6_addr[i>>1] & 0xF0)>>4];
+
                i++;
        }
 
@@ -1087,20 +1124,20 @@ static void cache_ipv6map(struct in6_addr ip, int prefixlen, sessionidt s)
 
        if (s > 0)
                LOG(4, s, session[s].tunnel, "Caching ip address %s/%d\n",
-                               inet_ntop(AF_INET6, &ip, ipv6addr, 
-                                       INET6_ADDRSTRLEN),
+                               inet_ntop(AF_INET6, &ip, ipv6addr,
+                               INET6_ADDRSTRLEN),
                                prefixlen);
        else if (s == 0)
                LOG(4, 0, 0, "Un-caching ip address %s/%d\n",
-                               inet_ntop(AF_INET6, &ip, ipv6addr, 
-                                       INET6_ADDRSTRLEN),
+                               inet_ntop(AF_INET6, &ip, ipv6addr,
+                               INET6_ADDRSTRLEN),
                                prefixlen);
 }
 
 //
 // CLI list to dump current ipcache.
 //
-int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc)
+int cmd_show_ipcache(struct cli_def *cli, const char *command, char **argv, int argc)
 {
        union iphash *d = ip_hash, *e, *f, *g;
        int i, j, k, l;
@@ -1144,7 +1181,6 @@ int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc)
        return CLI_OK;
 }
 
-
 // Find session by username, 0 for not found
 // walled garden users aren't authenticated, so the username is
 // reasonably useless. Ignore them to avoid incorrect actions
@@ -1415,7 +1451,7 @@ void processipout(uint8_t *buf, int len)
        sessionidt s;
        sessiont *sp;
        tunnelidt t;
-       in_addr_t ip;
+       in_addr_t ip, ip_src;
 
        uint8_t *data = buf;    // Keep a copy of the originals.
        int size = len;
@@ -1448,6 +1484,7 @@ void processipout(uint8_t *buf, int len)
                return;
        }
 
+       ip_src = *(uint32_t *)(buf + 12);
        ip = *(uint32_t *)(buf + 16);
        if (!(s = sessionbyip(ip)))
        {
@@ -1532,12 +1569,15 @@ void processipout(uint8_t *buf, int len)
 
        if (sp->tbf_out)
        {
-               // Are we throttling this session?
-               if (config->cluster_iam_master)
-                       tbf_queue_packet(sp->tbf_out, data, size);
-               else
-                       master_throttle_packet(sp->tbf_out, data, size);
-               return;
+               if (!config->no_throttle_local_IP || !sessionbyip(ip_src))
+               {
+                       // Are we throttling this session?
+                       if (config->cluster_iam_master)
+                               tbf_queue_packet(sp->tbf_out, data, size);
+                       else
+                               master_throttle_packet(sp->tbf_out, data, size);
+                       return;
+               }
        }
 
        if (sp->walled_garden && !config->cluster_iam_master)
@@ -1677,7 +1717,6 @@ static void processipv6out(uint8_t * buf, int len)
        sessionidt s;
        sessiont *sp;
        tunnelidt t;
-       in_addr_t ip;
        struct in6_addr ip6;
 
        uint8_t *data = buf;    // Keep a copy of the originals.
@@ -1716,10 +1755,9 @@ static void processipv6out(uint8_t * buf, int len)
 
        if (s == 0)
        {
-               ip = *(uint32_t *)(buf + 32);
-               s = sessionbyip(ip);
+               s = sessionbyipv6new(ip6);
        }
-       
+
        if (s == 0)
        {
                // Is this a packet for a session that doesn't exist?
@@ -1799,6 +1837,8 @@ static void send_ipout(sessionidt s, uint8_t *buf, int len)
 {
        sessiont *sp;
        tunnelidt t;
+       uint8_t *p;
+       uint8_t *data = buf;    // Keep a copy of the originals.
 
        uint8_t b[MAXETHER + 20];
 
@@ -1821,11 +1861,14 @@ static void send_ipout(sessionidt s, uint8_t *buf, int len)
        LOG(5, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
 
        // Add on L2TP header
-       {
-               uint8_t *p = makeppp(b, sizeof(b), buf, len, s, t, PPPIP, 0, 0, 0);
-               if (!p) return;
-               tunnelsend(b, len + (p-b), t); // send it...
-       }
+       if (*(uint16_t *) (data + 2) == htons(PKTIPV6))
+               p = makeppp(b, sizeof(b), buf, len, s, t, PPPIPV6, 0, 0, 0); // IPV6
+       else
+               p = makeppp(b, sizeof(b), buf, len, s, t, PPPIP, 0, 0, 0); // IPV4
+
+       if (!p) return;
+
+       tunnelsend(b, len + (p-b), t); // send it...
 
        // Snooping this session.
        if (sp->snoop_ip && sp->snoop_port)
@@ -1844,10 +1887,11 @@ static void send_ipout(sessionidt s, uint8_t *buf, int len)
 static void control16(controlt * c, uint16_t avp, uint16_t val, uint8_t m)
 {
        uint16_t l = (m ? 0x8008 : 0x0008);
-       *(uint16_t *) (c->buf + c->length + 0) = htons(l);
-       *(uint16_t *) (c->buf + c->length + 2) = htons(0);
-       *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
-       *(uint16_t *) (c->buf + c->length + 6) = htons(val);
+       uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+       pint16[0] = htons(l);
+       pint16[1] = htons(0);
+       pint16[2] = htons(avp);
+       pint16[3] = htons(val);
        c->length += 8;
 }
 
@@ -1855,10 +1899,12 @@ static void control16(controlt * c, uint16_t avp, uint16_t val, uint8_t m)
 static void control32(controlt * c, uint16_t avp, uint32_t val, uint8_t m)
 {
        uint16_t l = (m ? 0x800A : 0x000A);
-       *(uint16_t *) (c->buf + c->length + 0) = htons(l);
-       *(uint16_t *) (c->buf + c->length + 2) = htons(0);
-       *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
-       *(uint32_t *) (c->buf + c->length + 6) = htonl(val);
+       uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+       uint32_t *pint32 = (uint32_t *) (c->buf + c->length + 6);
+       pint16[0] = htons(l);
+       pint16[1] = htons(0);
+       pint16[2] = htons(avp);
+       pint32[0] = htonl(val);
        c->length += 10;
 }
 
@@ -1866,9 +1912,10 @@ static void control32(controlt * c, uint16_t avp, uint32_t val, uint8_t m)
 static void controls(controlt * c, uint16_t avp, char *val, uint8_t m)
 {
        uint16_t l = ((m ? 0x8000 : 0) + strlen(val) + 6);
-       *(uint16_t *) (c->buf + c->length + 0) = htons(l);
-       *(uint16_t *) (c->buf + c->length + 2) = htons(0);
-       *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
+       uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+       pint16[0] = htons(l);
+       pint16[1] = htons(0);
+       pint16[2] = htons(avp);
        memcpy(c->buf + c->length + 6, val, strlen(val));
        c->length += 6 + strlen(val);
 }
@@ -1877,9 +1924,10 @@ static void controls(controlt * c, uint16_t avp, char *val, uint8_t m)
 static void controlb(controlt * c, uint16_t avp, uint8_t *val, unsigned int len, uint8_t m)
 {
        uint16_t l = ((m ? 0x8000 : 0) + len + 6);
-       *(uint16_t *) (c->buf + c->length + 0) = htons(l);
-       *(uint16_t *) (c->buf + c->length + 2) = htons(0);
-       *(uint16_t *) (c->buf + c->length + 4) = htons(avp);
+       uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0);
+       pint16[0] = htons(l);
+       pint16[1] = htons(0);
+       pint16[2] = htons(avp);
        memcpy(c->buf + c->length + 6, val, len);
        c->length += 6 + len;
 }
@@ -1924,10 +1972,11 @@ static void controlnull(tunnelidt t)
 // add a control message to a tunnel, and send if within window
 static void controladd(controlt *c, sessionidt far, tunnelidt t)
 {
-       *(uint16_t *) (c->buf + 2) = htons(c->length); // length
-       *(uint16_t *) (c->buf + 4) = htons(tunnel[t].far); // tunnel
-       *(uint16_t *) (c->buf + 6) = htons(far); // session
-       *(uint16_t *) (c->buf + 8) = htons(tunnel[t].ns); // sequence
+       uint16_t *pint16 = (uint16_t *) (c->buf + 2);
+       pint16[0] = htons(c->length); // length
+       pint16[1] = htons(tunnel[t].far); // tunnel
+       pint16[2] = htons(far); // session
+       pint16[3] = htons(tunnel[t].ns); // sequence
        tunnel[t].ns++;              // advance sequence
        // link in message in to queue
        if (tunnel[t].controlc)
@@ -2102,9 +2151,17 @@ void sessionshutdown(sessionidt s, char const *reason, int cdn_result, int cdn_e
                        free_ip_address(s);
 
                // unroute IPv6, if setup
-               if (session[s].ppp.ipv6cp == Opened && session[s].ipv6prefixlen && del_routes)
-                       route6set(s, session[s].ipv6route, session[s].ipv6prefixlen, 0);
-               
+               for (r = 0; r < MAXROUTE6 && session[s].route6[r].ipv6route.s6_addr[0] && session[s].route6[r].ipv6prefixlen; r++)
+               {
+                       if (del_routes) route6set(s, session[s].route6[r].ipv6route, session[s].route6[r].ipv6prefixlen, 0);
+                       memset(&session[s].route6[r], 0, sizeof(session[s].route6[r]));
+               }
+
+               if (session[s].ipv6address.s6_addr[0] && del_routes)
+               {
+                       route6set(s, session[s].ipv6address, 128, 0);
+               }
+
                if (b)
                {
                        // This session was part of a bundle
@@ -2158,8 +2215,15 @@ void sessionshutdown(sessionidt s, char const *reason, int cdn_result, int cdn_e
                                                cache_ipmap(session[new_s].ip, new_s);
 
                                                // IPV6 route
-                                               if (session[new_s].ipv6prefixlen)
-                                                       cache_ipv6map(session[new_s].ipv6route, session[new_s].ipv6prefixlen, new_s);
+                                               for (r = 0; r < MAXROUTE6 && session[new_s].route6[r].ipv6prefixlen; r++)
+                                               {
+                                                       cache_ipv6map(session[new_s].route6[r].ipv6route, session[new_s].route6[r].ipv6prefixlen, new_s);
+                                               }
+
+                                               if (session[new_s].ipv6address.s6_addr[0])
+                                               {
+                                                       cache_ipv6map(session[new_s].ipv6address, 128, new_s);
+                                               }
                                        }
                                }
                        }
@@ -2652,7 +2716,14 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                        result = 2; // general error
                                        error = 3; // reserved field non-zero
                                        msg = 0;
-                                       continue; // next
+                                       if (n == 0)
+                                       {
+                                               // if continue a infinity loop is created.
+                                               LOG(1, s, t, "It's infinite loop protection %02X\n", *b);
+                                               return;
+                                       }
+                                       else
+                                               continue; // next
                                }
                                b += 2;
                                if (*(uint16_t *) (b))
@@ -2662,7 +2733,14 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                        result = 2; // general error
                                        error = 6; // generic vendor-specific error
                                        msg = "unsupported vendor-specific";
-                                       continue; // next
+                                       if (n == 0)
+                                       {
+                                               // if continue a infinity loop is created.
+                                               LOG(1, s, t, "It's infinite loop protection %02X\n", *b);
+                                               return;
+                                       }
+                                       else
+                                               continue; // next
                                }
                                b += 2;
                                mtype = ntohs(*(uint16_t *) (b));
@@ -2722,7 +2800,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                        n = orig_len;
                                }
 
-                               LOG(4, s, t, "   AVP %u (%s) len %d%s%s\n", mtype, l2tp_avp_name(mtype), n,
+                               LOG(3, s, t, "   AVP %u (%s) len %d%s%s\n", mtype, l2tp_avp_name(mtype), n,
                                        flags & 0x40 ? ", hidden" : "", flags & 0x80 ? ", mandatory" : "");
 
                                switch (mtype)
@@ -2730,7 +2808,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                case 0:     // message type
                                        message = ntohs(*(uint16_t *) b);
                                        mandatory = flags & 0x80;
-                                       LOG(4, s, t, "   Message type = %u (%s)\n", message, l2tp_code(message));
+                                       LOG(3, s, t, "   Message type = %u (%s)\n", message, l2tp_code(message));
                                        break;
                                case 1:     // result code
                                        {
@@ -2753,15 +2831,15 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                                                cause = TERM_ADMIN_RESET;
                                                }
 
-                                               LOG(4, s, t, "   Result Code %u: %s\n", rescode, resdesc);
+                                               LOG(3, s, t, "   Result Code %u: %s\n", rescode, resdesc);
                                                if (n >= 4)
                                                {
                                                        uint16_t errcode = ntohs(*(uint16_t *)(b + 2));
                                                        errdesc = l2tp_error_code(errcode);
-                                                       LOG(4, s, t, "   Error Code %u: %s\n", errcode, errdesc);
+                                                       LOG(3, s, t, "   Error Code %u: %s\n", errcode, errdesc);
                                                }
                                                if (n > 4)
-                                                       LOG(4, s, t, "   Error String: %.*s\n", n-4, b+4);
+                                                       LOG(3, s, t, "   Error String: %.*s\n", n-4, b+4);
 
                                                if (cause && disc_cause_set < mtype) // take cause from attrib 46 in preference
                                                {
@@ -2776,7 +2854,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                case 2:     // protocol version
                                        {
                                                version = ntohs(*(uint16_t *) (b));
-                                               LOG(4, s, t, "   Protocol version = %u\n", version);
+                                               LOG(3, s, t, "   Protocol version = %u\n", version);
                                                if (version && version != 0x0100)
                                                {   // allow 0.0 and 1.0
                                                        LOG(1, s, t, "   Bad protocol version %04X\n", version);
@@ -2800,27 +2878,27 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                case 7:     // host name
                                        memset(tunnel[t].hostname, 0, sizeof(tunnel[t].hostname));
                                        memcpy(tunnel[t].hostname, b, (n < sizeof(tunnel[t].hostname)) ? n : sizeof(tunnel[t].hostname) - 1);
-                                       LOG(4, s, t, "   Tunnel hostname = \"%s\"\n", tunnel[t].hostname);
+                                       LOG(3, s, t, "   Tunnel hostname = \"%s\"\n", tunnel[t].hostname);
                                        // TBA - to send to RADIUS
                                        break;
                                case 8:     // vendor name
                                        memset(tunnel[t].vendor, 0, sizeof(tunnel[t].vendor));
                                        memcpy(tunnel[t].vendor, b, (n < sizeof(tunnel[t].vendor)) ? n : sizeof(tunnel[t].vendor) - 1);
-                                       LOG(4, s, t, "   Vendor name = \"%s\"\n", tunnel[t].vendor);
+                                       LOG(3, s, t, "   Vendor name = \"%s\"\n", tunnel[t].vendor);
                                        break;
                                case 9:     // assigned tunnel
                                        tunnel[t].far = ntohs(*(uint16_t *) (b));
-                                       LOG(4, s, t, "   Remote tunnel id = %u\n", tunnel[t].far);
+                                       LOG(3, s, t, "   Remote tunnel id = %u\n", tunnel[t].far);
                                        break;
                                case 10:    // rx window
                                        tunnel[t].window = ntohs(*(uint16_t *) (b));
                                        if (!tunnel[t].window)
                                                tunnel[t].window = 1; // window of 0 is silly
-                                       LOG(4, s, t, "   rx window = %u\n", tunnel[t].window);
+                                       LOG(3, s, t, "   rx window = %u\n", tunnel[t].window);
                                        break;
                                case 11:        // Request Challenge
                                        {
-                                               LOG(4, s, t, "   LAC requested CHAP authentication for tunnel\n");
+                                               LOG(3, s, t, "   LAC requested CHAP authentication for tunnel\n");
                                                if (message == 1)
                                                        build_chap_response(b, 2, n, &sendchalresponse);
                                                else if (message == 2)
@@ -2841,28 +2919,28 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
 
                                case 14:    // assigned session
                                        asession = session[s].far = ntohs(*(uint16_t *) (b));
-                                       LOG(4, s, t, "   assigned session = %u\n", asession);
+                                       LOG(3, s, t, "   assigned session = %u\n", asession);
                                        break;
                                case 15:    // call serial number
-                                       LOG(4, s, t, "   call serial number = %u\n", ntohl(*(uint32_t *)b));
+                                       LOG(3, s, t, "   call serial number = %u\n", ntohl(*(uint32_t *)b));
                                        break;
                                case 18:    // bearer type
-                                       LOG(4, s, t, "   bearer type = %u\n", ntohl(*(uint32_t *)b));
+                                       LOG(3, s, t, "   bearer type = %u\n", ntohl(*(uint32_t *)b));
                                        // TBA - for RADIUS
                                        break;
                                case 19:    // framing type
-                                       LOG(4, s, t, "   framing type = %u\n", ntohl(*(uint32_t *)b));
+                                       LOG(3, s, t, "   framing type = %u\n", ntohl(*(uint32_t *)b));
                                        // TBA
                                        break;
                                case 21:    // called number
                                        memset(called, 0, sizeof(called));
                                        memcpy(called, b, (n < sizeof(called)) ? n : sizeof(called) - 1);
-                                       LOG(4, s, t, "   Called <%s>\n", called);
+                                       LOG(3, s, t, "   Called <%s>\n", called);
                                        break;
                                case 22:    // calling number
                                        memset(calling, 0, sizeof(calling));
                                        memcpy(calling, b, (n < sizeof(calling)) ? n : sizeof(calling) - 1);
-                                       LOG(4, s, t, "   Calling <%s>\n", calling);
+                                       LOG(3, s, t, "   Calling <%s>\n", calling);
                                        break;
                                case 23:    // subtype
                                        break;
@@ -2879,7 +2957,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                                memcpy(tmp, b, (n < sizeof(tmp)) ? n : sizeof(tmp) - 1);
                                                session[s].tx_connect_speed = atol(tmp);
                                        }
-                                       LOG(4, s, t, "   TX connect speed <%u>\n", session[s].tx_connect_speed);
+                                       LOG(3, s, t, "   TX connect speed <%u>\n", session[s].tx_connect_speed);
                                        break;
                                case 38:    // rx connect speed
                                        if (n == 4)
@@ -2894,18 +2972,18 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                                memcpy(tmp, b, (n < sizeof(tmp)) ? n : sizeof(tmp) - 1);
                                                session[s].rx_connect_speed = atol(tmp);
                                        }
-                                       LOG(4, s, t, "   RX connect speed <%u>\n", session[s].rx_connect_speed);
+                                       LOG(3, s, t, "   RX connect speed <%u>\n", session[s].rx_connect_speed);
                                        break;
                                case 25:    // Physical Channel ID
                                        {
                                                uint32_t tmp = ntohl(*(uint32_t *) b);
-                                               LOG(4, s, t, "   Physical Channel ID <%X>\n", tmp);
+                                               LOG(3, s, t, "   Physical Channel ID <%X>\n", tmp);
                                                break;
                                        }
                                case 29:    // Proxy Authentication Type
                                        {
                                                uint16_t atype = ntohs(*(uint16_t *)b);
-                                               LOG(4, s, t, "   Proxy Auth Type %u (%s)\n", atype, ppp_auth_type(atype));
+                                               LOG(3, s, t, "   Proxy Auth Type %u (%s)\n", atype, ppp_auth_type(atype));
                                                break;
                                        }
                                case 30:    // Proxy Authentication Name
@@ -2913,23 +2991,23 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                                char authname[64];
                                                memset(authname, 0, sizeof(authname));
                                                memcpy(authname, b, (n < sizeof(authname)) ? n : sizeof(authname) - 1);
-                                               LOG(4, s, t, "   Proxy Auth Name (%s)\n",
+                                               LOG(3, s, t, "   Proxy Auth Name (%s)\n",
                                                        authname);
                                                break;
                                        }
                                case 31:    // Proxy Authentication Challenge
                                        {
-                                               LOG(4, s, t, "   Proxy Auth Challenge\n");
+                                               LOG(3, s, t, "   Proxy Auth Challenge\n");
                                                break;
                                        }
                                case 32:    // Proxy Authentication ID
                                        {
                                                uint16_t authid = ntohs(*(uint16_t *)(b));
-                                               LOG(4, s, t, "   Proxy Auth ID (%u)\n", authid);
+                                               LOG(3, s, t, "   Proxy Auth ID (%u)\n", authid);
                                                break;
                                        }
                                case 33:    // Proxy Authentication Response
-                                       LOG(4, s, t, "   Proxy Auth Response\n");
+                                       LOG(3, s, t, "   Proxy Auth Response\n");
                                        break;
                                case 27:    // last sent lcp
                                        {        // find magic number
@@ -2953,7 +3031,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                case 39:    // seq required - we control it as an LNS anyway...
                                        break;
                                case 36:    // Random Vector
-                                       LOG(4, s, t, "   Random Vector received.  Enabled AVP Hiding.\n");
+                                       LOG(3, s, t, "   Random Vector received.  Enabled AVP Hiding.\n");
                                        memset(session[s].random_vector, 0, sizeof(session[s].random_vector));
                                        if (n > sizeof(session[s].random_vector))
                                                n = sizeof(session[s].random_vector);
@@ -2967,7 +3045,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                                uint16_t proto = ntohs(*(uint16_t *) (b + 2));
                                                uint8_t dir = *(b + 4);
 
-                                               LOG(4, s, t, "   PPP disconnect cause "
+                                               LOG(3, s, t, "   PPP disconnect cause "
                                                        "(code=%u, proto=%04X, dir=%u, msg=\"%.*s\")\n",
                                                        code, proto, dir, n - 5, b + 5);
 
@@ -3397,6 +3475,20 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
                                return;
                        }
 
+                       if (!config->cluster_iam_master)
+                       {
+                               // Check if DhcpV6, IP dst: FF02::1:2, Src Port 0x0222 (546), Dst Port 0x0223 (547)
+                               if (*(p + 6) == 17 && *(p + 24) == 0xFF && *(p + 25) == 2 &&
+                                               *(uint32_t *)(p + 26) == 0 && *(uint32_t *)(p + 30) == 0 &&
+                                               *(uint16_t *)(p + 34) == 0 && *(p + 36) == 0 && *(p + 37) == 1 && *(p + 38) == 0 && *(p + 39) == 2 &&
+                                               *(p + 40) == 2 && *(p + 41) == 0x22 && *(p + 42) == 2 && *(p + 43) == 0x23)
+                               {
+                                       // DHCPV6 must be managed by the Master.
+                                       master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd);
+                                       return;
+                               }
+                       }
+
                        processipv6in(s, t, p, l);
                }
                else if (session[s].ppp.lcp == Opened)
@@ -3704,8 +3796,10 @@ static void regular_cleanups(double period)
                }
 
                // No data in ECHO_TIMEOUT seconds, send LCP ECHO
-               if (session[s].ppp.phase >= Establish && (time_now - session[s].last_packet >= config->echo_timeout) &&
-                       (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT))
+               if (session[s].ppp.phase >= Establish &&
+                    ((!config->ppp_keepalive) ||
+                     (time_now - session[s].last_packet >= config->echo_timeout)) &&
+                   (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT))
                {
                        uint8_t b[MAXETHER];
 
@@ -4524,6 +4618,9 @@ static void initdata(int optdebug, char *optconfig)
        // Set default value echo_timeout and idle_echo_timeout
        config->echo_timeout = ECHO_TIMEOUT;
        config->idle_echo_timeout = IDLE_ECHO_TIMEOUT;
+       config->ppp_keepalive = 1;
+       // Set default RDNSS lifetime
+       config->dns6_lifetime = 1200;
 
        log_stream = stderr;
 
@@ -5042,9 +5139,9 @@ int main(int argc, char *argv[])
                case 'd':
                        if (fork()) exit(0);
                        setsid();
-                       freopen("/dev/null", "r", stdin);
-                       freopen("/dev/null", "w", stdout);
-                       freopen("/dev/null", "w", stderr);
+                       if(!freopen("/dev/null", "r", stdin)) LOG(0, 0, 0, "Error freopen stdin: %s\n", strerror(errno));
+                       if(!freopen("/dev/null", "w", stdout)) LOG(0, 0, 0, "Error freopen stdout: %s\n", strerror(errno));
+                       if(!freopen("/dev/null", "w", stderr)) LOG(0, 0, 0, "Error freopen stderr: %s\n", strerror(errno));
                        break;
                case 'v':
                        optdebug++;
@@ -5084,6 +5181,7 @@ int main(int argc, char *argv[])
        init_tbf(config->num_tbfs);
 
        LOG(0, 0, 0, "L2TPNS version " VERSION "\n");
+       LOG(0, 0, 0, "Copyright (c) 2012, 2013, 2014 ISP FDN & SAMESWIRELESS\n");
        LOG(0, 0, 0, "Copyright (c) 2003, 2004, 2005, 2006 Optus Internet Engineering\n");
        LOG(0, 0, 0, "Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced\n");
        {
@@ -5095,7 +5193,7 @@ int main(int argc, char *argv[])
                        LOG(0, 0, 0, "Can't set ulimit: %s\n", strerror(errno));
 
                // Make core dumps go to /tmp
-               chdir("/tmp");
+               if(chdir("/tmp")) LOG(0, 0, 0, "Error chdir /tmp: %s\n", strerror(errno));
        }
 
        if (config->scheduler_fifo)
@@ -5159,6 +5257,7 @@ int main(int argc, char *argv[])
 
        initrad();
        initippool();
+       dhcpv6_init();
 
        // seed prng
        {
@@ -5544,6 +5643,7 @@ static void update_config()
        memcpy(config->old_plugins, config->plugins, sizeof(config->plugins));
        if (!config->multi_read_count) config->multi_read_count = 10;
        if (!config->cluster_address) config->cluster_address = inet_addr(DEFAULT_MCAST_ADDR);
+       if (!config->cluster_port) config->cluster_port = CLUSTERPORT;
        if (!*config->cluster_interface)
                strncpy(config->cluster_interface, DEFAULT_MCAST_INTERFACE, sizeof(config->cluster_interface) - 1);
 
@@ -5778,7 +5878,7 @@ int load_session(sessionidt s, sessiont *new)
        // needs update
        if (newip)
        {
-               int routed = 0;
+               int routed = 0;
 
                // remove old routes...
                for (i = 0; i < MAXROUTE && session[s].route[i].ip; i++)
@@ -5801,6 +5901,17 @@ int load_session(sessionidt s, sessiont *new)
                                uncache_ipmap(session[s].ip);
                }
 
+               // remove old IPV6 routes...
+               for (i = 0; i < MAXROUTE6 && session[s].route6[i].ipv6route.s6_addr[0] && session[s].route6[i].ipv6prefixlen; i++)
+               {
+                       route6set(s, session[s].route6[i].ipv6route, session[s].route6[i].ipv6prefixlen, 0);
+               }
+
+               if (session[s].ipv6address.s6_addr[0])
+               {
+                       route6set(s, session[s].ipv6address, 128, 0);
+               }
+
                routed = 0;
 
                // add new routes...
@@ -5827,8 +5938,20 @@ int load_session(sessionidt s, sessiont *new)
        }
 
        // check v6 routing
-       if (new->ipv6prefixlen && new->ppp.ipv6cp == Opened && session[s].ppp.ipv6cp != Opened)
-                   route6set(s, new->ipv6route, new->ipv6prefixlen, 1);
+       if (new->ppp.ipv6cp == Opened && session[s].ppp.ipv6cp != Opened)
+       {
+               for (i = 0; i < MAXROUTE6 && new->route6[i].ipv6prefixlen; i++)
+               {
+                       route6set(s, new->route6[i].ipv6route, new->route6[i].ipv6prefixlen, 1);
+               }
+       }
+
+       if (new->ipv6address.s6_addr[0] && new->ppp.ipv6cp == Opened && session[s].ppp.ipv6cp != Opened)
+       {
+               // Check if included in prefix
+               if (sessionbyipv6(new->ipv6address) != s)
+                       route6set(s, new->ipv6address, 128, 1);
+       }
 
        // check filters
        if (new->filter_in && (new->filter_in > MAXFILTER || !ip_filters[new->filter_in - 1].name[0]))
@@ -6275,7 +6398,7 @@ void become_master(void)
        }
 }
 
-int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc)
+int cmd_show_hist_idle(struct cli_def *cli, const char *command, char **argv, int argc)
 {
        int s, i;
        int count = 0;
@@ -6313,7 +6436,7 @@ int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc
        return CLI_OK;
 }
 
-int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc)
+int cmd_show_hist_open(struct cli_def *cli, const char *command, char **argv, int argc)
 {
        int s, i;
        int count = 0;