projects
/
l2tpns.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
bump
[l2tpns.git]
/
l2tpns.h
diff --git
a/l2tpns.h
b/l2tpns.h
index
ee5fe4a
..
084fa4e
100644
(file)
--- a/
l2tpns.h
+++ b/
l2tpns.h
@@
-1,5
+1,5
@@
// L2TPNS Global Stuff
// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.
50 2004/12/18 01:20:05
bodea Exp $
+// $Id: l2tpns.h,v 1.
49.2.3 2005/01/13 07:58:54
bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
@@
-15,7
+15,7
@@
#include <sys/types.h>
#include <libcli.h>
#include <sys/types.h>
#include <libcli.h>
-#define VERSION "2.
1.0
"
+#define VERSION "2.
0.15
"
// Limits
#define MAXTUNNEL 500 // could be up to 65535
// Limits
#define MAXTUNNEL 500 // could be up to 65535
@@
-81,16
+81,14
@@
#define L2TPPORT 1701 // L2TP port
#define RADPORT 1645 // old radius port...
#define PKTARP 0x0806 // ARP packet type
#define L2TPPORT 1701 // L2TP port
#define RADPORT 1645 // old radius port...
#define PKTARP 0x0806 // ARP packet type
-#define PKTIP 0x0800 // IP
v4
packet type
-#define
PKTIPV6 0x86DD // IPv6 packet type
+#define PKTIP 0x0800 // IP packet type
+#define
PSEUDOMAC 0x0200 // pseudo MAC prefix (local significant MAC)
#define PPPPAP 0xC023
#define PPPCHAP 0xC223
#define PPPLCP 0xC021
#define PPPIPCP 0x8021
#define PPPPAP 0xC023
#define PPPCHAP 0xC223
#define PPPLCP 0xC021
#define PPPIPCP 0x8021
-#define PPPIPV6CP 0x8057
#define PPPCCP 0x80FD
#define PPPIP 0x0021
#define PPPCCP 0x80FD
#define PPPIP 0x0021
-#define PPPIPV6 0x0057
#define PPPMP 0x003D
#define MIN_IP_SIZE 0x19
enum
#define PPPMP 0x003D
#define MIN_IP_SIZE 0x19
enum
@@
-210,14
+208,18
@@
sessiont;
#define SF_IPCP_ACKED 1 // Has this session seen an IPCP Ack?
#define SF_LCP_ACKED 2 // LCP negotiated
#define SF_CCP_ACKED 4 // CCP negotiated
#define SF_IPCP_ACKED 1 // Has this session seen an IPCP Ack?
#define SF_LCP_ACKED 2 // LCP negotiated
#define SF_CCP_ACKED 4 // CCP negotiated
-#define SF_IPV6CP_ACKED 8 // IPv6 negotiated
-#define SF_IPV6_NACKED 16 // IPv6 rejected
typedef struct
{
typedef struct
{
+ // byte counters
uint32_t cin;
uint32_t cout;
uint32_t cin;
uint32_t cout;
-} sessioncountt;
+
+ // DoS prevention
+ clockt last_packet_out;
+ uint32_t packets_out;
+ uint32_t packets_dropped;
+} sessionlocalt;
#define SESSIONPFC 1 // PFC negotiated flags
#define SESSIONACFC 2 // ACFC negotiated flags
#define SESSIONPFC 1 // PFC negotiated flags
#define SESSIONACFC 2 // ACFC negotiated flags
@@
-320,6
+322,7
@@
struct Tstats
uint32_t tun_tx_bytes;
uint32_t tun_rx_errors;
uint32_t tun_tx_errors;
uint32_t tun_tx_bytes;
uint32_t tun_rx_errors;
uint32_t tun_tx_errors;
+ uint32_t tun_rx_dropped;
uint32_t tunnel_rx_packets;
uint32_t tunnel_tx_packets;
uint32_t tunnel_rx_packets;
uint32_t tunnel_tx_packets;
@@
-450,7
+453,8
@@
typedef struct
int next_tbf; // Next HTB id available to use
int scheduler_fifo; // If the system has multiple CPUs, use FIFO scheduling policy for this process.
int lock_pages; // Lock pages into memory.
int next_tbf; // Next HTB id available to use
int scheduler_fifo; // If the system has multiple CPUs, use FIFO scheduling policy for this process.
int lock_pages; // Lock pages into memory.
- int icmp_rate; // Max number of ICMP unreachable per second to send>
+ int icmp_rate; // Max number of ICMP unreachable per second to send
+ int max_packets; // DoS prevention: per session limit of packets/0.1s
in_addr_t cluster_address; // Multicast address of cluster.
// Send to this address to have everyone hear.
in_addr_t cluster_address; // Multicast address of cluster.
// Send to this address to have everyone hear.
@@
-484,7
+488,7
@@
typedef struct
#endif
} configt;
#endif
} configt;
-enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IP
v4, IPv6
, MAC };
+enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IP, MAC };
typedef struct
{
char *key;
typedef struct
{
char *key;
@@
-615,7
+619,7
@@
void host_unreachable(in_addr_t destination, uint16_t id, in_addr_t source, char
extern tunnelt *tunnel;
extern sessiont *session;
extern tunnelt *tunnel;
extern sessiont *session;
-extern session
countt *sess_count
;
+extern session
localt *sess_local
;
extern ippoolt *ip_address_pool;
#define sessionfree (session[0].next)
extern ippoolt *ip_address_pool;
#define sessionfree (session[0].next)