// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.81 2005/07/31 10:04:10 bodea Exp $
+// $Id: l2tpns.h,v 1.101 2005/12/05 13:56:12 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
#include <sys/types.h>
#include <libcli.h>
-#define VERSION "2.1.2"
+#define VERSION "2.1.13"
// Limits
#define MAXTUNNEL 500 // could be up to 65535
#define T_FREE (0) // A tunnel ID that won't ever be used. Mark session as free.
#define MAXCONTROL 1000 // max length control message we ever send...
-#define MAXETHER (1500+18) // max packet we try sending to tun
+#define MINMTU 576 // minimum recommended MTU (rfc1063)
+#define PPPMTU 1500 // default PPP MTU
+#define MAXMTU 2600 // arbitrary maximum MTU
+#define MAXETHER (MAXMTU+18) // max packet we try sending to tun
#define MAXTEL 96 // telephone number
#define MAXUSER 128 // username
#define MAXPASS 128 // password
#define ECHO_TIMEOUT 60 // Time between last packet sent and LCP ECHO generation
#define IDLE_TIMEOUT 240 // Time between last packet sent and LCP ECHO generation
#define BUSY_WAIT_TIME 3000 // 5 minutes in 1/10th seconds to wait for radius to cleanup on shutdown
-#define DEFAULT_MRU 1452 // maximum packet size to avoid fragmentation when LNS ethernet MTU is 1500
// Constants
#ifndef ETCDIR
// reset state machine counters
#define initialise_restart_count(_s, _fsm) \
- sess_local[_s]._fsm.conf_sent = sess_local[_s]._fsm.nak_sent
+ sess_local[_s]._fsm.conf_sent = sess_local[_s]._fsm.nak_sent = 0
+
+// increment ConfReq counter and reset timer
+#define restart_timer(_s, _fsm) ({ \
+ sess_local[_s]._fsm.conf_sent++; \
+ sess_local[_s]._fsm.restart = \
+ time_now + config->ppp_restart_time; \
+})
// stop timer on change to state where timer does not run
#define change_state(_s, _fsm, _new) ({ \
sessionidt next; // next session in linked list
sessionidt far; // far end session ID
tunnelidt tunnel; // near end tunnel ID
- uint8_t l2tp_flags; // various bit flags from the ICCN on the l2tp tunnel.
+ uint8_t flags; // session flags: see SESSION_*
struct {
uint8_t phase; // PPP phase
uint8_t lcp:4; // LCP state
uint8_t ipcp:4; // IPCP state
uint8_t ipv6cp:4; // IPV6CP state
uint8_t ccp:4; // CCP state
- uint8_t pad; // unused
} ppp;
+ char pad[2]; // unused
in_addr_t ip; // IP of session set by RADIUS response (host byte order).
int ip_pool_index; // index to IP pool
uint32_t unique_id; // unique session id
int nak_sent;
} lcp, ipcp, ipv6cp, ccp;
+ // identifier for Protocol-Reject, Code-Reject
+ uint8_t lcp_ident;
+
// authentication to use
int lcp_authtype;
+ // our MRU
+ uint16_t ppp_mru;
+
// DoS prevention
clockt last_packet_out;
uint32_t packets_out;
// interim RADIUS
time_t last_interim;
+
+ // last LCP Echo
+ time_t last_echo;
} sessionlocalt;
-#define SESSIONPFC 1 // PFC negotiated flags
-#define SESSIONACFC 2 // ACFC negotiated flags
+// session flags
+#define SESSION_PFC (1 << 0) // use Protocol-Field-Compression
+#define SESSION_ACFC (1 << 1) // use Address-and-Control-Field-Compression
+#define SESSION_STARTED (1 << 2) // RADIUS Start record sent
// 168 bytes per tunnel
typedef struct
uint16_t ns; // next send
int state; // current state (tunnelstate enum)
clockt last; // when last control message sent (used for resend timeout)
- clockt retry; // when to try resenting pending control
+ clockt retry; // when to try resending pending control
clockt die; // being closed, when to finally free
clockt lastrec; // when the last control message was received
char hostname[128]; // tunnel hostname
char tundevice[10]; // tun device name
char log_filename[128];
- char l2tpsecret[64];
+
+ char l2tp_secret[64]; // L2TP shared secret
+ int l2tp_mtu; // MTU of interface used for L2TP
char random_device[256]; // random device path, defaults to RANDOMDEVICE
int cluster_last_hb_ver; // Heartbeat version last seen from master
int cluster_num_changes; // Number of changes queued.
+ int cluster_mcast_ttl; // TTL for multicast packets
int cluster_hb_interval; // How often to send a heartbeat.
int cluster_hb_timeout; // How many missed heartbeats trigger an election.
uint64_t cluster_table_version; // # state changes processed by cluster
// ppp.c
-void processpap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processchap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void lcp_open(tunnelidt t, sessionidt s);
-void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipin(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipv6in(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void sendchap(tunnelidt t, sessionidt s);
-uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, tunnelidt t, sessionidt s, uint16_t mtype);
-void sendlcp(tunnelidt t, sessionidt s, int authtype);
+void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void lcp_open(sessionidt s, tunnelidt t);
+void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipv6cp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipin(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processccp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void sendchap(sessionidt s, tunnelidt t);
+uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, sessionidt s, tunnelidt t, uint16_t mtype);
+void sendlcp(sessionidt s, tunnelidt t);
void send_ipin(sessionidt s, uint8_t *buf, int len);
-void sendccp(tunnelidt t, sessionidt s);
+void sendccp(sessionidt s, tunnelidt t);
// radius.c
// l2tpns.c
clockt backoff(uint8_t try);
-void send_ipv6_ra(tunnelidt t, sessionidt s, struct in6_addr *ip);
+void send_ipv6_ra(sessionidt s, tunnelidt t, struct in6_addr *ip);
void route6set(sessionidt s, struct in6_addr ip, int prefixlen, int add);
sessionidt sessionbyip(in_addr_t ip);
sessionidt sessionbyipv6(struct in6_addr ip);
void filter_session(sessionidt s, int filter_in, int filter_out);
void send_garp(in_addr_t ip);
void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t);
-void sendipcp(tunnelidt t, sessionidt s);
-void sendipv6cp(tunnelidt t, sessionidt s);
+int tun_write(uint8_t *data, int size);
+void adjust_tcp_mss(sessionidt s, tunnelidt t, uint8_t *buf, int len, uint8_t *tcp);
+void sendipcp(sessionidt s, tunnelidt t);
+void sendipv6cp(sessionidt s, tunnelidt t);
void processudp(uint8_t *buf, int len, struct sockaddr_in *addr);
void snoop_send_packet(uint8_t *packet, uint16_t size, in_addr_t destination, uint16_t port);
int find_filter(char const *name, size_t len);
void _log(int level, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 4, 5)));
void _log_hex(int level, const char *title, const uint8_t *data, int maxsize);
-int sessionsetup(tunnelidt t, sessionidt s);
+int sessionsetup(sessionidt s, tunnelidt t);
int run_plugins(int plugin_type, void *data);
void rebuild_address_pool(void);
void throttle_session(sessionidt s, int rate_in, int rate_out);
extern uint32_t last_id;
extern struct Tstats *_statistics;
extern in_addr_t my_address;
-extern int tun_write(uint8_t *data, int size);
extern int clifd;
extern int epollfd;
#define TIME (config->current_time)
+extern uint16_t MRU;
+extern uint16_t MSS;
+
// macros for handling help in cli commands
#define CLI_HELP_REQUESTED (argc > 0 && argv[argc-1][strlen(argv[argc-1])-1] == '?')
#define CLI_HELP_NO_ARGS (argc > 1 || argv[0][1]) ? CLI_OK : cli_arg_help(cli, 1, NULL)