// Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced
// vim: sw=8 ts=8
-char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.44 2004/11/05 04:55:27 bodea Exp $";
+char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.48 2004/11/11 03:07:42 bodea Exp $";
#include <arpa/inet.h>
#include <assert.h>
#include "util.h"
#include "tbf.h"
+#ifdef BGP
+#include "bgp.h"
+#endif /* BGP */
+
// Globals
struct configt *config = NULL; // all configuration
int tunfd = -1; // tun interface file handle. (network device)
linked_list *loaded_plugins;
linked_list *plugins[MAX_PLUGIN_TYPES];
-#ifdef BGP
-#include "bgp.h"
-struct bgp_peer *bgp_peers = 0;
-struct bgp_route_list *bgp_routes = 0;
-int bgp_configured = 0;
-#endif /* BGP */
-
#define membersize(STRUCT, MEMBER) sizeof(((STRUCT *)0)->MEMBER)
#define CONFIG(NAME, MEMBER, TYPE) { NAME, offsetof(struct configt, MEMBER), membersize(struct configt, MEMBER), TYPE }
CONFIG("cluster_interface", cluster_interface, STRING),
CONFIG("cluster_hb_interval", cluster_hb_interval, INT),
CONFIG("cluster_hb_timeout", cluster_hb_timeout, INT),
-#ifdef BGP
- CONFIG("as_number", as_number, SHORT),
- CONFIG("bgp_peer1", bgp_peer[0], STRING),
- CONFIG("bgp_peer1_as", bgp_peer_as[0], SHORT),
- CONFIG("bgp_peer2", bgp_peer[1], STRING),
- CONFIG("bgp_peer2_as", bgp_peer_as[1], SHORT),
-#endif /* BGP */
{ NULL, 0, 0, 0 },
};
return;
}
- // Snooping this session, send it to intercept box
- if (sp->snoop_ip && sp->snoop_port)
- snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
-
LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
// Add on L2TP header
tunnelsend(b, len + (p-b), t); // send it...
}
+ // Snooping this session, send it to intercept box
+ if (sp->snoop_ip && sp->snoop_port)
+ snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
+
sp->cout += len; // byte count
sp->total_cout += len; // byte count
sp->pout++;
if (!session[s].ip)
return;
+
t = session[s].tunnel;
sp = &session[s];
LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
- // Snooping this session.
- if (sp->snoop_ip && sp->snoop_port)
- snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
-
// Add on L2TP header
{
u8 *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIP);
}
tunnelsend(b, len + (p-b), t); // send it...
}
+
+ // Snooping this session.
+ if (sp->snoop_ip && sp->snoop_port)
+ snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
+
sp->cout += len; // byte count
sp->total_cout += len; // byte count
sp->pout++;
_statistics->start_time = _statistics->last_reset = time(NULL);
#ifdef BGP
- if (!(bgp_peers = shared_malloc(sizeof(struct bgp_peer) * BGP_NUM_PEERS)))
- {
- LOG(0, 0, 0, 0, "Error doing malloc for bgp: %s\n", strerror(errno));
- exit(1);
- }
+ if (!(bgp_peers = shared_malloc(sizeof(struct bgp_peer) * BGP_NUM_PEERS)))
+ {
+ LOG(0, 0, 0, 0, "Error doing malloc for bgp: %s\n", strerror(errno));
+ exit(1);
+ }
#endif /* BGP */
}
-void initiptables(void)
-{
- /* Flush the tables here so that we have a clean slate */
-
-// Not needed. 'nat' is setup by garden.c
-// mangle isn't used (as throttling is done by tbf inhouse).
-}
-
int assign_ip_address(sessionidt s)
{
u32 i;
// Main program
int main(int argc, char *argv[])
{
- int o;
+ int i;
int optdebug = 0;
char *optconfig = CONFIGFILE;
time(&basetime); // start clock
// scan args
- while ((o = getopt(argc, argv, "dvc:h:")) >= 0)
+ while ((i = getopt(argc, argv, "dvc:h:")) >= 0)
{
- switch (o)
+ switch (i)
{
case 'd':
- // Double fork to detach from terminal
- if (fork()) exit(0);
if (fork()) exit(0);
+ setsid();
+ freopen("/dev/null", "r", stdin);
+ freopen("/dev/null", "w", stdout);
+ freopen("/dev/null", "w", stderr);
break;
case 'v':
optdebug++;
signal(SIGALRM, sigalrm_handler);
siginterrupt(SIGALRM, 0);
- initiptables();
initplugins();
initdata(optdebug, optconfig);
signal(SIGPIPE, SIG_IGN);
bgp_setup(config->as_number);
bgp_add_route(config->bind_address, 0xffffffff);
- if (*config->bgp_peer[0])
- bgp_start(&bgp_peers[0], config->bgp_peer[0],
- config->bgp_peer_as[0], 0); /* 0 = routing disabled */
-
- if (*config->bgp_peer[1])
- bgp_start(&bgp_peers[1], config->bgp_peer[1],
- config->bgp_peer_as[1], 0);
+ for (i = 0; i < BGP_NUM_PEERS; i++)
+ {
+ if (config->neighbour[i].name[0])
+ bgp_start(&bgp_peers[i], config->neighbour[i].name,
+ config->neighbour[i].as, config->neighbour[i].keepalive,
+ config->neighbour[i].hold, 0); /* 0 = routing disabled */
+ }
#endif /* BGP */
inittun();
#ifdef BGP
/* try to shut BGP down cleanly; with luck the sockets will be
writable since we're out of the select */
- {
- int i;
- for (i = 0; i < BGP_NUM_PEERS; i++)
- if (bgp_peers[i].state == Established)
- bgp_stop(&bgp_peers[i]);
- }
+ for (i = 0; i < BGP_NUM_PEERS; i++)
+ if (bgp_peers[i].state == Established)
+ bgp_stop(&bgp_peers[i]);
#endif /* BGP */
/* remove plugins (so cleanup code gets run) */
{
if (strcmp(config->plugins[i], config->old_plugins[i]) == 0)
continue;
+
if (*config->plugins[i])
{
// Plugin added
return dlopen(path, RTLD_NOW);
}
+// plugin callback to get a config value
+static void *getconfig(char *key, enum config_typet type)
+{
+ int i;
+
+ for (i = 0; config_values[i].key; i++)
+ {
+ if (!strcmp(config_values[i].key, key))
+ {
+ if (config_values[i].type == type)
+ return ((void *) config) + config_values[i].offset;
+
+ LOG(1, 0, 0, 0, "plugin requested config item \"%s\" expecting type %d, have type %d\n",
+ key, type, config_values[i].type);
+
+ return 0;
+ }
+ }
+
+ LOG(1, 0, 0, 0, "plugin requested unknown config item \"%s\"\n", key);
+ return 0;
+}
+
void add_plugin(char *plugin_name)
{
static struct pluginfuncs funcs = {
sessionkill,
radiusnew,
radiussend,
+ getconfig,
};
void *p = open_plugin(plugin_name, 1);
free(resp);
}
-/*
- * HACK
- * Go through all of the tunnels and do some cleanups
- */
-void tunnel_clean()
-{
- int i;
-
- LOG(1, 0, 0, 0, "Cleaning tunnels array\n");
-
- for (i = 1; i < MAXTUNNEL; i++)
- {
- if (!tunnel[i].ip
- || !*tunnel[i].hostname
- || (tunnel[i].state == TUNNELDIE && tunnel[i].die >= time_now))
- {
- tunnelclear(i);
- }
- }
-}
-
void tunnelclear(tunnelidt t)
{
if (!t) return;