-* Fri Jan 7 2005 Brendan O'Dea <bod@optusnet.com.au> 2.1.0
-- Add IPv6 support from Jonathan McDowell (work in progress).
+* Thu Mar 10 2005 Brendan O'Dea <bod@optusnet.com.au> 2.1.0
+- Add IPv6 support from Jonathan McDowell.
- Add CHAP support from Jordan Hrycaj (work in progress).
- Sanity check that cluster_send_session is not called from a child
process.
- Throttle outgoing LASTSEEN packets to at most one per second for a
given seq#.
+- More DoS prevention: add packet_limit option to apply a hard limit
+ to downstream packets per session.
- Use bounds-checking lookup functions for string constants.
- Add enum for RADIUS codes.
- Make "call_" prefix implict in CSTAT() macro.
- Fix some format string problems.
+- Fix "clear counters".
+- Log "Accepted connection to CLI" at 4 when connection is from localhost
+ to reduce noise in logs.
+- Show time since last counter reset in "show counters".
+- Remove "save_state" option. Not maintained anymore; use clustering
+ to retain state across restarts.
+- Ensure that sessionkill is not called on an unopened session (borks
+ the freelist).
+- Bump MAXSESSION to 60K.
+- Fix off-by-one errors in session/tunnel initialisation and
+ sessiont <-> sessionidt functions.
+- Use session[s].opened consistently when checking for in-use sessions
+ (rather than session[s].tunnel).
+- Use <= cluster_highest_sessionid rather than < MAXSESSION in a
+ couple of loops.
+- Don't kill a whole tunnel if we're out of sessions.
+- Change session[s].ip to 0 if set from RADIUS to 255.255.255.254;
+ avoids the possibility that it will be interpreted as a valid IP
+ address.
+- Avoid a possible buffer overflow in processpap.
+- Kill session if authentication was rejected.
+- Simplify AVP unhiding code.
* Fri Dec 17 2004 Brendan O'Dea <bod@optusnet.com.au> 2.0.13
- Better cluster master collision resolution: keep a counter of state