X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/9cb7003d3390c34d3f01bb10fe5542d433ae99de..30b64bb9f99720d8886057caeb519f2524f1b4cf:/l2tpns.h?ds=sidebyside diff --git a/l2tpns.h b/l2tpns.h index ee5fe4a..f9dfd32 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -1,5 +1,5 @@ // L2TPNS Global Stuff -// $Id: l2tpns.h,v 1.50 2004/12/18 01:20:05 bodea Exp $ +// $Id: l2tpns.h,v 1.49.2.6 2005/05/03 05:10:52 bodea Exp $ #ifndef __L2TPNS_H__ #define __L2TPNS_H__ @@ -15,11 +15,11 @@ #include #include -#define VERSION "2.1.0" +#define VERSION "2.0.18" // Limits #define MAXTUNNEL 500 // could be up to 65535 -#define MAXSESSION 50000 // could be up to 65535 +#define MAXSESSION 60000 // could be up to 65535 #define MAXTBFS 6000 // Maximum token bucket filters. Might need up to 2 * session. #define RADIUS_SHIFT 5 @@ -81,16 +81,14 @@ #define L2TPPORT 1701 // L2TP port #define RADPORT 1645 // old radius port... #define PKTARP 0x0806 // ARP packet type -#define PKTIP 0x0800 // IPv4 packet type -#define PKTIPV6 0x86DD // IPv6 packet type +#define PKTIP 0x0800 // IP packet type +#define PSEUDOMAC 0x0200 // pseudo MAC prefix (local significant MAC) #define PPPPAP 0xC023 #define PPPCHAP 0xC223 #define PPPLCP 0xC021 #define PPPIPCP 0x8021 -#define PPPIPV6CP 0x8057 #define PPPCCP 0x80FD #define PPPIP 0x0021 -#define PPPIPV6 0x0057 #define PPPMP 0x003D #define MIN_IP_SIZE 0x19 enum @@ -210,14 +208,18 @@ sessiont; #define SF_IPCP_ACKED 1 // Has this session seen an IPCP Ack? #define SF_LCP_ACKED 2 // LCP negotiated #define SF_CCP_ACKED 4 // CCP negotiated -#define SF_IPV6CP_ACKED 8 // IPv6 negotiated -#define SF_IPV6_NACKED 16 // IPv6 rejected typedef struct { + // byte counters uint32_t cin; uint32_t cout; -} sessioncountt; + + // DoS prevention + clockt last_packet_out; + uint32_t packets_out; + uint32_t packets_dropped; +} sessionlocalt; #define SESSIONPFC 1 // PFC negotiated flags #define SESSIONACFC 2 // ACFC negotiated flags @@ -320,6 +322,7 @@ struct Tstats uint32_t tun_tx_bytes; uint32_t tun_rx_errors; uint32_t tun_tx_errors; + uint32_t tun_rx_dropped; uint32_t tunnel_rx_packets; uint32_t tunnel_tx_packets; @@ -450,7 +453,8 @@ typedef struct int next_tbf; // Next HTB id available to use int scheduler_fifo; // If the system has multiple CPUs, use FIFO scheduling policy for this process. int lock_pages; // Lock pages into memory. - int icmp_rate; // Max number of ICMP unreachable per second to send> + int icmp_rate; // Max number of ICMP unreachable per second to send + int max_packets; // DoS prevention: per session limit of packets/0.1s in_addr_t cluster_address; // Multicast address of cluster. // Send to this address to have everyone hear. @@ -484,7 +488,7 @@ typedef struct #endif } configt; -enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IPv4, IPv6, MAC }; +enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IP, MAC }; typedef struct { char *key; @@ -575,6 +579,7 @@ void radiusclear(uint16_t r, sessionidt s); clockt backoff(uint8_t try); sessionidt sessionbyip(in_addr_t ip); sessionidt sessionbyuser(char *username); +void sessionkill(sessionidt s, char *reason); void sessionshutdown(sessionidt s, char *reason); void send_garp(in_addr_t ip); void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t); @@ -615,7 +620,7 @@ void host_unreachable(in_addr_t destination, uint16_t id, in_addr_t source, char extern tunnelt *tunnel; extern sessiont *session; -extern sessioncountt *sess_count; +extern sessionlocalt *sess_local; extern ippoolt *ip_address_pool; #define sessionfree (session[0].next)