X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/a673137370f7af8d762f85a4e97d673c38e62b3a..6fb1f18fb03c15e9e907d55c117281dca2b8b72a:/l2tpns.h?ds=inline

diff --git a/l2tpns.h b/l2tpns.h
index 12cf85c..f2f686f 100644
--- a/l2tpns.h
+++ b/l2tpns.h
@@ -1,5 +1,5 @@
 // L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.77 2005/06/08 04:02:39 bodea Exp $
+// $Id: l2tpns.h,v 1.91 2005/09/16 05:04:29 bodea Exp $
 
 #ifndef __L2TPNS_H__
 #define __L2TPNS_H__
@@ -15,7 +15,7 @@
 #include <sys/types.h>
 #include <libcli.h>
 
-#define VERSION	"2.1.0"
+#define VERSION	"2.1.7"
 
 // Limits
 #define MAXTUNNEL	500		// could be up to 65535
@@ -31,7 +31,10 @@
 #define T_FREE		(0)		// A tunnel ID that won't ever be used. Mark session as free.
 
 #define	MAXCONTROL	1000		// max length control message we ever send...
-#define	MAXETHER	(1500+18)	// max packet we try sending to tun
+#define MINMTU		576		// minimum recommended MTU (rfc1063)
+#define PPPMTU		1500		// default PPP MTU
+#define MAXMTU		2600		// arbitrary maximum MTU
+#define	MAXETHER	(MAXMTU+18)	// max packet we try sending to tun
 #define	MAXTEL		96		// telephone number
 #define MAXUSER		128		// username
 #define MAXPASS		128		// password
@@ -44,7 +47,6 @@
 #define ECHO_TIMEOUT	60		// Time between last packet sent and LCP ECHO generation
 #define IDLE_TIMEOUT	240		// Time between last packet sent and LCP ECHO generation
 #define BUSY_WAIT_TIME	3000		// 5 minutes in 1/10th seconds to wait for radius to cleanup on shutdown
-#define DEFAULT_MRU	1452		// maximum packet size to avoid fragmentation when LNS ethernet MTU is 1500
 
 // Constants
 #ifndef ETCDIR
@@ -72,13 +74,14 @@
 #define CONFIGFILE	FLASHDIR "/startup-config"	// Configuration file
 #define CLIUSERS	FLASHDIR "/users"		// CLI Users file
 #define IPPOOLFILE	FLASHDIR "/ip_pool"		// Address pool configuration
-#define ACCT_TIME	3000		// 5 minute accounting interval
-#define ACCT_SHUT_TIME	600		// 1 minute for counters of shutdown sessions
-#define	L2TPPORT	1701		// L2TP port
-#define RADPORT		1645		// old radius port...
-#define	PKTARP		0x0806		// ARP packet type
-#define	PKTIP		0x0800		// IPv4 packet type
-#define	PKTIPV6		0x86DD		// IPv6 packet type
+#define ACCT_TIME	3000				// 5 minute accounting interval
+#define ACCT_SHUT_TIME	600				// 1 minute for counters of shutdown sessions
+#define	L2TPPORT	1701				// L2TP port
+#define RADPORT		1645				// old radius port...
+#define DAEPORT		3799				// DAE port
+#define	PKTARP		0x0806				// ARP packet type
+#define	PKTIP		0x0800				// IPv4 packet type
+#define	PKTIPV6		0x86DD				// IPv6 packet type
 #define	PPPPAP		0xC023
 #define	PPPCHAP		0xC223
 #define	PPPLCP		0xC021
@@ -111,9 +114,61 @@ enum {
 	AccessReject,
 	AccountingRequest,
 	AccountingResponse,
-	AccessChallenge = 11
+	AccessChallenge = 11,
+	DisconnectRequest = 40,
+	DisconnectACK,
+	DisconnectNAK,
+	CoARequest,
+	CoAACK,
+	CoANAK
 };
 
+// PPP phases
+enum {
+    	Dead,
+	Establish,
+	Authenticate,
+	Network,
+	Terminate
+};
+
+// PPP states
+enum {
+	Initial,
+	Starting,
+	Closed,
+	Stopped,
+	Closing,
+	Stopping,
+	RequestSent,
+	AckReceived,
+	AckSent,
+	Opened
+};
+
+// reset state machine counters
+#define initialise_restart_count(_s, _fsm)			\
+	sess_local[_s]._fsm.conf_sent = sess_local[_s]._fsm.nak_sent
+
+// stop timer on change to state where timer does not run
+#define change_state(_s, _fsm, _new) ({				\
+	if (_new != session[_s].ppp._fsm)			\
+	{ 							\
+		switch (_new)					\
+		{						\
+		case Initial:					\
+		case Starting:					\
+		case Closed:					\
+		case Stopped:					\
+		case Opened:					\
+			sess_local[_s]._fsm.restart = 0;	\
+			initialise_restart_count(_s, _fsm);	\
+		}						\
+		session[_s].ppp._fsm = _new;			\
+		cluster_send_session(_s);			\
+	}							\
+})
+
 // Types
 typedef uint16_t sessionidt;
 typedef uint16_t tunnelidt;
@@ -167,7 +222,14 @@ typedef struct
 	sessionidt far;			// far end session ID
 	tunnelidt tunnel;		// near end tunnel ID
 	uint8_t l2tp_flags;		// various bit flags from the ICCN on the l2tp tunnel.
-	uint8_t flags;			// Various session flags.
+	struct {
+		uint8_t phase;		// PPP phase
+		uint8_t lcp:4;		//   LCP    state
+		uint8_t ipcp:4;		//   IPCP   state
+		uint8_t ipv6cp:4;	//   IPV6CP state
+		uint8_t ccp:4;		//   CCP    state
+		uint8_t pad;		// unused
+	} ppp;
 	in_addr_t ip;			// IP of session set by RADIUS response (host byte order).
 	int ip_pool_index;		// index to IP pool
 	uint32_t unique_id;		// unique session id
@@ -191,7 +253,7 @@ typedef struct
 	uint16_t tbf_in;		// filter bucket for throttling in from the user.
 	uint16_t tbf_out;		// filter bucket for throttling out to the user.
 	int random_vector_length;
-	char random_vector[MAXTEL];
+	uint8_t random_vector[MAXTEL];
 	char user[MAXUSER];		// user (needed in seesion for radius stop messages)
 	char called[MAXTEL];		// called number
 	char calling[MAXTEL];		// calling number
@@ -202,17 +264,10 @@ typedef struct
 	uint8_t walled_garden;		// is this session gardened?
 	uint8_t ipv6prefixlen;		// IPv6 route prefix length
 	struct in6_addr ipv6route;	// Static IPv6 route
-	char reserved[16];		// Space to expand structure without changing HB_VERSION
+	char reserved[11];		// Space to expand structure without changing HB_VERSION
 }
 sessiont;
 
-#define SF_IPCP_ACKED	1	// Has this session seen an IPCP Ack?
-#define SF_LCP_ACKED	2	// LCP negotiated
-#define SF_CCP_ACKED	4	// CCP negotiated
-#define SF_IPV6CP_ACKED	8	// IPv6 negotiated
-#define SF_IPV6_NACKED	16	// IPv6 rejected
-#define SF_IPV6_ROUTED	32	// advertised v6 route
-
 #define AUTHPAP		1	// allow PAP
 #define AUTHCHAP	2	// allow CHAP
 
@@ -226,6 +281,22 @@ typedef struct
 	uint32_t cin;
 	uint32_t cout;
 
+	// PPP restart timer/counters
+	struct {
+		time_t restart;
+		int conf_sent;
+		int nak_sent;
+	} lcp, ipcp, ipv6cp, ccp;
+
+	// identifier for Protocol-Reject, Code-Reject
+	uint8_t lcp_ident;
+
+	// authentication to use
+	int lcp_authtype;
+
+	// our MRU
+	uint16_t ppp_mru;
+
 	// DoS prevention
 	clockt last_packet_out;
 	uint32_t packets_out;
@@ -264,13 +335,12 @@ typedef struct
 }
 tunnelt;
 
-// 180 bytes per radius session
+// 160 bytes per radius session
 typedef struct			// outstanding RADIUS requests
 {
 	sessionidt session;	// which session this applies to
 	hasht auth;		// request authenticator
 	clockt retry;		// when to try next
-	char calling[MAXTEL];	// calling number
 	char pass[129];		// password
 	uint8_t id;		// ID for PPP response
 	uint8_t try;		// which try we are on
@@ -321,7 +391,6 @@ enum
 	RADIUSNULL,             // Not in use
 	RADIUSCHAP,             // sending CHAP down PPP
 	RADIUSAUTH,             // sending auth to RADIUS server
-	RADIUSIPCP,             // sending IPCP to end user
 	RADIUSSTART,            // sending start accounting to RADIUS server
 	RADIUSSTOP,             // sending stop accounting to RADIUS server
 	RADIUSINTERIM,		// sending interim accounting to RADIUS server
@@ -384,6 +453,7 @@ struct Tstats
     uint32_t	call_sessionbyuser;
     uint32_t	call_sendarp;
     uint32_t	call_sendipcp;
+    uint32_t	call_sendipv6cp;
     uint32_t	call_processipv6cp;
     uint32_t	call_tunnelsend;
     uint32_t	call_sessionkill;
@@ -446,10 +516,16 @@ typedef struct
 
 	char		tundevice[10];			// tun device name
 	char		log_filename[128];
-	char		l2tpsecret[64];
+
+	char		l2tp_secret[64];		// L2TP shared secret
+	int		l2tp_mtu;			// MTU of interface used for L2TP
 
 	char		random_device[256];		// random device path, defaults to RANDOMDEVICE
 
+	int		ppp_restart_time;		// timeout for PPP restart
+	int		ppp_max_configure;		// max lcp configure requests to send
+	int		ppp_max_failure;		// max lcp configure naks to send
+
 	char		radiussecret[64];
 	int		radius_accounting;
 	int		radius_interim;
@@ -457,6 +533,8 @@ typedef struct
 	uint16_t	radiusport[MAXRADSERVER];	// radius base ports
 	uint8_t		numradiusservers;		// radius server count
 
+	uint16_t	radius_dae_port;		// local port for radius dae
+
 	char		radius_authtypes_s[32];		// list of valid authentication types (chap, pap) in order of preference
 	int		radius_authtypes;
 	int		radius_authprefer;
@@ -502,6 +580,7 @@ typedef struct
 	int		cluster_last_hb_ver;		// Heartbeat version last seen from master
 	int		cluster_num_changes;		// Number of changes queued.
 
+	int		cluster_mcast_ttl;		// TTL for multicast packets
 	int		cluster_hb_interval;		// How often to send a heartbeat.
 	int		cluster_hb_timeout;		// How many missed heartbeats trigger an election.
 	uint64_t	cluster_table_version;		// # state changes processed by cluster
@@ -590,18 +669,20 @@ void sendarp(int ifr_idx, const unsigned char* mac, in_addr_t ip);
 
 
 // ppp.c
-void processpap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processchap(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processlcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipcp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipv6cp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipin(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processipv6in(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void processccp(tunnelidt t, sessionidt s, uint8_t *p, uint16_t l);
-void sendchap(tunnelidt t, sessionidt s);
-uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, tunnelidt t, sessionidt s, uint16_t mtype);
-void sendlcp(tunnelidt t, sessionidt s, int authtype);
+void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void lcp_open(sessionidt s, tunnelidt t);
+void processlcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipcp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipv6cp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipin(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void processccp(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l);
+void sendchap(sessionidt s, tunnelidt t);
+uint8_t *makeppp(uint8_t *b, int size, uint8_t *p, int l, sessionidt s, tunnelidt t, uint16_t mtype);
+void sendlcp(sessionidt s, tunnelidt t);
 void send_ipin(sessionidt s, uint8_t *buf, int len);
+void sendccp(sessionidt s, tunnelidt t);
 
 
 // radius.c
@@ -611,11 +692,12 @@ void processrad(uint8_t *buf, int len, char socket_index);
 void radiusretry(uint16_t r);
 uint16_t radiusnew(sessionidt s);
 void radiusclear(uint16_t r, sessionidt s);
+void processdae(uint8_t *buf, int len, struct sockaddr_in *addr, int alen);
 
 
 // l2tpns.c
 clockt backoff(uint8_t try);
-void send_ipv6_ra(tunnelidt t, sessionidt s, struct in6_addr *ip);
+void send_ipv6_ra(sessionidt s, tunnelidt t, struct in6_addr *ip);
 void route6set(sessionidt s, struct in6_addr ip, int prefixlen, int add);
 sessionidt sessionbyip(in_addr_t ip);
 sessionidt sessionbyipv6(struct in6_addr ip);
@@ -624,11 +706,16 @@ void increment_counter(uint32_t *counter, uint32_t *wrap, uint32_t delta);
 void random_data(uint8_t *buf, int len);
 void sessionkill(sessionidt s, char *reason);
 void sessionshutdown(sessionidt s, char *reason, int result, int error);
+void filter_session(sessionidt s, int filter_in, int filter_out);
 void send_garp(in_addr_t ip);
 void tunnelsend(uint8_t *buf, uint16_t l, tunnelidt t);
-void sendipcp(tunnelidt t, sessionidt s);
+int tun_write(uint8_t *data, int size);
+void adjust_tcp_mss(sessionidt s, tunnelidt t, uint8_t *buf, int len, uint8_t *tcp);
+void sendipcp(sessionidt s, tunnelidt t);
+void sendipv6cp(sessionidt s, tunnelidt t);
 void processudp(uint8_t *buf, int len, struct sockaddr_in *addr);
-void snoop_send_packet(char *packet, uint16_t size, in_addr_t destination, uint16_t port);
+void snoop_send_packet(uint8_t *packet, uint16_t size, in_addr_t destination, uint16_t port);
+int find_filter(char const *name, size_t len);
 int ip_filter(uint8_t *buf, int len, uint8_t filter);
 int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc);
 int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc);
@@ -640,9 +727,9 @@ int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc
 #define LOG_HEX(D, t, d, s)	({ if (D <= config->debug) _log_hex(D, t, d, s); })
 
 void _log(int level, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 4, 5)));
-void _log_hex(int level, const char *title, const char *data, int maxsize);
+void _log_hex(int level, const char *title, const uint8_t *data, int maxsize);
 
-int sessionsetup(tunnelidt t, sessionidt s);
+int sessionsetup(sessionidt s, tunnelidt t);
 int run_plugins(int plugin_type, void *data);
 void rebuild_address_pool(void);
 void throttle_session(sessionidt s, int rate_in, int rate_out);
@@ -658,7 +745,7 @@ int cli_arg_help(struct cli_def *cli, int cr_ok, char *entry, ...);
 
 
 // icmp.c
-void host_unreachable(in_addr_t destination, uint16_t id, in_addr_t source, char *packet, int packet_len);
+void host_unreachable(in_addr_t destination, uint16_t id, in_addr_t source, uint8_t *packet, int packet_len);
 
 
 extern tunnelt *tunnel;
@@ -690,17 +777,17 @@ extern char main_quit;
 extern uint32_t last_id;
 extern struct Tstats *_statistics;
 extern in_addr_t my_address;
-extern int tun_write(uint8_t *data, int size);
 extern int clifd;
 extern int epollfd;
 
 struct event_data {
 	enum {
-	    	FD_TYPE_CONTROL,
 	    	FD_TYPE_CLI,
-	    	FD_TYPE_UDP,
-	    	FD_TYPE_TUN,
 	    	FD_TYPE_CLUSTER,
+	    	FD_TYPE_TUN,
+	    	FD_TYPE_UDP,
+	    	FD_TYPE_CONTROL,
+	    	FD_TYPE_DAE,
 		FD_TYPE_RADIUS,
 		FD_TYPE_BGP,
 	} type;
@@ -709,6 +796,9 @@ struct event_data {
 
 #define TIME (config->current_time)
 
+extern uint16_t MRU;
+extern uint16_t MSS;
+
 // macros for handling help in cli commands
 #define CLI_HELP_REQUESTED	(argc > 0 && argv[argc-1][strlen(argv[argc-1])-1] == '?')
 #define CLI_HELP_NO_ARGS	(argc > 1 || argv[0][1]) ? CLI_OK : cli_arg_help(cli, 1, NULL)