X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/f5354e17542c0c11b00e2c8fb48a989ba5e47bcf..58d994f8f4aa2a6465dc9a2f13e7ba8ddf412ec7:/ppp.c diff --git a/ppp.c b/ppp.c index a8a355d..cb8512f 100644 --- a/ppp.c +++ b/ppp.c @@ -5,6 +5,9 @@ #include #include #include +#include +#include + #include "l2tpns.h" #include "constants.h" #include "plugin.h" @@ -12,9 +15,7 @@ #include "tbf.h" #include "cluster.h" -#ifdef LAC #include "l2tplac.h" -#endif #include "pppoe.h" extern tunnelt *tunnel; @@ -105,13 +106,11 @@ void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) LOG(3, s, t, "PAP login %s/%s\n", user, pass); } -#ifdef LAC if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, user)) { // Creating a tunnel/session has been started return; } -#endif if (session[s].ip || !(r = radiusnew(s))) { @@ -264,7 +263,6 @@ void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) packet.username = calloc(l + 1, 1); memcpy(packet.username, p, l); -#ifdef LAC if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, packet.username)) { free(packet.username); @@ -272,7 +270,6 @@ void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) // Creating a tunnel/session has been started return; } -#endif run_plugins(PLUGIN_PRE_AUTH, &packet); if (!packet.continue_auth) @@ -1769,7 +1766,7 @@ void processipin(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) if (!session[s].bundle || bundle[session[s].bundle].num_of_links < 2) // FIXME: { // no spoof (do sessionbyip to handled statically routed subnets) - if (ip != session[s].ip && sessionbyip(htonl(ip)) != s) + if (!config->disable_no_spoof && ip != session[s].ip && sessionbyip(htonl(ip)) != s) { LOG(4, s, t, "Dropping packet with spoofed IP %s\n", fmtaddr(htonl(ip), 0)); return; @@ -2244,7 +2241,7 @@ void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) return; // no spoof - if (ipv4 != session[s].ip && memcmp(&config->ipv6_prefix, &ip, 8) && sessionbyipv6(ip) != s) + if ((ipv4 != session[s].ip || memcmp(&config->ipv6_prefix, &ip, 8)) && sessionbyipv6(ip) != s) { char str[INET6_ADDRSTRLEN]; LOG(5, s, t, "Dropping packet with spoofed IP %s\n",