Fix Possible ring buffer overflow.
</LI>
<LI><B>bind_address</B> (ip address)<BR>
-When the tun interface is created, it is assigned the address
-specified here. If no address is given, 1.1.1.1 is used. Packets
-containing user traffic should be routed via this address if given,
-otherwise the primary address of the machine.
+It's the listen address of the l2tp udp protocol sent and received
+to LAC. This address is also assigned to the tun interface if no
+iftun_address is specified. Packets containing user traffic should be
+routed via this address if given, otherwise the primary address of the
+machine.
+</LI>
+
+<LI><B>iftun_address</B> (ip address)<BR>
+This parameter is used when you want a tun interface address different
+from the address of "bind_address" (For use in cases of specific configuration).
+If no address is given to iftun_address and bind_address, 1.1.1.1 is used.
</LI>
<LI><B>peer_address</B> (ip address)<BR>
Address to send to clients as the default gateway.
-</L1>
+</LI>
<LI><B>send_garp</B> (boolean)<BR>
Determines whether or not to send a gratuitous ARP for the
(default: 240 (seconds))
</LI>
+<LI><B>bind_address_remotelns</B> (ip address)<BR>
+Address of the interface to listen the remote LNS tunnels.
+If no address is given, all interfaces are listened (Any Address).
+</LI>
+
<LI><B>bind_portremotelns</B> (short)<BR>
Port to bind for the Remote LNS (default: 65432).
</LI>
## Dependencies: (autogenerated) ##
arp.o: arp.c l2tpns.h
-cli.o: cli.c l2tpns.h constants.h util.h cluster.h tbf.h ll.h bgp.h
+cli.o: cli.c l2tpns.h constants.h util.h cluster.h tbf.h ll.h bgp.h \
+ l2tplac.h
cluster.o: cluster.c l2tpns.h cluster.h util.h tbf.h bgp.h
constants.o: constants.c constants.h
control.o: control.c l2tpns.h control.h
icmp.o: icmp.c l2tpns.h
l2tpns.o: l2tpns.c md5.h l2tpns.h cluster.h plugin.h ll.h constants.h \
- control.h util.h tbf.h bgp.h
+ control.h util.h tbf.h bgp.h l2tplac.h
ll.o: ll.c ll.h
md5.o: md5.c md5.h
-ppp.o: ppp.c l2tpns.h constants.h plugin.h util.h tbf.h cluster.h
-radius.o: radius.c md5.h constants.h l2tpns.h plugin.h util.h cluster.h
+ppp.o: ppp.c l2tpns.h constants.h plugin.h util.h tbf.h cluster.h \
+ l2tplac.h
+radius.o: radius.c md5.h constants.h l2tpns.h plugin.h util.h cluster.h \
+ l2tplac.h
tbf.o: tbf.c l2tpns.h util.h tbf.h
util.o: util.c l2tpns.h bgp.h
bgp.o: bgp.c l2tpns.h bgp.h util.h
+l2tplac.o: l2tplac.c md5.h l2tpns.h util.h l2tplac.h
autosnoop.so: autosnoop.c l2tpns.h plugin.h
autothrottle.so: autothrottle.c l2tpns.h plugin.h
garden.so: garden.c l2tpns.h plugin.h control.h
if (pconfigrlns[idrlns].state == CONFRLNSFREE)
{
pconfigrlns[idrlns].ip = ptunnelrlns[idtag].tunnel_server_endpoint;
- pconfigrlns[idrlns].port = L2TPPORT; //Default L2TP poart
+ pconfigrlns[idrlns].port = L2TPPORT; //Default L2TP port
strcpy(pconfigrlns[idrlns].l2tp_secret, ptunnelrlns[idtag].tunnel_password);
strcpy(pconfigrlns[idrlns].tunnel_assignment_id, ptunnelrlns[idtag].tunnel_assignment_id);
#endif
CONFIG("echo_timeout", echo_timeout, INT),
CONFIG("idle_echo_timeout", idle_echo_timeout, INT),
+ CONFIG("iftun_address", iftun_address, IPv4),
#ifdef LAC
CONFIG("disable_lac_func", disable_lac_func, BOOL),
+ CONFIG("bind_address_remotelns", bind_address_remotelns, IPv4),
CONFIG("bind_portremotelns", bind_portremotelns, SHORT),
#endif
{ NULL, 0, 0, 0 },
ringbuffer->buffer[ringbuffer->tail].session = s;
ringbuffer->buffer[ringbuffer->tail].tunnel = t;
va_start(ap, format);
- vsnprintf(ringbuffer->buffer[ringbuffer->tail].message, 4095, format, ap);
+ vsnprintf(ringbuffer->buffer[ringbuffer->tail].message, MAX_LOG_LENGTH, format, ap);
va_end(ap);
}
#endif
req.ifmsg.ifaddr.ifa_scope = RT_SCOPE_UNIVERSE;
req.ifmsg.ifaddr.ifa_index = tunidx;
- if (config->bind_address)
- ip = config->bind_address;
+ if (config->iftun_address)
+ ip = config->iftun_address;
else
ip = 0x01010101; // 1.1.1.1
netlink_addattr(&req.nh, IFA_LOCAL, &ip, sizeof(ip));
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(config->bind_portremotelns);
+ addr.sin_addr.s_addr = config->bind_address_remotelns;
udplacfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
setsockopt(udplacfd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
{
q[4] = 3; // ip address option
q[5] = 6; // option length
*(in_addr_t *) (q + 6) = config->peer_address ? config->peer_address :
- config->bind_address ? config->bind_address :
+ config->iftun_address ? config->iftun_address :
my_address; // send my IP
tunnelsend(buf, 10 + (q - buf), t); // send it
tunnelshutdown(t, "Stopped", 0, 0, 0); // Shut down cleanly
break;
case 6: // HELLO
+ LOG(3, s, t, "Received HELLO\n");
controlnull(t); // simply ACK
break;
case 7: // OCRQ
// Set multilink options before sending initial LCP packet
sess_local[s].mp_mrru = 1614;
- sess_local[s].mp_epdis = ntohl(config->bind_address ? config->bind_address : my_address);
+ sess_local[s].mp_epdis = ntohl(config->iftun_address ? config->iftun_address : my_address);
sendlcp(s, t);
change_state(s, lcp, RequestSent);
if ((s = read(tunfd, p, size_bufp)) > 0)
{
processtun(p, s);
- tun_pkts++;
+ tun_pkts++;
}
else
{
if (c >= config->multi_read_count)
{
#ifdef LAC
- LOG(3, 0, 0, "Reached multi_read_count (%d); processed %d udp, %d tun and %d cluster %d rmlns packets\n",
+ LOG(3, 0, 0, "Reached multi_read_count (%d); processed %d udp, %d tun %d cluster and %d rmlns packets\n",
config->multi_read_count, udp_pkts, tun_pkts, cluster_pkts, udplac_pkts);
#else
LOG(3, 0, 0, "Reached multi_read_count (%d); processed %d udp, %d tun and %d cluster packets\n",
"# uptime: %ld\n"
"# format: username ip qos uptxoctets downrxoctets\n",
hostname,
- fmtaddr(config->bind_address ? config->bind_address : my_address, 0),
+ fmtaddr(config->iftun_address ? config->iftun_address : my_address, 0),
now,
now - basetime);
}
#ifdef LAC
if(!config->bind_portremotelns)
config->bind_portremotelns = L2TPLACPORT;
+ if(!config->bind_address_remotelns)
+ config->bind_address_remotelns = INADDR_ANY;
#endif
+ if(!config->iftun_address)
+ config->iftun_address = config->bind_address;
// re-initialise the random number source
initrandom(config->random_device);
int echo_timeout; // Time between last packet sent and LCP ECHO generation
int idle_echo_timeout; // Time between last packet seen and
// Drop sessions who have not responded within IDLE_ECHO_TIMEOUT seconds
+ in_addr_t iftun_address;
#ifdef LAC
int disable_lac_func;
int highest_rlnsid;
uint16_t bind_portremotelns;
+ in_addr_t bind_address_remotelns;
#endif
} configt;
if (session[s].die) // going down...
return;
- LOG((*p == EchoReq || *p == EchoReply) ? 4 : 3, s, t,
+ LOG(((*p == EchoReq || *p == EchoReply) ? 4 : 3), s, t,
"LCP: recv %s\n", ppp_code(*p));
if (config->debug > 3) dumplcp(p, l);
run_plugins(PLUGIN_POST_AUTH, &packet);
r_code = packet.auth_allowed ? AccessAccept : AccessReject;
+#ifndef LAC
// process auth response
if (radius[r].chap)
{
LOG(3, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
(r_code == AccessAccept) ? "allowed" : "denied");
}
+#endif
if (r_code == AccessAccept)
{
{
session[s].route[ro].ip = 0;
}
-
- // Restart LCP auth...
- lcp_restart(s);
- sendlcp(s, t);
break;
}
}
+
+ // process auth response
+ if (radius[r].chap)
+ {
+ // CHAP
+ uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP, 0, 0, 0);
+ if (!p) return; // Abort!
+
+ *p = (r_code == AccessAccept) ? 3 : 4; // ack/nak
+ p[1] = radius[r].id;
+ *(uint16_t *) (p + 2) = ntohs(4); // no message
+ tunnelsend(b, (p - b) + 4, t); // send it
+
+ LOG(3, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user,
+ (r_code == AccessAccept) ? "allowed" : "denied");
+ }
+ else
+ {
+ // PAP
+ uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP, 0, 0, 0);
+ if (!p) return; // Abort!
+
+ // ack/nak
+ *p = r_code;
+ p[1] = radius[r].id;
+ *(uint16_t *) (p + 2) = ntohs(5);
+ p[4] = 0; // no message
+ tunnelsend(b, (p - b) + 5, t); // send it
+
+ LOG(3, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
+ (r_code == AccessAccept) ? "allowed" : "denied");
+ }
#endif
+
if (!session[s].dns1 && config->default_dns1)
{
session[s].dns1 = ntohl(config->default_dns1);