/* set up intercept based on RADIUS reply */
-char const *cvs_id = "$Id: autosnoop.c,v 1.4 2004-11-05 02:39:35 bodea Exp $";
+char const *cvs_id = "$Id: autosnoop.c,v 1.5 2004-11-05 04:55:25 bodea Exp $";
int __plugin_api_version = 1;
struct pluginfuncs *p;
if (*data->value) data->s->snoop_ip = inet_addr(data->value);
if (data->s->snoop_ip == INADDR_NONE) data->s->snoop_ip = 0;
if (*x) data->s->snoop_port = atoi(x);
- p->_log(3, 0, 0, 0, " Intercepting user to %s:%d\n",
+ p->log(3, 0, 0, 0, " Intercepting user to %s:%d\n",
p->inet_toa(data->s->snoop_ip), data->s->snoop_port);
}
else
{
- p->_log(3, 0, 0, 0, " Not Intercepting user (reply string should be snoop=ip:port)\n");
+ p->log(3, 0, 0, 0, " Not Intercepting user (reply string should be snoop=ip:port)\n");
}
}
return PLUGIN_RET_OK;
/* set up throttling based on RADIUS reply */
-char const *cvs_id = "$Id: autothrottle.c,v 1.6 2004-11-05 02:39:35 bodea Exp $";
+char const *cvs_id = "$Id: autothrottle.c,v 1.7 2004-11-05 04:55:26 bodea Exp $";
int __plugin_api_version = 1;
struct pluginfuncs *p;
case 2: // output
data->s->throttle_out = rate;
free(pt);
- p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set output throttle rate %dkb/s\n", rate);
+ p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set output throttle rate %dkb/s\n", rate);
return PLUGIN_RET_OK;
case 3: //input
data->s->throttle_in = rate;
free(pt);
- p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set input throttle rate %dkb/s\n", rate);
+ p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Set input throttle rate %dkb/s\n", rate);
return PLUGIN_RET_OK;
default:
- p->_log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n", data->key, data->value);
+ p->log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n", data->key, data->value);
free(pt);
return PLUGIN_RET_OK;
}
else
{
free(pt);
- p->_log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n",
+ p->log(1, 0, p->get_id_by_session(data->s), data->s->tunnel, "Syntax error in rate limit AV pair: %s=%s\n",
data->key, data->value);
return PLUGIN_RET_OK;
}
{
if (strcmp(data->value, "yes") == 0)
{
- p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Throttling user\n");
+ p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Throttling user\n");
data->s->throttle_in = data->s->throttle_out = config->rl_rate;
}
else if (strcmp(data->value, "no") == 0)
{
- p->_log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Not throttling user\n");
+ p->log(3, 0, p->get_id_by_session(data->s), data->s->tunnel, " Not throttling user\n");
data->s->throttle_in = data->s->throttle_out = 0;
}
}
- p->_log(4, 0, p->get_id_by_session(data->s), data->s->tunnel, "autothrottle module ignoring AV pair %s=%s\n",
+ p->log(4, 0, p->get_id_by_session(data->s), data->s->tunnel, "autothrottle module ignoring AV pair %s=%s\n",
data->key, data->value);
return PLUGIN_RET_OK;
* nor RFC2385 (which requires a kernel patch on 2.4 kernels).
*/
-char const *cvs_id_bgp = "$Id: bgp.c,v 1.4 2004-09-02 04:18:07 fred_nerk Exp $";
+char const *cvs_id_bgp = "$Id: bgp.c,v 1.5 2004-11-05 04:55:26 bodea Exp $";
#include <stdlib.h>
#include <unistd.h>
if (!((peer->outbuf = malloc(sizeof(*peer->outbuf)))
&& (peer->inbuf = malloc(sizeof(*peer->inbuf)))))
{
- log(0, 0, 0, 0, "Can't allocate buffers for bgp peer (%s)\n",
+ LOG(0, 0, 0, 0, "Can't allocate buffers for bgp peer (%s)\n",
strerror(errno));
return 0;
if (!(h = gethostbyname(name)) || h->h_addrtype != AF_INET)
{
- log(0, 0, 0, 0, "Can't get address for BGP peer %s (%s)\n",
+ LOG(0, 0, 0, 0, "Can't get address for BGP peer %s (%s)\n",
name, h ? "no address" : hstrerror(h_errno));
return 0;
if (!(peer->path_attrs = malloc(peer->path_attr_len)))
{
- log(0, 0, 0, 0, "Can't allocate path_attrs for %s (%s)\n",
+ LOG(0, 0, 0, 0, "Can't allocate path_attrs for %s (%s)\n",
name, strerror(errno));
return 0;
memcpy(peer->path_attrs, path_attrs, peer->path_attr_len);
- log(4, 0, 0, 0, "Initiating BGP connection to %s (routing %s)\n",
+ LOG(4, 0, 0, 0, "Initiating BGP connection to %s (routing %s)\n",
name, enable ? "enabled" : "suspended");
/* we have at least one peer configured */
peer->state = peer->next_state;
peer->state_time = time_now;
- log(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
+ LOG(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
bgp_state_str(peer->next_state));
}
}
/* initiate a clean shutdown */
void bgp_stop(struct bgp_peer *peer)
{
- log(4, 0, 0, 0, "Terminating BGP connection to %s\n", peer->name);
+ LOG(4, 0, 0, 0, "Terminating BGP connection to %s\n", peer->name);
bgp_send_notification(peer, BGP_ERR_CEASE, 0);
}
/* drop connection (if any) and set state to Disabled */
void bgp_halt(struct bgp_peer *peer)
{
- log(4, 0, 0, 0, "Aborting BGP connection to %s\n", peer->name);
+ LOG(4, 0, 0, 0, "Aborting BGP connection to %s\n", peer->name);
peer->next_state = Disabled;
bgp_clear(peer);
}
/* insert into route list; sorted */
if (!(r = malloc(sizeof(*r))))
{
- log(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
+ LOG(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
inet_toa(add.dest.prefix), add.dest.len, strerror(errno));
return 0;
if (bgp_peers[i].state == Established)
bgp_peers[i].update_routes = 1;
- log(4, 0, 0, 0, "Registered BGP route %s/%d\n", inet_toa(add.dest.prefix),
+ LOG(4, 0, 0, 0, "Registered BGP route %s/%d\n", inet_toa(add.dest.prefix),
add.dest.len);
return 1;
if (bgp_peers[i].state == Established)
bgp_peers[i].update_routes = 1;
- log(4, 0, 0, 0, "Removed BGP route %s/%d\n", inet_toa(del.dest.prefix),
+ LOG(4, 0, 0, 0, "Removed BGP route %s/%d\n", inet_toa(del.dest.prefix),
del.dest.len);
return 1;
bgp_peers[i].update_routes = 1;
}
- log(4, 0, 0, 0, "%s BGP routing\n", enable ? "Enabled" : "Suspended");
+ LOG(4, 0, 0, 0, "%s BGP routing\n", enable ? "Enabled" : "Suspended");
}
/* return a bitmask indicating if the socket should be added to the
{
if (time_now > peer->expire_time)
{
- log(1, 0, 0, 0, "No message from BGP peer %s in %ds\n",
+ LOG(1, 0, 0, 0, "No message from BGP peer %s in %ds\n",
peer->name, peer->hold);
bgp_send_notification(peer, BGP_ERR_HOLD_TIMER_EXP, 0);
}
else if (time_now > peer->state_time + BGP_KEEPALIVE_TIME)
{
- log(1, 0, 0, 0, "%s timer expired for BGP peer %s\n",
+ LOG(1, 0, 0, 0, "%s timer expired for BGP peer %s\n",
bgp_state_str(peer->state), peer->name);
return bgp_restart(peer);
struct servent *serv;
if (!(serv = getservbyname("bgp", "tcp")))
{
- log(0, 0, 0, 0, "Can't get bgp service (%s)\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Can't get bgp service (%s)\n", strerror(errno));
return 0;
}
if ((peer->sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0)
{
- log(0, 0, 0, 0, "Can't create a socket for BGP peer %s (%s)\n",
+ LOG(0, 0, 0, 0, "Can't create a socket for BGP peer %s (%s)\n",
peer->name, strerror(errno));
peer->state = peer->next_state = Disabled;
if (errno != EINPROGRESS)
{
- log(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n",
+ LOG(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n",
inet_ntoa(addr.sin_addr), strerror(errno));
bgp_set_retry(peer);
peer->state = Connect;
peer->state_time = time_now;
- log(4, 0, 0, 0, "BGP peer %s: state Connect\n", peer->name);
+ LOG(4, 0, 0, 0, "BGP peer %s: state Connect\n", peer->name);
return 1;
}
peer->state_time = time_now;
peer->retry_time = peer->retry_count = 0;
- log(4, 0, 0, 0, "BGP peer %s: state Active\n", inet_ntoa(addr.sin_addr));
+ LOG(4, 0, 0, 0, "BGP peer %s: state Active\n", inet_ntoa(addr.sin_addr));
return bgp_send_open(peer);
}
getsockopt(peer->sock, SOL_SOCKET, SO_ERROR, &err, &len);
if (err)
{
- log(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n", peer->name,
+ LOG(1, 0, 0, 0, "Can't connect to BGP peer %s (%s)\n", peer->name,
strerror(err));
bgp_set_retry(peer);
peer->state = Active;
peer->state_time = time_now;
- log(4, 0, 0, 0, "BGP peer %s: state Active\n", peer->name);
+ LOG(4, 0, 0, 0, "BGP peer %s: state Active\n", peer->name);
return bgp_send_open(peer);
}
return 1;
if (errno == EPIPE)
- log(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
+ LOG(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
else
- log(1, 0, 0, 0, "Can't write to BGP peer %s (%s)\n", peer->name,
+ LOG(1, 0, 0, 0, "Can't write to BGP peer %s (%s)\n", peer->name,
strerror(errno));
bgp_set_retry(peer);
return 1;
}
- log(4, 0, 0, 0, "Sent %s to BGP peer %s\n",
+ LOG(4, 0, 0, 0, "Sent %s to BGP peer %s\n",
bgp_msg_type_str(peer->outbuf->packet.header.type), peer->name);
peer->outbuf->packet.header.len = 0;
peer->state = peer->next_state;
peer->state_time = time_now;
- log(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
+ LOG(4, 0, 0, 0, "BGP peer %s: state %s\n", peer->name,
bgp_state_str(peer->state));
}
{
if (!r)
{
- log(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
+ LOG(1, 0, 0, 0, "Connection to BGP peer %s closed\n", peer->name);
}
else
{
if (errno == EAGAIN)
return 1;
- log(1, 0, 0, 0, "Can't read from BGP peer %s (%s)\n", peer->name,
+ LOG(1, 0, 0, 0, "Can't read from BGP peer %s (%s)\n", peer->name,
strerror(errno));
}
if (len > BGP_MAX_PACKET_SIZE)
{
- log(1, 0, 0, 0, "Bad header length from BGP %s\n", peer->name);
+ LOG(1, 0, 0, 0, "Bad header length from BGP %s\n", peer->name);
bgp_send_notification(peer, BGP_ERR_HEADER, BGP_ERR_HDR_BAD_LEN);
return 0;
}
if (peer->inbuf->done < len)
return 0;
- log(4, 0, 0, 0, "Received %s from BGP peer %s\n",
+ LOG(4, 0, 0, 0, "Received %s from BGP peer %s\n",
bgp_msg_type_str(p->header.type), peer->name);
switch (p->header.type)
{
if ((unsigned char) p->header.marker[i] != 0xff)
{
- log(1, 0, 0, 0, "Invalid marker from BGP peer %s\n",
+ LOG(1, 0, 0, 0, "Invalid marker from BGP peer %s\n",
peer->name);
bgp_send_notification(peer, BGP_ERR_HEADER,
if (peer->state != OpenSent)
{
- log(1, 0, 0, 0, "OPEN from BGP peer %s in %s state\n",
+ LOG(1, 0, 0, 0, "OPEN from BGP peer %s in %s state\n",
peer->name, bgp_state_str(peer->state));
bgp_send_notification(peer, BGP_ERR_FSM, 0);
if (data.version != BGP_VERSION)
{
- log(1, 0, 0, 0, "Bad version (%d) sent by BGP peer %s\n",
+ LOG(1, 0, 0, 0, "Bad version (%d) sent by BGP peer %s\n",
(int) data.version, peer->name);
bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_OPN_VERSION);
if (ntohs(data.as) != peer->as)
{
- log(1, 0, 0, 0, "Bad AS sent by BGP peer %s (got %d, "
+ LOG(1, 0, 0, 0, "Bad AS sent by BGP peer %s (got %d, "
"expected %d)\n", peer->name, (int) htons(data.as),
(int) peer->as);
if ((peer->hold = ntohs(data.hold_time)) < 10)
{
- log(1, 0, 0, 0, "Bad hold time (%d) from BGP peer %s\n",
+ LOG(1, 0, 0, 0, "Bad hold time (%d) from BGP peer %s\n",
peer->hold, peer->name);
bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_OPN_HOLD_TIME);
peer->retry_count = 0;
peer->retry_time = 0;
- log(4, 0, 0, 0, "BGP peer %s: state Established\n", peer->name);
+ LOG(4, 0, 0, 0, "BGP peer %s: state Established\n", peer->name);
}
break;
if (notification->error_code == BGP_ERR_CEASE)
{
- log(4, 0, 0, 0, "BGP peer %s sent CEASE\n", peer->name);
+ LOG(4, 0, 0, 0, "BGP peer %s sent CEASE\n", peer->name);
bgp_halt(peer);
return 0;
}
/* FIXME: should handle more notifications */
- log(4, 0, 0, 0, "BGP peer %s sent unhandled NOTIFICATION %d\n",
+ LOG(4, 0, 0, 0, "BGP peer %s sent unhandled NOTIFICATION %d\n",
peer->name, (int) notification->error_code);
}
unf_len += s;
len += s;
- log(5, 0, 0, 0, "Withdrawing route %s/%d from BGP peer %s\n",
+ LOG(5, 0, 0, 0, "Withdrawing route %s/%d from BGP peer %s\n",
inet_toa(tmp->dest.prefix), tmp->dest.len, peer->name);
free(tmp);
{
if (!(e = malloc(sizeof(*e))))
{
- log(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
+ LOG(0, 0, 0, 0, "Can't allocate route for %s/%d (%s)\n",
inet_toa(add->dest.prefix), add->dest.len, strerror(errno));
return 0;
data += s;
len += s;
- log(5, 0, 0, 0, "Advertising route %s/%d to BGP peer %s\n",
+ LOG(5, 0, 0, 0, "Advertising route %s/%d to BGP peer %s\n",
inet_toa(add->dest.prefix), add->dest.len, peer->name);
}
else
// vim: sw=8 ts=8
char const *cvs_name = "$Name: $";
-char const *cvs_id_cli = "$Id: cli.c,v 1.23 2004-11-05 02:47:47 bodea Exp $";
+char const *cvs_id_cli = "$Id: cli.c,v 1.24 2004-11-05 04:55:26 bodea Exp $";
#include <stdio.h>
#include <stdarg.h>
if (!(f = fopen(CLIUSERS, "r")))
{
- log(0, 0, 0, 0, "WARNING! No users specified. Command-line access is open to all\n");
+ LOG(0, 0, 0, 0, "WARNING! No users specified. Command-line access is open to all\n");
}
else
{
if (!strcmp(buf, "enable"))
{
cli_allow_enable(cli, p);
- log(3, 0, 0, 0, "Setting enable password\n");
+ LOG(3, 0, 0, 0, "Setting enable password\n");
}
else
{
cli_allow_user(cli, buf, p);
- log(3, 0, 0, 0, "Allowing user %s to connect to the CLI\n", buf);
+ LOG(3, 0, 0, 0, "Allowing user %s to connect to the CLI\n", buf);
}
}
fclose(f);
addr.sin_port = htons(23);
if (bind(clifd, (void *) &addr, sizeof(addr)) < 0)
{
- log(0, 0, 0, 0, "Error listening on cli port 23: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error listening on cli port 23: %s\n", strerror(errno));
return;
}
listen(clifd, 10);
if (fork_and_close()) return;
if (getpeername(sockfd, (struct sockaddr *)&addr, &l) == 0)
{
- log(3, 0, 0, 0, "Accepted connection to CLI from %s\n", inet_toa(addr.sin_addr.s_addr));
+ LOG(3, 0, 0, 0, "Accepted connection to CLI from %s\n", inet_toa(addr.sin_addr.s_addr));
require_auth = addr.sin_addr.s_addr != inet_addr("127.0.0.1");
}
else
- log(0, 0, 0, 0, "getpeername() failed on cli socket. Requiring authentication: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "getpeername() failed on cli socket. Requiring authentication: %s\n", strerror(errno));
if (require_auth)
{
- log(3, 0, 0, 0, "CLI is remote, requiring authentication\n");
+ LOG(3, 0, 0, 0, "CLI is remote, requiring authentication\n");
if (!cli->users) /* paranoia */
{
- log(0, 0, 0, 0, "No users for remote authentication! Exiting CLI\n");
+ LOG(0, 0, 0, 0, "No users for remote authentication! Exiting CLI\n");
exit(0);
}
}
cli_loop(cli, sockfd);
close(sockfd);
- log(3, 0, 0, 0, "Closed CLI connection from %s\n", inet_toa(addr.sin_addr.s_addr));
+ LOG(3, 0, 0, 0, "Closed CLI connection from %s\n", inet_toa(addr.sin_addr.s_addr));
exit(0);
}
void cli_print_log(struct cli_def *cli, char *string)
{
- log(3, 0, 0, 0, "%s\n", string);
+ LOG(3, 0, 0, 0, "%s\n", string);
}
void cli_do_file(FILE *fh)
{
- log(3, 0, 0, 0, "Reading configuration file\n");
+ LOG(3, 0, 0, 0, "Reading configuration file\n");
cli_print_callback(cli, cli_print_log);
cli_file(cli, fh, PRIVILEGE_PRIVILEGED, MODE_CONFIG);
cli_print_callback(cli, NULL);
// L2TPNS Clustering Stuff
-char const *cvs_id_cluster = "$Id: cluster.c,v 1.15 2004-11-02 04:35:03 bodea Exp $";
+char const *cvs_id_cluster = "$Id: cluster.c,v 1.16 2004-11-05 04:55:26 bodea Exp $";
#include <stdio.h>
#include <sys/file.h>
if (bind(cluster_sockfd, (void *) &addr, sizeof(addr)) < 0)
{
- log(0, 0, 0, 0, "Failed to bind cluster socket: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Failed to bind cluster socket: %s\n", strerror(errno));
return -1;
}
strcpy(ifr.ifr_name, config->cluster_interface);
if (ioctl(cluster_sockfd, SIOCGIFADDR, &ifr) < 0)
{
- log(0, 0, 0, 0, "Failed to get interface address for (%s): %s\n", config->cluster_interface, strerror(errno));
+ LOG(0, 0, 0, 0, "Failed to get interface address for (%s): %s\n", config->cluster_interface, strerror(errno));
return -1;
}
if (setsockopt(cluster_sockfd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq)) < 0)
{
- log(0, 0, 0, 0, "Failed to setsockopt (join mcast group): %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Failed to setsockopt (join mcast group): %s\n", strerror(errno));
return -1;
}
if (setsockopt (cluster_sockfd, IPPROTO_IP, IP_MULTICAST_IF, &interface_addr, sizeof(interface_addr)) < 0)
{
- log(0, 0, 0, 0, "Failed to setsockopt (set mcast interface): %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Failed to setsockopt (set mcast interface): %s\n", strerror(errno));
return -1;
}
addr.sin_port = htons(CLUSTERPORT);
addr.sin_family = AF_INET;
- log(5,0,0,0, "Cluster send data: %d bytes\n", datalen);
+ LOG(5,0,0,0, "Cluster send data: %d bytes\n", datalen);
if (sendto(cluster_sockfd, data, datalen, MSG_NOSIGNAL, (void *) &addr, sizeof(addr)) < 0)
{
- log(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
return -1;
}
config->cluster_iam_uptodate = 1;
- log(0,0,0,0, "Now uptodate with master.\n");
+ LOG(0,0,0,0, "Now uptodate with master.\n");
#ifdef BGP
if (bgp_configured)
addr.sin_port = htons(CLUSTERPORT);
addr.sin_family = AF_INET;
- log_hex(5, "Peer send", data, size);
+ LOG_HEX(5, "Peer send", data, size);
if (sendto(cluster_sockfd, data, size, MSG_NOSIGNAL, (void *) &addr, sizeof(addr)) < 0)
{
- log(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "sendto: %s\n", strerror(errno));
return -1;
}
char buf[65536]; // Vast overkill.
char * p = buf;
- log(4,0,0,0, "Sending message to peer (type %d, more %d, size %d)\n", type, more, size);
+ LOG(4,0,0,0, "Sending message to peer (type %d, more %d, size %d)\n", type, more, size);
add_type(&p, type, more, data, size);
return peer_send_data(peer, buf, (p-buf) );
if (!config->cluster_master_address) // No election has been held yet. Just skip it.
return -1;
- log(4,0,0,0, "Forwarding packet from %s to master (size %d)\n", inet_toa(addr), size);
+ LOG(4,0,0,0, "Forwarding packet from %s to master (size %d)\n", inet_toa(addr), size);
STAT(c_forwarded);
add_type(&p, C_FORWARD, addr, (char*) &port, sizeof(port) );
if (!config->cluster_master_address) // No election has been held yet. Just skip it.
return -1;
- log(4,0,0,0, "Throttling packet master (size %d, tbfid %d)\n", size, tbfid);
+ LOG(4,0,0,0, "Throttling packet master (size %d, tbfid %d)\n", size, tbfid);
add_type(&p, C_THROTTLE, tbfid, data, size);
if (!config->cluster_master_address) // No election has been held yet. Just skip it.
return -1;
- log(4,0,0,0, "Walled garden packet to master (size %d)\n", size);
+ LOG(4,0,0,0, "Walled garden packet to master (size %d)\n", size);
add_type(&p, C_GARDEN, s, data, size);
if (size > sizeof(past_hearts[0].data))
{
- log(0,0,0,0, "Tried to heartbeat something larger than the maximum packet!\n");
+ LOG(0,0,0,0, "Tried to heartbeat something larger than the maximum packet!\n");
kill(0, SIGTERM);
exit(1);
}
if (config->cluster_iam_master && basetime) // We're heartbeating so no need to ping.
return;
- log(5,0,0,0, "Sending cluster ping...\n");
+ LOG(5,0,0,0, "Sending cluster ping...\n");
x.ver = 1;
x.addr = config->bind_address;
// Forward the data to the master.
- log(4,0,0,0, "Sending byte counters to master (%d elements)\n", c);
+ LOG(4,0,0,0, "Sending byte counters to master (%d elements)\n", c);
peer_send_message(config->cluster_master_address, C_BYTES, c, (char*) &b, sizeof(b[0]) * c);
return;
}
if (!probed && config->cluster_master_address)
{
probed = 1;
- log(1, 0, 0, 0, "Heartbeat from master %.1fs late, probing...\n",
+ LOG(1, 0, 0, 0, "Heartbeat from master %.1fs late, probing...\n",
0.1 * (TIME - (config->cluster_last_hb + config->cluster_hb_interval)));
peer_send_message(config->cluster_master_address,
config->cluster_last_hb = TIME + 1; // Just the one election thanks.
- log(0,0,0,0, "Master timed out! Holding election...\n");
+ LOG(0,0,0,0, "Master timed out! Holding election...\n");
for (i = 0; i < num_peers; i++)
{
continue; // Shutdown peer! Skip them.
if (peers[i].basetime < basetime) {
- log(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
+ LOG(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
return; // They'll win the election. Get out of here.
}
if (peers[i].basetime == basetime &&
peers[i].peer > my_address) {
- log(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
+ LOG(1,0,0,0, "Expecting %s to become master\n", inet_toa(peers[i].peer) );
return; // They'll win the election. Wait for them to come up.
}
}
config->cluster_iam_master = 1;
config->cluster_master_address = 0;
- log(0,0,0,0, "I am declaring myself the master!\n");
+ LOG(0,0,0,0, "I am declaring myself the master!\n");
if (config->cluster_seq_number == -1)
config->cluster_seq_number = 0;
// If we're not the very first master, this is a big issue!
if(count>0)
- log(0,0,0,0, "Warning: Fixed %d uninitialized sessions in becoming master!\n", count);
+ LOG(0,0,0,0, "Warning: Fixed %d uninitialized sessions in becoming master!\n", count);
config->cluster_undefined_sessions = 0;
config->cluster_undefined_tunnels = 0;
if (config->cluster_undefined_sessions || config->cluster_undefined_tunnels) {
- log(2,0,0,0, "Cleared undefined sessions/tunnels. %d sess (high %d), %d tunn (high %d)\n",
+ LOG(2,0,0,0, "Cleared undefined sessions/tunnels. %d sess (high %d), %d tunn (high %d)\n",
config->cluster_undefined_sessions, highsession, config->cluster_undefined_tunnels, hightunnel);
return;
}
(char*) &tunnel[id], sizeof(tunnelt));
break;
default:
- log(0,0,0,0, "Found an invalid type in heart queue! (%d)\n", type);
+ LOG(0,0,0,0, "Found an invalid type in heart queue! (%d)\n", type);
kill(0, SIGTERM);
exit(1);
}
}
if (p > (buff + sizeof(buff))) { // Did we somehow manage to overun the buffer?
- log(0,0,0,0, "FATAL: Overran the heartbeat buffer! This is fatal. Exiting. (size %d)\n", p - buff);
+ LOG(0,0,0,0, "FATAL: Overran the heartbeat buffer! This is fatal. Exiting. (size %d)\n", p - buff);
kill(0, SIGTERM);
exit(1);
}
//
// Did we do something wrong?
if (p > (buff + sizeof(buff))) { // Did we somehow manage to overun the buffer?
- log(0,0,0,0, "Overran the heartbeat buffer now! This is fatal. Exiting. (size %d)\n", p - buff);
+ LOG(0,0,0,0, "Overran the heartbeat buffer now! This is fatal. Exiting. (size %d)\n", p - buff);
kill(0, SIGTERM);
exit(1);
}
- log(3,0,0,0, "Sending heartbeat #%d with %d changes (%d x-sess, %d x-tunnels, %d highsess, %d hightun, size %d)\n",
+ LOG(3,0,0,0, "Sending heartbeat #%d with %d changes (%d x-sess, %d x-tunnels, %d highsess, %d hightun, size %d)\n",
h.seq, config->cluster_num_changes, count, tcount, config->cluster_highest_sessionid,
config->cluster_highest_tunnelid, (p-buff));
int cluster_send_session(int sid)
{
if (!config->cluster_iam_master) {
- log(0,0,sid,0, "I'm not a master, but I just tried to change a session!\n");
+ LOG(0,0,sid,0, "I'm not a master, but I just tried to change a session!\n");
return -1;
}
int cluster_send_tunnel(int tid)
{
if (!config->cluster_iam_master) {
- log(0,0,0,tid, "I'm not a master, but I just tried to change a tunnel!\n");
+ LOG(0,0,0,tid, "I'm not a master, but I just tried to change a tunnel!\n");
return -1;
}
int s;
int diff;
- log(1,0,0,0, "Slave %s sent LASTSEEN with seq %d\n", inet_toa(slave), seq);
+ LOG(1,0,0,0, "Slave %s sent LASTSEEN with seq %d\n", inet_toa(slave), seq);
diff = config->cluster_seq_number - seq; // How many packet do we need to send?
if (diff < 0)
diff += HB_MAX_SEQ;
if (diff >= HB_HISTORY_SIZE) { // Ouch. We don't have the packet to send it!
- log(0,0,0,0, "A slaved asked for message %d when our seq number is %d. Killing it.\n",
+ LOG(0,0,0,0, "A slaved asked for message %d when our seq number is %d. Killing it.\n",
seq, config->cluster_seq_number);
return peer_send_message(slave, C_KILL, seq, NULL, 0);// Kill the slave. Nothing else to do.
}
while (seq != config->cluster_seq_number) {
s = seq%HB_HISTORY_SIZE;
if (seq != past_hearts[s].seq) {
- log(0,0,0,0, "Tried to re-send heartbeat for %s but %d doesn't match %d! (%d,%d)\n",
+ LOG(0,0,0,0, "Tried to re-send heartbeat for %s but %d doesn't match %d! (%d,%d)\n",
inet_toa(slave), seq, past_hearts[s].seq, s, config->cluster_seq_number);
return -1; // What to do here!?
}
if (clusterid != config->bind_address)
{
// Is this for us?
- log(4,0,0,0, "Skipping ping from %s (different cluster)\n", inet_toa(peer));
+ LOG(4,0,0,0, "Skipping ping from %s (different cluster)\n", inet_toa(peer));
return 0;
}
// Is this the master shutting down??
if (peer == config->cluster_master_address && !basetime) {
- log(3,0,0,0, "Master %s shutting down...\n", inet_toa(config->cluster_master_address));
+ LOG(3,0,0,0, "Master %s shutting down...\n", inet_toa(config->cluster_master_address));
config->cluster_master_address = 0;
config->cluster_last_hb = 0; // Force an election.
cluster_check_master();
if (i >= num_peers)
{
- log(4,0,0,0, "Adding %s as a peer\n", inet_toa(peer));
+ LOG(4,0,0,0, "Adding %s as a peer\n", inet_toa(peer));
// Not found. Is there a stale slot to re-use?
for (i = 0; i < num_peers ; ++i)
if (i >= CLUSTER_MAX_SIZE)
{
// Too many peers!!
- log(0,0,0,0, "Tried to add %s as a peer, but I already have %d of them!\n", inet_toa(peer), i);
+ LOG(0,0,0,0, "Tried to add %s as a peer, but I already have %d of them!\n", inet_toa(peer), i);
return -1;
}
if (i == num_peers)
++num_peers;
- log(1,0,0,0, "Added %s as a new peer. Now %d peers\n", inet_toa(peer), num_peers);
+ LOG(1,0,0,0, "Added %s as a new peer. Now %d peers\n", inet_toa(peer), num_peers);
}
return 1;
b = (bytest*) data;
- log(3,0,0,0, "Got byte counter update (size %d)\n", size);
+ LOG(3,0,0,0, "Got byte counter update (size %d)\n", size);
/* Loop around, adding the byte
counts to each of the sessions. */
while (size >= sizeof(*b) ) {
if (b->sid > MAXSESSION) {
- log(0,0,0,0, "Got C_BYTES with session #%d!\n", b->sid);
+ LOG(0,0,0,0, "Got C_BYTES with session #%d!\n", b->sid);
return -1; /* Abort processing */
}
}
if (size != 0)
- log(0,0,0,0, "Got C_BYTES with %d bytes of trailing junk!\n", size);
+ LOG(0,0,0,0, "Got C_BYTES with %d bytes of trailing junk!\n", size);
return size;
}
static int cluster_recv_session(int more , u8 * p)
{
if (more >= MAXSESSION) {
- log(0,0,0,0, "DANGER: Received a heartbeat session id > MAXSESSION!\n");
+ LOG(0,0,0,0, "DANGER: Received a heartbeat session id > MAXSESSION!\n");
return -1;
}
if (session[more].tunnel == T_UNDEF) {
if (config->cluster_iam_uptodate) { // Sanity.
- log(0,0,0,0, "I thought I was uptodate but I just found an undefined session!\n");
+ LOG(0,0,0,0, "I thought I was uptodate but I just found an undefined session!\n");
} else {
--config->cluster_undefined_sessions;
}
load_session(more, (sessiont*) p); // Copy session into session table..
- log(5,0,more,0, "Received session update (%d undef)\n", config->cluster_undefined_sessions);
+ LOG(5,0,more,0, "Received session update (%d undef)\n", config->cluster_undefined_sessions);
if (!config->cluster_iam_uptodate)
cluster_uptodate(); // Check to see if we're up to date.
static int cluster_recv_tunnel(int more, u8 *p)
{
if (more >= MAXTUNNEL) {
- log(0,0,0,0, "DANGER: Received a tunnel session id > MAXTUNNEL!\n");
+ LOG(0,0,0,0, "DANGER: Received a tunnel session id > MAXTUNNEL!\n");
return -1;
}
if (tunnel[more].state == TUNNELUNDEF) {
if (config->cluster_iam_uptodate) { // Sanity.
- log(0,0,0,0, "I thought I was uptodate but I just found an undefined tunnel!\n");
+ LOG(0,0,0,0, "I thought I was uptodate but I just found an undefined tunnel!\n");
} else {
--config->cluster_undefined_tunnels;
}
tunnel[more].controls = tunnel[more].controle = NULL;
tunnel[more].controlc = 0;
- log(5,0,0,more, "Received tunnel update\n");
+ LOG(5,0,0,more, "Received tunnel update\n");
if (!config->cluster_iam_uptodate)
cluster_uptodate(); // Check to see if we're up to date.
// we handle version 2+
if (more < 2 || more > HB_VERSION) {
- log(0,0,0,0, "Received a heartbeat version that I don't support (%d)!\n", more);
+ LOG(0,0,0,0, "Received a heartbeat version that I don't support (%d)!\n", more);
return -1; // Ignore it??
}
if (config->cluster_iam_master) { // Sanity...
// Note that this MUST match the election process above!
- log(0,0,0,0, "I just got a packet claiming to be from a master but _I_ am the master!\n");
+ LOG(0,0,0,0, "I just got a packet claiming to be from a master but _I_ am the master!\n");
if (!h->basetime) {
- log(0,0,0,0, "Heartbeat from addr %s with zero basetime!\n", inet_toa(addr) );
+ LOG(0,0,0,0, "Heartbeat from addr %s with zero basetime!\n", inet_toa(addr) );
return -1; // Skip it.
}
if (basetime > h->basetime) {
- log(0,0,0,0, "They're (%s) an older master than me so I'm gone!\n", inet_toa(addr));
+ LOG(0,0,0,0, "They're (%s) an older master than me so I'm gone!\n", inet_toa(addr));
kill(0, SIGTERM);
exit(1);
}
if (basetime == h->basetime && my_address < addr) { // Tie breaker.
- log(0,0,0,0, "They're a higher IP address than me, so I'm gone!\n");
+ LOG(0,0,0,0, "They're a higher IP address than me, so I'm gone!\n");
kill(0, SIGTERM);
exit(1);
}
config->cluster_last_hb = TIME; // Reset to ensure that we don't become master!!
if (config->cluster_seq_number != h->seq) { // Out of sequence heartbeat!
- log(1,0,0,0, "HB: Got seq# %d but was expecting %d. asking for resend.\n", h->seq, config->cluster_seq_number);
+ LOG(1,0,0,0, "HB: Got seq# %d but was expecting %d. asking for resend.\n", h->seq, config->cluster_seq_number);
peer_send_message(addr, C_LASTSEEN, config->cluster_seq_number, NULL, 0);
{
if (h->interval != config->cluster_hb_interval)
{
- log(2, 0, 0, 0, "Master set ping/heartbeat interval to %u (was %u)\n",
+ LOG(2, 0, 0, 0, "Master set ping/heartbeat interval to %u (was %u)\n",
h->interval, config->cluster_hb_interval);
config->cluster_hb_interval = h->interval;
if (h->timeout != config->cluster_hb_timeout)
{
- log(2, 0, 0, 0, "Master set heartbeat timeout to %u (was %u)\n",
+ LOG(2, 0, 0, 0, "Master set heartbeat timeout to %u (was %u)\n",
h->timeout, config->cluster_hb_timeout);
config->cluster_hb_timeout = h->timeout;
s -= (p - orig_p);
if (size != sizeof(sessiont) ) { // Ouch! Very very bad!
- log(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
+ LOG(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
// Now what? Should exit! No-longer up to date!
break;
}
s -= (p - orig_p);
if (size != sizeof(tunnelt) ) { // Ouch! Very very bad!
- log(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
+ LOG(0,0,0,0, "DANGER: Received a CSESSION that didn't decompress correctly!\n");
// Now what? Should exit! No-longer up to date!
break;
}
s -= sizeof(tunnel[more]);
break;
default:
- log(0,0,0,0, "DANGER: I received a heartbeat element where I didn't understand the type! (%d)\n", type);
+ LOG(0,0,0,0, "DANGER: I received a heartbeat element where I didn't understand the type! (%d)\n", type);
return -1; // can't process any more of the packet!!
}
}
{
char *str;
str = strdup(inet_toa(config->cluster_master_address));
- log(0,0,0,0, "My master just changed from %s to %s!\n", str, inet_toa(addr));
+ LOG(0,0,0,0, "My master just changed from %s to %s!\n", str, inet_toa(addr));
if (str) free(str);
}
return 0;
shortpacket:
- log(0,0,0,0, "I got an incomplete heartbeat packet! This means I'm probably out of sync!!\n");
+ LOG(0,0,0,0, "I got an incomplete heartbeat packet! This means I'm probably out of sync!!\n");
return -1;
}
if (addr == my_address)
return -1; // Ignore it. Something looped back the multicast!
- log(5,0,0,0, "Process cluster: %d bytes from %s\n", size, inet_toa(addr));
+ LOG(5,0,0,0, "Process cluster: %d bytes from %s\n", size, inet_toa(addr));
if (s <= 0) // Any data there??
return -1;
p += sizeof(int);
if (!config->cluster_iam_master) { // huh?
- log(0,0,0,0, "I'm not the master, but I got a C_FORWARD from %s?\n", inet_toa(addr));
+ LOG(0,0,0,0, "I'm not the master, but I got a C_FORWARD from %s?\n", inet_toa(addr));
return -1;
}
- log(4,0,0,0, "Got a forwarded packet... (%s:%d)\n", inet_toa(more), a.sin_port);
+ LOG(4,0,0,0, "Got a forwarded packet... (%s:%d)\n", inet_toa(more), a.sin_port);
STAT(recv_forward);
processudp(p, s, &a);
return 0;
}
case C_THROTTLE: { // Receive a forwarded packet from a slave.
if (!config->cluster_iam_master) {
- log(0,0,0,0, "I'm not the master, but I got a C_THROTTLE from %s?\n", inet_toa(addr));
+ LOG(0,0,0,0, "I'm not the master, but I got a C_THROTTLE from %s?\n", inet_toa(addr));
return -1;
}
case C_GARDEN:
// Receive a walled garden packet from a slave.
if (!config->cluster_iam_master) {
- log(0,0,0,0, "I'm not the master, but I got a C_GARDEN from %s?\n", inet_toa(addr));
+ LOG(0,0,0,0, "I'm not the master, but I got a C_GARDEN from %s?\n", inet_toa(addr));
return -1;
}
case C_KILL: // The master asked us to die!? (usually because we're too out of date).
if (config->cluster_iam_master) {
- log(0,0,0,0, "_I_ am master, but I received a C_KILL from %s! (Seq# %d)\n", inet_toa(addr), more);
+ LOG(0,0,0,0, "_I_ am master, but I received a C_KILL from %s! (Seq# %d)\n", inet_toa(addr), more);
return -1;
}
if (more != config->cluster_seq_number) {
- log(0,0,0,0, "The master asked us to die but the seq number didn't match!?\n");
+ LOG(0,0,0,0, "The master asked us to die but the seq number didn't match!?\n");
return -1;
}
if (addr != config->cluster_master_address) {
- log(0,0,0,0, "Received a C_KILL from %s which doesn't match config->cluster_master_address (%x)\n",
+ LOG(0,0,0,0, "Received a C_KILL from %s which doesn't match config->cluster_master_address (%x)\n",
inet_toa(addr), config->cluster_master_address);
// We can only warn about it. The master might really have switched!
}
- log(0,0,0,0, "Received a valid C_KILL: I'm going to die now.\n");
+ LOG(0,0,0,0, "Received a valid C_KILL: I'm going to die now.\n");
kill(0, SIGTERM);
exit(0); // Lets be paranoid;
return -1; // Just signalling the compiler.
case C_HEARTBEAT:
- log(4,0,0,0, "Got a heartbeat from %s\n", inet_toa(addr));
+ LOG(4,0,0,0, "Got a heartbeat from %s\n", inet_toa(addr));
return cluster_process_heartbeat(data, size, more, p, addr);
default:
- log(0,0,0,0, "Strange type packet received on cluster socket (%d)\n", type);
+ LOG(0,0,0,0, "Strange type packet received on cluster socket (%d)\n", type);
return -1;
}
return 0;
shortpacket:
- log(0,0,0,0, "I got a _short_ cluster heartbeat packet! This means I'm probably out of sync!!\n");
+ LOG(0,0,0,0, "I got a _short_ cluster heartbeat packet! This means I'm probably out of sync!!\n");
return -1;
}
/* walled garden */
-char const *cvs_id = "$Id: garden.c,v 1.10 2004-11-05 02:39:35 bodea Exp $";
+char const *cvs_id = "$Id: garden.c,v 1.11 2004-11-05 04:55:27 bodea Exp $";
int __plugin_api_version = 1;
static struct pluginfuncs *p = 0;
// Ignore if user authentication was successful
if (data->auth_allowed) return PLUGIN_RET_OK;
- p->_log(3, 0, 0, 0, "Walled Garden allowing login\n");
+ p->log(3, 0, 0, 0, "Walled Garden allowing login\n");
data->auth_allowed = 1;
data->s->walled_garden = 1;
return PLUGIN_RET_OK;
sprintf((data->response + data->response_length), "%s", errormsg);
data->response_length += strlen(errormsg) + 1;
- p->_log(3, 0, 0, 0, "Unknown session %d\n", session);
+ p->log(3, 0, 0, 0, "Unknown session %d\n", session);
return PLUGIN_RET_STOP;
}
*(short *)(data->response + 2) = ntohs(PKT_RESP_OK);
for (i = 0; up_commands[i] && *up_commands[i]; i++)
{
- p->_log(3, 0, 0, 0, "Running %s\n", up_commands[i]);
+ p->log(3, 0, 0, 0, "Running %s\n", up_commands[i]);
system(up_commands[i]);
}
if (flag == 1)
{
- p->_log(2, 0, 0, s->tunnel, "Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
+ p->log(2, 0, 0, s->tunnel, "Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
snprintf(cmd, sizeof(cmd), "iptables -t nat -A garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
- p->_log(3, 0, 0, s->tunnel, "%s\n", cmd);
+ p->log(3, 0, 0, s->tunnel, "%s\n", cmd);
system(cmd);
s->walled_garden = 1;
}
int count = 40;
// Normal User
- p->_log(2, 0, 0, s->tunnel, "Un-Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
+ p->log(2, 0, 0, s->tunnel, "Un-Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
// Kick off any duplicate usernames
// but make sure not to kick off ourself
if (s->ip && !s->die && (other = p->get_session_by_username(s->user)) && s != p->get_session_by_id(other)) {
s->pin = s->pout = 0;
snprintf(cmd, sizeof(cmd), "iptables -t nat -D garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
- p->_log(3, 0, 0, s->tunnel, "%s\n", cmd);
+ p->log(3, 0, 0, s->tunnel, "%s\n", cmd);
while (--count)
{
int status = system(cmd);
int i;
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
- p->_log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
+ p->log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
system(down_commands[i]);
}
}
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
- p->_log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
+ p->log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
system(down_commands[i]);
}
}
// Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced
// vim: sw=8 ts=8
-char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.43 2004-11-05 02:47:47 bodea Exp $";
+char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.44 2004-11-05 04:55:27 bodea Exp $";
#include <arpa/inet.h>
#include <assert.h>
//
-// Log a debug message.
+// Log a debug message. Typically called vias LOG macro
//
void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...)
{
if (config->debug < level) return;
- // No support for log_hex to syslog
+ // No support for _log_hex to syslog
if (log_stream)
{
_log(level, 0, 0, 0, "%s (%d bytes):\n", title, maxsize);
else if (mask == 0xffffffff)
r.rt_flags |= RTF_HOST;
- log(1, ip, 0, 0, "Route %s %u.%u.%u.%u/%u.%u.%u.%u %u.%u.%u.%u\n",
+ LOG(1, ip, 0, 0, "Route %s %u.%u.%u.%u/%u.%u.%u.%u %u.%u.%u.%u\n",
add ? "add" : "del",
ip >> 24, ip >> 16 & 0xff, ip >> 8 & 0xff, ip & 0xff,
mask >> 24, mask >> 16 & 0xff, mask >> 8 & 0xff, mask & 0xff,
gw >> 24, gw >> 16 & 0xff, gw >> 8 & 0xff, gw & 0xff);
if (ioctl(ifrfd, add ? SIOCADDRT : SIOCDELRT, (void *) &r) < 0)
- log(0, 0, 0, 0, "routeset() error in ioctl: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "routeset() error in ioctl: %s\n", strerror(errno));
#ifdef BGP
if (add)
tunfd = open(TUNDEVICE, O_RDWR);
if (tunfd < 0)
{ // fatal
- log(0, 0, 0, 0, "Can't open %s: %s\n", TUNDEVICE, strerror(errno));
+ LOG(0, 0, 0, 0, "Can't open %s: %s\n", TUNDEVICE, strerror(errno));
exit(1);
}
{
}
if (ioctl(tunfd, TUNSETIFF, (void *) &ifr) < 0)
{
- log(0, 0, 0, 0, "Can't set tun interface: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Can't set tun interface: %s\n", strerror(errno));
exit(1);
}
assert(strlen(ifr.ifr_name) < sizeof(config->tundevice));
if (ioctl(ifrfd, SIOCSIFADDR, (void *) &ifr) < 0)
{
- log(0, 0, 0, 0, "Error setting tun address: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error setting tun address: %s\n", strerror(errno));
exit(1);
}
/* Bump up the qlen to deal with bursts from the network */
ifr.ifr_qlen = 1000;
if (ioctl(ifrfd, SIOCSIFTXQLEN, (void *) &ifr) < 0)
{
- log(0, 0, 0, 0, "Error setting tun queue length: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error setting tun queue length: %s\n", strerror(errno));
exit(1);
}
ifr.ifr_flags = IFF_UP;
if (ioctl(ifrfd, SIOCSIFFLAGS, (void *) &ifr) < 0)
{
- log(0, 0, 0, 0, "Error setting tun flags: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error setting tun flags: %s\n", strerror(errno));
exit(1);
}
if (ioctl(ifrfd, SIOCGIFINDEX, (void *) &ifr) < 0)
{
- log(0, 0, 0, 0, "Error setting tun ifindex: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error setting tun ifindex: %s\n", strerror(errno));
exit(1);
}
tunidx = ifr.ifr_ifindex;
}
if (bind(udpfd, (void *) &addr, sizeof(addr)) < 0)
{
- log(0, 0, 0, 0, "Error in UDP bind: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error in UDP bind: %s\n", strerror(errno));
exit(1);
}
snoopfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
setsockopt(controlfd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
if (bind(controlfd, (void *) &addr, sizeof(addr)) < 0)
{
- log(0, 0, 0, 0, "Error in control bind: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error in control bind: %s\n", strerror(errno));
exit(1);
}
}
d[(size_t) a[3]] = (char *)((int)s);
if (s > 0)
- log(4, ip, s, session[s].tunnel, "Caching ip address %s\n", inet_toa(nip));
+ LOG(4, ip, s, session[s].tunnel, "Caching ip address %s\n", inet_toa(nip));
else if (s == 0)
- log(4, ip, 0, 0, "Un-caching ip address %s\n", inet_toa(nip));
+ LOG(4, ip, 0, 0, "Un-caching ip address %s\n", inet_toa(nip));
// else a map to an ip pool index.
}
s = socket(PF_INET, SOCK_DGRAM, 0);
if (s < 0)
{
- log(0, 0, 0, 0, "Error creating socket for GARP: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error creating socket for GARP: %s\n", strerror(errno));
return;
}
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, "eth0", sizeof(ifr.ifr_name) - 1);
if (ioctl(s, SIOCGIFHWADDR, &ifr) < 0)
{
- log(0, 0, 0, 0, "Error getting eth0 hardware address for GARP: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error getting eth0 hardware address for GARP: %s\n", strerror(errno));
close(s);
return;
}
memcpy(mac, &ifr.ifr_hwaddr.sa_data, 6*sizeof(char));
if (ioctl(s, SIOCGIFINDEX, &ifr) < 0)
{
- log(0, 0, 0, 0, "Error getting eth0 interface index for GARP: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error getting eth0 interface index for GARP: %s\n", strerror(errno));
close(s);
return;
}
if (!t)
{
static int backtrace_count = 0;
- log(0, 0, 0, t, "tunnelsend called with 0 as tunnel id\n");
+ LOG(0, 0, 0, t, "tunnelsend called with 0 as tunnel id\n");
STAT(tunnel_tx_errors);
log_backtrace(backtrace_count, 5)
return;
if (!tunnel[t].ip)
{
static int backtrace_count = 0;
- log(1, 0, 0, t, "Error sending data out tunnel: no remote endpoint (tunnel not set up)\n");
+ LOG(1, 0, 0, t, "Error sending data out tunnel: no remote endpoint (tunnel not set up)\n");
log_backtrace(backtrace_count, 5)
STAT(tunnel_tx_errors);
return;
if (tunnel[t].try > 1)
{
STAT(tunnel_retries);
- log(3, tunnel[t].ip, 0, t, "Control message resend try %d\n", tunnel[t].try);
+ LOG(3, tunnel[t].ip, 0, t, "Control message resend try %d\n", tunnel[t].try);
}
}
if (sendto(udpfd, buf, l, 0, (void *) &addr, sizeof(addr)) < 0)
{
- log(0, tunnel[t].ip, ntohs((*(u16 *) (buf + 6))), t, "Error sending data out tunnel: %s (udpfd=%d, buf=%p, len=%d, dest=%s)\n",
+ LOG(0, tunnel[t].ip, ntohs((*(u16 *) (buf + 6))), t, "Error sending data out tunnel: %s (udpfd=%d, buf=%p, len=%d, dest=%s)\n",
strerror(errno), udpfd, buf, l, inet_ntoa(addr.sin_addr));
STAT(tunnel_tx_errors);
return;
}
- log_hex(5, "Send Tunnel Data", buf, l);
+ LOG_HEX(5, "Send Tunnel Data", buf, l);
STAT(tunnel_tx_packets);
INC_STAT(tunnel_tx_bytes, l);
}
if (len < MIN_IP_SIZE)
{
- log(1, 0, 0, 0, "Short IP, %d bytes\n", len);
+ LOG(1, 0, 0, 0, "Short IP, %d bytes\n", len);
STAT(tunnel_tx_errors);
return;
}
if (len >= MAXETHER)
{
- log(1, 0, 0, 0, "Oversize IP packet %d bytes\n", len);
+ LOG(1, 0, 0, 0, "Oversize IP packet %d bytes\n", len);
STAT(tunnel_tx_errors);
return;
}
// Got an IP header now
if (*(u8 *)(buf) >> 4 != 4)
{
- log(1, 0, 0, 0, "IP: Don't understand anything except IPv4\n");
+ LOG(1, 0, 0, 0, "IP: Don't understand anything except IPv4\n");
return;
}
if (rate++ < config->icmp_rate) // Only send a max of icmp_rate per second.
{
- log(4, 0, 0, 0, "IP: Sending ICMP host unreachable to %s\n", inet_toa(*(u32 *)(buf + 12)));
+ LOG(4, 0, 0, 0, "IP: Sending ICMP host unreachable to %s\n", inet_toa(*(u32 *)(buf + 12)));
host_unreachable(*(u32 *)(buf + 12), *(u16 *)(buf + 4), ip, buf, (len < 64) ? 64 : len);
}
return;
if (sp->snoop_ip && sp->snoop_port)
snoop_send_packet(buf, len, sp->snoop_ip, sp->snoop_port);
- log(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
+ LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
// Add on L2TP header
{
u8 *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIP);
if (!p)
{
- log(3, session[s].ip, s, t, "failed to send packet in processipout.\n");
+ LOG(3, session[s].ip, s, t, "failed to send packet in processipout.\n");
return;
}
tunnelsend(b, len + (p-b), t); // send it...
if (len < 0 || len > MAXETHER)
{
- log(1,0,0,0, "Odd size IP packet: %d bytes\n", len);
+ LOG(1,0,0,0, "Odd size IP packet: %d bytes\n", len);
return;
}
t = session[s].tunnel;
sp = &session[s];
- log(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
+ LOG(5, session[s].ip, s, t, "Ethernet -> Tunnel (%d bytes)\n", len);
// Snooping this session.
if (sp->snoop_ip && sp->snoop_port)
u8 *p = makeppp(b, sizeof(b), buf, len, t, s, PPPIP);
if (!p)
{
- log(3, session[s].ip, s, t, "failed to send packet in send_ipout.\n");
+ LOG(3, session[s].ip, s, t, "failed to send packet in send_ipout.\n");
return;
}
tunnelsend(b, len + (p-b), t); // send it...
if (!session[s].tunnel)
{
- log(3, session[s].ip, s, session[s].tunnel, "Called sessionshutdown on a session with no tunnel.\n");
+ LOG(3, session[s].ip, s, session[s].tunnel, "Called sessionshutdown on a session with no tunnel.\n");
return; // not a live session
}
if (!dead)
- log(2, 0, s, session[s].tunnel, "Shutting down session %d: %s\n", s, reason);
+ LOG(2, 0, s, session[s].tunnel, "Shutting down session %d: %s\n", s, reason);
session[s].die = now() + 150; // Clean up in 15 seconds
{
if (!(r = radiusnew(s)))
{
- log(1, 0, s, session[s].tunnel, "No free RADIUS sessions for Stop message\n");
+ LOG(1, 0, s, session[s].tunnel, "No free RADIUS sessions for Stop message\n");
STAT(radius_overflow);
}
else
q = makeppp(buf,sizeof(buf), 0, 0, t, s, PPPIPCP);
if (!q)
{
- log(3, session[s].ip, s, t, "failed to send packet in sendipcp.\n");
+ LOG(3, session[s].ip, s, t, "failed to send packet in sendipcp.\n");
return;
}
if (session[s].radius)
radiusclear(session[s].radius, s); // cant send clean accounting data, session is killed
- log(2, 0, s, session[s].tunnel, "Kill session %d (%s): %s\n", s, session[s].user, reason);
+ LOG(2, 0, s, session[s].tunnel, "Kill session %d (%s): %s\n", s, session[s].user, reason);
memset(&session[s], 0, sizeof(session[s]));
session[s].tunnel = T_FREE; // Mark it as free.
// free tunnel
tunnelclear(t);
- log(1, 0, 0, t, "Kill tunnel %d: %s\n", t, reason);
+ LOG(1, 0, 0, t, "Kill tunnel %d: %s\n", t, reason);
cli_tunnel_actions[s].action = 0;
cluster_send_tunnel(t);
}
tunnelkill(t, reason);
return;
}
- log(1, 0, 0, t, "Shutting down tunnel %d (%s)\n", t, reason);
+ LOG(1, 0, 0, t, "Shutting down tunnel %d (%s)\n", t, reason);
// close session
for (s = 1; s < MAXSESSION; s++)
udp_rx += len;
udp_rx_pkt++;
- log_hex(5, "UDP Data", buf, len);
+ LOG_HEX(5, "UDP Data", buf, len);
STAT(tunnel_rx_packets);
INC_STAT(tunnel_rx_bytes, len);
if (len < 6)
{
- log(1, ntohl(addr->sin_addr.s_addr), 0, 0, "Short UDP, %d bytes\n", len);
+ LOG(1, ntohl(addr->sin_addr.s_addr), 0, 0, "Short UDP, %d bytes\n", len);
STAT(tunnel_rx_errors);
return;
}
if ((buf[1] & 0x0F) != 2)
{
- log(1, ntohl(addr->sin_addr.s_addr), 0, 0, "Bad L2TP ver %d\n", (buf[1] & 0x0F) != 2);
+ LOG(1, ntohl(addr->sin_addr.s_addr), 0, 0, "Bad L2TP ver %d\n", (buf[1] & 0x0F) != 2);
STAT(tunnel_rx_errors);
return;
}
p += 2;
if (s >= MAXSESSION)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Received UDP packet with invalid session ID\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Received UDP packet with invalid session ID\n");
STAT(tunnel_rx_errors);
return;
}
if (t >= MAXTUNNEL)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Received UDP packet with invalid tunnel ID\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Received UDP packet with invalid tunnel ID\n");
STAT(tunnel_rx_errors);
return;
}
}
if ((p - buf) > l)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Bad length %d>%d\n", (p - buf), l);
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Bad length %d>%d\n", (p - buf), l);
STAT(tunnel_rx_errors);
return;
}
if ((*buf & 0xCA) != 0xC8)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Bad control header %02X\n", *buf);
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Bad control header %02X\n", *buf);
STAT(tunnel_rx_errors);
return;
}
- log(3, ntohl(addr->sin_addr.s_addr), s, t, "Control message (%d bytes): (unacked %d) l-ns %d l-nr %d r-ns %d r-nr %d\n",
+ LOG(3, ntohl(addr->sin_addr.s_addr), s, t, "Control message (%d bytes): (unacked %d) l-ns %d l-nr %d r-ns %d r-nr %d\n",
l, tunnel[t].controlc, tunnel[t].ns, tunnel[t].nr, ns, nr);
// if no tunnel specified, assign one
if (!t)
{
if (!(t = new_tunnel()))
{
- log(1, ntohl(addr->sin_addr.s_addr), 0, 0, "No more tunnels\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), 0, 0, "No more tunnels\n");
STAT(tunnel_overflow);
return;
}
tunnel[t].ip = ntohl(*(ipt *) & addr->sin_addr);
tunnel[t].port = ntohs(addr->sin_port);
tunnel[t].window = 4; // default window
- log(1, ntohl(addr->sin_addr.s_addr), 0, t, " New tunnel from %u.%u.%u.%u/%u ID %d\n", tunnel[t].ip >> 24, tunnel[t].ip >> 16 & 255, tunnel[t].ip >> 8 & 255, tunnel[t].ip & 255, tunnel[t].port, t);
+ LOG(1, ntohl(addr->sin_addr.s_addr), 0, t, " New tunnel from %u.%u.%u.%u/%u ID %d\n", tunnel[t].ip >> 24, tunnel[t].ip >> 16 & 255, tunnel[t].ip >> 8 & 255, tunnel[t].ip & 255, tunnel[t].port, t);
STAT(tunnel_created);
}
if (ns != tunnel[t].nr)
{
// is this the sequence we were expecting?
- log(1, ntohl(addr->sin_addr.s_addr), 0, t, " Out of sequence tunnel %d, (%d is not the expected %d)\n", t, ns, tunnel[t].nr);
+ LOG(1, ntohl(addr->sin_addr.s_addr), 0, t, " Out of sequence tunnel %d, (%d is not the expected %d)\n", t, ns, tunnel[t].nr);
STAT(tunnel_rx_errors);
if (l) // Is this not a ZLB?
p += n; // next
if (l < n)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Invalid length in AVP\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Invalid length in AVP\n");
STAT(tunnel_rx_errors);
fatal = flags;
return;
// handle hidden AVPs
if (!*config->l2tpsecret)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Hidden AVP requested, but no L2TP secret.\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Hidden AVP requested, but no L2TP secret.\n");
fatal = flags;
continue;
}
if (!session[s].random_vector_length)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Hidden AVP requested, but no random vector.\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Hidden AVP requested, but no random vector.\n");
fatal = flags;
continue;
}
- log(4, ntohl(addr->sin_addr.s_addr), s, t, "Hidden AVP\n");
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, "Hidden AVP\n");
// Unhide the AVP
n = unhide_avp(b, t, s, n);
if (n == 0)
}
if (*b & 0x3C)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Unrecognised AVP flags %02X\n", *b);
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Unrecognised AVP flags %02X\n", *b);
fatal = flags;
continue; // next
}
b += 2;
if (*(u16 *) (b))
{
- log(2, ntohl(addr->sin_addr.s_addr), s, t, "Unknown AVP vendor %d\n", ntohs(*(u16 *) (b)));
+ LOG(2, ntohl(addr->sin_addr.s_addr), s, t, "Unknown AVP vendor %d\n", ntohs(*(u16 *) (b)));
fatal = flags;
continue; // next
}
b += 2;
n -= 6;
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " AVP %d (%s) len %d\n", mtype, avpnames[mtype], n);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " AVP %d (%s) len %d\n", mtype, avpnames[mtype], n);
switch (mtype)
{
case 0: // message type
message = ntohs(*(u16 *) b);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Message type = %d (%s)\n", *b,
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Message type = %d (%s)\n", *b,
l2tp_message_types[message]);
mandatorymessage = flags;
break;
resdesc = cdn_result_codes[rescode];
}
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Result Code %d: %s\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Result Code %d: %s\n",
rescode, resdesc);
if (n >= 4)
{
const char* errdesc = "(unknown)";
if (errcode <= MAX_ERROR_CODE)
errdesc = error_codes[errcode];
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Error Code %d: %s\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Error Code %d: %s\n",
errcode, errdesc);
}
if (n > 4)
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Error String: %.*s\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Error String: %.*s\n",
n-4, b+4);
break;
case 2: // protocol version
{
version = ntohs(*(u16 *) (b));
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Protocol version = %d\n", version);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Protocol version = %d\n", version);
if (version && version != 0x0100)
{ // allow 0.0 and 1.0
- log(1, ntohl(addr->sin_addr.s_addr), s, t, " Bad protocol version %04X\n",
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, " Bad protocol version %04X\n",
version);
fatal = flags;
continue; // next
}
break;
case 3: // framing capabilities
-// log(4, ntohl(addr->sin_addr.s_addr), s, t, "Framing capabilities\n");
+// LOG(4, ntohl(addr->sin_addr.s_addr), s, t, "Framing capabilities\n");
break;
case 4: // bearer capabilities
-// log(4, ntohl(addr->sin_addr.s_addr), s, t, "Bearer capabilities\n");
+// LOG(4, ntohl(addr->sin_addr.s_addr), s, t, "Bearer capabilities\n");
break;
case 5: // tie breaker
// We never open tunnels, so we don't care about tie breakers
-// log(4, ntohl(addr->sin_addr.s_addr), s, t, "Tie breaker\n");
+// LOG(4, ntohl(addr->sin_addr.s_addr), s, t, "Tie breaker\n");
continue;
case 6: // firmware revision
-// log(4, ntohl(addr->sin_addr.s_addr), s, t, "Firmware revision\n");
+// LOG(4, ntohl(addr->sin_addr.s_addr), s, t, "Firmware revision\n");
break;
case 7: // host name
memset(tunnel[t].hostname, 0, 128);
memcpy(tunnel[t].hostname, b, (n >= 127) ? 127 : n);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Tunnel hostname = \"%s\"\n", tunnel[t].hostname);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Tunnel hostname = \"%s\"\n", tunnel[t].hostname);
// TBA - to send to RADIUS
break;
case 8: // vendor name
memset(tunnel[t].vendor, 0, sizeof(tunnel[t].vendor));
memcpy(tunnel[t].vendor, b, (n >= sizeof(tunnel[t].vendor) - 1) ? sizeof(tunnel[t].vendor) - 1 : n);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Vendor name = \"%s\"\n", tunnel[t].vendor);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Vendor name = \"%s\"\n", tunnel[t].vendor);
break;
case 9: // assigned tunnel
tunnel[t].far = ntohs(*(u16 *) (b));
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Remote tunnel id = %d\n", tunnel[t].far);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Remote tunnel id = %d\n", tunnel[t].far);
break;
case 10: // rx window
tunnel[t].window = ntohs(*(u16 *) (b));
if (!tunnel[t].window)
tunnel[t].window = 1; // window of 0 is silly
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " rx window = %d\n", tunnel[t].window);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " rx window = %d\n", tunnel[t].window);
break;
case 11: // Challenge
{
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " LAC requested CHAP authentication for tunnel\n");
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " LAC requested CHAP authentication for tunnel\n");
build_chap_response(b, 2, n, &chapresponse);
}
break;
case 13: // Response
// Why did they send a response? We never challenge.
- log(2, ntohl(addr->sin_addr.s_addr), s, t, " received unexpected challenge response\n");
+ LOG(2, ntohl(addr->sin_addr.s_addr), s, t, " received unexpected challenge response\n");
break;
case 14: // assigned session
asession = session[s].far = ntohs(*(u16 *) (b));
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " assigned session = %d\n", asession);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " assigned session = %d\n", asession);
break;
case 15: // call serial number
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " call serial number = %d\n", ntohl(*(u32 *)b));
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " call serial number = %d\n", ntohl(*(u32 *)b));
break;
case 18: // bearer type
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " bearer type = %d\n", ntohl(*(u32 *)b));
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " bearer type = %d\n", ntohl(*(u32 *)b));
// TBA - for RADIUS
break;
case 19: // framing type
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " framing type = %d\n", ntohl(*(u32 *)b));
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " framing type = %d\n", ntohl(*(u32 *)b));
// TBA
break;
case 21: // called number
memset(called, 0, MAXTEL);
memcpy(called, b, (n >= MAXTEL) ? (MAXTEL-1) : n);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Called <%s>\n", called);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Called <%s>\n", called);
break;
case 22: // calling number
memset(calling, 0, MAXTEL);
memcpy(calling, b, (n >= MAXTEL) ? (MAXTEL-1) : n);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Calling <%s>\n", calling);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Calling <%s>\n", calling);
break;
case 23: // subtype
break;
memcpy(tmp, b, (n >= 30) ? 30 : n);
session[s].tx_connect_speed = atol(tmp);
}
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " TX connect speed <%u>\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " TX connect speed <%u>\n",
session[s].tx_connect_speed);
break;
case 38: // rx connect speed
memcpy(tmp, b, (n >= 30) ? 30 : n);
session[s].rx_connect_speed = atol(tmp);
}
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " RX connect speed <%u>\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " RX connect speed <%u>\n",
session[s].rx_connect_speed);
break;
case 25: // Physical Channel ID
{
u32 tmp = ntohl(*(u32 *)b);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Physical Channel ID <%X>\n", tmp);
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Physical Channel ID <%X>\n", tmp);
break;
}
case 29: // Proxy Authentication Type
{
u16 authtype = ntohs(*(u16 *)b);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Type %d (%s)\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Type %d (%s)\n",
authtype, authtypes[authtype]);
requestchap = (authtype == 2);
break;
{
char authname[64] = {0};
memcpy(authname, b, (n > 63) ? 63 : n);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Name (%s)\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Name (%s)\n",
authname);
break;
}
case 31: // Proxy Authentication Challenge
{
memcpy(radius[session[s].radius].auth, b, 16);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Challenge\n");
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Challenge\n");
break;
}
case 32: // Proxy Authentication ID
{
u16 authid = ntohs(*(u16 *)(b));
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth ID (%d)\n",
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth ID (%d)\n",
authid);
if (session[s].radius)
radius[session[s].radius].id = authid;
{
char authresp[64] = {0};
memcpy(authresp, b, (n > 63) ? 63 : n);
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Response\n");
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Proxy Auth Response\n");
break;
}
case 27: // last send lcp
case 39: // seq required - we control it as an LNS anyway...
break;
case 36: // Random Vector
- log(4, ntohl(addr->sin_addr.s_addr), s, t, " Random Vector received. Enabled AVP Hiding.\n");
+ LOG(4, ntohl(addr->sin_addr.s_addr), s, t, " Random Vector received. Enabled AVP Hiding.\n");
memset(session[s].random_vector, 0, sizeof(session[s].random_vector));
memcpy(session[s].random_vector, b, n);
session[s].random_vector_length = n;
break;
default:
- log(2, ntohl(addr->sin_addr.s_addr), s, t, " Unknown AVP type %d\n", mtype);
+ LOG(2, ntohl(addr->sin_addr.s_addr), s, t, " Unknown AVP type %d\n", mtype);
fatal = flags;
continue; // next
}
// make a RADIUS session
if (!(r = radiusnew(s)))
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "No free RADIUS sessions for ICRQ\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "No free RADIUS sessions for ICRQ\n");
sessionkill(s, "no free RADIUS sesions");
return;
}
session[s].tunnel = t;
session[s].far = asession;
session[s].last_packet = time_now;
- log(3, ntohl(addr->sin_addr.s_addr), s, t, "New session (%d/%d)\n", tunnel[t].far, session[s].far);
+ LOG(3, ntohl(addr->sin_addr.s_addr), s, t, "New session (%d/%d)\n", tunnel[t].far, session[s].far);
control16(c, 14, s, 1); // assigned session
controladd(c, t, s); // send the reply
{
if (amagic == 0) amagic = time_now;
session[s].magic = amagic; // set magic number
session[s].l2tp_flags = aflags; // set flags received
- log(3, ntohl(addr->sin_addr.s_addr), s, t, "Magic %X Flags %X\n", amagic, aflags);
+ LOG(3, ntohl(addr->sin_addr.s_addr), s, t, "Magic %X Flags %X\n", amagic, aflags);
controlnull(t); // ack
// In CHAP state, request PAP instead
if (requestchap)
sessionshutdown(s, "Closed (Received CDN)");
break;
case 0xFFFF:
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Missing message type\n");
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Missing message type\n");
break;
default:
STAT(tunnel_rx_errors);
if (mandatorymessage & 0x80)
tunnelshutdown(t, "Unknown message");
else
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Unknown message type %d\n", message);
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Unknown message type %d\n", message);
break;
}
if (chapresponse) free(chapresponse);
}
else
{
- log(4, 0, s, t, " Got a ZLB ack\n");
+ LOG(4, 0, s, t, " Got a ZLB ack\n");
}
}
else
{ // data
u16 prot;
- log_hex(5, "Receive Tunnel Data", p, l);
+ LOG_HEX(5, "Receive Tunnel Data", p, l);
if (l > 2 && p[0] == 0xFF && p[1] == 0x03)
{ // HDLC address header, discard
p += 2;
}
if (l < 2)
{
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Short ppp length %d\n", l);
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Short ppp length %d\n", l);
STAT(tunnel_rx_errors);
return;
}
}
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "UDP packet contains session %d "
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "UDP packet contains session %d "
"but no session[%d].tunnel exists (LAC said"
" tunnel = %d). Dropping packet.\n", s, s, t);
STAT(tunnel_rx_errors);
if (session[s].die)
{
- log(3, ntohl(addr->sin_addr.s_addr), s, t, "Session %d is closing. Don't process PPP packets\n", s);
+ LOG(3, ntohl(addr->sin_addr.s_addr), s, t, "Session %d is closing. Don't process PPP packets\n", s);
// I'm pretty sure this isn't right -- mo.
// return; // closing session, PPP not processed
}
else
{
STAT(tunnel_rx_errors);
- log(1, ntohl(addr->sin_addr.s_addr), s, t, "Unknown PPP protocol %04X\n", prot);
+ LOG(1, ntohl(addr->sin_addr.s_addr), s, t, "Unknown PPP protocol %04X\n", prot);
}
}
}
// read and process packet on tun
void processtun(u8 * buf, int len)
{
- log_hex(5, "Receive TUN Data", buf, len);
+ LOG_HEX(5, "Receive TUN Data", buf, len);
STAT(tun_rx_packets);
INC_STAT(tun_rx_bytes, len);
eth_rx += len;
if (len < 22)
{
- log(1, 0, 0, 0, "Short tun packet %d bytes\n", len);
+ LOG(1, 0, 0, 0, "Short tun packet %d bytes\n", len);
STAT(tun_rx_errors);
return;
}
static clockt next_acct = 0;
int a;
- log(3, 0, 0, 0, "Begin regular cleanup\n");
+ LOG(3, 0, 0, 0, "Begin regular cleanup\n");
for (r = 1; r < MAXRADIUS; r++)
{
{
controlt *c = controlnew(6); // sending HELLO
controladd(c, t, 0); // send the message
- log(3, tunnel[t].ip, 0, t, "Sending HELLO message\n");
+ LOG(3, tunnel[t].ip, 0, t, "Sending HELLO message\n");
}
// Check for tunnel changes requested from the CLI
cli_tunnel_actions[t].action = 0;
if (a & CLI_TUN_KILL)
{
- log(2, tunnel[t].ip, 0, t, "Dropping tunnel by CLI\n");
+ LOG(2, tunnel[t].ip, 0, t, "Dropping tunnel by CLI\n");
tunnelshutdown(t, "Requested by administrator");
}
}
if (!session[s].die && session[s].ip && !(session[s].flags & SF_IPCP_ACKED))
{
// IPCP has not completed yet. Resend
- log(3, session[s].ip, s, session[s].tunnel, "No ACK for initial IPCP ConfigReq... resending\n");
+ LOG(3, session[s].ip, s, session[s].tunnel, "No ACK for initial IPCP ConfigReq... resending\n");
sendipcp(session[s].tunnel, s);
}
u8 *q = makeppp(b, sizeof(b), 0, 0, session[s].tunnel, s, PPPLCP);
if (!q)
{
- log(3, session[s].ip, s, t, "failed to send ECHO packet.\n");
+ LOG(3, session[s].ip, s, t, "failed to send ECHO packet.\n");
continue;
}
*(u16 *)(q + 2) = htons(8); // Length
*(u32 *)(q + 4) = 0; // Magic Number (not supported)
- log(4, session[s].ip, s, session[s].tunnel, "No data in %d seconds, sending LCP ECHO\n",
+ LOG(4, session[s].ip, s, session[s].tunnel, "No data in %d seconds, sending LCP ECHO\n",
(int)(time_now - session[s].last_packet));
tunnelsend(b, 24, session[s].tunnel); // send it
if (++count >= MAX_ACTIONS) break;
cli_session_actions[s].action = 0;
if (a & CLI_SESS_KILL)
{
- log(2, 0, s, session[s].tunnel, "Dropping session by CLI\n");
+ LOG(2, 0, s, session[s].tunnel, "Dropping session by CLI\n");
sessionshutdown(s, "Requested by administrator");
a = 0; // dead, no need to check for other actions
}
if (a & CLI_SESS_NOSNOOP)
{
- log(2, 0, s, session[s].tunnel, "Unsnooping session by CLI\n");
+ LOG(2, 0, s, session[s].tunnel, "Unsnooping session by CLI\n");
session[s].snoop_ip = 0;
session[s].snoop_port = 0;
send++;
}
else if (a & CLI_SESS_SNOOP)
{
- log(2, 0, s, session[s].tunnel, "Snooping session by CLI (to %s:%d)\n",
+ LOG(2, 0, s, session[s].tunnel, "Snooping session by CLI (to %s:%d)\n",
inet_toa(cli_session_actions[s].snoop_ip), cli_session_actions[s].snoop_port);
session[s].snoop_ip = cli_session_actions[s].snoop_ip;
if (a & CLI_SESS_NOTHROTTLE)
{
- log(2, 0, s, session[s].tunnel, "Un-throttling session by CLI\n");
+ LOG(2, 0, s, session[s].tunnel, "Un-throttling session by CLI\n");
throttle_session(s, 0, 0);
send++;
}
else if (a & CLI_SESS_THROTTLE)
{
- log(2, 0, s, session[s].tunnel, "Throttling session by CLI (to %dkb/s up and %dkb/s down)\n",
+ LOG(2, 0, s, session[s].tunnel, "Throttling session by CLI (to %dkb/s up and %dkb/s down)\n",
cli_session_actions[s].throttle_in,
cli_session_actions[s].throttle_out);
if (count >= MAX_ACTIONS)
return 1; // Didn't finish!
- log(3, 0, 0, 0, "End regular cleanup (%d actions), next in %d seconds\n", count, config->cleanup_interval);
+ LOG(3, 0, 0, 0, "End regular cleanup (%d actions), next in %d seconds\n", count, config->cleanup_interval);
return 0;
}
if (last_talked != TIME)
{
- log(2,0,0,0, "Tunnel %d still has un-acked control messages.\n", i);
+ LOG(2,0,0,0, "Tunnel %d still has un-acked control messages.\n", i);
last_talked = TIME;
}
return 1;
// We stop waiting for radius after BUSY_WAIT_TIME 1/10th seconds
if (abs(TIME - start_busy_wait) > BUSY_WAIT_TIME)
{
- log(1, 0, 0, 0, "Giving up waiting for RADIUS to be empty. Shutting down anyway.\n");
+ LOG(1, 0, 0, 0, "Giving up waiting for RADIUS to be empty. Shutting down anyway.\n");
return 0;
}
if (last_talked != TIME)
{
- log(2,0,0,0, "Radius session %d is still busy (sid %d)\n", i, radius[i].session);
+ LOG(2,0,0,0, "Radius session %d is still busy (sid %d)\n", i, radius[i].session);
last_talked = TIME;
}
return 1;
clockt next_cluster_ping = 0; // send initial ping immediately
time_t next_clean = time_now + config->cleanup_interval;
- log(4, 0, 0, 0, "Beginning of main loop. udpfd=%d, tunfd=%d, cluster_sockfd=%d, controlfd=%d\n",
+ LOG(4, 0, 0, 0, "Beginning of main loop. udpfd=%d, tunfd=%d, cluster_sockfd=%d, controlfd=%d\n",
udpfd, tunfd, cluster_sockfd, controlfd);
FD_ZERO(&readset);
errno == ECHILD) // EINTR was clobbered by sigchild_handler()
continue;
- log(0, 0, 0, 0, "Error returned from select(): %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error returned from select(): %s\n", strerror(errno));
main_quit++;
break;
}
if ((sockfd = accept(clifd, (struct sockaddr *)&addr, &len)) <= 0)
{
- log(0, 0, 0, 0, "accept error: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "accept error: %s\n", strerror(errno));
continue;
}
else
if (!(_statistics = shared_malloc(sizeof(struct Tstats))))
{
- log(0, 0, 0, 0, "Error doing malloc for _statistics: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for _statistics: %s\n", strerror(errno));
exit(1);
}
if (!(config = shared_malloc(sizeof(struct configt))))
{
- log(0, 0, 0, 0, "Error doing malloc for configuration: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for configuration: %s\n", strerror(errno));
exit(1);
}
memset(config, 0, sizeof(struct configt));
if (!(tunnel = shared_malloc(sizeof(tunnelt) * MAXTUNNEL)))
{
- log(0, 0, 0, 0, "Error doing malloc for tunnels: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for tunnels: %s\n", strerror(errno));
exit(1);
}
if (!(session = shared_malloc(sizeof(sessiont) * MAXSESSION)))
{
- log(0, 0, 0, 0, "Error doing malloc for sessions: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for sessions: %s\n", strerror(errno));
exit(1);
}
if (!(sess_count = shared_malloc(sizeof(sessioncountt) * MAXSESSION)))
{
- log(0, 0, 0, 0, "Error doing malloc for sessions_count: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for sessions_count: %s\n", strerror(errno));
exit(1);
}
if (!(radius = shared_malloc(sizeof(radiust) * MAXRADIUS)))
{
- log(0, 0, 0, 0, "Error doing malloc for radius: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for radius: %s\n", strerror(errno));
exit(1);
}
if (!(ip_address_pool = shared_malloc(sizeof(ippoolt) * MAXIPPOOL)))
{
- log(0, 0, 0, 0, "Error doing malloc for ip_address_pool: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for ip_address_pool: %s\n", strerror(errno));
exit(1);
}
#ifdef RINGBUFFER
if (!(ringbuffer = shared_malloc(sizeof(struct Tringbuffer))))
{
- log(0, 0, 0, 0, "Error doing malloc for ringbuffer: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for ringbuffer: %s\n", strerror(errno));
exit(1);
}
memset(ringbuffer, 0, sizeof(struct Tringbuffer));
if (!(cli_session_actions = shared_malloc(sizeof(struct cli_session_actions) * MAXSESSION)))
{
- log(0, 0, 0, 0, "Error doing malloc for cli session actions: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for cli session actions: %s\n", strerror(errno));
exit(1);
}
memset(cli_session_actions, 0, sizeof(struct cli_session_actions) * MAXSESSION);
if (!(cli_tunnel_actions = shared_malloc(sizeof(struct cli_tunnel_actions) * MAXSESSION)))
{
- log(0, 0, 0, 0, "Error doing malloc for cli tunnel actions: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for cli tunnel actions: %s\n", strerror(errno));
exit(1);
}
memset(cli_tunnel_actions, 0, sizeof(struct cli_tunnel_actions) * MAXSESSION);
#ifdef BGP
if (!(bgp_peers = shared_malloc(sizeof(struct bgp_peer) * BGP_NUM_PEERS)))
{
- log(0, 0, 0, 0, "Error doing malloc for bgp: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error doing malloc for bgp: %s\n", strerror(errno));
exit(1);
}
#endif /* BGP */
if (best < 0)
{
- log(0, 0, s, session[s].tunnel, "assign_ip_address(): out of addresses\n");
+ LOG(0, 0, s, session[s].tunnel, "assign_ip_address(): out of addresses\n");
return 0;
}
strncpy(ip_address_pool[best].user, u, sizeof(ip_address_pool[best].user) - 1);
STAT(ip_allocated);
- log(4, ip_address_pool[best].address, s, session[s].tunnel,
+ LOG(4, ip_address_pool[best].address, s, session[s].tunnel,
"assign_ip_address(): %s ip address %d from pool\n", reuse ? "Reusing" : "Allocating", best);
return 1;
if (ipid < 1) // Not found in the pool either? good.
continue;
- log(0, 0, i, 0, "Session %d has an IP address (%s) that was marked static, but is in the pool (%d)!\n",
+ LOG(0, 0, i, 0, "Session %d has an IP address (%s) that was marked static, but is in the pool (%d)!\n",
i, inet_toa(session[i].ip), ipid);
// Fall through and process it as part of the pool.
if (ipid > MAXIPPOOL || ipid < 0)
{
- log(0, 0, i, 0, "Session %d has a pool IP that's not found in the pool! (%d)\n", i, ipid);
+ LOG(0, 0, i, 0, "Session %d has a pool IP that's not found in the pool! (%d)\n", i, ipid);
ipid = -1;
session[i].ip_pool_index = ipid;
continue;
++ip_pool_size;
if (ip_pool_size >= MAXIPPOOL)
{
- log(0,0,0,0, "Overflowed IP pool adding %s\n", inet_toa(htonl(addr)) );
+ LOG(0,0,0,0, "Overflowed IP pool adding %s\n", inet_toa(htonl(addr)) );
return;
}
}
if (!(f = fopen(IPPOOLFILE, "r")))
{
- log(0, 0, 0, 0, "Can't load pool file " IPPOOLFILE ": %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Can't load pool file " IPPOOLFILE ": %s\n", strerror(errno));
exit(1);
}
src = inet_addr(buf);
if (src == INADDR_NONE)
{
- log(0, 0, 0, 0, "Invalid address pool IP %s\n", buf);
+ LOG(0, 0, 0, 0, "Invalid address pool IP %s\n", buf);
exit(1);
}
// This entry is for a specific IP only
int numbits = 0;
u32 start = 0, mask = 0;
- log(2, 0, 0, 0, "Adding IP address range %s\n", buf);
+ LOG(2, 0, 0, 0, "Adding IP address range %s\n", buf);
*p++ = 0;
if (!*p || !(numbits = atoi(p)))
{
- log(0, 0, 0, 0, "Invalid pool range %s\n", buf);
+ LOG(0, 0, 0, 0, "Invalid pool range %s\n", buf);
continue;
}
start = ntohl(inet_addr(pool));
mask = (u32)(pow(2, numbits) - 1) << (32 - numbits);
// Add a static route for this pool
- log(5, 0, 0, 0, "Adding route for address pool %s/%u\n", inet_toa(htonl(start)), 32 + mask);
+ LOG(5, 0, 0, 0, "Adding route for address pool %s/%u\n", inet_toa(htonl(start)), 32 + mask);
routeset(0, start, mask, 0, 1);
add_to_ip_pool(start, mask);
}
}
fclose(f);
- log(1, 0, 0, 0, "IP address pool is %d addresses\n", ip_pool_size - 1);
+ LOG(1, 0, 0, 0, "IP address pool is %d addresses\n", ip_pool_size - 1);
}
void snoop_send_packet(char *packet, u16 size, ipt destination, u16 port)
snoop_addr.sin_addr.s_addr = destination;
snoop_addr.sin_port = ntohs(port);
- log(5, 0, 0, 0, "Snooping packet at %p (%d bytes) to %s:%d\n",
+ LOG(5, 0, 0, 0, "Snooping packet at %p (%d bytes) to %s:%d\n",
packet, size, inet_toa(snoop_addr.sin_addr.s_addr), htons(snoop_addr.sin_port));
if (sendto(snoopfd, packet, size, MSG_DONTWAIT | MSG_NOSIGNAL, (void *) &snoop_addr, sizeof(snoop_addr)) < 0)
- log(0, 0, 0, 0, "Error sending intercept packet: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error sending intercept packet: %s\n", strerror(errno));
STAT(packets_snooped);
}
time_t now = time(NULL);
if (!(f = fopen(filename, "w")))
{
- log(0, 0, 0, 0, "Can't write accounting info to %s: %s\n", filename, strerror(errno));
+ LOG(0, 0, 0, 0, "Can't write accounting info to %s: %s\n", filename, strerror(errno));
return ;
}
- log(3, 0, 0, 0, "Dumping accounting information to %s\n", filename);
+ LOG(3, 0, 0, 0, "Dumping accounting information to %s\n", filename);
fprintf(f, "# dslwatch.pl dump file V1.01\n"
"# host: %s\n"
"# time: %ld\n"
now - basetime);
}
- log(4, 0, 0, 0, "Dumping accounting information for %s\n", session[i].user);
+ LOG(4, 0, 0, 0, "Dumping accounting information for %s\n", session[i].user);
fprintf(f, "%s %s %d %u %u\n",
session[i].user, // username
inet_toa(htonl(session[i].ip)), // ip
read_config_file();
init_tbf(config->num_tbfs);
- log(0, 0, 0, 0, "L2TPNS version " VERSION "\n");
- log(0, 0, 0, 0, "Copyright (c) 2003, 2004 Optus Internet Engineering\n");
- log(0, 0, 0, 0, "Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced\n");
+ LOG(0, 0, 0, 0, "L2TPNS version " VERSION "\n");
+ LOG(0, 0, 0, 0, "Copyright (c) 2003, 2004 Optus Internet Engineering\n");
+ LOG(0, 0, 0, 0, "Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced\n");
{
struct rlimit rlim;
rlim.rlim_cur = RLIM_INFINITY;
rlim.rlim_max = RLIM_INFINITY;
// Remove the maximum core size
if (setrlimit(RLIMIT_CORE, &rlim) < 0)
- log(0, 0, 0, 0, "Can't set ulimit: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Can't set ulimit: %s\n", strerror(errno));
// Make core dumps go to /tmp
chdir("/tmp");
}
if (get_nprocs() < 2)
{
- log(0, 0, 0, 0, "Not using FIFO scheduler, there is only 1 processor in the system.\n");
+ LOG(0, 0, 0, 0, "Not using FIFO scheduler, there is only 1 processor in the system.\n");
config->scheduler_fifo = 0;
}
else
{
if ((ret = sched_setscheduler(0, SCHED_FIFO, ¶ms)) == 0)
{
- log(1, 0, 0, 0, "Using FIFO scheduler. Say goodbye to any other processes running\n");
+ LOG(1, 0, 0, 0, "Using FIFO scheduler. Say goodbye to any other processes running\n");
}
else
{
- log(0, 0, 0, 0, "Error setting scheduler to FIFO: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Error setting scheduler to FIFO: %s\n", strerror(errno));
config->scheduler_fifo = 0;
}
}
#endif /* BGP */
inittun();
- log(1, 0, 0, 0, "Set up on interface %s\n", config->tundevice);
+ LOG(1, 0, 0, 0, "Set up on interface %s\n", config->tundevice);
initudp();
initrad();
if (config->lock_pages)
{
if (!mlockall(MCL_CURRENT))
- log(1, 0, 0, 0, "Locking pages into memory\n");
+ LOG(1, 0, 0, 0, "Locking pages into memory\n");
else
- log(0, 0, 0, 0, "Can't lock pages: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Can't lock pages: %s\n", strerror(errno));
}
alarm(1);
void sigterm_handler(int junk)
{
- log(1, 0, 0, 0, "Shutting down cleanly\n");
+ LOG(1, 0, 0, 0, "Shutting down cleanly\n");
if (config->save_state)
dump_state();
{
int i;
- log(1, 0, 0, 0, "Shutting down without saving sessions\n");
+ LOG(1, 0, 0, 0, "Shutting down without saving sessions\n");
for (i = 1; i < MAXSESSION; i++)
{
if (session[i].opened)
if (sb.st_mtime < (time(NULL) - 60))
{
- log(0, 0, 0, 0, "State file is too old to read, ignoring\n");
+ LOG(0, 0, 0, 0, "State file is too old to read, ignoring\n");
unlink(STATEFILE);
return ;
}
if (!f)
{
- log(0, 0, 0, 0, "Can't read state file: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Can't read state file: %s\n", strerror(errno));
exit(1);
}
if (fread(magic, sizeof(magic), 1, f) != 1 || strncmp(magic, DUMP_MAGIC, sizeof(magic)))
{
- log(0, 0, 0, 0, "Bad state file magic\n");
+ LOG(0, 0, 0, 0, "Bad state file magic\n");
exit(1);
}
- log(1, 0, 0, 0, "Reading state information\n");
+ LOG(1, 0, 0, 0, "Reading state information\n");
if (fread(buf, sizeof(buf), 1, f) != 1 || buf[0] > MAXIPPOOL || buf[1] != sizeof(ippoolt))
{
- log(0, 0, 0, 0, "Error/mismatch reading ip pool header from state file\n");
+ LOG(0, 0, 0, 0, "Error/mismatch reading ip pool header from state file\n");
exit(1);
}
if (buf[0] > ip_pool_size)
{
- log(0, 0, 0, 0, "ip pool has shrunk! state = %d, current = %d\n", buf[0], ip_pool_size);
+ LOG(0, 0, 0, 0, "ip pool has shrunk! state = %d, current = %d\n", buf[0], ip_pool_size);
exit(1);
}
- log(2, 0, 0, 0, "Loading %u ip addresses\n", buf[0]);
+ LOG(2, 0, 0, 0, "Loading %u ip addresses\n", buf[0]);
for (i = 0; i < buf[0]; i++)
{
if (fread(&itmp, sizeof(itmp), 1, f) != 1)
{
- log(0, 0, 0, 0, "Error reading ip %d from state file: %s\n", i, strerror(errno));
+ LOG(0, 0, 0, 0, "Error reading ip %d from state file: %s\n", i, strerror(errno));
exit(1);
}
if (itmp.address != ip_address_pool[i].address)
{
- log(0, 0, 0, 0, "Mismatched ip %d from state file: pool may only be extended\n", i);
+ LOG(0, 0, 0, 0, "Mismatched ip %d from state file: pool may only be extended\n", i);
exit(1);
}
if (fread(buf, sizeof(buf), 1, f) != 1 || buf[0] != MAXTUNNEL || buf[1] != sizeof(tunnelt))
{
- log(0, 0, 0, 0, "Error/mismatch reading tunnel header from state file\n");
+ LOG(0, 0, 0, 0, "Error/mismatch reading tunnel header from state file\n");
exit(1);
}
- log(2, 0, 0, 0, "Loading %u tunnels\n", MAXTUNNEL);
+ LOG(2, 0, 0, 0, "Loading %u tunnels\n", MAXTUNNEL);
if (fread(tunnel, sizeof(tunnelt), MAXTUNNEL, f) != MAXTUNNEL)
{
- log(0, 0, 0, 0, "Error reading tunnel data from state file\n");
+ LOG(0, 0, 0, 0, "Error reading tunnel data from state file\n");
exit(1);
}
tunnel[i].controls = NULL;
tunnel[i].controle = NULL;
if (*tunnel[i].hostname)
- log(3, 0, 0, 0, "Created tunnel for %s\n", tunnel[i].hostname);
+ LOG(3, 0, 0, 0, "Created tunnel for %s\n", tunnel[i].hostname);
}
if (fread(buf, sizeof(buf), 1, f) != 1 || buf[0] != MAXSESSION || buf[1] != sizeof(sessiont))
{
- log(0, 0, 0, 0, "Error/mismatch reading session header from state file\n");
+ LOG(0, 0, 0, 0, "Error/mismatch reading session header from state file\n");
exit(1);
}
- log(2, 0, 0, 0, "Loading %u sessions\n", MAXSESSION);
+ LOG(2, 0, 0, 0, "Loading %u sessions\n", MAXSESSION);
if (fread(session, sizeof(sessiont), MAXSESSION, f) != MAXSESSION)
{
- log(0, 0, 0, 0, "Error reading session data from state file\n");
+ LOG(0, 0, 0, 0, "Error reading session data from state file\n");
exit(1);
}
session[i].tbf_out = 0;
if (session[i].opened)
{
- log(2, 0, i, 0, "Loaded active session for user %s\n", session[i].user);
+ LOG(2, 0, i, 0, "Loaded active session for user %s\n", session[i].user);
if (session[i].ip)
sessionsetup(session[i].tunnel, i);
}
}
fclose(f);
- log(0, 0, 0, 0, "Loaded saved state information\n");
+ LOG(0, 0, 0, 0, "Loaded saved state information\n");
}
void dump_state()
if (!(f = fopen(STATEFILE, "w")))
break;
- log(1, 0, 0, 0, "Dumping state information\n");
+ LOG(1, 0, 0, 0, "Dumping state information\n");
if (fwrite(DUMP_MAGIC, sizeof(DUMP_MAGIC) - 1, 1, f) != 1)
break;
- log(2, 0, 0, 0, "Dumping %u ip addresses\n", ip_pool_size);
+ LOG(2, 0, 0, 0, "Dumping %u ip addresses\n", ip_pool_size);
buf[0] = ip_pool_size;
buf[1] = sizeof(ippoolt);
if (fwrite(buf, sizeof(buf), 1, f) != 1)
if (fwrite(ip_address_pool, sizeof(ippoolt), ip_pool_size, f) != ip_pool_size)
break;
- log(2, 0, 0, 0, "Dumping %u tunnels\n", MAXTUNNEL);
+ LOG(2, 0, 0, 0, "Dumping %u tunnels\n", MAXTUNNEL);
buf[0] = MAXTUNNEL;
buf[1] = sizeof(tunnelt);
if (fwrite(buf, sizeof(buf), 1, f) != 1)
if (fwrite(tunnel, sizeof(tunnelt), MAXTUNNEL, f) != MAXTUNNEL)
break;
- log(2, 0, 0, 0, "Dumping %u sessions\n", MAXSESSION);
+ LOG(2, 0, 0, 0, "Dumping %u sessions\n", MAXSESSION);
buf[0] = MAXSESSION;
buf[1] = sizeof(sessiont);
if (fwrite(buf, sizeof(buf), 1, f) != 1)
}
while (0);
- log(0, 0, 0, 0, "Can't write state information: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "Can't write state information: %s\n", strerror(errno));
unlink(STATEFILE);
}
if (!*config->l2tpsecret)
{
- log(0, 0, 0, 0, "LNS requested CHAP authentication, but no l2tp secret is defined\n");
+ LOG(0, 0, 0, 0, "LNS requested CHAP authentication, but no l2tp secret is defined\n");
return;
}
- log(4, 0, 0, 0, " Building challenge response for CHAP request\n");
+ LOG(4, 0, 0, 0, " Building challenge response for CHAP request\n");
*challenge_response = (char *)calloc(17, 1);
if (!config->numradiusservers)
{
- log(0, 0, 0, 0, "No RADIUS servers defined!\n");
+ LOG(0, 0, 0, 0, "No RADIUS servers defined!\n");
}
config->num_radfds = 2 << RADIUS_SHIFT;
if (config->cluster_hb_timeout < t)
{
- log(0,0,0,0, "Heartbeat timeout %d too low, adjusting to %d\n", config->cluster_hb_timeout, t);
+ LOG(0,0,0,0, "Heartbeat timeout %d too low, adjusting to %d\n", config->cluster_hb_timeout, t);
config->cluster_hb_timeout = t;
}
}
else
{
- log(0, 0, 0, 0, "Can't write to PID file %s: %s\n", config->pid_file, strerror(errno));
+ LOG(0, 0, 0, 0, "Can't write to PID file %s: %s\n", config->pid_file, strerror(errno));
}
}
return;
}
- log(3, 0, 0, 0, "Reading config file %s\n", config->config_file);
+ LOG(3, 0, 0, 0, "Reading config file %s\n", config->config_file);
cli_do_file(f);
- log(3, 0, 0, 0, "Done reading config file\n");
+ LOG(3, 0, 0, 0, "Done reading config file\n");
fclose(f);
update_config();
}
CSTAT(call_sessionsetup);
- log(3, session[s].ip, s, t, "Doing session setup for session\n");
+ LOG(3, session[s].ip, s, t, "Doing session setup for session\n");
if (!session[s].ip || session[s].ip == 0xFFFFFFFE)
{
assign_ip_address(s);
if (!session[s].ip)
{
- log(0, 0, s, t, " No IP allocated. The IP address pool is FULL!\n");
+ LOG(0, 0, s, t, " No IP allocated. The IP address pool is FULL!\n");
sessionshutdown(s, "No IP addresses available");
return 0;
}
- log(3, 0, s, t, " No IP allocated. Assigned %s from pool\n",
+ LOG(3, 0, s, t, " No IP allocated. Assigned %s from pool\n",
inet_toa(htonl(session[s].ip)));
}
if (!session[s].unique_id)
{
// did this session just finish radius?
- log(3, session[s].ip, s, t, "Sending initial IPCP to client\n");
+ LOG(3, session[s].ip, s, t, "Sending initial IPCP to client\n");
sendipcp(t, s);
session[s].unique_id = ++last_id;
}
char *sessionip, *tunnelip;
sessionip = strdup(inet_toa(htonl(session[s].ip)));
tunnelip = strdup(inet_toa(htonl(tunnel[t].ip)));
- log(2, session[s].ip, s, t, "Login by %s at %s from %s (%s)\n",
+ LOG(2, session[s].ip, s, t, "Login by %s at %s from %s (%s)\n",
session[s].user, sessionip, tunnelip, tunnel[t].hostname);
if (sessionip) free(sessionip);
if (tunnelip) free(tunnelip);
if (new->ip_pool_index >= MAXIPPOOL ||
new->tunnel >= MAXTUNNEL)
{
- log(0,0,s,0, "Strange session update received!\n");
+ LOG(0,0,s,0, "Strange session update received!\n");
// FIXME! What to do here?
return 0;
}
char path[256] = "";
snprintf(path, 256, PLUGINDIR "/%s.so", plugin_name);
- log(2, 0, 0, 0, "%soading plugin from %s\n", load ? "L" : "Un-l", path);
+ LOG(2, 0, 0, 0, "%soading plugin from %s\n", load ? "L" : "Un-l", path);
return dlopen(path, RTLD_NOW);
}
if (!p)
{
- log(1, 0, 0, 0, " Plugin load failed: %s\n", dlerror());
+ LOG(1, 0, 0, 0, " Plugin load failed: %s\n", dlerror());
return;
}
int *v = dlsym(p, "__plugin_api_version");
if (!v || *v != PLUGIN_API_VERSION)
{
- log(1, 0, 0, 0, " Plugin load failed: API version mismatch: %s\n", dlerror());
+ LOG(1, 0, 0, 0, " Plugin load failed: API version mismatch: %s\n", dlerror());
dlclose(p);
return;
}
{
if (!initfunc(&funcs))
{
- log(1, 0, 0, 0, " Plugin load failed: plugin_init() returned FALSE: %s\n", dlerror());
+ LOG(1, 0, 0, 0, " Plugin load failed: plugin_init() returned FALSE: %s\n", dlerror());
dlclose(p);
return;
}
void *x;
if (plugin_functions[i] && (x = dlsym(p, plugin_functions[i])))
{
- log(3, 0, 0, 0, " Supports function \"%s\"\n", plugin_functions[i]);
+ LOG(3, 0, 0, 0, " Supports function \"%s\"\n", plugin_functions[i]);
ll_push(plugins[i], x);
}
}
- log(2, 0, 0, 0, " Loaded plugin %s\n", plugin_name);
+ LOG(2, 0, 0, 0, " Loaded plugin %s\n", plugin_name);
}
static void run_plugin_done(void *plugin)
}
dlclose(p);
- log(2, 0, 0, 0, "Removed plugin %s\n", plugin_name);
+ LOG(2, 0, 0, 0, "Removed plugin %s\n", plugin_name);
}
int run_plugins(int plugin_type, void *data)
if (log_stream && config->debug >= 4)
{
- log(4, ntohl(addr->sin_addr.s_addr), 0, 0, "Received ");
+ LOG(4, ntohl(addr->sin_addr.s_addr), 0, 0, "Received ");
dump_packet(buf, log_stream);
}
if (param.send_response)
{
send_packet(controlfd, ntohl(addr->sin_addr.s_addr), ntohs(addr->sin_port), param.response, param.response_length);
- log(4, ntohl(addr->sin_addr.s_addr), 0, 0, "Sent Control packet response\n");
+ LOG(4, ntohl(addr->sin_addr.s_addr), 0, 0, "Sent Control packet response\n");
}
free(resp);
{
int i;
- log(1, 0, 0, 0, "Cleaning tunnels array\n");
+ LOG(1, 0, 0, 0, "Cleaning tunnels array\n");
for (i = 1; i < MAXTUNNEL; i++)
{
{
if (tunnel[i].state == TUNNELFREE)
{
- log(4, 0, 0, i, "Assigning tunnel ID %d\n", i);
+ LOG(4, 0, 0, i, "Assigning tunnel ID %d\n", i);
if (i > config->cluster_highest_tunnelid)
config->cluster_highest_tunnelid = i;
return i;
}
}
- log(0, 0, 0, 0, "Can't find a free tunnel! There shouldn't be this many in use!\n");
+ LOG(0, 0, 0, 0, "Can't find a free tunnel! There shouldn't be this many in use!\n");
return 0;
}
if (hidden_length > length - 8)
{
- log(1, 0, s, t, "Hidden length %d too long in AVP of length %d\n", (int) hidden_length, (int) length);
+ LOG(1, 0, s, t, "Hidden length %d too long in AVP of length %d\n", (int) hidden_length, (int) length);
return 0;
}
// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.29 2004-11-05 02:47:47 bodea Exp $
+// $Id: l2tpns.h,v 1.30 2004-11-05 04:55:27 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
}
sessiont;
-#define SF_IPCP_ACKED (1<<0) // Has this session seen an IPCP Ack?
+#define SF_IPCP_ACKED 1 // Has this session seen an IPCP Ack?
+#define SF_LCP_ACKED 2 // LCP negotiated
typedef struct {
u32 cin;
u32 cout;
} sessioncountt;
-#define SESSIONPFC 1 // PFC negotiated flags
-#define SESSIONACFC 2 // ACFC negotiated flags
-#define SESSIONLCPACK 4 // LCP negotiated
+#define SESSIONPFC 1 // PFC negotiated flags
+#define SESSIONACFC 2 // ACFC negotiated flags
// 168 bytes per tunnel
typedef struct tunnels
int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc);
int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc);
-#undef log
-#undef log_hex
-#define log(D, a, s, t, f, ...) ({ if (D <= config->debug) _log(D, a, s, t, f, ## __VA_ARGS__); })
-#define log_hex(D, t, d, s) ({ if (D <= config->debug) _log_hex(D, t, d, s); })
+#undef LOG
+#undef LOG_HEX
+#define LOG(D, a, s, t, f, ...) ({ if (D <= config->debug) _log(D, a, s, t, f, ## __VA_ARGS__); })
+#define LOG_HEX(D, t, d, s) ({ if (D <= config->debug) _log_hex(D, t, d, s); })
void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 5, 6)));
void _log_hex(int level, const char *title, const char *data, int maxsize);
void *array[20]; \
char **strings; \
int size, i; \
- log(0, 0, 0, t, "Backtrace follows"); \
+ LOG(0, 0, 0, t, "Backtrace follows"); \
size = backtrace(array, 10); \
strings = backtrace_symbols(array, size); \
if (strings) for (i = 0; i < size; i++) \
{ \
- log(0, 0, 0, t, "%s\n", strings[i]); \
+ LOG(0, 0, 0, t, "%s\n", strings[i]); \
} \
free(strings); \
}
struct pluginfuncs
{
- void (*_log)(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...);
- void (*_log_hex)(int level, const char *title, const char *data, int maxsize);
+ void (*log)(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...);
+ void (*log_hex)(int level, const char *title, const char *data, int maxsize);
char *(*inet_toa)(unsigned long addr);
sessionidt (*get_session_by_username)(char *username);
sessiont *(*get_session_by_id)(sessionidt s);
// L2TPNS PPP Stuff
-char const *cvs_id_ppp = "$Id: ppp.c,v 1.20 2004-11-05 02:21:55 bodea Exp $";
+char const *cvs_id_ppp = "$Id: ppp.c,v 1.21 2004-11-05 04:55:27 bodea Exp $";
#include <stdio.h>
#include <string.h>
CSTAT(call_processpap);
- log_hex(5, "PAP", p, l);
+ LOG_HEX(5, "PAP", p, l);
if (l < 4)
{
- log(1, 0, s, t, "Short PAP %u bytes\n", l);
+ LOG(1, 0, s, t, "Short PAP %u bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
- log(1, 0, s, t, "Length mismatch PAP %u/%u\n", hl, l);
+ LOG(1, 0, s, t, "Length mismatch PAP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
if (*p != 1)
{
- log(1, 0, s, t, "Unexpected PAP code %d\n", *p);
+ LOG(1, 0, s, t, "Unexpected PAP code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
if (*b && *b < sizeof(pass))
memcpy(pass, b + 1, *b);
pass[*b] = 0;
- log(3, 0, s, t, "PAP login %s/%s\n", user, pass);
+ LOG(3, 0, s, t, "PAP login %s/%s\n", user, pass);
}
if (session[s].ip || !session[s].radius)
{
u8 id = p[1];
u8 *p = makeppp(b, sizeof(b), 0, 0, t, s, PPPPAP);
if (!p) { // Failed to make ppp header!
- log(1,0,0,0, "Failed to make PPP header in process pap!\n");
+ LOG(1,0,0,0, "Failed to make PPP header in process pap!\n");
return;
}
if (session[s].ip)
p[4] = 0; // no message
if (session[s].ip)
{
- log(3, session[s].ip, s, t, "%d Already an IP allocated: %s (%d)\n", getpid(), inet_toa(htonl(session[s].ip)), session[s].ip_pool_index);
+ LOG(3, session[s].ip, s, t, "Already an IP allocated: %s (%d)\n", inet_toa(htonl(session[s].ip)), session[s].ip_pool_index);
session[s].flags &= ~SF_IPCP_ACKED;
}
else
{
- log(1, 0, s, t, "No radius session available to authenticate session...\n");
+ LOG(1, 0, s, t, "No radius session available to authenticate session...\n");
}
- log(3, 0, s, t, "Fallback response to PAP (%s)\n", (session[s].ip) ? "ACK" : "NAK");
+ LOG(3, 0, s, t, "Fallback response to PAP (%s)\n", (session[s].ip) ? "ACK" : "NAK");
tunnelsend(b, 5 + (p - b), t); // send it
}
else
run_plugins(PLUGIN_PRE_AUTH, &packet);
if (!packet.continue_auth)
{
- log(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
+ LOG(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
if (packet.username) free(packet.username);
if (packet.password) free(packet.password);
return;
free(packet.password);
radius[r].id = p[1];
- log(3, 0, s, t, "Sending login for %s/%s to radius\n", user, pass);
+ LOG(3, 0, s, t, "Sending login for %s/%s to radius\n", user, pass);
radiussend(r, RADIUSAUTH);
}
}
CSTAT(call_processchap);
- log_hex(5, "CHAP", p, l);
+ LOG_HEX(5, "CHAP", p, l);
r = session[s].radius;
if (!r)
{
- log(1, 0, s, t, "Unexpected CHAP message\n");
+ LOG(1, 0, s, t, "Unexpected CHAP message\n");
// FIXME: Need to drop the session here.
if (l < 4)
{
- log(1, 0, s, t, "Short CHAP %u bytes\n", l);
+ LOG(1, 0, s, t, "Short CHAP %u bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
- log(1, 0, s, t, "Length mismatch CHAP %u/%u\n", hl, l);
+ LOG(1, 0, s, t, "Length mismatch CHAP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
if (*p != 2)
{
- log(1, 0, s, t, "Unexpected CHAP response code %d\n", *p);
+ LOG(1, 0, s, t, "Unexpected CHAP response code %d\n", *p);
STAT(tunnel_rx_errors);
return;
}
if (p[1] != radius[r].id)
{
- log(1, 0, s, t, "Wrong CHAP response ID %d (should be %d) (%d)\n", p[1], radius[r].id, r);
+ LOG(1, 0, s, t, "Wrong CHAP response ID %d (should be %d) (%d)\n", p[1], radius[r].id, r);
STAT(tunnel_rx_errors);
return ;
}
if (l < 5 || p[4] != 16)
{
- log(1, 0, s, t, "Bad CHAP response length %d\n", l < 5 ? -1 : p[4]);
+ LOG(1, 0, s, t, "Bad CHAP response length %d\n", l < 5 ? -1 : p[4]);
STAT(tunnel_rx_errors);
return ;
}
p += 5;
if (l < 16 || l - 16 >= sizeof(session[s].user))
{
- log(1, 0, s, t, "CHAP user too long %d\n", l - 16);
+ LOG(1, 0, s, t, "CHAP user too long %d\n", l - 16);
STAT(tunnel_rx_errors);
return ;
}
run_plugins(PLUGIN_PRE_AUTH, &packet);
if (!packet.continue_auth)
{
- log(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
+ LOG(3, 0, s, t, "A plugin rejected PRE_AUTH\n");
if (packet.username) free(packet.username);
if (packet.password) free(packet.password);
return;
}
radius[r].chap = 1;
- log(3, 0, s, t, "CHAP login %s\n", session[s].user);
+ LOG(3, 0, s, t, "CHAP login %s\n", session[s].user);
radiussend(r, RADIUSAUTH);
}
int x = l - 4;
u8 *o = (p + 4);
- log_hex(5, "PPP LCP Packet", p, l);
- log(4, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
- log(4, 0, 0, 0, "Length: %d\n", l);
+ LOG_HEX(5, "PPP LCP Packet", p, l);
+ LOG(4, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
+ LOG(4, 0, 0, 0, "Length: %d\n", l);
if (*p != ConfigReq && *p != ConfigRej && *p != ConfigAck)
return;
int length = o[1];
if (length < 2)
{
- log(4, 0, 0, 0, " Option length is %d...\n", length);
+ LOG(4, 0, 0, 0, " Option length is %d...\n", length);
break;
}
if (type == 0)
{
- log(4, 0, 0, 0, " Option type is 0...\n");
+ LOG(4, 0, 0, 0, " Option type is 0...\n");
x -= length;
o += length;
continue;
{
case 1: // Maximum-Receive-Unit
if (length == 4)
- log(4, 0, 0, 0, " %s %d\n", lcp_types[type], ntohs(*(u16 *)(o + 2)));
+ LOG(4, 0, 0, 0, " %s %d\n", lcp_types[type], ntohs(*(u16 *)(o + 2)));
else
- log(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
+ LOG(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
break;
case 3: // Authentication-Protocol
{
if (length == 4)
{
int proto = ntohs(*(u16 *)(o + 2));
- log(4, 0, 0, 0, " %s 0x%x (%s)\n", lcp_types[type], proto,
+ LOG(4, 0, 0, 0, " %s 0x%x (%s)\n", lcp_types[type], proto,
proto == PPPCHAP ? "CHAP" :
proto == PPPPAP ? "PAP" : "UNKNOWN");
}
else
- log(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
+ LOG(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
break;
}
case 4: // Quality-Protocol
{
u32 qp = ntohl(*(u32 *)(o + 2));
- log(4, 0, 0, 0, " %s %x\n", lcp_types[type], qp);
+ LOG(4, 0, 0, 0, " %s %x\n", lcp_types[type], qp);
break;
}
case 5: // Magic-Number
if (length == 6)
{
u32 magicno = ntohl(*(u32 *)(o + 2));
- log(4, 0, 0, 0, " %s %x\n", lcp_types[type], magicno);
+ LOG(4, 0, 0, 0, " %s %x\n", lcp_types[type], magicno);
}
else
- log(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
+ LOG(4, 0, 0, 0, " %s odd length %d\n", lcp_types[type], length);
break;
}
case 7: // Protocol-Field-Compression
{
- log(4, 0, 0, 0, " %s\n", lcp_types[type]);
+ LOG(4, 0, 0, 0, " %s\n", lcp_types[type]);
break;
}
case 8: // Address-And-Control-Field-Compression
{
- log(4, 0, 0, 0, " %s\n", lcp_types[type]);
+ LOG(4, 0, 0, 0, " %s\n", lcp_types[type]);
break;
}
default:
- log(2, 0, 0, 0, " Unknown PPP LCP Option type %d\n", type);
+ LOG(2, 0, 0, 0, " Unknown PPP LCP Option type %d\n", type);
break;
}
x -= length;
CSTAT(call_processlcp);
- log_hex(5, "LCP", p, l);
+ LOG_HEX(5, "LCP", p, l);
if (l < 4)
{
- log(1, session[s].ip, s, t, "Short LCP %d bytes\n", l);
+ LOG(1, session[s].ip, s, t, "Short LCP %d bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
- log(1, 0, s, t, "Length mismatch LCP %u/%u\n", hl, l);
+ LOG(1, 0, s, t, "Length mismatch LCP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
if (*p == ConfigAck)
{
- log(3, session[s].ip, s, t, "LCP: Discarding ConfigAck\n");
- session[s].flags |= SESSIONLCPACK;
+ LOG(3, session[s].ip, s, t, "LCP: Discarding ConfigAck\n");
+ session[s].flags |= SF_LCP_ACKED;
}
else if (*p == ConfigReq)
{
int x = l - 4;
u8 *o = (p + 4);
- log(3, session[s].ip, s, t, "LCP: ConfigReq (%d bytes)...\n", l);
+ LOG(3, session[s].ip, s, t, "LCP: ConfigReq (%d bytes)...\n", l);
if (config->debug > 3) dumplcp(p, l);
while (x > 2)
session[s].mru = ntohs(*(u16 *)(o + 2));
break;
case 2: // asyncmap
- log_hex(2, "PPP LCP Packet", p, l);
- log(2, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
+ LOG_HEX(2, "PPP LCP Packet", p, l);
+ LOG(2, 0, 0, 0, "PPP LCP Packet type %d (%s len %d)\n", *p, ppp_lcp_types[(int)*p], ntohs( ((u16 *) p)[1]) );
break;
case 3: // Authentication-Protocol
{
int proto = ntohs(*(u16 *)(o + 2));
if (proto == PPPCHAP)
{
- log(2, session[s].ip, s, t, " Remote end is trying to do CHAP. Rejecting it.\n");
+ LOG(2, session[s].ip, s, t, " Remote end is trying to do CHAP. Rejecting it.\n");
if (!q)
{
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q) {
- log(2, session[s].ip, s, t, " Failed to send packet.\n");
+ LOG(2, session[s].ip, s, t, " Failed to send packet.\n");
break;
}
*q++ = ConfigNak;
case 18:
{
// Reject LCP CallBack
- log(2, session[s].ip, s, t, " PPP LCP Option type %d, len=%d\n", type, length);
+ LOG(2, session[s].ip, s, t, " PPP LCP Option type %d, len=%d\n", type, length);
memcpy(p + 4, o, length);
*(u16 *)(p + 2) = htons(length + 4);
*p = ConfigRej;
default:
// Reject Unknown LCP Option to stop to send it again
- log(2, session[s].ip, s, t, " Unknown PPP LCP Option type %d\n", type);
+ LOG(2, session[s].ip, s, t, " Unknown PPP LCP Option type %d\n", type);
memcpy(p + 4, o, length);
*(u16 *)(p + 2) = htons(length + 4);
*p = ConfigRej;
o += length;
}
+ if (!(session[s].flags & SF_LCP_ACKED))
+ initlcp(t, s);
+
if (!q)
{
// Send back a ConfigAck
- log(3, session[s].ip, s, t, "ConfigReq accepted, sending as Ack\n");
- // for win2k L2TP clients and LCP renegotiation of alive session
- if (magicno || l == 4 || (session[s].mru && l == 8)) initlcp(t, s);
+ LOG(3, session[s].ip, s, t, "ConfigReq accepted, sending as Ack\n");
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q)
{
- log(3, session[s].ip, s, t, " failed to create packet.\n");
+ LOG(3, session[s].ip, s, t, " failed to create packet.\n");
return;
}
*q = ConfigAck;
else
{
// Already built a ConfigNak... send it
- log(3, session[s].ip, s, t, "Sending ConfigNak\n");
+ LOG(3, session[s].ip, s, t, "Sending ConfigNak\n");
tunnelsend(b, l + (q - b), t);
}
-
- if (!(session[s].flags & SESSIONLCPACK))
- initlcp(t, s);
}
else if (*p == ConfigNak)
{
- log(1, session[s].ip, s, t, "Remote end sent a ConfigNak. Ignoring\n");
+ LOG(1, session[s].ip, s, t, "Remote end sent a ConfigNak. Ignoring\n");
if (config->debug > 3) dumplcp(p, l);
return ;
}
*p = TerminateAck; // close
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q) {
- log(3, session[s].ip, s, t, "Failed to create PPP packet in processlcp.\n");
+ LOG(3, session[s].ip, s, t, "Failed to create PPP packet in processlcp.\n");
return;
}
- log(3, session[s].ip, s, t, "LCP: Received TerminateReq. Sending TerminateAck\n");
+ LOG(3, session[s].ip, s, t, "LCP: Received TerminateReq. Sending TerminateAck\n");
sessionshutdown(s, "Remote end closed connection.");
tunnelsend(b, l + (q - b), t); // send it
}
*(u32 *) (p + 4) = htonl(session[s].magic); // our magic number
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q) {
- log(3, session[s].ip, s, t, " failed to send EchoReply.\n");
+ LOG(3, session[s].ip, s, t, " failed to send EchoReply.\n");
return;
}
- log(5, session[s].ip, s, t, "LCP: Received EchoReq. Sending EchoReply\n");
+ LOG(5, session[s].ip, s, t, "LCP: Received EchoReq. Sending EchoReply\n");
tunnelsend(b, l + (q - b), t); // send it
}
else if (*p == EchoReply)
*p = CodeRej;
if (l > MAXCONTROL)
{
- log(1, 0, s, t, "Truncated Ident Packet (length=%d) to 1400 bytes\n", l);
+ LOG(1, 0, s, t, "Truncated Ident Packet (length=%d) to 1400 bytes\n", l);
l = 1400;
}
q = makeppp(b, sizeof(b), p, l, t, s, PPPLCP);
if (!q)
{
- log(3, session[s].ip, s, t, "Failed to create IdentRej.\n");
+ LOG(3, session[s].ip, s, t, "Failed to create IdentRej.\n");
return;
}
- log_hex(5, "LCPIdentRej", q, l + 4);
+ LOG_HEX(5, "LCPIdentRej", q, l + 4);
tunnelsend(b, 12 + 4 + l, t);
}
else
{
- log(1, session[s].ip, s, t, "Unexpected LCP code %d\n", *p);
+ LOG(1, session[s].ip, s, t, "Unexpected LCP code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
CSTAT(call_processipcp);
- log_hex(5, "IPCP", p, l);
+ LOG_HEX(5, "IPCP", p, l);
if (l < 5)
{
- log(1, 0, s, t, "Short IPCP %d bytes\n", l);
+ LOG(1, 0, s, t, "Short IPCP %d bytes\n", l);
STAT(tunnel_rx_errors);
return ;
}
if ((hl = ntohs(*(u16 *) (p + 2))) > l)
{
- log(1, 0, s, t, "Length mismatch IPCP %u/%u\n", hl, l);
+ LOG(1, 0, s, t, "Length mismatch IPCP %u/%u\n", hl, l);
STAT(tunnel_rx_errors);
return ;
}
}
session[s].flags |= SF_IPCP_ACKED;
- log(3, session[s].ip, s, t, "IPCP Acked, session is now active\n");
+ LOG(3, session[s].ip, s, t, "IPCP Acked, session is now active\n");
return;
}
if (*p != ConfigReq)
{
- log(1, 0, s, t, "Unexpected IPCP code %d\n", *p);
+ LOG(1, 0, s, t, "Unexpected IPCP code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
- log(4, session[s].ip, s, t, "IPCP ConfigReq received\n");
+ LOG(4, session[s].ip, s, t, "IPCP ConfigReq received\n");
if (!session[s].ip)
{
- log(3, 0, s, t, "Waiting on radius reply\n");
+ LOG(3, 0, s, t, "Waiting on radius reply\n");
return; // have to wait on RADIUS reply
}
// form a config reply quoting the IP in the session
i = p + l;
if (!(q = makeppp(b, sizeof(b), p, l, t, s, PPPIPCP)))
{
- log(2, 0, s, t, "Failed to send IPCP ConfigRej\n");
+ LOG(2, 0, s, t, "Failed to send IPCP ConfigRej\n");
return;
}
*q = ConfigRej;
{
if (*p != 0x81 && *p != 0x83 && *p != 3)
{
- log(2, 0, s, t, "IPCP reject %d\n", *p);
+ LOG(2, 0, s, t, "IPCP reject %d\n", *p);
memcpy(q + n, p, p[1]);
n += p[1];
}
p += p[1];
}
*(u16 *) (q + 2) = htons(n);
- log(4, session[s].ip, s, t, "Sending ConfigRej\n");
+ LOG(4, session[s].ip, s, t, "Sending ConfigRej\n");
tunnelsend(b, n + (q - b), t); // send it
}
else
{
- log(4, session[s].ip, s, t, "Sending ConfigAck\n");
+ LOG(4, session[s].ip, s, t, "Sending ConfigAck\n");
*p = ConfigAck;
if ((i = findppp(p, 0x81))) // Primary DNS address
{
{
*(u32 *) (i + 2) = htonl(session[s].dns1);
*p = ConfigNak;
- log(5, session[s].ip, s, t, " DNS1 = %s\n", inet_toa(session[s].dns1));
+ LOG(5, session[s].ip, s, t, " DNS1 = %s\n", inet_toa(session[s].dns1));
}
}
if ((i = findppp(p, 0x83))) // Secondary DNS address (TBA, is it)
{
*(u32 *) (i + 2) = htonl(session[s].dns2);
*p = ConfigNak;
- log(5, session[s].ip, s, t, " DNS2 = %s\n", inet_toa(session[s].dns1));
+ LOG(5, session[s].ip, s, t, " DNS2 = %s\n", inet_toa(session[s].dns2));
}
}
i = findppp(p, 3); // IP address
if (!i || i[1] != 6)
{
- log(1, 0, s, t, "No IP in IPCP request\n");
+ LOG(1, 0, s, t, "No IP in IPCP request\n");
STAT(tunnel_rx_errors);
return ;
}
{
*(u32 *) (i + 2) = htonl(session[s].ip);
*p = ConfigNak;
- log(4, session[s].ip, s, t, " No, a ConfigNak, client is requesting IP - sending %s\n",
+ LOG(4, session[s].ip, s, t, " No, a ConfigNak, client is requesting IP - sending %s\n",
inet_toa(htonl(session[s].ip)));
}
if (!(q = makeppp(b, sizeof(b), p, l, t, s, PPPIPCP)))
{
- log(2, 0, s, t, " Failed to send IPCP packet.\n");
+ LOG(2, 0, s, t, " Failed to send IPCP packet.\n");
return;
}
tunnelsend(b, l + (q - b), t); // send it
CSTAT(call_processipin);
- log_hex(5, "IP", p, l);
+ LOG_HEX(5, "IP", p, l);
ip = ntohl(*(u32 *)(p + 12));
if (l > MAXETHER)
{
- log(1, ip, s, t, "IP packet too long %d\n", l);
+ LOG(1, ip, s, t, "IP packet too long %d\n", l);
STAT(tunnel_rx_errors);
return ;
}
// no spoof (do sessionbyip to handled statically routed subnets)
if (ip != session[s].ip && sessionbyip(htonl(ip)) != s)
{
- log(5, ip, s, t, "Dropping packet with spoofed IP %s\n", inet_toa(htonl(ip)));
+ LOG(5, ip, s, t, "Dropping packet with spoofed IP %s\n", inet_toa(htonl(ip)));
return;
}
if (tun_write(p, l) < 0)
{
STAT(tun_tx_errors);
- log(0, 0, s, t, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
+ LOG(0, 0, s, t, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
l, strerror(errno), tunfd, p);
}
//
void send_ipin(sessionidt s, u8 *buf, int len)
{
- log_hex(5, "IP in throttled", buf, len);
+ LOG_HEX(5, "IP in throttled", buf, len);
if (write(tunfd, buf, len) < 0)
{
STAT(tun_tx_errors);
- log(0, 0, 0, 0, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
+ LOG(0, 0, 0, 0, "Error writing %d bytes to TUN device: %s (tunfd=%d, p=%p)\n",
len, strerror(errno), tunfd, buf);
}
}
-// Process LCP messages
+// Process CCP messages
void processccp(tunnelidt t, sessionidt s, u8 *p, u16 l)
{
CSTAT(call_processccp);
- log_hex(5, "CCP", p, l);
+ LOG_HEX(5, "CCP", p, l);
if (l < 2 || (*p != ConfigReq && *p != TerminateReq))
{
- log(1, 0, s, t, "Unexpected CCP request code %d\n", *p);
+ LOG(1, 0, s, t, "Unexpected CCP request code %d\n", *p);
STAT(tunnel_rx_errors);
return ;
}
*p = TerminateAck; // close
if (!(q = makeppp(b, sizeof(b), p, l, t, s, PPPCCP)))
{
- log(1,0,0,0, "Failed to send CCP packet.\n");
+ LOG(1,0,0,0, "Failed to send CCP packet.\n");
return;
}
tunnelsend(b, l + (q - b), t); // send it
if (!r)
{
- log(1, 0, s, t, "No RADIUS to send challenge\n");
+ LOG(1, 0, s, t, "No RADIUS to send challenge\n");
STAT(tunnel_tx_errors);
return ;
}
- log(1, 0, s, t, "Send CHAP challenge\n");
+ LOG(1, 0, s, t, "Send CHAP challenge\n");
{
// new challenge
int n;
}
q = makeppp(b, sizeof(b), 0, 0, t, s, PPPCHAP);
if (!q) {
- log(1, 0, s, t, "failed to send CHAP challenge.\n");
+ LOG(1, 0, s, t, "failed to send CHAP challenge.\n");
return;
}
*q = 1; // challenge
}
if (l + 12 > size) {
- log(3,0,0,0, "Would have overflowed the buffer in makeppp: size %d, len %d.\n", size, l);
+ LOG(3,0,0,0, "Would have overflowed the buffer in makeppp: size %d, len %d.\n", size, l);
return NULL; // Run out of room to hold the packet!
}
if (p && l)
q = makeppp(b, sizeof(b), NULL, 0, t, s, PPPLCP);
if (!q) {
- log(1, 0, s, t, "Failed to send LCP ConfigReq.\n");
+ LOG(1, 0, s, t, "Failed to send LCP ConfigReq.\n");
return;
}
- log(4, 0, s, t, "Sending LCP ConfigReq for PAP\n");
+ LOG(4, 0, s, t, "Sending LCP ConfigReq for PAP\n");
*q = ConfigReq;
*(u8 *)(q + 1) = (time_now % 255) + 1; // ID
*(u16 *)(q + 2) = htons(14); // Length
*q = ConfigReq;
*(u8 *)(q + 1) = (time_now % 255) + 1; // ID
*(u16 *)(q + 2) = htons(4); // Length
- log_hex(5, "PPPCCP", q, 4);
+ LOG_HEX(5, "PPPCCP", q, 4);
tunnelsend(b, (q - b) + 4 , t);
}
// L2TPNS Radius Stuff
-char const *cvs_id_radius = "$Id: radius.c,v 1.10 2004-09-02 04:18:07 fred_nerk Exp $";
+char const *cvs_id_radius = "$Id: radius.c,v 1.11 2004-11-05 04:55:27 bodea Exp $";
#include <time.h>
#include <stdio.h>
void initrad(void)
{
int i;
- log(3, 0, 0, 0, "Creating %d sockets for RADIUS queries\n", config->num_radfds);
+ LOG(3, 0, 0, 0, "Creating %d sockets for RADIUS queries\n", config->num_radfds);
radfds = calloc(sizeof(int), config->num_radfds);
for (i = 0; i < config->num_radfds; i++)
{
}
}
- log(0, 0, 0, 0, "Can't find a free radius session! This is very bad!\n");
+ LOG(0, 0, 0, 0, "Can't find a free radius session! This is very bad!\n");
return 0;
}
/* re-use */
if (r)
{
- log(3, 0, s, session[s].tunnel, "Re-used radius %d\n", r);
+ LOG(3, 0, s, session[s].tunnel, "Re-used radius %d\n", r);
return r;
}
if (!(r = get_free_radius()))
{
- log(1, 0, s, session[s].tunnel, "No free RADIUS sessions\n");
+ LOG(1, 0, s, session[s].tunnel, "No free RADIUS sessions\n");
STAT(radius_overflow);
return 0;
};
radius[r].state = RADIUSWAIT;
radius[r].retry = TIME + 1200; // Wait at least 120 seconds to re-claim this.
- log(3,0,s, session[s].tunnel, "Allocated radius %d\n", r);
+ LOG(3,0,s, session[s].tunnel, "Allocated radius %d\n", r);
return r;
}
s = radius[r].session;
if (!config->numradiusservers)
{
- log(0, 0, s, session[s].tunnel, "No RADIUS servers\n");
+ LOG(0, 0, s, session[s].tunnel, "No RADIUS servers\n");
return;
}
if (!*config->radiussecret)
{
- log(0, 0, s, session[s].tunnel, "No RADIUS secret\n");
+ LOG(0, 0, s, session[s].tunnel, "No RADIUS secret\n");
return;
}
radius[r].try = 0;
radius[r].state = state;
radius[r].retry = backoff(radius[r].try++);
- log(4, 0, s, session[s].tunnel, "Send RADIUS id %d sock %d state %s try %d\n",
+ LOG(4, 0, s, session[s].tunnel, "Send RADIUS id %d sock %d state %s try %d\n",
r >> RADIUS_SHIFT, r & RADIUS_MASK,
radius_state(radius[r].state), radius[r].try);
if (radius[r].try > config->numradiusservers * 2)
sessionshutdown(s, "RADIUS timeout");
else
{
- log(1, 0, s, session[s].tunnel, "RADIUS timeout, but in state %s so don't timeout session\n",
+ LOG(1, 0, s, session[s].tunnel, "RADIUS timeout, but in state %s so don't timeout session\n",
radius_states[state]);
radiusclear(r, s);
}
b[0] = 4; // accounting request
break;
default:
- log(0, 0, 0, 0, "Unknown radius state %d\n", state);
+ LOG(0, 0, 0, 0, "Unknown radius state %d\n", state);
}
b[1] = r >> RADIUS_SHIFT; // identifier
memcpy(b + 4, radius[r].auth, 16);
addr.sin_port = htons((state == RADIUSAUTH) ? port : port+1);
}
- log_hex(5, "RADIUS Send", b, (p - b));
+ LOG_HEX(5, "RADIUS Send", b, (p - b));
sendto(radfds[r & RADIUS_MASK], b, p - b, 0, (void *) &addr, sizeof(addr));
}
CSTAT(call_processrad);
- log_hex(5, "RADIUS Response", buf, len);
+ LOG_HEX(5, "RADIUS Response", buf, len);
if (len < 20 || len < ntohs(*(u16 *) (buf + 2)))
{
- log(1, 0, 0, 0, "Duff RADIUS response length %d\n", len);
+ LOG(1, 0, 0, 0, "Duff RADIUS response length %d\n", len);
return ;
}
len = ntohs(*(u16 *) (buf + 2));
r = socket_index | (r_id << RADIUS_SHIFT);
s = radius[r].session;
- log(3, 0, s, session[s].tunnel, "Received %s, radius %d response for session %u (code %d, id %d)\n",
+ LOG(3, 0, s, session[s].tunnel, "Received %s, radius %d response for session %u (code %d, id %d)\n",
radius_states[radius[r].state], r, s, r_code, r_id);
if (!s && radius[r].state != RADIUSSTOP)
{
- log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
+ LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
return;
}
if (radius[r].state != RADIUSAUTH && radius[r].state != RADIUSSTART && radius[r].state != RADIUSSTOP)
{
- log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
+ LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response\n");
return;
}
t = session[s].tunnel;
do {
if (memcmp(hash, buf + 4, 16))
{
- log(0, 0, s, session[s].tunnel, " Incorrect auth on RADIUS response!! (wrong secret in radius config?)\n");
+ LOG(0, 0, s, session[s].tunnel, " Incorrect auth on RADIUS response!! (wrong secret in radius config?)\n");
return; // Do nothing. On timeout, it will try the next radius server.
}
if ((radius[r].state == RADIUSAUTH && *buf != 2 && *buf != 3) ||
((radius[r].state == RADIUSSTART || radius[r].state == RADIUSSTOP) && *buf != 5))
{
- log(1, 0, s, session[s].tunnel, " Unexpected RADIUS response %d\n", *buf);
+ LOG(1, 0, s, session[s].tunnel, " Unexpected RADIUS response %d\n", *buf);
return; // We got something we didn't expect. Let the timeouts take
// care off finishing the radius session if that's really correct.
}
if (radius[r].state == RADIUSAUTH)
{
- log(4, 0, s, session[s].tunnel, " Original response is \"%s\"\n", (*buf == 2) ? "accept" : "reject");
+ LOG(4, 0, s, session[s].tunnel, " Original response is \"%s\"\n", (*buf == 2) ? "accept" : "reject");
// process auth response
if (radius[r].chap)
{
*buf = packet.auth_allowed ? 2 : 3;
}
- log(3, 0, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user,
+ LOG(3, 0, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user,
(*buf == 2) ? "allowed" : "denied");
*p = (*buf == 2) ? 3 : 4; // ack/nak
p[1] = radius[r].id;
*buf = packet.auth_allowed ? 2 : 3;
}
- log(3, 0, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
+ LOG(3, 0, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user,
(*buf == 2) ? "allowed" : "denied");
// ack/nak
*p = *buf;
if (*p == 8)
{
// Statically assigned address
- log(3, 0, s, session[s].tunnel, " Radius reply contains IP address %s\n", inet_toa(*(u32 *) (p + 2)));
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains IP address %s\n", inet_toa(*(u32 *) (p + 2)));
session[s].ip = ntohl(*(u32 *) (p + 2));
session[s].ip_pool_index = -1;
}
else if (*p == 135)
{
// DNS address
- log(3, 0, s, session[s].tunnel, " Radius reply contains primary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains primary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
session[s].dns1 = ntohl(*(u32 *) (p + 2));
}
else if (*p == 136)
{
// DNS address
- log(3, 0, s, session[s].tunnel, " Radius reply contains secondary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains secondary DNS address %s\n", inet_toa(*(u32 *) (p + 2)));
session[s].dns2 = ntohl(*(u32 *) (p + 2));
}
else if (*p == 22)
mask = 0xFFFFFF00;
if (routes == MAXROUTE)
{
- log(1, 0, s, session[s].tunnel, " Too many routes\n");
+ LOG(1, 0, s, session[s].tunnel, " Too many routes\n");
}
else if (ip)
{
char *ips, *masks;
ips = strdup(inet_toa(htonl(ip)));
masks = strdup(inet_toa(htonl(mask)));
- log(3, 0, s, session[s].tunnel, " Radius reply contains route for %s/%s\n", ips, masks);
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains route for %s/%s\n", ips, masks);
free(ips);
free(masks);
session[s].route[routes].ip = ip;
int vendor = ntohl(*(int *)(p + 2));
char attrib = *(p + 6);
char attrib_length = *(p + 7) - 2;
- log(3, 0, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%d Attrib=%d Length=%d\n", vendor, attrib, attrib_length);
+ LOG(3, 0, s, session[s].tunnel, " Radius reply contains Vendor-Specific. Vendor=%d Attrib=%d Length=%d\n", vendor, attrib, attrib_length);
if (attrib_length == 0) continue;
if (attrib != 1)
- log(3, 0, s, session[s].tunnel, " Unknown vendor-specific\n");
+ LOG(3, 0, s, session[s].tunnel, " Unknown vendor-specific\n");
else
{
char *avpair, *value, *key, *newp;
avpair = key = calloc(attrib_length + 1, 1);
memcpy(avpair, p + 8, attrib_length);
- log(3, 0, s, session[s].tunnel, " Cisco-Avpair value: %s\n", avpair);
+ LOG(3, 0, s, session[s].tunnel, " Cisco-Avpair value: %s\n", avpair);
do {
value = strchr(key, '=');
if (!value) break;
}
else if (*buf == 3)
{
- log(2, 0, s, session[s].tunnel, " Authentication denied for %s\n", session[s].user);
+ LOG(2, 0, s, session[s].tunnel, " Authentication denied for %s\n", session[s].user);
//FIXME: We should tear down the session here!
break;
}
if (!session[s].dns1 && config->default_dns1)
{
session[s].dns1 = htonl(config->default_dns1);
- log(3, 0, s, t, " Sending dns1 = %s\n", inet_toa(config->default_dns1));
+ LOG(3, 0, s, t, " Sending dns1 = %s\n", inet_toa(config->default_dns1));
}
if (!session[s].dns2 && config->default_dns2)
{
session[s].dns2 = htonl(config->default_dns2);
- log(3, 0, s, t, " Sending dns2 = %s\n", inet_toa(config->default_dns2));
+ LOG(3, 0, s, t, " Sending dns2 = %s\n", inet_toa(config->default_dns2));
}
// Valid Session, set it up
else
{
// An ack for a stop or start record.
- log(3, 0, s, t, " RADIUS accounting ack recv in state %s\n", radius_states[radius[r].state]);
+ LOG(3, 0, s, t, " RADIUS accounting ack recv in state %s\n", radius_states[radius[r].state]);
break;
}
} while (0);
case RADIUSWAIT: // waiting timeout before available, in case delayed reply from RADIUS server
// free up RADIUS task
radiusclear(r, s);
- log(3, 0, s, session[s].tunnel, "Freeing up radius session %d\n", r);
+ LOG(3, 0, s, session[s].tunnel, "Freeing up radius session %d\n", r);
break;
}
}
{
int i;
- log(1, 0, 0, 0, "Cleaning radius session array\n");
+ LOG(1, 0, 0, 0, "Cleaning radius session array\n");
for (i = 1; i < MAXRADIUS; i++)
{
/* strip domain part of username before sending RADIUS requests */
-char const *cvs_id = "$Id: stripdomain.c,v 1.3 2004-11-05 02:39:35 bodea Exp $";
+char const *cvs_id = "$Id: stripdomain.c,v 1.4 2004-11-05 04:55:27 bodea Exp $";
int __plugin_api_version = 1;
static struct pluginfuncs *p = 0;
// Strip off @domain
if ((x = strchr(data->username, '@')))
{
- p->_log(3, 0, 0, 0, "Stripping off trailing domain name \"%s\"\n", x);
+ p->log(3, 0, 0, 0, "Stripping off trailing domain name \"%s\"\n", x);
*x = 0;
}
// L2TPNS: token bucket filters
-char const *cvs_id_tbf = "$Id: tbf.c,v 1.8 2004-10-29 04:01:11 bodea Exp $";
+char const *cvs_id_tbf = "$Id: tbf.c,v 1.9 2004-11-05 04:55:27 bodea Exp $";
#include <string.h>
#include "l2tpns.h"
if (filter_list[id].next == id) { // Last element in chain?
if (timer_chain != id) { // WTF?
- log(0,0,0,0, "Removed a singleton element from TBF, but tc didn't point to it!\n");
+ LOG(0,0,0,0, "Removed a singleton element from TBF, but tc didn't point to it!\n");
} else
timer_chain = -1;
filter_list[id].next = filter_list[id].prev = 0;
int i;
static int p = 0;
- log(4,0,0,0, "Allocating new TBF (sess %d, rate %d, helper %p)\n", sid, rate, f);
+ LOG(4,0,0,0, "Allocating new TBF (sess %d, rate %d, helper %p)\n", sid, rate, f);
if (!filter_list)
return 0; // Couldn't alloc memory!
return p;
}
- log(0,0,0,0, "Ran out of token bucket filters! Sess %d will be un-throttled\n", sid);
+ LOG(0,0,0,0, "Ran out of token bucket filters! Sess %d will be un-throttled\n", sid);
return 0;
}
if (filter_list[i].lasttime == TIME) // Did we just run it?
continue;
- log(1,0,0,0, "Missed tbf %d! Not on the timer chain?(n %d, p %d, tc %d)\n", i,
+ LOG(1,0,0,0, "Missed tbf %d! Not on the timer chain?(n %d, p %d, tc %d)\n", i,
filter_list[i].next, filter_list[i].prev, timer_chain);
tbf_run_queue(i);
}
/* Misc util functions */
-char const *cvs_id_util = "$Id: util.c,v 1.4 2004-11-02 04:35:04 bodea Exp $";
+char const *cvs_id_util = "$Id: util.c,v 1.5 2004-11-05 04:55:27 bodea Exp $";
#include <unistd.h>
#include <errno.h>
params.sched_priority = 0;
if (sched_setscheduler(0, SCHED_OTHER, ¶ms))
{
- log(0, 0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno));
- log(0, 0, 0, 0, "This is probably really really bad.\n");
+ LOG(0, 0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno));
+ LOG(0, 0, 0, 0, "This is probably really really bad.\n");
}
}