Authorize to change the source IP of the tunnels l2tp

diff --git a/Docs/manual.html b/Docs/manual.html
index d6930dd..4215189 100644 (file)
--- a/Docs/manual.html
+++ b/Docs/manual.html
@@ -265,6 +265,10 @@ from the address of "bind_address" (For use in cases of specific configuration).
 If no address is given to iftun_address and bind_address, 1.1.1.1 is used.
 </LI>
 
+<LI><B>tundevicename</B> (string)<BR>
+Name of the tun interface (default: "tun0").
+</LI>
+
 <LI><B>peer_address</B> (ip address)<BR>
 Address to send to clients as the default gateway.
 </LI>
@@ -384,6 +388,14 @@ If no address is given, all interfaces are listened (Any Address).
 Port to bind for the Remote LNS (default: 65432).
 </LI>
 
+<LI><B>auth_tunnel_change_addr_src</B> (boolean)<BR>
+This parameter authorize to change the source IP of the tunnels l2tp.
+This parameter can be used when the remotes BAS/LAC are l2tpns server
+configured in cluster mode, but that the interface to remote LNS are
+not clustered (the tunnel can be coming from different source IP)
+(default: no).
+</LI>
+
 </UL>
 
 <P>The REMOTES LNS configuration is entered by the command:

diff --git a/debian/changelog b/debian/changelog
index bcba095..a9aa82b 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+l2tpns (2.2.1-2fdn3.2) unstable; urgency=low
+
+  * Authorize to change the source IP of the tunnels l2tp.
+
+ -- Fernando Alves <fernando.alves@sameswireless.fr>  Wed, 26 Dec 2012 10:57:10 +0100
+
 l2tpns (2.2.1-2fdn3.1) unstable; urgency=low
 
   * Add tundevicename configuration option

diff --git a/l2tpns.c b/l2tpns.c
index 5f3b865..9db5bc3 100644 (file)
--- a/l2tpns.c
+++ b/l2tpns.c
@@ -182,6 +182,7 @@ config_descriptt config_values[] = {
        CONFIG("tundevicename", tundevicename, STRING),
 #ifdef LAC
        CONFIG("disable_lac_func", disable_lac_func, BOOL),
+       CONFIG("auth_tunnel_change_addr_src", auth_tunnel_change_addr_src, BOOL),
        CONFIG("bind_address_remotelns", bind_address_remotelns, IPv4),
        CONFIG("bind_portremotelns", bind_portremotelns, SHORT),
 #endif
@@ -3229,10 +3230,22 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
                if (session[s].forwardtosession)
                {
                        LOG(5, s, t, "Forwarding data session to session %u\n", session[s].forwardtosession);
-                       // Forward to LAC or Remote LNS session
+                       // Forward to LAC/BAS or Remote LNS session
                        lac_session_forward(buf, len, s, proto, addr->sin_addr.s_addr, addr->sin_port);
                        return;
                }
+               else if (config->auth_tunnel_change_addr_src)
+               {
+                       if (tunnel[t].ip != ntohl(addr->sin_addr.s_addr) &&
+                               tunnel[t].port == ntohs(addr->sin_port))
+                       {
+                               // The remotes BAS are a clustered l2tpns server and the source IP has changed
+                               LOG(5, s, t, "The tunnel IP source (%s) has changed by new IP (%s)\n",
+                                       fmtaddr(htonl(tunnel[t].ip), 0), fmtaddr(addr->sin_addr.s_addr, 0));
+
+                               tunnel[t].ip = ntohl(addr->sin_addr.s_addr);
+                       }
+               }
 #endif /* LAC */
 
                if (s && !session[s].opened)    // Is something wrong??

diff --git a/l2tpns.h b/l2tpns.h
index ba9a56f..5dbaee7 100644 (file)
--- a/l2tpns.h
+++ b/l2tpns.h
@@ -764,6 +764,7 @@ typedef struct
        in_addr_t iftun_address;
 #ifdef LAC
        int disable_lac_func;
+       int auth_tunnel_change_addr_src;
        int highest_rlnsid;
        uint16_t bind_portremotelns;
        in_addr_t bind_address_remotelns;