bodea [Mon, 10 Jan 2005 07:17:37 +0000 (07:17 +0000)]
more DoS prevention: add packet_limit option to apply a hard limit to downstream packets per session
bodea [Fri, 7 Jan 2005 07:19:19 +0000 (07:19 +0000)]
CHAP support from Jordan Hrycaj (work in progress)
bodea [Fri, 7 Jan 2005 07:18:33 +0000 (07:18 +0000)]
CHAP support
bodea [Fri, 7 Jan 2005 07:17:13 +0000 (07:17 +0000)]
CSTAT() adds "call_"; CHAP support
bodea [Fri, 7 Jan 2005 07:15:10 +0000 (07:15 +0000)]
fix format strings; add call_random_data to counters
bodea [Fri, 7 Jan 2005 07:14:14 +0000 (07:14 +0000)]
CSTAT() adds "call_"
bodea [Thu, 6 Jan 2005 02:35:03 +0000 (02:35 +0000)]
add -Wformat-security -Wno-format-zero-length
bodea [Wed, 5 Jan 2005 14:35:01 +0000 (14:35 +0000)]
comment
bodea [Wed, 5 Jan 2005 13:51:26 +0000 (13:51 +0000)]
Add Jordan (chap patches)
bodea [Wed, 5 Jan 2005 13:50:30 +0000 (13:50 +0000)]
use bounds-checking lookup functions for string constants
use random_data() to set radius[].auth
bodea [Wed, 5 Jan 2005 13:45:49 +0000 (13:45 +0000)]
use bounds-checking lookup functions for string constants
replace some magic numbers with enum
bodea [Wed, 5 Jan 2005 13:37:56 +0000 (13:37 +0000)]
use bounds-checking lookup functions for string constants
bodea [Wed, 22 Dec 2004 05:30:58 +0000 (05:30 +0000)]
typo
bodea [Mon, 20 Dec 2004 07:23:41 +0000 (07:23 +0000)]
sanity check that cluster_send_session is not called from a child process
throttle outgoing LASTSEEN packets to at most one per second for a given seq#
bodea [Sat, 18 Dec 2004 01:20:05 +0000 (01:20 +0000)]
start merging Jonathan's IPv6 patches (01-defines, 02-ipv6-cli)
bodea [Fri, 17 Dec 2004 00:28:00 +0000 (00:28 +0000)]
count select_called, multi_read_used and multi_read_exceeded
bodea [Thu, 16 Dec 2004 23:40:30 +0000 (23:40 +0000)]
add counters for select_called, select_ready and select_processed
fix cli_print format strings
bodea [Thu, 16 Dec 2004 08:54:16 +0000 (08:54 +0000)]
missed arg
bodea [Thu, 16 Dec 2004 08:49:52 +0000 (08:49 +0000)]
use standard uintN_t types for portability
bodea [Thu, 16 Dec 2004 03:03:41 +0000 (03:03 +0000)]
cosmetic logging change
bodea [Wed, 15 Dec 2004 03:09:56 +0000 (03:09 +0000)]
allow compilation with BGP unset
bodea [Wed, 15 Dec 2004 03:02:16 +0000 (03:02 +0000)]
remove old cruft
bodea [Wed, 15 Dec 2004 02:56:38 +0000 (02:56 +0000)]
typo
bodea [Wed, 15 Dec 2004 01:04:34 +0000 (01:04 +0000)]
skip where our table version is greater (rather than falling through)
bodea [Mon, 13 Dec 2004 05:27:19 +0000 (05:27 +0000)]
defer shutdown counters for a minute after normal acct dump
bodea [Mon, 13 Dec 2004 05:20:39 +0000 (05:20 +0000)]
typo
bodea [Mon, 13 Dec 2004 05:09:55 +0000 (05:09 +0000)]
make cluster_sockfd non-blocking
bodea [Mon, 13 Dec 2004 05:09:35 +0000 (05:09 +0000)]
don't trample n
bodea [Mon, 13 Dec 2004 02:27:30 +0000 (02:27 +0000)]
retain counters of shutdown sessions to dump once per minute
bodea [Thu, 9 Dec 2004 13:05:00 +0000 (13:05 +0000)]
typo
bodea [Thu, 9 Dec 2004 12:54:03 +0000 (12:54 +0000)]
compress logs
bodea [Thu, 9 Dec 2004 00:53:45 +0000 (00:53 +0000)]
- Use gzip --best for man pages, include pid_file in sample
startup-config (from Jonathan's Debian package patches).
- Read multiple packets off cluster_sockfd as well as udpfd, tunfd in an
attempt to avoid losing the cluster in high load (DoS) conditions.
bodea [Thu, 9 Dec 2004 00:53:14 +0000 (00:53 +0000)]
add pid_file as in Debian package
bodea [Thu, 9 Dec 2004 00:52:35 +0000 (00:52 +0000)]
use gzip --best for man pages
re-order DEFINES to better allow for optional features which add to $(OBJS)
bodea [Thu, 9 Dec 2004 00:50:45 +0000 (00:50 +0000)]
read multiple packets off cluster_sockfd as well as udpfd, tunfd
bodea [Thu, 9 Dec 2004 00:38:44 +0000 (00:38 +0000)]
typo in log message
bodea [Sun, 5 Dec 2004 23:45:04 +0000 (23:45 +0000)]
drop "Session N is closing" message level to 4; don't process PPPIP packets in this state
bodea [Fri, 3 Dec 2004 06:41:11 +0000 (06:41 +0000)]
skip newlines in ringbuffer messages
bodea [Fri, 3 Dec 2004 06:40:02 +0000 (06:40 +0000)]
better cluster master collision resolution
bodea [Wed, 1 Dec 2004 04:44:29 +0000 (04:44 +0000)]
*really* fix
bodea [Wed, 1 Dec 2004 04:36:59 +0000 (04:36 +0000)]
2.0.12 redux
bodea [Wed, 1 Dec 2004 04:35:09 +0000 (04:35 +0000)]
allow in N, out N
bodea [Wed, 1 Dec 2004 04:14:55 +0000 (04:14 +0000)]
release 2.0.12
bodea [Wed, 1 Dec 2004 03:37:20 +0000 (03:37 +0000)]
fix cut-n-paste error
bodea [Wed, 1 Dec 2004 02:52:46 +0000 (02:52 +0000)]
don't send a RADIUS start record when ungardening on shutdown
bodea [Wed, 1 Dec 2004 02:51:06 +0000 (02:51 +0000)]
cosmetic
bodea [Tue, 30 Nov 2004 22:11:29 +0000 (22:11 +0000)]
dropping packets; increase ip_conntrack_max
bodea [Tue, 30 Nov 2004 21:54:23 +0000 (21:54 +0000)]
dropping packets; increase ip_conntrack_max
bodea [Tue, 30 Nov 2004 19:37:46 +0000 (19:37 +0000)]
version bump
bodea [Tue, 30 Nov 2004 19:34:57 +0000 (19:34 +0000)]
*cough*
bodea [Tue, 30 Nov 2004 07:24:38 +0000 (07:24 +0000)]
*** empty log message ***
bodea [Tue, 30 Nov 2004 07:14:45 +0000 (07:14 +0000)]
fix logging of invalid type
bodea [Tue, 30 Nov 2004 06:50:26 +0000 (06:50 +0000)]
more paranoid length checking for RADIUS replies
bodea [Tue, 30 Nov 2004 05:49:57 +0000 (05:49 +0000)]
add THANKS
bodea [Tue, 30 Nov 2004 05:49:47 +0000 (05:49 +0000)]
revise parsing
bodea [Tue, 30 Nov 2004 01:55:28 +0000 (01:55 +0000)]
remove old snoop_{host,port} options
bodea [Tue, 30 Nov 2004 01:35:19 +0000 (01:35 +0000)]
fix byte ordering in log
bodea [Tue, 30 Nov 2004 01:10:44 +0000 (01:10 +0000)]
*** empty log message ***
bodea [Tue, 30 Nov 2004 01:08:21 +0000 (01:08 +0000)]
*** empty log message ***
bodea [Tue, 30 Nov 2004 00:53:08 +0000 (00:53 +0000)]
2.0.9 (again)
bodea [Tue, 30 Nov 2004 00:50:03 +0000 (00:50 +0000)]
copy identifier from request for ConfigNak, ConfigRej; update LCP
header length
bodea [Tue, 30 Nov 2004 00:46:36 +0000 (00:46 +0000)]
ignore lcp:interface-config avpairs when != serv (yuri)
bodea [Mon, 29 Nov 2004 12:36:54 +0000 (12:36 +0000)]
typo
bodea [Mon, 29 Nov 2004 07:56:12 +0000 (07:56 +0000)]
update extended acl syntax
bodea [Mon, 29 Nov 2004 06:30:05 +0000 (06:30 +0000)]
disallow "fragments" on rules with layer 4 matches
bodea [Mon, 29 Nov 2004 06:29:28 +0000 (06:29 +0000)]
update "established", add "fragments"
bodea [Mon, 29 Nov 2004 03:55:19 +0000 (03:55 +0000)]
oops
bodea [Mon, 29 Nov 2004 02:17:17 +0000 (02:17 +0000)]
make "established" a different tcp flag match
add fragment handling
drop IP address from LOG macro (function)
bodea [Sun, 28 Nov 2004 20:09:52 +0000 (20:09 +0000)]
add filtering
bodea [Sun, 28 Nov 2004 02:53:11 +0000 (02:53 +0000)]
update filter refcounts
add cli commands for filtering/unfiltering
bodea [Sat, 27 Nov 2004 21:10:50 +0000 (21:10 +0000)]
filters
bodea [Sat, 27 Nov 2004 20:42:02 +0000 (20:42 +0000)]
parse Filter-Id attributes
bodea [Sat, 27 Nov 2004 20:41:41 +0000 (20:41 +0000)]
allow - in filter names; include in "show session" output
bodea [Sat, 27 Nov 2004 05:19:53 +0000 (05:19 +0000)]
- Revise CCP, send ConfigReq once only.
- Check control serial before clearing window, prevents looping tunnel
setup in some instances.
- Add configuration syntax for adding named access lists (work in progress).
bodea [Thu, 25 Nov 2004 12:46:48 +0000 (12:46 +0000)]
oop
bodea [Thu, 25 Nov 2004 12:41:35 +0000 (12:41 +0000)]
reinstate sendccp as initccp; send only once
bodea [Thu, 25 Nov 2004 02:49:18 +0000 (02:49 +0000)]
continue, not return
bodea [Thu, 25 Nov 2004 02:45:27 +0000 (02:45 +0000)]
- Drop sendccp. If client sends a CCP request for compression just NAK it.
- Don't copy the old buffer into Config{Nak,Rej} LCP responses (oops);
add length checks when appending.
- Have makeppp print a backtrace on overflow.
bodea [Fri, 19 Nov 2004 21:12:03 +0000 (21:12 +0000)]
install nsctl
bodea [Fri, 19 Nov 2004 20:47:31 +0000 (20:47 +0000)]
prepare 2.0.8
bodea [Fri, 19 Nov 2004 07:46:52 +0000 (07:46 +0000)]
*** empty log message ***
bodea [Thu, 18 Nov 2004 16:07:46 +0000 (16:07 +0000)]
doc update
bodea [Thu, 18 Nov 2004 15:55:58 +0000 (15:55 +0000)]
doc update
bodea [Thu, 18 Nov 2004 13:15:28 +0000 (13:15 +0000)]
Allow LCP re-negotiation after connection completes
bodea [Thu, 18 Nov 2004 13:09:47 +0000 (13:09 +0000)]
fix clean target
bodea [Thu, 18 Nov 2004 09:02:29 +0000 (09:02 +0000)]
don't route Framed-IP-Address if contained in a Framed-Route
bodea [Thu, 18 Nov 2004 08:13:49 +0000 (08:13 +0000)]
Fix deletion from linked list.
bodea [Thu, 18 Nov 2004 08:12:55 +0000 (08:12 +0000)]
- fix case where ll_delete removes the last entry
- ll_iterate should pass item->data, not item
bodea [Thu, 18 Nov 2004 06:41:03 +0000 (06:41 +0000)]
pass cluster master state to plugin_control functions
bodea [Thu, 18 Nov 2004 05:45:14 +0000 (05:45 +0000)]
*** empty log message ***
bodea [Thu, 18 Nov 2004 05:44:36 +0000 (05:44 +0000)]
fix late night typos
bodea [Wed, 17 Nov 2004 15:08:19 +0000 (15:08 +0000)]
- Add startup-config(5) manpage.
- Add snoopctl, throttlectl plugins.
- Update documentation.
bodea [Wed, 17 Nov 2004 08:23:34 +0000 (08:23 +0000)]
- Add startup-config(5) manpage [FIXME].
- Revise nsctl to allow arbitrary strings/args to be passed to plugins.
fred_nerk [Tue, 16 Nov 2004 21:54:46 +0000 (21:54 +0000)]
Add manpages from Jonathan McDowell
Remove reference to old -a command line argument
bodea [Tue, 16 Nov 2004 07:54:32 +0000 (07:54 +0000)]
- Ignore gateway address in Framed-Route (from Jonathan McDowell).
- Call sessionshutdown() when a tunnel is dropped rather than
sessionkill() to ensure that RADIUS stop records are sent.
- Cleanup: make a bunch of global functions/variables static.
bodea [Mon, 15 Nov 2004 07:03:41 +0000 (07:03 +0000)]
*** empty log message ***
bodea [Mon, 15 Nov 2004 07:01:54 +0000 (07:01 +0000)]
2.0.7
bodea [Mon, 15 Nov 2004 06:49:56 +0000 (06:49 +0000)]
Don't assume BGP peer sends back negotiated hold time, pick smallest
bodea [Mon, 15 Nov 2004 02:26:20 +0000 (02:26 +0000)]
Fix socket creation in host_unreachable() (thanks to Bjørn Augestad)
bodea [Thu, 11 Nov 2004 06:13:29 +0000 (06:13 +0000)]
*** empty log message ***