From 07e1df5b92a099b3b390822d0f594b175226dc01 Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 22 Sep 2015 23:19:01 +0200 Subject: [PATCH 1/1] Add of the ppp_keepalive option. --- Docs/l2tpns.8 | 35 ++++++++++------ Docs/manual.html | 6 +++ Docs/startup-config.5 | 86 ++++++++++++++++++++++---------------- Docs/startup-config.5.pod | 4 ++ debian/changelog | 6 +++ etc/startup-config.default | 2 + l2tpns.c | 8 +++- l2tpns.h | 1 + 8 files changed, 96 insertions(+), 52 deletions(-) diff --git a/Docs/l2tpns.8 b/Docs/l2tpns.8 index 1bac4fe..10eeb88 100644 --- a/Docs/l2tpns.8 +++ b/Docs/l2tpns.8 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.16) +.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28) .\" .\" Standard preamble: .\" ======================================================================== @@ -38,6 +38,8 @@ . ds PI \(*p . ds L" `` . ds R" '' +. ds C` +. ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. @@ -48,17 +50,24 @@ .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.ie \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX .. -. nr % 0 -. rr F -.\} -.el \{\ -. de IX +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{ +. if \nF \{ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. +. if !\nF==2 \{ +. nr % 0 +. nr F 2 +. \} +. \} .\} +.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -124,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "L2TPNS.8 1" -.TH L2TPNS.8 1 "2014-09-11" "perl v5.14.2" "User Contributed Perl Documentation" +.TH L2TPNS.8 1 "2014-09-14" "perl v5.20.2" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -138,16 +147,16 @@ l2tpns \- Layer 2 tunneling protocol network server (LNS) .IX Header "DESCRIPTION" \&\fBl2tpns\fR is a daemon for terminating layer 2 tunneling protocol (L2TP: \s-1RFC2661\s0) sessions. .PP -\&\fBl2tpns\fR is a complete L2TP implementation. It supports the \s-1LAC\s0, \s-1LNS\s0, \s-1PPPOE\s0 and DHCPv6 server. +\&\fBl2tpns\fR is a complete L2TP implementation. It supports the \s-1LAC, LNS, PPPOE\s0 and DHCPv6 server. .PP Once running, \fBl2tpns\fR may be controlled by telnetting to port 23 on the machine running the daemon and with the \fBnsctl\fR utility. .SH "OPTIONS" .IX Header "OPTIONS" .IP "\fB\-d\fR Detach from terminal and fork into the background. By default l2tpns will stay in the foreground." 4 -.IX Item "-d Detach from terminal and fork into the background. By default l2tpns will stay in the foreground." +.IX Item "-d Detach from terminal and fork into the background. By default l2tpns will stay in the foreground." \&. .IP "\fB\-v\fR Increase verbosity for debugging. Can be used multiple times." 4 -.IX Item "-v Increase verbosity for debugging. Can be used multiple times." +.IX Item "-v Increase verbosity for debugging. Can be used multiple times." \&. .IP "\fB\-c\fR \fIfile\fR" 4 .IX Item "-c file" diff --git a/Docs/manual.html b/Docs/manual.html index 1c59720..68b3759 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -378,6 +378,12 @@ Drop sessions who have not responded within idle_echo_timeout seconds (default: 240 (seconds)) +
  • ppp_keepalive (int)
    +Change this value to no to force generation of LCP ECHO every +echo_timeout seconds, even there are activity on the link. +(default: yes) +
  • +
  • auth_tunnel_change_addr_src (boolean)
    This parameter authorize to change the source IP of the tunnels l2tp. This parameter can be used when the remotes BAS/LAC are l2tpns server diff --git a/Docs/startup-config.5 b/Docs/startup-config.5 index e76e269..e18c69f 100644 --- a/Docs/startup-config.5 +++ b/Docs/startup-config.5 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.16) +.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28) .\" .\" Standard preamble: .\" ======================================================================== @@ -38,6 +38,8 @@ . ds PI \(*p . ds L" `` . ds R" '' +. ds C` +. ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. @@ -48,17 +50,24 @@ .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.ie \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX .. -. nr % 0 -. rr F -.\} -.el \{\ -. de IX +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{ +. if \nF \{ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. +. if !\nF==2 \{ +. nr % 0 +. nr F 2 +. \} +. \} .\} +.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -124,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "STARTUP-CONFIG.5 1" -.TH STARTUP-CONFIG.5 1 "2014-09-11" "perl v5.14.2" "User Contributed Perl Documentation" +.TH STARTUP-CONFIG.5 1 "2015-09-22" "perl v5.20.2" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -175,14 +184,14 @@ Allow multiple logins with the same username. If false (the default), any prior This parameter authorize to change the source \s-1IP\s0 of the tunnels l2tp. This parameter can be used when the remotes \s-1BAS/LAC\s0 are l2tpns server configured in cluster mode, but that the interface to remote \s-1LNS\s0 are not clustered (the tunnel can be coming from different source \s-1IP\s0) (default: no). .IP "\fBbind_address\fR (ip address)" 4 .IX Item "bind_address (ip address)" -It's the listen address of the l2tp udp protocol sent and received to \s-1LAC\s0. This address is also assigned to the tun interface if no iftun_address is specified. Packets containing user traffic should be routed via this address if given, otherwise the primary address of the machine. +It's the listen address of the l2tp udp protocol sent and received to \s-1LAC.\s0 This address is also assigned to the tun interface if no iftun_address is specified. Packets containing user traffic should be routed via this address if given, otherwise the primary address of the machine. .IP "\fBbind_multi_address\fR (ip address)" 4 .IX Item "bind_multi_address (ip address)" This parameter permit to listen several addresss of the l2tp udp protocol (and set several address to the tun interface). .Sp \&\s-1WHEN\s0 this parameter is set, It \s-1OVERWRITE\s0 the parameters \*(L"bind_address\*(R" and \*(L"iftun_address\*(R". .Sp -these can be interesting when you want do load-balancing in cluster mode of the uploaded from the \s-1LAC\s0. For example you can set a bgp.prepend(\s-1MY_AS\s0) for Address1 on \s-1LNS1\s0 and a bgp.prepend(\s-1MY_AS\s0) for Address2 on \s-1LNS2\s0 (see \s-1BGP\s0 AS-path prepending). +these can be interesting when you want do load-balancing in cluster mode of the uploaded from the \s-1LAC.\s0 For example you can set a bgp.prepend(\s-1MY_AS\s0) for Address1 on \s-1LNS1\s0 and a bgp.prepend(\s-1MY_AS\s0) for Address2 on \s-1LNS2 \s0(see \s-1BGP\s0 AS-path prepending). .Sp example of use with 2 address: .Sp @@ -232,13 +241,13 @@ Note that the higher you set the debugging level, the slower the program will ru .RE .IP "\fBdump_speed\fR (boolean)" 4 .IX Item "dump_speed (boolean)" -If set to true, then the current bandwidth utilization will be logged every second. Even if this is disabled, you can see this information by running the uptime command on the \s-1CLI\s0. +If set to true, then the current bandwidth utilization will be logged every second. Even if this is disabled, you can see this information by running the uptime command on the \s-1CLI.\s0 .IP "\fBdisable_sending_hello\fR (boolean)" 4 .IX Item "disable_sending_hello (boolean)" -Disable l2tp sending \s-1HELLO\s0 message for Apple compatibility. Some \s-1OS\s0 X implementation of l2tp no manage the L2TP \*(L"\s-1HELLO\s0 message\*(R". (default: no). +Disable l2tp sending \s-1HELLO\s0 message for Apple compatibility. Some \s-1OS X\s0 implementation of l2tp no manage the L2TP \*(L"\s-1HELLO\s0 message\*(R". (default: no). .IP "\fBecho_timeout\fR (int)" 4 .IX Item "echo_timeout (int)" -Time between last packet sent and \s-1LCP\s0 \s-1ECHO\s0 generation (default: 10 (seconds)). +Time between last packet sent and \s-1LCP ECHO\s0 generation (default: 10 (seconds)). .IP "\fBguest_account\fR" 4 .IX Item "guest_account" Allow multiple logins matching this specific username. @@ -253,10 +262,10 @@ Drop sessions who have not responded within idle_echo_timeout seconds (default: This parameter is used when you want a tun interface address different from the address of \*(L"bind_address\*(R" (For use in cases of specific configuration). If no address is given to iftun_address and bind_address, 1.1.1.1 is used. .IP "\fBl2tp_mtu\fR (int)" 4 .IX Item "l2tp_mtu (int)" -\&\s-1MTU\s0 of interface for L2TP traffic (default: 1500). Used to set link \s-1MRU\s0 and adjust \s-1TCP\s0 \s-1MSS\s0. +\&\s-1MTU\s0 of interface for L2TP traffic (default: 1500). Used to set link \s-1MRU\s0 and adjust \s-1TCP MSS.\s0 .IP "\fBl2tp_secret\fR (string)" 4 .IX Item "l2tp_secret (string)" -The secret used by l2tpns for authenticating tunnel request. Must be the same as the \s-1LAC\s0, or authentication will fail. Only actually be used if the \s-1LAC\s0 requests authentication. +The secret used by l2tpns for authenticating tunnel request. Must be the same as the \s-1LAC,\s0 or authentication will fail. Only actually be used if the \s-1LAC\s0 requests authentication. .IP "\fBlock_pages\fR (boolean)" 4 .IX Item "lock_pages (boolean)" Keep all pages mapped by the l2tpns process in memory. @@ -275,6 +284,9 @@ Address to send to clients as the default gateway. .IP "\fBpid_file\fR (string)" 4 .IX Item "pid_file (string)" If set, the process id will be written to the specified file. The value must be an absolute path. +.IP "\fBppp_keepalive\fR (boolean)" 4 +.IX Item "ppp_keepalive (boolean)" +Change this value to no to force generation of \s-1LCP ECHO\s0 every echo_timeout seconds, even there are activity on the link (default: yes) .IP "\fBppp_restart_time\fR (int)" 4 .IX Item "ppp_restart_time (int)" .PD 0 @@ -283,7 +295,7 @@ If set, the process id will be written to the specified file. The value must be .IP "\fBppp_max_failure\fR (int)" 4 .IX Item "ppp_max_failure (int)" .PD -\&\s-1PPP\s0 counter and timer values, as described in Section 4.1 of \s-1RFC1661\s0. +\&\s-1PPP\s0 counter and timer values, as described in Section 4.1 of \s-1RFC1661.\s0 .Sp \&\fIppp_restart_time\fR, Restart timer for \s-1PPP\s0 protocol negotiation in seconds (default: 3). .Sp @@ -315,16 +327,16 @@ This secret will be used in all \s-1RADIUS\s0 queries. If this is not set then \ A comma separated list of supported \s-1RADIUS\s0 authentication methods (\*(L"pap\*(R" or \*(L"chap\*(R"), in order of preference (default \*(L"pap\*(R"). .IP "\fBradius_dae_port\fR (short)" 4 .IX Item "radius_dae_port (short)" -Port for \s-1DAE\s0 \s-1RADIUS\s0 (Packet of Death/Disconnect, Change of Authorization) requests (default: 3799). +Port for \s-1DAE RADIUS \s0(Packet of Death/Disconnect, Change of Authorization) requests (default: 3799). .IP "\fBradius_bind_min\fR, \fBradius_bind_max\fR (int)" 4 .IX Item "radius_bind_min, radius_bind_max (int)" -Define a port range in which to bind sockets used to send and receive \s-1RADIUS\s0 packets. Must be at least \s-1RADIUS_FDS\s0 (64) wide. Simplifies firewalling of \s-1RADIUS\s0 ports (default: dynamically assigned). +Define a port range in which to bind sockets used to send and receive \s-1RADIUS\s0 packets. Must be at least \s-1RADIUS_FDS \s0(64) wide. Simplifies firewalling of \s-1RADIUS\s0 ports (default: dynamically assigned). .IP "\fBrandom_device\fR (string)" 4 .IX Item "random_device (string)" Path to random data source (default /dev/urandom). Use "" to use the \fIrand()\fR library function. .IP "\fBscheduler_fifo\fR (boolean)" 4 .IX Item "scheduler_fifo (boolean)" -Sets the scheduling policy for the l2tpns process to \s-1SCHED_FIFO\s0. This causes the kernel to immediately preempt any currently running \s-1SCHED_OTHER\s0 (normal) process in favour of l2tpns when it becomes runnable. Ignored on uniprocessor systems. +Sets the scheduling policy for the l2tpns process to \s-1SCHED_FIFO.\s0 This causes the kernel to immediately preempt any currently running \s-1SCHED_OTHER \s0(normal) process in favour of l2tpns when it becomes runnable. Ignored on uniprocessor systems. .IP "\fBsend_garp\fR (boolean)" 4 .IX Item "send_garp (boolean)" Determines whether or not to send a gratuitous \s-1ARP\s0 for the bind_address when the server is ready to handle traffic (default: true). This value is ignored if \s-1BGP\s0 is configured. @@ -333,7 +345,7 @@ Determines whether or not to send a gratuitous \s-1ARP\s0 for the bind_address w Name of the tun interface (default: \*(L"tun0\*(R"). .IP "\fBthrottle_speed\fR (int)" 4 .IX Item "throttle_speed (int)" -Sets the default speed (in kbits/s) which sessions will be limited to. If this is set to 0, then throttling will not be used at all. Note: You can set this by the \s-1CLI\s0, but changes will not affect currently connected users. +Sets the default speed (in kbits/s) which sessions will be limited to. If this is set to 0, then throttling will not be used at all. Note: You can set this by the \s-1CLI,\s0 but changes will not affect currently connected users. .IP "\fBthrottle_buckets\fR (int)" 4 .IX Item "throttle_buckets (int)" Number of token buckets to allocate for throttling. Each throttled session requires two buckets (in and out). @@ -357,27 +369,27 @@ The Domain Search List (ex: \*(L"fdn.fr\*(R") (see rfc3646). .IP "\fBipv6_prefix\fR (Ipv6 address)" 4 .IX Item "ipv6_prefix (Ipv6 address)" Enable negotiation of IPv6. This forms the the first 64 bits of the client allocated address. The remaining 64 come from the allocated IPv4 address and 4 bytes of 0. -.SS "\s-1LAC\s0 \s-1SETTINGS\s0" +.SS "\s-1LAC SETTINGS\s0" .IX Subsection "LAC SETTINGS" .IP "\fBbind_address_remotelns\fR (ip address)" 4 .IX Item "bind_address_remotelns (ip address)" Address of the interface to listen the remote \s-1LNS\s0 tunnels. If no address is given, all interfaces are listened (Any Address). .IP "\fBbind_portremotelns\fR (short)" 4 .IX Item "bind_portremotelns (short)" -Port to bind for the Remote \s-1LNS\s0 (default: 65432). +Port to bind for the Remote \s-1LNS \s0(default: 65432). .PP -A static \s-1REMOTES\s0 \s-1LNS\s0 configuration can be entered by the command: +A static \s-1REMOTES LNS\s0 configuration can be entered by the command: .IP "\fBsetforward\fR \fI\s-1MASK\s0\fR \fI\s-1IP\s0\fR \fI\s-1PORT\s0\fR \fI\s-1SECRET\s0\fR" 4 .IX Item "setforward MASK IP PORT SECRET" -where \s-1MASK\s0 specifies the mask of users who have forwarded to remote \s-1LNS\s0 (ex: \*(L"/friendISP@company.com\*(R"). +where \s-1MASK\s0 specifies the mask of users who have forwarded to remote \s-1LNS \s0(ex: \*(L"/friendISP@company.com\*(R"). .Sp -where \s-1IP\s0 specifies the \s-1IP\s0 of the remote \s-1LNS\s0 (ex: \*(L"66.66.66.55\*(R"). +where \s-1IP\s0 specifies the \s-1IP\s0 of the remote \s-1LNS \s0(ex: \*(L"66.66.66.55\*(R"). .Sp -where \s-1PORT\s0 specifies the L2TP Port of the remote \s-1LNS\s0 (Normally should be 1701) (ex: 1701). +where \s-1PORT\s0 specifies the L2TP Port of the remote \s-1LNS \s0(Normally should be 1701) (ex: 1701). .Sp -where \s-1SECRET\s0 specifies the secret password the remote \s-1LNS\s0 (ex: mysecret). +where \s-1SECRET\s0 specifies the secret password the remote \s-1LNS \s0(ex: mysecret). .PP -The static \s-1REMOTE\s0 \s-1LNS\s0 configuration can be used when the friend \s-1ISP\s0 not have a proxied Radius. +The static \s-1REMOTE LNS\s0 configuration can be used when the friend \s-1ISP\s0 not have a proxied Radius. .PP If a proxied Radius is used, It will return the \s-1RADIUS\s0 attributes: .IP "Tunnel\-Type:1 = L2TP" 4 @@ -385,8 +397,8 @@ If a proxied Radius is used, It will return the \s-1RADIUS\s0 attributes: .PD 0 .IP "Tunnel\-Medium\-Type:1 = IPv4" 4 .IX Item "Tunnel-Medium-Type:1 = IPv4" -.ie n .IP "Tunnel\-Password:1 = ""\s-1LESECRETL2TP\s0""" 4 -.el .IP "Tunnel\-Password:1 = ``\s-1LESECRETL2TP\s0''" 4 +.ie n .IP "Tunnel\-Password:1 = ""\s-1LESECRETL2TP""\s0" 4 +.el .IP "Tunnel\-Password:1 = ``\s-1LESECRETL2TP''\s0" 4 .IX Item "Tunnel-Password:1 = LESECRETL2TP" .ie n .IP "Tunnel\-Server\-Endpoint:1 = ""88.xx.xx.x1""" 4 .el .IP "Tunnel\-Server\-Endpoint:1 = ``88.xx.xx.x1''" 4 @@ -398,8 +410,8 @@ If a proxied Radius is used, It will return the \s-1RADIUS\s0 attributes: .IX Item "Tunnel-Type:2 += L2TP" .IP "Tunnel\-Medium\-Type:2 += IPv4" 4 .IX Item "Tunnel-Medium-Type:2 += IPv4" -.ie n .IP "Tunnel\-Password:2 += ""\s-1LESECRETL2TP\s0""" 4 -.el .IP "Tunnel\-Password:2 += ``\s-1LESECRETL2TP\s0''" 4 +.ie n .IP "Tunnel\-Password:2 += ""\s-1LESECRETL2TP""\s0" 4 +.el .IP "Tunnel\-Password:2 += ``\s-1LESECRETL2TP''\s0" 4 .IX Item "Tunnel-Password:2 += LESECRETL2TP" .ie n .IP "Tunnel\-Server\-Endpoint:2 += ""88.xx.xx.x2""" 4 .el .IP "Tunnel\-Server\-Endpoint:2 += ``88.xx.xx.x2''" 4 @@ -408,7 +420,7 @@ If a proxied Radius is used, It will return the \s-1RADIUS\s0 attributes: .el .IP "Tunnel\-Assignment\-Id:2 += ``friendisp_lns2''" 4 .IX Item "Tunnel-Assignment-Id:2 += friendisp_lns2" .PD -.SS "\s-1PPPOE\s0 \s-1SETTINGS\s0" +.SS "\s-1PPPOE SETTINGS\s0" .IX Subsection "PPPOE SETTINGS" .IP "\fBpppoe_if_to_bind\fR (string)" 4 .IX Item "pppoe_if_to_bind (string)" @@ -422,7 +434,7 @@ If a proxied Radius is used, It will return the \s-1RADIUS\s0 attributes: .IP "\fBpppoe_only_equal_svc_name\fR (boolean)" 4 .IX Item "pppoe_only_equal_svc_name (boolean)" If set to yes, the \s-1PPPOE\s0 server only accepts clients with a \*(L"service-name\*(R" different from \s-1NULL\s0 and a \*(L"service-name\*(R" equal to server \*(L"service-name\*(R" (default: no). -.SS "\s-1BGP\s0 \s-1ROUTING\s0" +.SS "\s-1BGP ROUTING\s0" .IX Subsection "BGP ROUTING" The routing configuration section is entered by the command .PP @@ -437,7 +449,7 @@ Subsequent lines prefixed with \fBneighbour\fR \fIpeer\fR define the attributes \&\fBneighbour\fR \fIpeer\fR \fBtimers\fR \fIkeepalive\fR \fIhold\fR .PP Where \fIpeer\fR specifies the \s-1BGP\s0 neighbour as either a hostname or \s-1IP\s0 address, \fIas\fR is the remote \s-1AS\s0 number and \fIkeepalive\fR, \fIhold\fR are the timer values in seconds. -.SS "\s-1NAMED\s0 \s-1ACCESS\s0 \s-1LISTS\s0" +.SS "\s-1NAMED ACCESS LISTS\s0" .IX Subsection "NAMED ACCESS LISTS" Named access lists may be defined with either of .IP "\(bu" 4 diff --git a/Docs/startup-config.5.pod b/Docs/startup-config.5.pod index 93a3700..f652dda 100644 --- a/Docs/startup-config.5.pod +++ b/Docs/startup-config.5.pod @@ -184,6 +184,10 @@ Address to send to clients as the default gateway. If set, the process id will be written to the specified file. The value must be an absolute path. +=item B (boolean) + +Change this value to no to force generation of LCP ECHO every echo_timeout seconds, even there are activity on the link (default: yes) + =item B (int) =item B (int) diff --git a/debian/changelog b/debian/changelog index 565c153..18691dd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +l2tpns (2.2.1-2fdn3.18) unstable;; urgency=low + + * Add of the ppp_keepalive option. + + -- Fernando Alves Tue, 22 Sep 2015 23:15:04 +0200 + l2tpns (2.2.1-2fdn3.17) unstable; urgency=low * Add of the RDNSS option to ICMPv6 Router Advertisement (RA). diff --git a/etc/startup-config.default b/etc/startup-config.default index f253f57..7545160 100644 --- a/etc/startup-config.default +++ b/etc/startup-config.default @@ -116,6 +116,8 @@ set accounting_dir "/var/run/l2tpns/acct" #set echo_timeout 10 # Drop sessions who have not responded within idle_echo_timeout seconds (default 240 seconds) #set idle_echo_timeout 240 +# Change this value to no to force generation of LCP ECHO every echo_timeout seconds, even there are activity on the link (default yes) +set ppp_keepalive yes # Drop/kill sessions #load plugin "sessionctl" diff --git a/l2tpns.c b/l2tpns.c index 114981f..1c50a3e 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -132,6 +132,7 @@ config_descriptt config_values[] = { CONFIG("ppp_restart_time", ppp_restart_time, INT), CONFIG("ppp_max_configure", ppp_max_configure, INT), CONFIG("ppp_max_failure", ppp_max_failure, INT), + CONFIG("ppp_keepalive", ppp_keepalive, BOOL), CONFIG("primary_dns", default_dns1, IPv4), CONFIG("secondary_dns", default_dns2, IPv4), CONFIG("primary_radius", radiusserver[0], IPv4), @@ -3780,8 +3781,10 @@ static void regular_cleanups(double period) } // No data in ECHO_TIMEOUT seconds, send LCP ECHO - if (session[s].ppp.phase >= Establish && (time_now - session[s].last_packet >= config->echo_timeout) && - (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT)) + if (session[s].ppp.phase >= Establish && + ((!config->ppp_keepalive) || + (time_now - session[s].last_packet >= config->echo_timeout)) && + (time_now - sess_local[s].last_echo >= ECHO_TIMEOUT)) { uint8_t b[MAXETHER]; @@ -4600,6 +4603,7 @@ static void initdata(int optdebug, char *optconfig) // Set default value echo_timeout and idle_echo_timeout config->echo_timeout = ECHO_TIMEOUT; config->idle_echo_timeout = IDLE_ECHO_TIMEOUT; + config->ppp_keepalive = 1; // Set default RDNSS lifetime config->dns6_lifetime = 1200; diff --git a/l2tpns.h b/l2tpns.h index c4487ff..9520fd7 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -687,6 +687,7 @@ typedef struct int ppp_restart_time; // timeout for PPP restart int ppp_max_configure; // max lcp configure requests to send int ppp_max_failure; // max lcp configure naks to send + int ppp_keepalive; // send echoes regardless char radiussecret[64]; int radius_accounting; -- 2.20.1