From ec4f5a95de78fd6dea23e8a20ace3144e4e3eea6 Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 26 Feb 2013 01:00:46 +0100 Subject: [PATCH 01/16] Fix Warning: dereferencing type-punned pointer will break strict... --- l2tpns.c | 40 +++++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/l2tpns.c b/l2tpns.c index 8fca167..527175c 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -1872,7 +1872,8 @@ static controlt *controlnew(uint16_t mtype) } assert(c); c->next = 0; - *(uint16_t *) (c->buf + 0) = htons(0xC802); // flags/ver + c->buf[0] = 0xC8; // flags + c->buf[1] = 0x02; // ver c->length = 12; control16(c, 0, mtype, 1); return c; @@ -1882,17 +1883,17 @@ static controlt *controlnew(uint16_t mtype) // (ZLB send). static void controlnull(tunnelidt t) { - uint8_t buf[12]; + uint16_t buf[6]; if (tunnel[t].controlc) // Messages queued; They will carry the ack. return; - *(uint16_t *) (buf + 0) = htons(0xC802); // flags/ver - *(uint16_t *) (buf + 2) = htons(12); // length - *(uint16_t *) (buf + 4) = htons(tunnel[t].far); // tunnel - *(uint16_t *) (buf + 6) = htons(0); // session - *(uint16_t *) (buf + 8) = htons(tunnel[t].ns); // sequence - *(uint16_t *) (buf + 10) = htons(tunnel[t].nr); // sequence - tunnelsend(buf, 12, t); + buf[0] = htons(0xC802); // flags/ver + buf[1] = htons(12); // length + buf[2] = htons(tunnel[t].far); // tunnel + buf[3] = htons(0); // session + buf[4] = htons(tunnel[t].ns); // sequence + buf[5] = htons(tunnel[t].nr); // sequence + tunnelsend((uint8_t *)buf, 12, t); } // add a control message to a tunnel, and send if within window @@ -2152,14 +2153,15 @@ void sessionshutdown(sessionidt s, char const *reason, int cdn_result, int cdn_e pppoe_shutdown_session(s); } else - { // Send CDN + { + // Send CDN controlt *c = controlnew(14); // sending CDN if (cdn_error) { - uint8_t buf[4]; - *(uint16_t *) buf = htons(cdn_result); - *(uint16_t *) (buf+2) = htons(cdn_error); - controlb(c, 1, buf, 4, 1); + uint16_t buf[2]; + buf[0] = htons(cdn_result); + buf[1] = htons(cdn_error); + controlb(c, 1, (uint8_t *)buf, 4, 1); } else control16(c, 1, cdn_result, 1); @@ -2361,21 +2363,21 @@ static void tunnelshutdown(tunnelidt t, char *reason, int result, int error, cha controlt *c = controlnew(4); // sending StopCCN if (error) { - uint8_t buf[64]; + uint16_t buf[32]; int l = 4; - *(uint16_t *) buf = htons(result); - *(uint16_t *) (buf+2) = htons(error); + buf[0] = htons(result); + buf[1] = htons(error); if (msg) { int m = strlen(msg); if (m + 4 > sizeof(buf)) m = sizeof(buf) - 4; - memcpy(buf+4, msg, m); + memcpy(buf+2, msg, m); l += m; } - controlb(c, 1, buf, l, 1); + controlb(c, 1, (uint8_t *)buf, l, 1); } else control16(c, 1, result, 1); -- 2.20.1 From 500bd3b1aef9b83469f166f95792decfc680fa11 Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 26 Feb 2013 09:11:18 +0100 Subject: [PATCH 02/16] Update changelog --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 325002c..1d9c0b7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +l2tpns (2.2.1-2fdn3.6) unstable; urgency=low + + * Fix Warning: dereferencing type-punned pointer will break strict... + * Fix: Tunnel creation does not work when the length of the hostname is odd. (revert fix: Add a uint16_t control buffer type, as a union) + + -- Fernando Alves Tue, 26 Feb 2013 09:07:16 +0100 + l2tpns (2.2.1-2fdn3.5) unstable; urgency=low * Update debian/changelog -- 2.20.1 From 137bcc99810a8bfc97030eceee52a96c75e91987 Mon Sep 17 00:00:00 2001 From: fendo Date: Wed, 6 Mar 2013 22:18:32 +0100 Subject: [PATCH 03/16] Adding the possibility to listening multiple IP L2TP tunnels. --- Docs/manual.html | 18 +++ Makefile | 7 +- cli.c | 39 +----- cluster.c | 22 +-- cluster.h | 6 +- l2tplac.c | 5 +- l2tplac.h | 2 +- l2tpns.c | 351 ++++++++++++++++++++++++++--------------------- l2tpns.h | 38 +++-- ppp.c | 6 - pppoe.c | 4 - radius.c | 13 +- util.c | 149 ++++++++++---------- 13 files changed, 321 insertions(+), 339 deletions(-) diff --git a/Docs/manual.html b/Docs/manual.html index 12180ea..384fe9a 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -265,6 +265,24 @@ from the address of "bind_address" (For use in cases of specific configuration). If no address is given to iftun_address and bind_address, 1.1.1.1 is used. +
  • bind_multi_address (ip address)
    +This parameter permit to listen several addresss of the l2tp udp protocol +(and set several address to the tun interface). +
    +WHEN this parameter is set, It OVERWRITE the parameters "bind_address" +and "iftun_address". +
    +these can be interesting when you want do load-balancing in cluster mode +of the uploaded from the LAC. For example you can set a bgp.prepend(MY_AS) +for Address1 on LNS1 and a bgp.prepend(MY_AS) for Address2 on LNS2 +(see BGP AS-path prepending). +
    +example of use with 2 address: +
    +set bind_multi_address "64.14.13.41, 64.14.13.42" + +
    • +
  • tundevicename (string)
    Name of the tun interface (default: "tun0").
    • diff --git a/Makefile b/Makefile index 21221ab..23189e0 100644 --- a/Makefile +++ b/Makefile @@ -26,7 +26,7 @@ INSTALL = install -c -D -o root -g root l2tpns.LIBS = -lm -lcli -ldl OBJS = arp.o cli.o cluster.o constants.o control.o icmp.o l2tpns.o \ - ll.o md5.o ppp.o radius.o tbf.o util.o pppoe.o + ll.o md5.o ppp.o radius.o tbf.o util.o pppoe.o l2tplac.o PROGRAMS = l2tpns nsctl PLUGINS = autosnoop.so autothrottle.so garden.so sessionctl.so \ @@ -43,9 +43,6 @@ endif DEFINES += -DBGP OBJS += bgp.o -DEFINES += -DLAC -OBJS += l2tplac.o - all: programs plugins programs: $(PROGRAMS) plugins: $(PLUGINS) @@ -129,8 +126,8 @@ radius.o: radius.c md5.h constants.h l2tpns.h plugin.h util.h cluster.h \ tbf.o: tbf.c l2tpns.h util.h tbf.h util.o: util.c l2tpns.h bgp.h pppoe.o: pppoe.c l2tpns.h cluster.h constants.h md5.h util.h -bgp.o: bgp.c l2tpns.h bgp.h util.h l2tplac.o: l2tplac.c md5.h l2tpns.h util.h cluster.h l2tplac.h pppoe.h +bgp.o: bgp.c l2tpns.h bgp.h util.h autosnoop.so: autosnoop.c l2tpns.h plugin.h autothrottle.so: autothrottle.c l2tpns.h plugin.h garden.so: garden.c l2tpns.h plugin.h control.h diff --git a/cli.c b/cli.c index 3f950e0..fc150d7 100644 --- a/cli.c +++ b/cli.c @@ -31,9 +31,7 @@ #ifdef BGP #include "bgp.h" #endif -#ifdef LAC #include "l2tplac.h" -#endif extern tunnelt *tunnel; extern bundlet *bundle; @@ -102,10 +100,8 @@ static int cmd_remove_plugin(struct cli_def *cli, char *command, char **argv, in static int cmd_uptime(struct cli_def *cli, char *command, char **argv, int argc); static int cmd_shutdown(struct cli_def *cli, char *command, char **argv, int argc); static int cmd_reload(struct cli_def *cli, char *command, char **argv, int argc); -#ifdef LAC static int cmd_setforward(struct cli_def *cli, char *command, char **argv, int argc); static int cmd_show_rmtlnsconf(struct cli_def *cli, char *command, char **argv, int argc); -#endif static int regular_stuff(struct cli_def *cli); @@ -156,9 +152,7 @@ void init_cli() cli_register_command(cli, c, "pool", cmd_show_pool, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "Show the IP address allocation pool"); cli_register_command(cli, c, "radius", cmd_show_radius, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "Show active radius queries"); cli_register_command(cli, c, "running-config", cmd_show_run, PRIVILEGE_PRIVILEGED, MODE_EXEC, "Show the currently running configuration"); -#ifdef LAC cli_register_command(cli, c, "remotelns-conf", cmd_show_rmtlnsconf, PRIVILEGE_PRIVILEGED, MODE_EXEC, "Show a list of remote LNS configuration"); -#endif cli_register_command(cli, c, "session", cmd_show_session, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "Show a list of sessions or details for a single session"); cli_register_command(cli, c, "tbf", cmd_show_tbf, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "List all token bucket filters in use"); cli_register_command(cli, c, "throttle", cmd_show_throttle, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "List all throttled sessions and associated TBFs"); @@ -231,9 +225,7 @@ void init_cli() cli_register_command(cli, NULL, "set", cmd_set, PRIVILEGE_PRIVILEGED, MODE_CONFIG, "Set a configuration variable"); -#ifdef LAC cli_register_command(cli, NULL, "setforward", cmd_setforward, PRIVILEGE_PRIVILEGED, MODE_CONFIG, "Set the Remote LNS Forward"); -#endif c = cli_register_command(cli, NULL, "ip", NULL, PRIVILEGE_PRIVILEGED, MODE_CONFIG, NULL); cli_register_command(cli, c, "access-list", cmd_ip_access_list, PRIVILEGE_PRIVILEGED, MODE_CONFIG, "Add named access-list"); @@ -542,15 +534,9 @@ static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int } // Show Summary -#ifdef LAC cli_print(cli, "%5s %7s %4s %-32s %-15s %s %s %s %s %10s %10s %10s %4s %10s %-18s %s", -#else - cli_print(cli, "%5s %4s %-32s %-15s %s %s %s %s %10s %10s %10s %4s %10s %-15s %s", -#endif "SID", -#ifdef LAC "LkToSID", -#endif "TID", "Username", "IP", @@ -563,11 +549,7 @@ static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int "uploaded", "idle", "Rem.Time", -#ifdef LAC "LAC(L)/RLNS(R)/PPPOE(P)", -#else - "LAC(L)/PPPOE(P)", -#endif "CLI"); for (i = 1; i < MAXSESSION; i++) @@ -578,15 +560,9 @@ static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int rem_time = session[i].timeout ? (session[i].timeout - bundle[session[i].bundle].online_time) : 0; else rem_time = session[i].timeout ? (session[i].timeout - (time_now-session[i].opened)) : 0; -#ifdef LAC cli_print(cli, "%5d %7d %4d %-32s %-15s %s %s %s %s %10u %10lu %10lu %4u %10lu %3s%-20s %s", -#else - cli_print(cli, "%5d %4d %-32s %-15s %s %s %s %s %10u %10lu %10lu %4u %10lu %3s%-20s %s", -#endif i, -#ifdef LAC session[i].forwardtosession, -#endif session[i].tunnel, session[i].user[0] ? session[i].user : "*", fmtaddr(htonl(session[i].ip), 0), @@ -599,11 +575,7 @@ static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int (unsigned long)session[i].cin, abs(time_now - (session[i].last_packet ? session[i].last_packet : time_now)), (unsigned long)(rem_time), -#ifdef LAC (session[i].tunnel == TUNNEL_ID_PPPOE)?"(P)":(tunnel[session[i].tunnel].isremotelns?"(R)":"(L)"), -#else - (session[i].tunnel == TUNNEL_ID_PPPOE)?"(P)":"(L)", -#endif (session[i].tunnel == TUNNEL_ID_PPPOE)?fmtMacAddr(session[i].src_hwaddr):fmtaddr(htonl(tunnel[session[i].tunnel].ip), 1), session[i].calling[0] ? session[i].calling : "*"); } @@ -694,11 +666,7 @@ static int cmd_show_tunnels(struct cli_def *cli, char *command, char **argv, int fmtaddr(htonl(tunnel[i].ip), 0), states[tunnel[i].state], sessions -#ifdef LAC ,(i == TUNNEL_ID_PPPOE)?"Tunnel pppoe":(tunnel[i].isremotelns?"Tunnel To Remote LNS":"Tunnel To LAC") -#else - ,(i == TUNNEL_ID_PPPOE)?"Tunnel pppoe":"Tunnel To LAC" -#endif ); } @@ -1309,13 +1277,11 @@ static int cmd_drop_session(struct cli_def *cli, char *command, char **argv, int cli_print(cli, "Dropping session %d", s); cli_session_actions[s].action |= CLI_SESS_KILL; } -#ifdef LAC else if (session[s].forwardtosession && session[s].opened && !session[s].die) { cli_print(cli, "Dropping session %d", s); cli_session_actions[s].action |= CLI_SESS_KILL; } -#endif else { cli_error(cli, "Session %d is not active.", s); @@ -3106,7 +3072,7 @@ static int cmd_show_access_list(struct cli_def *cli, char *command, char **argv, } if (i) - cli_print(cli, ""); + cli_print(cli, " "); cli_print(cli, "%s IP access list %s", ip_filters[f].extended ? "Extended" : "Standard", @@ -3144,8 +3110,6 @@ static int cmd_reload(struct cli_def *cli, char *command, char **argv, int argc) return CLI_OK; } -#ifdef LAC - static int cmd_setforward(struct cli_def *cli, char *command, char **argv, int argc) { int ret; @@ -3216,4 +3180,3 @@ static int cmd_show_rmtlnsconf(struct cli_def *cli, char *command, char **argv, return CLI_OK; } -#endif diff --git a/cluster.c b/cluster.c index 78de01b..651307a 100644 --- a/cluster.c +++ b/cluster.c @@ -305,10 +305,11 @@ static int _forward_packet(uint8_t *data, int size, in_addr_t addr, int port, in // The master just processes the payload as if it had // received it off the tun device. //(note: THIS ROUTINE WRITES TO pack[-6]). -int master_forward_packet(uint8_t *data, int size, in_addr_t addr, int port) +int master_forward_packet(uint8_t *data, int size, in_addr_t addr, uint16_t port, uint16_t indexudp) { uint8_t *p = data - (3 * sizeof(uint32_t)); uint8_t *psave = p; + uint32_t indexandport = port | ((indexudp << 16) & 0xFFFF0000); if (!config->cluster_master_address) // No election has been held yet. Just skip it. return -1; @@ -316,7 +317,7 @@ int master_forward_packet(uint8_t *data, int size, in_addr_t addr, int port) LOG(4, 0, 0, "Forwarding packet from %s to master (size %d)\n", fmtaddr(addr, 0), size); STAT(c_forwarded); - add_type(&p, C_FORWARD, addr, (uint8_t *) &port, sizeof(port)); // ick. should be uint16_t + add_type(&p, C_FORWARD, addr, (uint8_t *) &indexandport, sizeof(indexandport)); return peer_send_data(config->cluster_master_address, psave, size + (3 * sizeof(uint32_t))); } @@ -1503,17 +1504,10 @@ static int cluster_process_heartbeat(uint8_t *data, int size, int more, uint8_t int i, type; int hb_ver = more; -#ifdef LAC #if HB_VERSION != 7 # error "need to update cluster_process_heartbeat()" -#endif -#else -#if HB_VERSION != 6 -# error "need to update cluster_process_heartbeat()" -#endif #endif - // we handle versions 5 through 7 if (hb_ver < 5 || hb_ver > HB_VERSION) { LOG(0, 0, 0, "Received a heartbeat version that I don't support (%d)!\n", hb_ver); @@ -1726,12 +1720,8 @@ static int cluster_process_heartbeat(uint8_t *data, int size, int more, uint8_t size = rle_decompress((uint8_t **) &p, s, c, sizeof(c)); s -= (p - orig_p); -#ifdef LAC if ( ((hb_ver >= HB_VERSION) && (size != sizeof(tunnelt))) || ((hb_ver < HB_VERSION) && (size > sizeof(tunnelt))) ) -#else - if (size != sizeof(tunnelt) ) -#endif { // Ouch! Very very bad! LOG(0, 0, 0, "DANGER: Received a CTUNNEL that didn't decompress correctly!\n"); // Now what? Should exit! No-longer up to date! @@ -1854,9 +1844,11 @@ int processcluster(uint8_t *data, int size, in_addr_t addr) else { struct sockaddr_in a; + uint16_t indexudp; a.sin_addr.s_addr = more; - a.sin_port = *(int *) p; + a.sin_port = (*(int *) p) & 0xFFFF; + indexudp = ((*(int *) p) >> 16) & 0xFFFF; s -= sizeof(int); p += sizeof(int); @@ -1871,7 +1863,7 @@ int processcluster(uint8_t *data, int size, in_addr_t addr) processdae(p, s, &a, sizeof(a), &local); } else - processudp(p, s, &a); + processudp(p, s, &a, indexudp); return 0; } diff --git a/cluster.h b/cluster.h index 6a769e4..660b0c8 100644 --- a/cluster.h +++ b/cluster.h @@ -26,11 +26,7 @@ #define C_MPPP_FORWARD 19 // MPPP Forwarded packet.. #define C_PPPOE_FORWARD 20 // PPPOE Forwarded packet.. -#ifdef LAC #define HB_VERSION 7 // Protocol version number.. -#else -#define HB_VERSION 6 // Protocol version number.. -#endif #define HB_MAX_SEQ (1<<30) // Maximum sequence number. (MUST BE A POWER OF 2!) #define HB_HISTORY_SIZE 64 // How many old heartbeats we remember?? (Must be a factor of HB_MAX_SEQ) @@ -86,7 +82,7 @@ int processcluster(uint8_t *buf, int size, in_addr_t addr); int cluster_send_session(int sid); int cluster_send_bundle(int bid); int cluster_send_tunnel(int tid); -int master_forward_packet(uint8_t *data, int size, in_addr_t addr, int port); +int master_forward_packet(uint8_t *data, int size, in_addr_t addr, uint16_t port, uint16_t indexudp); int master_forward_dae_packet(uint8_t *data, int size, in_addr_t addr, int port); int master_throttle_packet(int tid, uint8_t *data, int size); int master_garden_packet(sessionidt s, uint8_t *data, int size); diff --git a/l2tplac.c b/l2tplac.c index 6ad4683..0d11b45 100644 --- a/l2tplac.c +++ b/l2tplac.c @@ -295,6 +295,7 @@ static int lac_create_tunnelsession(tunnelidt t, sessionidt s, confrlnsidt i_con tunnel[t].port = pconfigrlns[i_conf].port; tunnel[t].window = 4; // default window tunnel[t].isremotelns = i_conf; + tunnel[t].indexudp = config->indexlacudpfd; STAT(tunnel_created); random_data(pconfigrlns[i_conf].auth, sizeof(pconfigrlns[i_conf].auth)); @@ -449,7 +450,7 @@ void lac_calc_rlns_auth(tunnelidt t, uint8_t id, uint8_t *out) } // Forward session to LAC or Remote LNS -int lac_session_forward(uint8_t *buf, int len, sessionidt sess, uint16_t proto, in_addr_t s_addr, int sin_port) +int lac_session_forward(uint8_t *buf, int len, sessionidt sess, uint16_t proto, in_addr_t s_addr, int sin_port, uint16_t indexudpfd) { uint16_t t = 0, s = 0; uint8_t *p = buf + 2; // First word L2TP options @@ -482,7 +483,7 @@ int lac_session_forward(uint8_t *buf, int len, sessionidt sess, uint16_t proto, (proto == PPPCCP) ) { session[sess].last_packet = time_now; - master_forward_packet(buf, len, s_addr, sin_port); + master_forward_packet(buf, len, s_addr, sin_port, indexudpfd); return 1; } } diff --git a/l2tplac.h b/l2tplac.h index 6177b0a..0ff7c5a 100644 --- a/l2tplac.h +++ b/l2tplac.h @@ -12,7 +12,7 @@ typedef uint16_t confrlnsidt; // l2tplac.c void lac_initremotelnsdata(); -int lac_session_forward(uint8_t *buf, int len, sessionidt sess, uint16_t proto, in_addr_t s_addr, int sin_port); +int lac_session_forward(uint8_t *buf, int len, sessionidt sess, uint16_t proto, in_addr_t s_addr, int sin_port, uint16_t indexudpfd); int lac_conf_forwardtoremotelns(sessionidt s, char * puser); void lac_calc_rlns_auth(tunnelidt t, uint8_t id, uint8_t *out); int lac_addremotelns(char *mask, char *IP_RemoteLNS, char *Port_RemoteLNS, char *SecretRemoteLNS); diff --git a/l2tpns.c b/l2tpns.c index 527175c..4545d6c 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -53,24 +53,18 @@ #include "bgp.h" #endif -#ifdef LAC #include "l2tplac.h" -#endif #include "pppoe.h" -#ifdef LAC char * Vendor_name = "Linux L2TPNS"; uint32_t call_serial_number = 0; -#endif // Globals configt *config = NULL; // all configuration int nlfd = -1; // netlink socket int tunfd = -1; // tun interface file handle. (network device) -int udpfd = -1; // UDP file handle -#ifdef LAC +int udpfd[MAX_UDPFD + 1] = INIT_TABUDPFD; // array UDP file handle + 1 for lac udp int udplacfd = -1; // UDP LAC file handle -#endif int controlfd = -1; // Control signal handle int clifd = -1; // Socket listening for CLI connections. int daefd = -1; // Socket listening for DAE connections. @@ -181,17 +175,16 @@ config_descriptt config_values[] = { CONFIG("idle_echo_timeout", idle_echo_timeout, INT), CONFIG("iftun_address", iftun_address, IPv4), CONFIG("tundevicename", tundevicename, STRING), -#ifdef LAC CONFIG("disable_lac_func", disable_lac_func, BOOL), CONFIG("auth_tunnel_change_addr_src", auth_tunnel_change_addr_src, BOOL), CONFIG("bind_address_remotelns", bind_address_remotelns, IPv4), CONFIG("bind_portremotelns", bind_portremotelns, SHORT), -#endif CONFIG("pppoe_if_to_bind", pppoe_if_to_bind, STRING), CONFIG("pppoe_service_name", pppoe_service_name, STRING), CONFIG("pppoe_ac_name", pppoe_ac_name, STRING), CONFIG("disable_sending_hello", disable_sending_hello, BOOL), CONFIG("disable_no_spoof", disable_no_spoof, BOOL), + CONFIG("bind_multi_address", bind_multi_address, STRING), { NULL, 0, 0, 0 } }; @@ -700,7 +693,7 @@ static void inittun(void) } if (*config->tundevicename) - strncpy(ifr.ifr_name, config->tundevicename, IFNAMSIZ); + strncpy(ifr.ifr_name, config->tundevicename, IFNAMSIZ); if (ioctl(tunfd, TUNSETIFF, (void *) &ifr) < 0) { @@ -762,14 +755,30 @@ static void inittun(void) req.ifmsg.ifaddr.ifa_scope = RT_SCOPE_UNIVERSE; req.ifmsg.ifaddr.ifa_index = tunidx; - if (config->iftun_address) - ip = config->iftun_address; + if (config->nbmultiaddress > 1) + { + int i; + for (i = 0; i < config->nbmultiaddress ; i++) + { + ip = config->iftun_n_address[i]; + netlink_addattr(&req.nh, IFA_LOCAL, &ip, sizeof(ip)); + if (netlink_send(&req.nh) < 0) + goto senderror; + } + } else - ip = 0x01010101; // 1.1.1.1 - netlink_addattr(&req.nh, IFA_LOCAL, &ip, sizeof(ip)); + { + if (config->iftun_address) + ip = config->iftun_address; + else + ip = 0x01010101; // 1.1.1.1 + netlink_addattr(&req.nh, IFA_LOCAL, &ip, sizeof(ip)); + + if (netlink_send(&req.nh) < 0) + goto senderror; + } + - if (netlink_send(&req.nh) < 0) - goto senderror; // Only setup IPv6 on the tun device if we have a configured prefix if (config->ipv6_prefix.s6_addr[0]) { @@ -839,28 +848,35 @@ senderror: exit(1); } -// set up UDP ports -static void initudp(void) +// set up LAC UDP ports +static void initlacudp(void) { int on = 1; struct sockaddr_in addr; - // Tunnel + // Tunnel to Remote LNS memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; - addr.sin_port = htons(L2TPPORT); - addr.sin_addr.s_addr = config->bind_address; - udpfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); - setsockopt(udpfd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); + addr.sin_port = htons(config->bind_portremotelns); + addr.sin_addr.s_addr = config->bind_address_remotelns; + udplacfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + setsockopt(udplacfd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); { - int flags = fcntl(udpfd, F_GETFL, 0); - fcntl(udpfd, F_SETFL, flags | O_NONBLOCK); + int flags = fcntl(udplacfd, F_GETFL, 0); + fcntl(udplacfd, F_SETFL, flags | O_NONBLOCK); } - if (bind(udpfd, (struct sockaddr *) &addr, sizeof(addr)) < 0) + if (bind(udplacfd, (struct sockaddr *) &addr, sizeof(addr)) < 0) { - LOG(0, 0, 0, "Error in UDP bind: %s\n", strerror(errno)); + LOG(0, 0, 0, "Error in UDP REMOTE LNS bind: %s\n", strerror(errno)); exit(1); } +} + +// set up control ports +static void initcontrol(void) +{ + int on = 1; + struct sockaddr_in addr; // Control memset(&addr, 0, sizeof(addr)); @@ -874,6 +890,13 @@ static void initudp(void) LOG(0, 0, 0, "Error in control bind: %s\n", strerror(errno)); exit(1); } +} + +// set up Dynamic Authorization Extensions to RADIUS port +static void initdae(void) +{ + int on = 1; + struct sockaddr_in addr; // Dynamic Authorization Extensions to RADIUS memset(&addr, 0, sizeof(addr)); @@ -887,28 +910,30 @@ static void initudp(void) LOG(0, 0, 0, "Error in DAE bind: %s\n", strerror(errno)); exit(1); } +} -#ifdef LAC - // Tunnel to Remote LNS +// set up UDP ports +static void initudp(int * pudpfd, in_addr_t ip_bind) +{ + int on = 1; + struct sockaddr_in addr; + + // Tunnel memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; - addr.sin_port = htons(config->bind_portremotelns); - addr.sin_addr.s_addr = config->bind_address_remotelns; - udplacfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); - setsockopt(udplacfd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); + addr.sin_port = htons(L2TPPORT); + addr.sin_addr.s_addr = ip_bind; + (*pudpfd) = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + setsockopt((*pudpfd), SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); { - int flags = fcntl(udplacfd, F_GETFL, 0); - fcntl(udplacfd, F_SETFL, flags | O_NONBLOCK); + int flags = fcntl((*pudpfd), F_GETFL, 0); + fcntl((*pudpfd), F_SETFL, flags | O_NONBLOCK); } - if (bind(udplacfd, (struct sockaddr *) &addr, sizeof(addr)) < 0) + if (bind((*pudpfd), (struct sockaddr *) &addr, sizeof(addr)) < 0) { - LOG(0, 0, 0, "Error in UDP REMOTE LNS bind: %s\n", strerror(errno)); + LOG(0, 0, 0, "Error in UDP bind: %s\n", strerror(errno)); exit(1); } -#endif - - // Intercept - snoopfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); } // @@ -1233,14 +1258,11 @@ void tunnelsend(uint8_t * buf, uint16_t l, tunnelidt t) LOG(3, 0, t, "Control message resend try %d\n", tunnel[t].try); } } -#ifdef LAC - if (sendto((tunnel[t].isremotelns?udplacfd:udpfd), buf, l, 0, (void *) &addr, sizeof(addr)) < 0) -#else - if (sendto(udpfd, buf, l, 0, (void *) &addr, sizeof(addr)) < 0) -#endif + + if (sendto(udpfd[tunnel[t].indexudp], buf, l, 0, (void *) &addr, sizeof(addr)) < 0) { LOG(0, ntohs((*(uint16_t *) (buf + 6))), t, "Error sending data out tunnel: %s (udpfd=%d, buf=%p, len=%d, dest=%s)\n", - strerror(errno), udpfd, buf, l, inet_ntoa(addr.sin_addr)); + strerror(errno), udpfd[tunnel[t].indexudp], buf, l, inet_ntoa(addr.sin_addr)); STAT(tunnel_tx_errors); return; } @@ -2208,7 +2230,7 @@ void sendipcp(sessionidt s, tunnelidt t) q[4] = 3; // ip address option q[5] = 6; // option length *(in_addr_t *) (q + 6) = config->peer_address ? config->peer_address : - config->iftun_address ? config->iftun_address : + config->iftun_n_address[tunnel[t].indexudp] ? config->iftun_n_address[tunnel[t].indexudp] : my_address; // send my IP tunnelsend(buf, 10 + (q - buf), t); // send it @@ -2272,7 +2294,6 @@ void sessionkill(sessionidt s, char *reason) if (sess_local[s].radius) radiusclear(sess_local[s].radius, s); // cant send clean accounting data, session is killed -#ifdef LAC if (session[s].forwardtosession) { sessionidt sess = session[s].forwardtosession; @@ -2282,7 +2303,6 @@ void sessionkill(sessionidt s, char *reason) sessionshutdown(sess, reason, CDN_ADMIN_DISC, TERM_ADMIN_RESET); } } -#endif LOG(2, s, session[s].tunnel, "Kill session %d (%s): %s\n", s, session[s].user, reason); sessionclear(s); @@ -2388,7 +2408,7 @@ static void tunnelshutdown(tunnelidt t, char *reason, int result, int error, cha } // read and process packet on tunnel (UDP) -void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) +void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexudpfd) { uint8_t *chapresponse = NULL; uint16_t l = len, t = 0, s = 0, ns = 0, nr = 0; @@ -2479,7 +2499,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) if (!config->cluster_iam_master) { - master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); + master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } @@ -2529,6 +2549,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) tunnel[t].ip = ntohl(*(in_addr_t *) & addr->sin_addr); tunnel[t].port = ntohs(addr->sin_port); tunnel[t].window = 4; // default window + tunnel[t].indexudp = indexudpfd; STAT(tunnel_created); LOG(1, 0, t, " New tunnel from %s:%u ID %u\n", fmtaddr(htonl(tunnel[t].ip), 0), tunnel[t].port, t); @@ -2800,7 +2821,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) } break; case 13: // Response -#ifdef LAC if (tunnel[t].isremotelns) { chapresponse = calloc(17, 1); @@ -2808,7 +2828,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) LOG(3, s, t, "received challenge response from REMOTE LNS\n"); } else -#endif /* LAC */ // Why did they send a response? We never challenge. LOG(2, s, t, " received unexpected challenge response\n"); break; @@ -3054,7 +3073,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) case 2: // SCCRP tunnel[t].state = TUNNELOPEN; tunnel[t].lastrec = time_now; -#ifdef LAC LOG(3, s, t, "Received SCCRP\n"); if (main_quit != QUIT_SHUTDOWN) { @@ -3085,7 +3103,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) { tunnelshutdown(t, "Shutting down", 6, 0, 0); } -#endif /* LAC */ break; case 3: // SCCN LOG(3, s, t, "Received SCCN\n"); @@ -3163,7 +3180,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) } return; case 11: // ICRP -#ifdef LAC LOG(3, s, t, "Received ICRP\n"); if (session[s].forwardtosession) { @@ -3179,7 +3195,6 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) controladd(c, asession, t); // send the message LOG(3, s, t, "Sending ICCN\n"); } -#endif /* LAC */ break; case 12: // ICCN LOG(3, s, t, "Received ICCN\n"); @@ -3195,7 +3210,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) // Set multilink options before sending initial LCP packet sess_local[s].mp_mrru = 1614; - sess_local[s].mp_epdis = ntohl(config->iftun_address ? config->iftun_address : my_address); + sess_local[s].mp_epdis = ntohl(config->iftun_n_address[tunnel[t].indexudp] ? config->iftun_n_address[tunnel[t].indexudp] : my_address); sendlcp(s, t); change_state(s, lcp, RequestSent); @@ -3253,12 +3268,11 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) l -= 2; } -#ifdef LAC if (session[s].forwardtosession) { LOG(5, s, t, "Forwarding data session to session %u\n", session[s].forwardtosession); // Forward to LAC/BAS or Remote LNS session - lac_session_forward(buf, len, s, proto, addr->sin_addr.s_addr, addr->sin_port); + lac_session_forward(buf, len, s, proto, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } else if (config->auth_tunnel_change_addr_src) @@ -3273,14 +3287,13 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) tunnel[t].ip = ntohl(addr->sin_addr.s_addr); } } -#endif /* LAC */ if (s && !session[s].opened) // Is something wrong?? { if (!config->cluster_iam_master) { // Pass it off to the master to deal with.. - master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); + master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } @@ -3292,37 +3305,37 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) if (proto == PPPPAP) { session[s].last_packet = time_now; - if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } processpap(s, t, p, l); } else if (proto == PPPCHAP) { session[s].last_packet = time_now; - if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } processchap(s, t, p, l); } else if (proto == PPPLCP) { session[s].last_packet = time_now; - if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } processlcp(s, t, p, l); } else if (proto == PPPIPCP) { session[s].last_packet = time_now; - if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } processipcp(s, t, p, l); } else if (proto == PPPIPV6CP && config->ipv6_prefix.s6_addr[0]) { session[s].last_packet = time_now; - if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } processipv6cp(s, t, p, l); } else if (proto == PPPCCP) { session[s].last_packet = time_now; - if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } processccp(s, t, p, l); } else if (proto == PPPIP) @@ -3336,7 +3349,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) session[s].last_packet = session[s].last_data = time_now; if (session[s].walled_garden && !config->cluster_iam_master) { - master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); + master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } @@ -3354,7 +3367,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) if (!config->cluster_iam_master) { // The fragments reconstruction is managed by the Master. - master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); + master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } @@ -3371,7 +3384,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) session[s].last_packet = session[s].last_data = time_now; if (session[s].walled_garden && !config->cluster_iam_master) { - master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); + master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } @@ -3380,7 +3393,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr) else if (session[s].ppp.lcp == Opened) { session[s].last_packet = time_now; - if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + if (!config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port, indexudpfd); return; } protoreject(s, t, p, l, proto); } else @@ -3949,13 +3962,8 @@ static int still_busy(void) # include "fake_epoll.h" #endif -#ifdef LAC -// the base set of fds polled: cli, cluster, tun, udp, control, dae, netlink, udplac, pppoedisc, pppoesess -#define BASE_FDS 10 -#else -// the base set of fds polled: cli, cluster, tun, udp, control, dae, netlink, pppoedisc, pppoesess -#define BASE_FDS 9 -#endif +// the base set of fds polled: cli, cluster, tun, udp (MAX_UDPFD), control, dae, netlink, udplac, pppoedisc, pppoesess +#define BASE_FDS (9 + MAX_UDPFD) // additional polled fds #ifdef BGP @@ -3967,7 +3975,7 @@ static int still_busy(void) // main loop - gets packets on tun or udp and processes them static void mainloop(void) { - int i; + int i, j; uint8_t buf[65536]; uint8_t *p = buf + 32; // for the hearder of the forwarded MPPP packet (see C_MPPP_FORWARD) // and the forwarded pppoe session @@ -3982,13 +3990,8 @@ static void mainloop(void) exit(1); } -#ifdef LAC LOG(4, 0, 0, "Beginning of main loop. clifd=%d, cluster_sockfd=%d, tunfd=%d, udpfd=%d, controlfd=%d, daefd=%d, nlfd=%d , udplacfd=%d, pppoefd=%d, pppoesessfd=%d\n", - clifd, cluster_sockfd, tunfd, udpfd, controlfd, daefd, nlfd, udplacfd, pppoediscfd, pppoesessfd); -#else - LOG(4, 0, 0, "Beginning of main loop. clifd=%d, cluster_sockfd=%d, tunfd=%d, udpfd=%d, controlfd=%d, daefd=%d, nlfd=%d, pppoefd=%d, pppoesessfd=%d\n", - clifd, cluster_sockfd, tunfd, udpfd, controlfd, daefd, nlfd, pppoediscfd, pppoesessfd); -#endif + clifd, cluster_sockfd, tunfd, udpfd[0], controlfd, daefd, nlfd, udplacfd, pppoediscfd, pppoesessfd); /* setup our fds to poll for input */ { @@ -4013,10 +4016,6 @@ static void mainloop(void) e.data.ptr = &d[i++]; epoll_ctl(epollfd, EPOLL_CTL_ADD, tunfd, &e); - d[i].type = FD_TYPE_UDP; - e.data.ptr = &d[i++]; - epoll_ctl(epollfd, EPOLL_CTL_ADD, udpfd, &e); - d[i].type = FD_TYPE_CONTROL; e.data.ptr = &d[i++]; epoll_ctl(epollfd, EPOLL_CTL_ADD, controlfd, &e); @@ -4029,12 +4028,6 @@ static void mainloop(void) e.data.ptr = &d[i++]; epoll_ctl(epollfd, EPOLL_CTL_ADD, nlfd, &e); -#ifdef LAC - d[i].type = FD_TYPE_UDPLAC; - e.data.ptr = &d[i++]; - epoll_ctl(epollfd, EPOLL_CTL_ADD, udplacfd, &e); -#endif - d[i].type = FD_TYPE_PPPOEDISC; e.data.ptr = &d[i++]; epoll_ctl(epollfd, EPOLL_CTL_ADD, pppoediscfd, &e); @@ -4042,6 +4035,14 @@ static void mainloop(void) d[i].type = FD_TYPE_PPPOESESS; e.data.ptr = &d[i++]; epoll_ctl(epollfd, EPOLL_CTL_ADD, pppoesessfd, &e); + + for (j = 0; j < config->nbudpfd; j++) + { + d[i].type = FD_TYPE_UDP; + d[i].index = j; + e.data.ptr = &d[i++]; + epoll_ctl(epollfd, EPOLL_CTL_ADD, udpfd[j], &e); + } } #ifdef BGP @@ -4103,16 +4104,12 @@ static void mainloop(void) struct in_addr local; socklen_t alen; int c, s; - int udp_ready = 0; -#ifdef LAC - int udplac_ready = 0; - int udplac_pkts = 0; -#endif + int udp_ready[MAX_UDPFD + 1] = INIT_TABUDPVAR; int pppoesess_ready = 0; int pppoesess_pkts = 0; int tun_ready = 0; int cluster_ready = 0; - int udp_pkts = 0; + int udp_pkts[MAX_UDPFD + 1] = INIT_TABUDPVAR; int tun_pkts = 0; int cluster_pkts = 0; #ifdef BGP @@ -4146,10 +4143,7 @@ static void mainloop(void) // these are handled below, with multiple interleaved reads case FD_TYPE_CLUSTER: cluster_ready++; break; case FD_TYPE_TUN: tun_ready++; break; - case FD_TYPE_UDP: udp_ready++; break; -#ifdef LAC - case FD_TYPE_UDPLAC: udplac_ready++; break; -#endif + case FD_TYPE_UDP: udp_ready[d->index]++; break; case FD_TYPE_PPPOESESS: pppoesess_ready++; break; case FD_TYPE_PPPOEDISC: // pppoe discovery @@ -4190,8 +4184,8 @@ static void mainloop(void) #ifdef BGP case FD_TYPE_BGP: - bgp_events[d->index] = events[i].events; - n--; + bgp_events[d->index] = events[i].events; + n--; break; #endif /* BGP */ @@ -4210,7 +4204,6 @@ static void mainloop(void) exit(1); } else - LOG(0, 0, 0, "Got a netlink error: %s\n", strerror(-errmsg->error)); } // else it's a ack @@ -4222,7 +4215,7 @@ static void mainloop(void) } default: - LOG(0, 0, 0, "Unexpected fd type returned from epoll_wait: %d\n", d->type); + LOG(0, 0, 0, "Unexpected fd type returned from epoll_wait: %d\n", d->type); } } @@ -4232,40 +4225,25 @@ static void mainloop(void) for (c = 0; n && c < config->multi_read_count; c++) { - // L2TP - if (udp_ready) + for (j = 0; j < config->nbudpfd; j++) { - alen = sizeof(addr); - if ((s = recvfrom(udpfd, p, size_bufp, 0, (void *) &addr, &alen)) > 0) - { - processudp(p, s, &addr); - udp_pkts++; - } - else + // L2TP and L2TP REMOTE LNS + if (udp_ready[j]) { - udp_ready = 0; - n--; + alen = sizeof(addr); + if ((s = recvfrom(udpfd[j], p, size_bufp, 0, (void *) &addr, &alen)) > 0) + { + processudp(p, s, &addr, j); + udp_pkts[j]++; + } + else + { + udp_ready[j] = 0; + n--; + } } } -#ifdef LAC - // L2TP REMOTE LNS - if (udplac_ready) - { - alen = sizeof(addr); - if ((s = recvfrom(udplacfd, p, size_bufp, 0, (void *) &addr, &alen)) > 0) - { - if (!config->disable_lac_func) - processudp(p, s, &addr); - udplac_pkts++; - } - else - { - udplac_ready = 0; - n--; - } - } -#endif // incoming IP if (tun_ready) { @@ -4313,18 +4291,13 @@ static void mainloop(void) } } - if (udp_pkts > 1 || tun_pkts > 1 || cluster_pkts > 1) + if (udp_pkts[0] > 1 || tun_pkts > 1 || cluster_pkts > 1) STAT(multi_read_used); if (c >= config->multi_read_count) { -#ifdef LAC - LOG(3, 0, 0, "Reached multi_read_count (%d); processed %d udp, %d tun %d cluster %d rmlns and %d pppoe packets\n", - config->multi_read_count, udp_pkts, tun_pkts, cluster_pkts, udplac_pkts, pppoesess_pkts); -#else LOG(3, 0, 0, "Reached multi_read_count (%d); processed %d udp, %d tun %d cluster and %d pppoe packets\n", - config->multi_read_count, udp_pkts, tun_pkts, cluster_pkts, pppoesess_pkts); -#endif + config->multi_read_count, udp_pkts[0], tun_pkts, cluster_pkts, pppoesess_pkts); STAT(multi_read_exceeded); more++; } @@ -4659,9 +4632,7 @@ static void initdata(int optdebug, char *optconfig) } #endif /* BGP */ -#ifdef LAC lac_initremotelnsdata(); -#endif } static int assign_ip_address(sessionidt s) @@ -4948,11 +4919,7 @@ void snoop_send_packet(uint8_t *packet, uint16_t size, in_addr_t destination, ui static int dump_session(FILE **f, sessiont *s) { -#ifdef LAC if (!s->opened || (!s->ip && !s->forwardtosession) || !(s->cin_delta || s->cout_delta) || !*s->user || s->walled_garden) -#else - if (!s->opened || !s->ip || !(s->cin_delta || s->cout_delta) || !*s->user || s->walled_garden) -#endif return 1; if (!*f) @@ -4978,7 +4945,7 @@ static int dump_session(FILE **f, sessiont *s) "# uptime: %ld\n" "# format: username ip qos uptxoctets downrxoctets\n", hostname, - fmtaddr(config->iftun_address ? config->iftun_address : my_address, 0), + fmtaddr(config->iftun_n_address[tunnel[s->tunnel].indexudp] ? config->iftun_n_address[tunnel[s->tunnel].indexudp] : my_address, 0), now, now - basetime); } @@ -5132,7 +5099,26 @@ int main(int argc, char *argv[]) init_pppoe(); LOG(1, 0, 0, "Set up on pppoe interface %s\n", config->pppoe_if_to_bind); } - initudp(); + + if (!config->nbmultiaddress) + { + config->bind_n_address[0] = config->bind_address; + config->nbmultiaddress++; + } + config->nbudpfd = config->nbmultiaddress; + for (i = 0; i < config->nbudpfd; i++) + initudp(&udpfd[i], config->bind_n_address[i]); + initlacudp(); + config->indexlacudpfd = config->nbudpfd; + udpfd[config->indexlacudpfd] = udplacfd; + config->nbudpfd++; + + initcontrol(); + initdae(); + + // Intercept + snoopfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + initrad(); initippool(); @@ -5364,14 +5350,62 @@ static void update_config() if (!config->radius_dae_port) config->radius_dae_port = DAEPORT; -#ifdef LAC if(!config->bind_portremotelns) config->bind_portremotelns = L2TPLACPORT; if(!config->bind_address_remotelns) config->bind_address_remotelns = INADDR_ANY; -#endif + + if (*config->bind_multi_address) + { + char *sip = config->bind_multi_address; + char *n = sip; + char *e = config->bind_multi_address + strlen(config->bind_multi_address); + config->nbmultiaddress = 0; + + while (*sip && (sip < e)) + { + in_addr_t ip = 0; + uint8_t u = 0; + + while (n < e && (*n == ',' || *n == ' ')) n++; + + while (n < e && (isdigit(*n) || *n == '.')) + { + if (*n == '.') + { + ip = (ip << 8) + u; + u = 0; + } + else + u = u * 10 + *n - '0'; + n++; + } + ip = (ip << 8) + u; + n++; + + if (ip) + { + config->bind_n_address[config->nbmultiaddress] = htonl(ip); + config->iftun_n_address[config->nbmultiaddress] = htonl(ip); + config->nbmultiaddress++; + LOG(1, 0, 0, "Bind address %s\n", fmtaddr(htonl(ip), 0)); + } + + sip = n; + } + + if (config->nbmultiaddress >= 1) + { + config->bind_address = config->bind_n_address[0]; + config->iftun_address = config->bind_address; + } + } + if(!config->iftun_address) + { config->iftun_address = config->bind_address; + config->iftun_n_address[0] = config->iftun_address; + } if (!*config->pppoe_ac_name) strncpy(config->pppoe_ac_name, DEFAULT_PPPOE_AC_NAME, sizeof(config->pppoe_ac_name) - 1); @@ -6429,8 +6463,6 @@ int ip_filter(uint8_t *buf, int len, uint8_t filter) return 0; } -#ifdef LAC - tunnelidt lac_new_tunnel() { return new_tunnel(); @@ -6476,4 +6508,3 @@ void lac_tunnelshutdown(tunnelidt t, char *reason, int result, int error, char * tunnelshutdown(t, reason, result, error, msg); } -#endif diff --git a/l2tpns.h b/l2tpns.h index 092c683..e962256 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -66,6 +66,13 @@ // it's not expected to have a space for more than 10 unassembled packets = 10 * MAXBUNDLESES #define MAXFRAGNUM_MASK (MAXFRAGNUM - 1) // Must be equal to MAXFRAGNUM-1 +// Multi bind address constants +#define MAX_UDPFD 4 +#define MAX_BINDADDR MAX_UDPFD +// 4 + 1 for the udplac +#define INIT_TABUDPFD {-1, -1, -1, -1, -1} +#define INIT_TABUDPVAR {0, 0, 0, 0, 0} + // Constants #ifndef ETCDIR #define ETCDIR "/etc/l2tpns" @@ -322,14 +329,9 @@ typedef struct char class[MAXCLASS]; uint8_t ipv6prefixlen; // IPv6 route prefix length struct in6_addr ipv6route; // Static IPv6 route -#ifdef LAC sessionidt forwardtosession; // LNS id_session to forward uint8_t src_hwaddr[ETH_ALEN]; // MAC addr source (for pppoe sessions 6 bytes) char reserved[4]; // Space to expand structure without changing HB_VERSION -#else - uint8_t src_hwaddr[ETH_ALEN]; // MAC addr source (for pppoe sessions 6 bytes) - char reserved[6]; // Space to expand structure without changing HB_VERSION -#endif } sessiont; @@ -449,12 +451,9 @@ typedef struct uint16_t controlc; // outstaind messages in queue controlt *controls; // oldest message controlt *controle; // newest message -#ifdef LAC uint16_t isremotelns; // != 0 if the tunnel is to remote LNS (== index on the conf remote lns) - char reserved[14]; // Space to expand structure without changing HB_VERSION -#else - char reserved[16]; // Space to expand structure without changing HB_VERSION -#endif + uint16_t indexudp; // Index UDP file handle (in udpfd[]) + char reserved[12]; // Space to expand structure without changing HB_VERSION } tunnelt; @@ -765,19 +764,23 @@ typedef struct int idle_echo_timeout; // Time between last packet seen and // Drop sessions who have not responded within IDLE_ECHO_TIMEOUT seconds in_addr_t iftun_address; -#ifdef LAC int disable_lac_func; int auth_tunnel_change_addr_src; int highest_rlnsid; uint16_t bind_portremotelns; in_addr_t bind_address_remotelns; -#endif char pppoe_if_to_bind[IFNAMSIZ]; // Name pppoe interface to bind char pppoe_service_name[64]; // pppoe service name char pppoe_ac_name[64]; uint8_t pppoe_hwaddr[ETH_ALEN]; // MAC addr of interface pppoe to bind int disable_sending_hello; // Disable l2tp sending HELLO message for Apple compatibility. int disable_no_spoof; // Disable no spoof (permit load balancing client --> internet) + int nbudpfd; // number UDP file handle + int nbmultiaddress; // number multi address to bind + int indexlacudpfd; // Index UDP LAC file handle (in udpfd[]) + in_addr_t bind_n_address[MAX_BINDADDR]; + in_addr_t iftun_n_address[MAX_BINDADDR]; + char bind_multi_address[256]; } configt; enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IPv4, IPv6 }; @@ -913,9 +916,7 @@ void radiusretry(uint16_t r); uint16_t radiusnew(sessionidt s); void radiusclear(uint16_t r, sessionidt s); void processdae(uint8_t *buf, int len, struct sockaddr_in *addr, int alen, struct in_addr *local); -#ifdef LAC int rad_tunnel_pwdecode(uint8_t *pl2tpsecret, size_t *pl2tpsecretlen, const char *radiussecret, const uint8_t * auth); -#endif // l2tpns.c clockt backoff(uint8_t try); @@ -935,7 +936,7 @@ int tun_write(uint8_t *data, int size); void adjust_tcp_mss(sessionidt s, tunnelidt t, uint8_t *buf, int len, uint8_t *tcp); void sendipcp(sessionidt s, tunnelidt t); void sendipv6cp(sessionidt s, tunnelidt t); -void processudp(uint8_t *buf, int len, struct sockaddr_in *addr); +void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexudpfd); void processipout(uint8_t *buf, int len); void snoop_send_packet(uint8_t *packet, uint16_t size, in_addr_t destination, uint16_t port); int find_filter(char const *name, size_t len); @@ -943,13 +944,11 @@ int ip_filter(uint8_t *buf, int len, uint8_t filter); int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc); int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc); int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc); -#ifdef LAC tunnelidt lac_new_tunnel(); void lac_tunnelclear(tunnelidt t); void lac_send_SCCRQ(tunnelidt t, uint8_t * auth, unsigned int auth_len); void lac_send_ICRQ(tunnelidt t, sessionidt s); void lac_tunnelshutdown(tunnelidt t, char *reason, int result, int error, char *msg); -#endif #undef LOG #undef LOG_HEX @@ -1009,13 +1008,10 @@ struct event_data { FD_TYPE_RADIUS, FD_TYPE_BGP, FD_TYPE_NETLINK, -#ifdef LAC - FD_TYPE_UDPLAC, -#endif FD_TYPE_PPPOEDISC, FD_TYPE_PPPOESESS } type; - int index; // for RADIUS, BGP + int index; // for RADIUS, BGP, UDP }; #define TIME (config->current_time) diff --git a/ppp.c b/ppp.c index 893ceb9..960a269 100644 --- a/ppp.c +++ b/ppp.c @@ -12,9 +12,7 @@ #include "tbf.h" #include "cluster.h" -#ifdef LAC #include "l2tplac.h" -#endif #include "pppoe.h" extern tunnelt *tunnel; @@ -105,13 +103,11 @@ void processpap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) LOG(3, s, t, "PAP login %s/%s\n", user, pass); } -#ifdef LAC if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, user)) { // Creating a tunnel/session has been started return; } -#endif if (session[s].ip || !(r = radiusnew(s))) { @@ -264,7 +260,6 @@ void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) packet.username = calloc(l + 1, 1); memcpy(packet.username, p, l); -#ifdef LAC if ((!config->disable_lac_func) && lac_conf_forwardtoremotelns(s, packet.username)) { free(packet.username); @@ -272,7 +267,6 @@ void processchap(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) // Creating a tunnel/session has been started return; } -#endif run_plugins(PLUGIN_PRE_AUTH, &packet); if (!packet.continue_auth) diff --git a/pppoe.c b/pppoe.c index 4b196ea..01cc153 100644 --- a/pppoe.c +++ b/pppoe.c @@ -902,7 +902,6 @@ void process_pppoe_disc(uint8_t *pack, int size) } } -#ifdef LAC // Forward from pppoe to l2tp remote LNS static void pppoe_forwardto_session_rmlns(uint8_t *pack, int size, sessionidt sess, uint16_t proto) { @@ -1036,7 +1035,6 @@ void pppoe_forwardto_session_pppoe(uint8_t *pack, int size, sessionidt sess, uin tunnelsend(p, lpppoe, t); // send it.... } -#endif void process_pppoe_sess(uint8_t *pack, int size) { @@ -1101,13 +1099,11 @@ void process_pppoe_sess(uint8_t *pack, int size) lppp -= 2; } -#ifdef LAC if (session[sid].forwardtosession) { // Must be forwaded to a remote lns tunnel l2tp pppoe_forwardto_session_rmlns(pack, size, sid, proto); return; } -#endif if (proto == PPPPAP) { diff --git a/radius.c b/radius.c index 34806c5..8481561 100644 --- a/radius.c +++ b/radius.c @@ -19,9 +19,7 @@ #include "util.h" #include "cluster.h" -#ifdef LAC #include "l2tplac.h" -#endif #include "pppoe.h" extern radiust *radius; @@ -537,9 +535,7 @@ void processrad(uint8_t *buf, int len, char socket_index) uint8_t routes = 0; int r_code; int r_id; -#ifdef LAC int OpentunnelReq = 0; -#endif CSTAT(processrad); @@ -641,11 +637,10 @@ void processrad(uint8_t *buf, int len, char socket_index) // Extract IP, routes, etc uint8_t *p = buf + 20; uint8_t *e = buf + len; -#ifdef LAC uint8_t tag; uint8_t strtemp[256]; lac_reset_rad_tag_tunnel_ctxt(); -#endif + for (; p + 2 <= e && p[1] && p + p[1] <= e; p += p[1]) { if (*p == 26 && p[1] >= 7) @@ -840,7 +835,6 @@ void processrad(uint8_t *buf, int len, char socket_index) session[s].classlen = MAXCLASS; memcpy(session[s].class, p + 2, session[s].classlen); } -#ifdef LAC else if (*p == 64) { // Tunnel-Type @@ -929,7 +923,6 @@ void processrad(uint8_t *buf, int len, char socket_index) // Fill context lac_set_rad_tag_tunnel_assignment_id(tag, (char *) strtemp); } -#endif } } else if (r_code == AccessReject) @@ -939,7 +932,6 @@ void processrad(uint8_t *buf, int len, char socket_index) break; } -#ifdef LAC if ((!config->disable_lac_func) && OpentunnelReq) { char assignment_id[256]; @@ -996,7 +988,6 @@ void processrad(uint8_t *buf, int len, char socket_index) LOG(3, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user, (r_code == AccessAccept) ? "allowed" : "denied"); } -#endif if (!session[s].dns1 && config->default_dns1) { @@ -1341,7 +1332,6 @@ void processdae(uint8_t *buf, int len, struct sockaddr_in *addr, int alen, struc LOG(0, 0, 0, "Error sending DAE response packet: %s\n", strerror(errno)); } -#ifdef LAC // Decrypte the encrypted Tunnel Password. // Defined in RFC-2868. // the pl2tpsecret buffer must set to 256 characters. @@ -1432,4 +1422,3 @@ int rad_tunnel_pwdecode(uint8_t *pl2tpsecret, size_t *pl2tpsecretlen, return decodedlen; }; -#endif /* LAC */ diff --git a/util.c b/util.c index d4dbd4f..bbf94ba 100644 --- a/util.c +++ b/util.c @@ -51,100 +51,109 @@ void *shared_malloc(unsigned int size) } extern int forked; -extern int cluster_sockfd, tunfd, udpfd, controlfd, daefd, snoopfd, ifrfd, ifr6fd, rand_fd; +extern int cluster_sockfd, tunfd, controlfd, daefd, snoopfd, ifrfd, ifr6fd, rand_fd; +extern int pppoediscfd, pppoesessfd; extern int *radfds; +extern int udpfd[MAX_UDPFD + 1]; pid_t fork_and_close() { - pid_t pid = fork(); - int i; - - if (pid) - return pid; - - forked++; - if (config->scheduler_fifo) - { - struct sched_param params = {0}; - params.sched_priority = 0; - if (sched_setscheduler(0, SCHED_OTHER, ¶ms)) + pid_t pid = fork(); + int i; + + if (pid) + return pid; + + forked++; + if (config->scheduler_fifo) + { + struct sched_param params = {0}; + params.sched_priority = 0; + if (sched_setscheduler(0, SCHED_OTHER, ¶ms)) + { + LOG(0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno)); + LOG(0, 0, 0, "This is probably really really bad.\n"); + } + } + + signal(SIGPIPE, SIG_DFL); + signal(SIGCHLD, SIG_DFL); + signal(SIGHUP, SIG_DFL); + signal(SIGUSR1, SIG_DFL); + signal(SIGQUIT, SIG_DFL); + signal(SIGKILL, SIG_DFL); + signal(SIGTERM, SIG_DFL); + + // Close sockets + if (clifd != -1) close(clifd); + if (cluster_sockfd != -1) close(cluster_sockfd); + if (tunfd != -1) close(tunfd); + + for (i = 0; i < config->nbudpfd; i++) { - LOG(0, 0, 0, "Error setting scheduler to OTHER after fork: %s\n", strerror(errno)); - LOG(0, 0, 0, "This is probably really really bad.\n"); + if (udpfd[i] != -1) close(udpfd[i]); } - } - - signal(SIGPIPE, SIG_DFL); - signal(SIGCHLD, SIG_DFL); - signal(SIGHUP, SIG_DFL); - signal(SIGUSR1, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - signal(SIGKILL, SIG_DFL); - signal(SIGTERM, SIG_DFL); - - // Close sockets - if (clifd != -1) close(clifd); - if (cluster_sockfd != -1) close(cluster_sockfd); - if (tunfd != -1) close(tunfd); - if (udpfd != -1) close(udpfd); - if (controlfd != -1) close(controlfd); - if (daefd != -1) close(daefd); - if (snoopfd != -1) close(snoopfd); - if (rand_fd != -1) close(rand_fd); - if (epollfd != -1) close(epollfd); - - for (i = 0; radfds && i < RADIUS_FDS; i++) - close(radfds[i]); + + if (pppoediscfd != -1) close(pppoediscfd); + if (pppoediscfd != -1) close(pppoediscfd); + if (controlfd != -1) close(controlfd); + if (daefd != -1) close(daefd); + if (snoopfd != -1) close(snoopfd); + if (rand_fd != -1) close(rand_fd); + if (epollfd != -1) close(epollfd); + + for (i = 0; radfds && i < RADIUS_FDS; i++) + close(radfds[i]); #ifdef BGP - for (i = 0; i < BGP_NUM_PEERS; i++) - if (bgp_peers[i].sock != -1) - close(bgp_peers[i].sock); + for (i = 0; i < BGP_NUM_PEERS; i++) + if (bgp_peers[i].sock != -1) + close(bgp_peers[i].sock); #endif /* BGP */ return pid; } ssize_t recvfromto(int s, void *buf, size_t len, int flags, - struct sockaddr *from, socklen_t *fromlen, struct in_addr *toaddr) + struct sockaddr *from, socklen_t *fromlen, struct in_addr *toaddr) { - ssize_t r; - struct msghdr msg; - struct cmsghdr *cmsg; - struct iovec vec; - char cbuf[128]; + ssize_t r; + struct msghdr msg; + struct cmsghdr *cmsg; + struct iovec vec; + char cbuf[128]; - memset(&msg, 0, sizeof(msg)); - msg.msg_name = from; - msg.msg_namelen = *fromlen; + memset(&msg, 0, sizeof(msg)); + msg.msg_name = from; + msg.msg_namelen = *fromlen; - vec.iov_base = buf; - vec.iov_len = len; - msg.msg_iov = &vec; - msg.msg_iovlen = 1; - msg.msg_flags = 0; + vec.iov_base = buf; + vec.iov_len = len; + msg.msg_iov = &vec; + msg.msg_iovlen = 1; + msg.msg_flags = 0; - msg.msg_control = cbuf; - msg.msg_controllen = sizeof(cbuf); + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); - if ((r = recvmsg(s, &msg, flags)) < 0) - return r; + if ((r = recvmsg(s, &msg, flags)) < 0) + return r; - if (fromlen) - *fromlen = msg.msg_namelen; + if (fromlen) + *fromlen = msg.msg_namelen; - memset(toaddr, 0, sizeof(*toaddr)); - for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) - { - if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO) + memset(toaddr, 0, sizeof(*toaddr)); + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { - struct in_pktinfo *i = (struct in_pktinfo *) CMSG_DATA(cmsg); - memcpy(toaddr, &i->ipi_addr, sizeof(*toaddr)); - break; + if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO) + { + struct in_pktinfo *i = (struct in_pktinfo *) CMSG_DATA(cmsg); + memcpy(toaddr, &i->ipi_addr, sizeof(*toaddr)); + break; + } } - } - return r; + return r; } ssize_t sendtofrom(int s, void const *buf, size_t len, int flags, -- 2.20.1 From 4ac1a263960dd8d535dcc15f30856d07c01ac2e4 Mon Sep 17 00:00:00 2001 From: fendo Date: Sun, 17 Mar 2013 20:14:05 +0100 Subject: [PATCH 04/16] Fix possible IPv6 spoofing --- ppp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ppp.c b/ppp.c index 893ceb9..bd70e4d 100644 --- a/ppp.c +++ b/ppp.c @@ -2244,7 +2244,7 @@ void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) return; // no spoof - if (ipv4 != session[s].ip && memcmp(&config->ipv6_prefix, &ip, 8) && sessionbyipv6(ip) != s) + if ((ipv4 != session[s].ip || memcmp(&config->ipv6_prefix, &ip, 8)) && sessionbyipv6(ip) != s) { char str[INET6_ADDRSTRLEN]; LOG(5, s, t, "Dropping packet with spoofed IP %s\n", -- 2.20.1 From fb0f416a01b5f125935b848f264eb33833b52c60 Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 9 Apr 2013 16:49:57 +0200 Subject: [PATCH 05/16] Update changelog --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 1d9c0b7..3fa3789 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +l2tpns (2.2.1-2fdn3.7) unstable; urgency=low + + * Adding the possibility to listening multiple IP L2TP Tunnels + * Removing LAC flag. + + -- Fernando Alves Thu, 28 Mar 2013 10:50:00 +0100 + l2tpns (2.2.1-2fdn3.6) unstable; urgency=low * Fix Warning: dereferencing type-punned pointer will break strict... -- 2.20.1 From 1e722029bc405a555e81840c00708084128c5cdd Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 9 Apr 2013 17:03:00 +0200 Subject: [PATCH 06/16] Fix service_name management and add pppoe_only_equal_svc_name parameter --- Docs/manual.html | 5 +++++ l2tpns.c | 1 + l2tpns.h | 1 + pppoe.c | 13 ++++++++++--- 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/Docs/manual.html b/Docs/manual.html index 384fe9a..95e3afe 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -466,6 +466,11 @@ PPPOE service name (default: NULL). PPPOE access concentrator name (default: "l2tpns-pppoe"). +
  • pppoe_only_equal_svc_name (boolean)
    +If set to yes, the PPPOE server only accepts clients with a "service-name" +different from NULL and a "service-name" equal to server "service-name" (default: no). +
    • +

    BGP configuration

    diff --git a/l2tpns.c b/l2tpns.c index 4545d6c..8f1ace5 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -185,6 +185,7 @@ config_descriptt config_values[] = { CONFIG("disable_sending_hello", disable_sending_hello, BOOL), CONFIG("disable_no_spoof", disable_no_spoof, BOOL), CONFIG("bind_multi_address", bind_multi_address, STRING), + CONFIG("pppoe_only_equal_svc_name", pppoe_only_equal_svc_name, BOOL), { NULL, 0, 0, 0 } }; diff --git a/l2tpns.h b/l2tpns.h index e962256..89f49dd 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -773,6 +773,7 @@ typedef struct char pppoe_service_name[64]; // pppoe service name char pppoe_ac_name[64]; uint8_t pppoe_hwaddr[ETH_ALEN]; // MAC addr of interface pppoe to bind + int pppoe_only_equal_svc_name; // Accept only PADI with service-name equal to server int disable_sending_hello; // Disable l2tp sending HELLO message for Apple compatibility. int disable_no_spoof; // Disable no spoof (permit load balancing client --> internet) int nbudpfd; // number UDP file handle diff --git a/pppoe.c b/pppoe.c index 01cc153..4d442cc 100644 --- a/pppoe.c +++ b/pppoe.c @@ -502,20 +502,27 @@ static void pppoe_recv_PADI(uint8_t *pack, int size) return; len = ntohs(hdr->length); - for (n = 0; n < len; n += sizeof(*tag) + ntohs(tag->tag_len)) { + for (n = 0; n < len; n += sizeof(*tag) + ntohs(tag->tag_len)) + { tag = (struct pppoe_tag *)(pack + ETH_HLEN + sizeof(*hdr) + n); if (n + sizeof(*tag) + ntohs(tag->tag_len) > len) return; - switch (ntohs(tag->tag_type)) { + switch (ntohs(tag->tag_type)) + { case TAG_END_OF_LIST: break; case TAG_SERVICE_NAME: - if (*config->pppoe_service_name && tag->tag_len) + if (config->pppoe_only_equal_svc_name && *config->pppoe_service_name && !tag->tag_len) + { + break; + } + else if (*config->pppoe_service_name && tag->tag_len) { if (ntohs(tag->tag_len) != strlen(config->pppoe_service_name)) break; if (memcmp(tag->tag_data, config->pppoe_service_name, ntohs(tag->tag_len))) break; + service_name_tag = tag; service_match = 1; } else -- 2.20.1 From 7fd4346bbbf03622abf0e09d4f1efb32169a7cf0 Mon Sep 17 00:00:00 2001 From: fendo Date: Wed, 24 Apr 2013 22:29:36 +0200 Subject: [PATCH 07/16] add accounting parameter account_all_origin --- Docs/manual.html | 9 +++++++-- l2tpns.c | 30 ++++++++++++++++++++++++++++++ l2tpns.h | 1 + 3 files changed, 38 insertions(+), 2 deletions(-) diff --git a/Docs/manual.html b/Docs/manual.html index 95e3afe..8894599 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -316,8 +316,13 @@ every connected use will be dumped to a file in this directory. Each file dumped begins with a header, where each line is prefixed by #. Following the header is a single line for every connected user, fields separated by a space.
    The fields are username, ip, qos, -uptxoctets, downrxoctets. The qos field is 1 if a standard user, and -2 if the user is throttled. +uptxoctets, downrxoctets, origin (optional). The qos field is 1 if a standard user, and +2 if the user is throttled. The origin field is dump if account_all_origin is set to true +(origin value: L=LAC data, R=Remote LNS data, P=PPPOE data). + + +
  • account_all_origin (boolean)
    +If set to true, all origin of the usage is dumped to the accounting file (LAC+Remote LNS+PPPOE)(default false).
  • setuid (int)
    diff --git a/l2tpns.c b/l2tpns.c index 8f1ace5..55621a5 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -152,6 +152,7 @@ config_descriptt config_values[] = { CONFIG("throttle_speed", rl_rate, UNSIGNED_LONG), CONFIG("throttle_buckets", num_tbfs, INT), CONFIG("accounting_dir", accounting_dir, STRING), + CONFIG("account_all_origin", account_all_origin, BOOL), CONFIG("dump_speed", dump_speed, BOOL), CONFIG("multi_read_count", multi_read_count, INT), CONFIG("scheduler_fifo", scheduler_fifo, BOOL), @@ -4939,6 +4940,21 @@ static int dump_session(FILE **f, sessiont *s) } LOG(3, 0, 0, "Dumping accounting information to %s\n", filename); + if(config->account_all_origin) + { + fprintf(*f, "# dslwatch.pl dump file V1.01\n" + "# host: %s\n" + "# endpoint: %s\n" + "# time: %ld\n" + "# uptime: %ld\n" + "# format: username ip qos uptxoctets downrxoctets origin(L=LAC, R=Remote LNS, P=PPPOE)\n", + hostname, + fmtaddr(config->iftun_n_address[tunnel[s->tunnel].indexudp] ? config->iftun_n_address[tunnel[s->tunnel].indexudp] : my_address, 0), + now, + now - basetime); + } + else + { fprintf(*f, "# dslwatch.pl dump file V1.01\n" "# host: %s\n" "# endpoint: %s\n" @@ -4949,15 +4965,29 @@ static int dump_session(FILE **f, sessiont *s) fmtaddr(config->iftun_n_address[tunnel[s->tunnel].indexudp] ? config->iftun_n_address[tunnel[s->tunnel].indexudp] : my_address, 0), now, now - basetime); + } } LOG(4, 0, 0, "Dumping accounting information for %s\n", s->user); + if(config->account_all_origin) + { + fprintf(*f, "%s %s %d %u %u %s\n", + s->user, // username + fmtaddr(htonl(s->ip), 0), // ip + (s->throttle_in || s->throttle_out) ? 2 : 1, // qos + (uint32_t) s->cin_delta, // uptxoctets + (uint32_t) s->cout_delta, // downrxoctets + (s->tunnel == TUNNEL_ID_PPPOE)?"P":(tunnel[s->tunnel].isremotelns?"R":"L")); // Origin + } + else if (!tunnel[s->tunnel].isremotelns && (s->tunnel != TUNNEL_ID_PPPOE)) + { fprintf(*f, "%s %s %d %u %u\n", s->user, // username fmtaddr(htonl(s->ip), 0), // ip (s->throttle_in || s->throttle_out) ? 2 : 1, // qos (uint32_t) s->cin_delta, // uptxoctets (uint32_t) s->cout_delta); // downrxoctets + } s->cin_delta = s->cout_delta = 0; diff --git a/l2tpns.h b/l2tpns.h index 89f49dd..8c306d3 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -696,6 +696,7 @@ typedef struct int num_tbfs; // number of throttle buckets char accounting_dir[128]; + int account_all_origin; // Accouting all origin (LAC data + Remote LNS Data + PPPOE data) in_addr_t bind_address; in_addr_t peer_address; int send_garp; // Set to true to garp for vip address on startup -- 2.20.1 From 8c6b4f04b00d15e0048b1706a933db0458efd447 Mon Sep 17 00:00:00 2001 From: fendo Date: Mon, 29 Apr 2013 17:13:42 +0200 Subject: [PATCH 08/16] Fix: send SCCCN requested challenge response --- l2tpns.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/l2tpns.c b/l2tpns.c index 55621a5..f81a43e 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -2412,7 +2412,8 @@ static void tunnelshutdown(tunnelidt t, char *reason, int result, int error, cha // read and process packet on tunnel (UDP) void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexudpfd) { - uint8_t *chapresponse = NULL; + uint8_t *sendchalresponse = NULL; + uint8_t *recvchalresponse = NULL; uint16_t l = len, t = 0, s = 0, ns = 0, nr = 0; uint8_t *p = buf + 2; @@ -2816,17 +2817,20 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu tunnel[t].window = 1; // window of 0 is silly LOG(4, s, t, " rx window = %u\n", tunnel[t].window); break; - case 11: // Challenge + case 11: // Request Challenge { LOG(4, s, t, " LAC requested CHAP authentication for tunnel\n"); - build_chap_response(b, 2, n, &chapresponse); + if (message == 1) + build_chap_response(b, 2, n, &sendchalresponse); + else if (message == 2) + build_chap_response(b, 3, n, &sendchalresponse); } break; - case 13: // Response + case 13: // receive challenge Response if (tunnel[t].isremotelns) { - chapresponse = calloc(17, 1); - memcpy(chapresponse, b, (n < 17) ? n : 16); + recvchalresponse = calloc(17, 1); + memcpy(recvchalresponse, b, (n < 17) ? n : 16); LOG(3, s, t, "received challenge response from REMOTE LNS\n"); } else @@ -3063,7 +3067,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu control16(c, 2, version, 1); // protocol version control32(c, 3, 3, 1); // framing controls(c, 7, hostname, 1); // host name - if (chapresponse) controlb(c, 13, chapresponse, 16, 1); // Challenge response + if (sendchalresponse) controlb(c, 13, sendchalresponse, 16, 1); // Send Challenge response control16(c, 9, t, 1); // assigned tunnel controladd(c, 0, t); // send the resply } @@ -3078,13 +3082,13 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu LOG(3, s, t, "Received SCCRP\n"); if (main_quit != QUIT_SHUTDOWN) { - if (tunnel[t].isremotelns && chapresponse) + if (tunnel[t].isremotelns && recvchalresponse) { hasht hash; lac_calc_rlns_auth(t, 2, hash); // id = 2 (SCCRP) // check authenticator - if (memcmp(hash, chapresponse, 16) == 0) + if (memcmp(hash, recvchalresponse, 16) == 0) { LOG(3, s, t, "sending SCCCN to REMOTE LNS\n"); controlt *c = controlnew(3); // sending SCCCN @@ -3092,6 +3096,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu controls(c, 8, Vendor_name, 1); // Vendor name control16(c, 2, version, 1); // protocol version control32(c, 3, 3, 1); // framing Capabilities + if (sendchalresponse) controlb(c, 13, sendchalresponse, 16, 1); // Challenge response control16(c, 9, t, 1); // assigned tunnel controladd(c, 0, t); // send } @@ -3234,7 +3239,8 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu LOG(1, s, t, "Unknown message type %u\n", message); break; } - if (chapresponse) free(chapresponse); + if (sendchalresponse) free(sendchalresponse); + if (recvchalresponse) free(recvchalresponse); cluster_send_tunnel(t); } else -- 2.20.1 From 9944e87dfeab3ca38588058eb13bb2369b7304c8 Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 30 Apr 2013 16:06:16 +0200 Subject: [PATCH 09/16] Update debian/changelog --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index 3fa3789..645438c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +l2tpns (2.2.1-2fdn3.8) unstable; urgency=low + + * Fix: send SCCCN requested challenge response. + * add accounting parameter account_all_origin. + * Fix service_name management and add pppoe_only_equal_svc_name parameter. + + -- Fernando Alves Tue, 30 Apr 2013 16:02:33 +0200 + l2tpns (2.2.1-2fdn3.7) unstable; urgency=low * Adding the possibility to listening multiple IP L2TP Tunnels -- 2.20.1 From 9c1869ccb199bce1b649cd7923e662f9a88e3488 Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 21 May 2013 11:42:48 +0200 Subject: [PATCH 10/16] Adding the possibility to set multiple hostname. --- l2tpns.c | 42 +++++++++++++++++++++++++++++++++++++++--- l2tpns.h | 5 +++++ ppp.c | 6 +++--- 3 files changed, 47 insertions(+), 6 deletions(-) diff --git a/l2tpns.c b/l2tpns.c index f81a43e..68817a2 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -187,6 +187,7 @@ config_descriptt config_values[] = { CONFIG("disable_no_spoof", disable_no_spoof, BOOL), CONFIG("bind_multi_address", bind_multi_address, STRING), CONFIG("pppoe_only_equal_svc_name", pppoe_only_equal_svc_name, BOOL), + CONFIG("multi_hostname", multi_hostname, STRING), { NULL, 0, 0, 0 } }; @@ -3066,7 +3067,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu controlt *c = controlnew(2); // sending SCCRP control16(c, 2, version, 1); // protocol version control32(c, 3, 3, 1); // framing - controls(c, 7, hostname, 1); // host name + controls(c, 7, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname, 1); // host name if (sendchalresponse) controlb(c, 13, sendchalresponse, 16, 1); // Send Challenge response control16(c, 9, t, 1); // assigned tunnel controladd(c, 0, t); // send the resply @@ -3092,7 +3093,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu { LOG(3, s, t, "sending SCCCN to REMOTE LNS\n"); controlt *c = controlnew(3); // sending SCCCN - controls(c, 7, hostname, 1); // host name + controls(c, 7, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname, 1); // host name controls(c, 8, Vendor_name, 1); // Vendor name control16(c, 2, version, 1); // protocol version control32(c, 3, 3, 1); // framing Capabilities @@ -5426,6 +5427,8 @@ static void update_config() config->iftun_n_address[config->nbmultiaddress] = htonl(ip); config->nbmultiaddress++; LOG(1, 0, 0, "Bind address %s\n", fmtaddr(htonl(ip), 0)); + + if (config->nbmultiaddress >= MAX_BINDADDR) break; } sip = n; @@ -5444,6 +5447,39 @@ static void update_config() config->iftun_n_address[0] = config->iftun_address; } + if (*config->multi_hostname) + { + char *shost = config->multi_hostname; + char *n = shost; + char *e = config->multi_hostname + strlen(config->multi_hostname); + config->nbmultihostname = 0; + + while (*shost && (shost < e)) + { + while ((n < e) && (*n == ' ' || *n == '\t')) n++; + + i = 0; + while (n < e && (*n != ',') && (*n != '\t')) + { + config->multi_n_hostname[config->nbmultihostname][i] = *n; + n++;i++; + } + if (i > 0) + { + config->multi_n_hostname[config->nbmultihostname][i] = 0; + LOG(1, 0, 0, "Bind Hostname %s\n", config->multi_n_hostname[config->nbmultihostname]); + config->nbmultihostname++; + if (config->nbmultihostname >= MAX_NBHOSTNAME) break; + } + } + + if (config->nbmultihostname >= 1) + { + strcpy(hostname, config->multi_n_hostname[0]); + strcpy(config->hostname, hostname); + } + } + if (!*config->pppoe_ac_name) strncpy(config->pppoe_ac_name, DEFAULT_PPPOE_AC_NAME, sizeof(config->pppoe_ac_name) - 1); @@ -6518,7 +6554,7 @@ void lac_send_SCCRQ(tunnelidt t, uint8_t * auth, unsigned int auth_len) // Sent SCCRQ - Start Control Connection Request controlt *c = controlnew(1); // sending SCCRQ - controls(c, 7, hostname, 1); // host name + controls(c, 7, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname, 1); // host name controls(c, 8, Vendor_name, 1); // Vendor name control16(c, 2, version, 1); // protocol version control32(c, 3, 3, 1); // framing Capabilities diff --git a/l2tpns.h b/l2tpns.h index 8c306d3..1d6055d 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -69,6 +69,8 @@ // Multi bind address constants #define MAX_UDPFD 4 #define MAX_BINDADDR MAX_UDPFD +// + 1 for the LAC Hostname +#define MAX_NBHOSTNAME (MAX_UDPFD + 1) // 4 + 1 for the udplac #define INIT_TABUDPFD {-1, -1, -1, -1, -1} #define INIT_TABUDPVAR {0, 0, 0, 0, 0} @@ -780,9 +782,12 @@ typedef struct int nbudpfd; // number UDP file handle int nbmultiaddress; // number multi address to bind int indexlacudpfd; // Index UDP LAC file handle (in udpfd[]) + int nbmultihostname; // number hostname, normally the same number as the nbudpfd in_addr_t bind_n_address[MAX_BINDADDR]; in_addr_t iftun_n_address[MAX_BINDADDR]; char bind_multi_address[256]; + char multi_hostname[512]; + char multi_n_hostname[MAX_NBHOSTNAME][MAXHOSTNAME]; // list hostname } configt; enum config_typet { INT, STRING, UNSIGNED_LONG, SHORT, BOOL, IPv4, IPv6 }; diff --git a/ppp.c b/ppp.c index cb39db6..a4c9261 100644 --- a/ppp.c +++ b/ppp.c @@ -2507,9 +2507,9 @@ void sendchap(sessionidt s, tunnelidt t) q[1] = radius[r].id; // ID q[4] = 16; // value size (size of challenge) memcpy(q + 5, radius[r].auth, 16); // challenge - strcpy((char *) q + 21, hostname); // our name - *(uint16_t *) (q + 2) = htons(strlen(hostname) + 21); // length - tunnelsend(b, strlen(hostname) + 21 + (q - b), t); // send it + strcpy((char *) q + 21, config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname); // our name + *(uint16_t *) (q + 2) = htons(strlen(config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname) + 21); // length + tunnelsend(b, strlen(config->multi_n_hostname[tunnel[t].indexudp][0]?config->multi_n_hostname[tunnel[t].indexudp]:hostname) + 21 + (q - b), t); // send it } // fill in a L2TP message with a PPP frame, -- 2.20.1 From fa1972a6459df3fccf67a6e64473afd501e8bd8a Mon Sep 17 00:00:00 2001 From: fendo Date: Wed, 22 May 2013 20:49:17 +0200 Subject: [PATCH 11/16] Fix: loop parse multi_hostanme --- l2tpns.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/l2tpns.c b/l2tpns.c index 68817a2..c6fe521 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -5471,6 +5471,8 @@ static void update_config() config->nbmultihostname++; if (config->nbmultihostname >= MAX_NBHOSTNAME) break; } + + shost = n; } if (config->nbmultihostname >= 1) -- 2.20.1 From 91fc2ec13bb4bf58770085375a91a75f2413fa71 Mon Sep 17 00:00:00 2001 From: fendo Date: Wed, 22 May 2013 22:23:56 +0200 Subject: [PATCH 12/16] Fix: loop parse multi_hostanme --- l2tpns.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/l2tpns.c b/l2tpns.c index c6fe521..c41b502 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -5456,7 +5456,7 @@ static void update_config() while (*shost && (shost < e)) { - while ((n < e) && (*n == ' ' || *n == '\t')) n++; + while ((n < e) && (*n == ' ' || *n == ',' || *n == '\t')) n++; i = 0; while (n < e && (*n != ',') && (*n != '\t')) @@ -5464,6 +5464,7 @@ static void update_config() config->multi_n_hostname[config->nbmultihostname][i] = *n; n++;i++; } + if (i > 0) { config->multi_n_hostname[config->nbmultihostname][i] = 0; -- 2.20.1 From 18c0dec97f190fa175898d1c0b509ef7c775d75e Mon Sep 17 00:00:00 2001 From: fendo Date: Thu, 23 May 2013 23:59:52 +0200 Subject: [PATCH 13/16] Update changelog. --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 645438c..8473a28 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +l2tpns (2.2.1-2fdn3.9) unstable; urgency=low + + * Adding the possibility to set multiple hostname. + + -- Fernando Alves Thu, 23 May 2013 23:58:23 +0200 + l2tpns (2.2.1-2fdn3.8) unstable; urgency=low * Fix: send SCCCN requested challenge response. -- 2.20.1 From 733fc0b1a2824efc24a867958b9956e30d10fc17 Mon Sep 17 00:00:00 2001 From: fendo Date: Tue, 4 Jun 2013 11:49:10 +0200 Subject: [PATCH 14/16] Fix: authentication success was sent 2 times. --- debian/changelog | 6 ++++++ radius.c | 34 ---------------------------------- 2 files changed, 6 insertions(+), 34 deletions(-) diff --git a/debian/changelog b/debian/changelog index 8473a28..9b285b5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +l2tpns (2.2.1-2fdn3.10) unstable; urgency=low + + * Fix: authentication success was sent 2 times. + + -- Fernando Alves Tue, 04 Jun 2013 11:38:04 +0200 + l2tpns (2.2.1-2fdn3.9) unstable; urgency=low * Adding the possibility to set multiple hostname. diff --git a/radius.c b/radius.c index 8481561..4321d82 100644 --- a/radius.c +++ b/radius.c @@ -597,40 +597,6 @@ void processrad(uint8_t *buf, int len, char socket_index) run_plugins(PLUGIN_POST_AUTH, &packet); r_code = packet.auth_allowed ? AccessAccept : AccessReject; -#ifndef LAC - // process auth response - if (radius[r].chap) - { - // CHAP - uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPCHAP, 0, 0, 0); - if (!p) return; // Abort! - - *p = (r_code == AccessAccept) ? 3 : 4; // ack/nak - p[1] = radius[r].id; - *(uint16_t *) (p + 2) = ntohs(4); // no message - tunnelsend(b, (p - b) + 4, t); // send it - - LOG(3, s, session[s].tunnel, " CHAP User %s authentication %s.\n", session[s].user, - (r_code == AccessAccept) ? "allowed" : "denied"); - } - else - { - // PAP - uint8_t *p = makeppp(b, sizeof(b), 0, 0, s, t, PPPPAP, 0, 0, 0); - if (!p) return; // Abort! - - // ack/nak - *p = r_code; - p[1] = radius[r].id; - *(uint16_t *) (p + 2) = ntohs(5); - p[4] = 0; // no message - tunnelsend(b, (p - b) + 5, t); // send it - - LOG(3, s, session[s].tunnel, " PAP User %s authentication %s.\n", session[s].user, - (r_code == AccessAccept) ? "allowed" : "denied"); - } -#endif - if (r_code == AccessAccept) { // Login successful -- 2.20.1 From 959cce2660c25a7f9e248c969a5d9b013d6190d4 Mon Sep 17 00:00:00 2001 From: fendo Date: Wed, 5 Jun 2013 17:00:52 +0200 Subject: [PATCH 15/16] Fixing of the Endpoint-Discriminator has a unique value. --- l2tpns.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/l2tpns.c b/l2tpns.c index c41b502..ec224bd 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -3218,7 +3218,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu // Set multilink options before sending initial LCP packet sess_local[s].mp_mrru = 1614; - sess_local[s].mp_epdis = ntohl(config->iftun_n_address[tunnel[t].indexudp] ? config->iftun_n_address[tunnel[t].indexudp] : my_address); + sess_local[s].mp_epdis = ntohl(config->iftun_address ? config->iftun_address : my_address); sendlcp(s, t); change_state(s, lcp, RequestSent); -- 2.20.1 From 26a2025a1b7f12e9d962294583d76da30fb668d9 Mon Sep 17 00:00:00 2001 From: fendo Date: Mon, 16 Sep 2013 15:01:04 +0200 Subject: [PATCH 16/16] Fix: wheezy warning compilation --- cli.c | 180 +++++++++++++++++++++++++++--------------------------- cluster.c | 2 +- cluster.h | 2 +- l2tpns.c | 54 +++++++++------- l2tpns.h | 6 +- tbf.c | 2 +- tbf.h | 2 +- 7 files changed, 128 insertions(+), 120 deletions(-) diff --git a/cli.c b/cli.c index fc150d7..d2262d5 100644 --- a/cli.c +++ b/cli.c @@ -74,60 +74,60 @@ static char *debug_levels[] = { #endif -static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_tunnels(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_users(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_radius(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_version(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_pool(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_run(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_banana(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_plugins(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_throttle(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_write_memory(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_drop_user(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_drop_tunnel(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_drop_session(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_snoop(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_no_snoop(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_throttle(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_no_throttle(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_debug(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_no_debug(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_set(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_load_plugin(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_remove_plugin(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_uptime(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_shutdown(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_reload(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_setforward(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_rmtlnsconf(struct cli_def *cli, char *command, char **argv, int argc); +static int cmd_show_session(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_tunnels(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_users(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_radius(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_version(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_pool(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_run(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_banana(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_plugins(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_throttle(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_write_memory(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_drop_user(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_drop_tunnel(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_drop_session(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_snoop(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_no_snoop(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_throttle(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_no_throttle(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_debug(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_no_debug(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_set(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_load_plugin(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_remove_plugin(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_uptime(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_shutdown(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_reload(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_setforward(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_rmtlnsconf(struct cli_def *cli, const char *command, char **argv, int argc); static int regular_stuff(struct cli_def *cli); #ifdef STATISTICS -static int cmd_show_counters(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_clear_counters(struct cli_def *cli, char *command, char **argv, int argc); +static int cmd_show_counters(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_clear_counters(struct cli_def *cli, const char *command, char **argv, int argc); #endif /* STATISTICS */ #ifdef BGP #define MODE_CONFIG_BGP 8 -static int cmd_router_bgp(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_router_bgp_neighbour(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_router_bgp_no_neighbour(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_bgp(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_suspend_bgp(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_no_suspend_bgp(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_restart_bgp(struct cli_def *cli, char *command, char **argv, int argc); +static int cmd_router_bgp(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_router_bgp_neighbour(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_router_bgp_no_neighbour(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_bgp(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_suspend_bgp(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_no_suspend_bgp(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_restart_bgp(struct cli_def *cli, const char *command, char **argv, int argc); #endif /* BGP */ #define MODE_CONFIG_NACL 9 -static int cmd_ip_access_list(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_no_ip_access_list(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_ip_access_list_rule(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_filter(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_no_filter(struct cli_def *cli, char *command, char **argv, int argc); -static int cmd_show_access_list(struct cli_def *cli, char *command, char **argv, int argc); +static int cmd_ip_access_list(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_no_ip_access_list(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_ip_access_list_rule(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_filter(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_no_filter(struct cli_def *cli, const char *command, char **argv, int argc); +static int cmd_show_access_list(struct cli_def *cli, const char *command, char **argv, int argc); /* match if b is a substr of a */ #define MATCH(a,b) (!strncmp((a), (b), strlen(b))) @@ -354,7 +354,7 @@ void cli_do(int sockfd) exit(0); } -static void cli_print_log(struct cli_def *cli, char *string) +static void cli_print_log(struct cli_def *cli, const char *string) { LOG(3, 0, 0, "%s\n", string); } @@ -403,7 +403,7 @@ int cli_arg_help(struct cli_def *cli, int cr_ok, char *entry, ...) return CLI_OK; } -static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_session(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -582,7 +582,7 @@ static int cmd_show_session(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_show_tunnels(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_tunnels(struct cli_def *cli, const char *command, char **argv, int argc) { int i, x, show_all = 0; char *states[] = { @@ -673,7 +673,7 @@ static int cmd_show_tunnels(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_show_users(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_users(struct cli_def *cli, const char *command, char **argv, int argc) { char sid[32][8]; char *sargv[32]; @@ -715,7 +715,7 @@ static int cmd_show_users(struct cli_def *cli, char *command, char **argv, int a } #ifdef STATISTICS -static int cmd_show_counters(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_counters(struct cli_def *cli, const char *command, char **argv, int argc) { if (CLI_HELP_REQUESTED) return CLI_HELP_NO_ARGS; @@ -815,7 +815,7 @@ static int cmd_show_counters(struct cli_def *cli, char *command, char **argv, in return CLI_OK; } -static int cmd_clear_counters(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_clear_counters(struct cli_def *cli, const char *command, char **argv, int argc) { if (CLI_HELP_REQUESTED) return CLI_HELP_NO_ARGS; @@ -828,7 +828,7 @@ static int cmd_clear_counters(struct cli_def *cli, char *command, char **argv, i } #endif /* STATISTICS */ -static int cmd_show_version(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_version(struct cli_def *cli, const char *command, char **argv, int argc) { if (CLI_HELP_REQUESTED) return CLI_HELP_NO_ARGS; @@ -837,7 +837,7 @@ static int cmd_show_version(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_show_pool(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_pool(struct cli_def *cli, const char *command, char **argv, int argc) { int i; int used = 0, free = 0, show_all = 0; @@ -899,13 +899,13 @@ static int cmd_show_pool(struct cli_def *cli, char *command, char **argv, int ar } static FILE *save_config_fh = 0; -static void print_save_config(struct cli_def *cli, char *string) +static void print_save_config(struct cli_def *cli, const char *string) { if (save_config_fh) fprintf(save_config_fh, "%s\n", string); } -static int cmd_write_memory(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_write_memory(struct cli_def *cli, const char *command, char **argv, int argc) { if (CLI_HELP_REQUESTED) return CLI_HELP_NO_ARGS; @@ -928,7 +928,7 @@ static int cmd_write_memory(struct cli_def *cli, char *command, char **argv, int static char const *show_access_list_rule(int extended, ip_filter_rulet *rule); -static int cmd_show_run(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_run(struct cli_def *cli, const char *command, char **argv, int argc) { int i; char ipv6addr[INET6_ADDRSTRLEN]; @@ -1025,7 +1025,7 @@ static int cmd_show_run(struct cli_def *cli, char *command, char **argv, int arg return CLI_OK; } -static int cmd_show_radius(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_radius(struct cli_def *cli, const char *command, char **argv, int argc) { int i, free = 0, used = 0, show_all = 0; char *states[] = { @@ -1080,7 +1080,7 @@ static int cmd_show_radius(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_show_plugins(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_plugins(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -1095,7 +1095,7 @@ static int cmd_show_plugins(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_show_throttle(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_throttle(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -1127,7 +1127,7 @@ static int cmd_show_throttle(struct cli_def *cli, char *command, char **argv, in return CLI_OK; } -static int cmd_show_banana(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_banana(struct cli_def *cli, const char *command, char **argv, int argc) { if (CLI_HELP_REQUESTED) return CLI_HELP_NO_ARGS; @@ -1150,7 +1150,7 @@ static int cmd_show_banana(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_drop_user(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_drop_user(struct cli_def *cli, const char *command, char **argv, int argc) { int i; sessionidt s; @@ -1191,7 +1191,7 @@ static int cmd_drop_user(struct cli_def *cli, char *command, char **argv, int ar return CLI_OK; } -static int cmd_drop_tunnel(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_drop_tunnel(struct cli_def *cli, const char *command, char **argv, int argc) { int i; tunnelidt t; @@ -1241,7 +1241,7 @@ static int cmd_drop_tunnel(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_drop_session(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_drop_session(struct cli_def *cli, const char *command, char **argv, int argc) { int i; sessionidt s; @@ -1291,7 +1291,7 @@ static int cmd_drop_session(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_snoop(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_snoop(struct cli_def *cli, const char *command, char **argv, int argc) { in_addr_t ip; uint16_t port; @@ -1364,7 +1364,7 @@ static int cmd_snoop(struct cli_def *cli, char *command, char **argv, int argc) return CLI_OK; } -static int cmd_no_snoop(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_no_snoop(struct cli_def *cli, const char *command, char **argv, int argc) { int i; sessionidt s; @@ -1402,7 +1402,7 @@ static int cmd_no_snoop(struct cli_def *cli, char *command, char **argv, int arg return CLI_OK; } -static int cmd_throttle(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_throttle(struct cli_def *cli, const char *command, char **argv, int argc) { int rate_in = 0; int rate_out = 0; @@ -1530,7 +1530,7 @@ static int cmd_throttle(struct cli_def *cli, char *command, char **argv, int arg return CLI_OK; } -static int cmd_no_throttle(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_no_throttle(struct cli_def *cli, const char *command, char **argv, int argc) { int i; sessionidt s; @@ -1575,7 +1575,7 @@ static int cmd_no_throttle(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_debug(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_debug(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -1639,7 +1639,7 @@ static int cmd_debug(struct cli_def *cli, char *command, char **argv, int argc) return CLI_OK; } -static int cmd_no_debug(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_no_debug(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -1685,7 +1685,7 @@ static int cmd_no_debug(struct cli_def *cli, char *command, char **argv, int arg return CLI_OK; } -static int cmd_load_plugin(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_load_plugin(struct cli_def *cli, const char *command, char **argv, int argc) { int i, firstfree = 0; @@ -1720,7 +1720,7 @@ static int cmd_load_plugin(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_remove_plugin(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_remove_plugin(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -1781,7 +1781,7 @@ static char *duration(time_t secs) return buf; } -static int cmd_uptime(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_uptime(struct cli_def *cli, const char *command, char **argv, int argc) { FILE *fh; char buf[100], *p = buf, *loads[3]; @@ -1817,7 +1817,7 @@ static int cmd_uptime(struct cli_def *cli, char *command, char **argv, int argc) return CLI_OK; } -static int cmd_set(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_set(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -1946,7 +1946,7 @@ int regular_stuff(struct cli_def *cli) } #ifdef BGP -static int cmd_router_bgp(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_router_bgp(struct cli_def *cli, const char *command, char **argv, int argc) { int as; @@ -2012,7 +2012,7 @@ static int find_bgp_neighbour(char const *name) return new; } -static int cmd_router_bgp_neighbour(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_router_bgp_neighbour(struct cli_def *cli, const char *command, char **argv, int argc) { int i; int keepalive; @@ -2156,7 +2156,7 @@ static int cmd_router_bgp_neighbour(struct cli_def *cli, char *command, char **a return CLI_OK; } -static int cmd_router_bgp_no_neighbour(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_router_bgp_no_neighbour(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -2188,7 +2188,7 @@ static int cmd_router_bgp_no_neighbour(struct cli_def *cli, char *command, char return CLI_OK; } -static int cmd_show_bgp(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_bgp(struct cli_def *cli, const char *command, char **argv, int argc) { int i; int hdr = 0; @@ -2243,7 +2243,7 @@ static int cmd_show_bgp(struct cli_def *cli, char *command, char **argv, int arg return CLI_OK; } -static int cmd_suspend_bgp(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_suspend_bgp(struct cli_def *cli, const char *command, char **argv, int argc) { int i; char *addr; @@ -2276,7 +2276,7 @@ static int cmd_suspend_bgp(struct cli_def *cli, char *command, char **argv, int return CLI_OK; } -static int cmd_no_suspend_bgp(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_no_suspend_bgp(struct cli_def *cli, const char *command, char **argv, int argc) { int i; char *addr; @@ -2310,7 +2310,7 @@ static int cmd_no_suspend_bgp(struct cli_def *cli, char *command, char **argv, i return CLI_OK; } -static int cmd_restart_bgp(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_restart_bgp(struct cli_def *cli, const char *command, char **argv, int argc) { int i; char *addr; @@ -2438,12 +2438,12 @@ static int access_list(struct cli_def *cli, char **argv, int argc, int add) return CLI_OK; } -static int cmd_ip_access_list(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_ip_access_list(struct cli_def *cli, const char *command, char **argv, int argc) { return access_list(cli, argv, argc, 1); } -static int cmd_no_ip_access_list(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_no_ip_access_list(struct cli_def *cli, const char *command, char **argv, int argc) { return access_list(cli, argv, argc, 0); } @@ -2529,7 +2529,7 @@ static char const *show_access_list_rule(int extended, ip_filter_rulet *rule) return buf; } -static ip_filter_rulet *access_list_rule_ext(struct cli_def *cli, char *command, char **argv, int argc) +static ip_filter_rulet *access_list_rule_ext(struct cli_def *cli, const char *command, char **argv, int argc) { static ip_filter_rulet rule; struct in_addr addr; @@ -2764,7 +2764,7 @@ static ip_filter_rulet *access_list_rule_ext(struct cli_def *cli, char *command, return &rule; } -static ip_filter_rulet *access_list_rule_std(struct cli_def *cli, char *command, char **argv, int argc) +static ip_filter_rulet *access_list_rule_std(struct cli_def *cli, const char *command, char **argv, int argc) { static ip_filter_rulet rule; struct in_addr addr; @@ -2880,7 +2880,7 @@ static ip_filter_rulet *access_list_rule_std(struct cli_def *cli, char *command, return &rule; } -static int cmd_ip_access_list_rule(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_ip_access_list_rule(struct cli_def *cli, const char *command, char **argv, int argc) { int i; ip_filter_rulet *rule = ip_filters[filt].extended @@ -2906,7 +2906,7 @@ static int cmd_ip_access_list_rule(struct cli_def *cli, char *command, char **ar return CLI_OK; } -static int cmd_filter(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_filter(struct cli_def *cli, const char *command, char **argv, int argc) { sessionidt s; int i; @@ -3002,7 +3002,7 @@ static int cmd_filter(struct cli_def *cli, char *command, char **argv, int argc) return CLI_OK; } -static int cmd_no_filter(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_no_filter(struct cli_def *cli, const char *command, char **argv, int argc) { int i; sessionidt s; @@ -3047,7 +3047,7 @@ static int cmd_no_filter(struct cli_def *cli, char *command, char **argv, int ar return CLI_OK; } -static int cmd_show_access_list(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_access_list(struct cli_def *cli, const char *command, char **argv, int argc) { int i; @@ -3092,7 +3092,7 @@ static int cmd_show_access_list(struct cli_def *cli, char *command, char **argv, return CLI_OK; } -static int cmd_shutdown(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_shutdown(struct cli_def *cli, const char *command, char **argv, int argc) { if (CLI_HELP_REQUESTED) return CLI_HELP_NO_ARGS; @@ -3101,7 +3101,7 @@ static int cmd_shutdown(struct cli_def *cli, char *command, char **argv, int arg return CLI_OK; } -static int cmd_reload(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_reload(struct cli_def *cli, const char *command, char **argv, int argc) { if (CLI_HELP_REQUESTED) return CLI_HELP_NO_ARGS; @@ -3110,7 +3110,7 @@ static int cmd_reload(struct cli_def *cli, char *command, char **argv, int argc) return CLI_OK; } -static int cmd_setforward(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_setforward(struct cli_def *cli, const char *command, char **argv, int argc) { int ret; @@ -3160,7 +3160,7 @@ static int cmd_setforward(struct cli_def *cli, char *command, char **argv, int a return CLI_OK; } -static int cmd_show_rmtlnsconf(struct cli_def *cli, char *command, char **argv, int argc) +static int cmd_show_rmtlnsconf(struct cli_def *cli, const char *command, char **argv, int argc) { confrlnsidt idrlns; char strdisp[1024]; diff --git a/cluster.c b/cluster.c index 651307a..94d0cd0 100644 --- a/cluster.c +++ b/cluster.c @@ -1954,7 +1954,7 @@ shortpacket: //==================================================================================================== -int cmd_show_cluster(struct cli_def *cli, char *command, char **argv, int argc) +int cmd_show_cluster(struct cli_def *cli, const char *command, char **argv, int argc) { int i; diff --git a/cluster.h b/cluster.h index 660b0c8..bb7ca5a 100644 --- a/cluster.h +++ b/cluster.h @@ -92,7 +92,7 @@ void cluster_send_ping(time_t basetime); void cluster_heartbeat(void); void cluster_check_master(void); void cluster_check_slaves(void); -int cmd_show_cluster(struct cli_def *cli, char *command, char **argv, int argc); +int cmd_show_cluster(struct cli_def *cli, const char *command, char **argv, int argc); int master_forward_pppoe_packet(uint8_t *data, int size, uint8_t codepad); #endif /* __CLUSTER_H__ */ diff --git a/l2tpns.c b/l2tpns.c index ec224bd..fcd054d 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -1013,8 +1013,10 @@ sessionidt sessionbyipv6(struct in6_addr ip) ip.s6_addr[1] == 0x80 && ip.s6_addr16[1] == 0 && ip.s6_addr16[2] == 0 && - ip.s6_addr16[3] == 0)) { - s = lookup_ipmap(*(in_addr_t *) &ip.s6_addr[8]); + ip.s6_addr16[3] == 0)) + { + in_addr_t *pipv4 = (in_addr_t *) &ip.s6_addr[8]; + s = lookup_ipmap(*pipv4); } else { s = lookup_ipv6map(ip); } @@ -1100,7 +1102,7 @@ static void cache_ipv6map(struct in6_addr ip, int prefixlen, sessionidt s) // // CLI list to dump current ipcache. // -int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc) +int cmd_show_ipcache(struct cli_def *cli, const char *command, char **argv, int argc) { union iphash *d = ip_hash, *e, *f, *g; int i, j, k, l; @@ -1844,10 +1846,11 @@ static void send_ipout(sessionidt s, uint8_t *buf, int len) static void control16(controlt * c, uint16_t avp, uint16_t val, uint8_t m) { uint16_t l = (m ? 0x8008 : 0x0008); - *(uint16_t *) (c->buf + c->length + 0) = htons(l); - *(uint16_t *) (c->buf + c->length + 2) = htons(0); - *(uint16_t *) (c->buf + c->length + 4) = htons(avp); - *(uint16_t *) (c->buf + c->length + 6) = htons(val); + uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0); + pint16[0] = htons(l); + pint16[1] = htons(0); + pint16[2] = htons(avp); + pint16[3] = htons(val); c->length += 8; } @@ -1855,10 +1858,12 @@ static void control16(controlt * c, uint16_t avp, uint16_t val, uint8_t m) static void control32(controlt * c, uint16_t avp, uint32_t val, uint8_t m) { uint16_t l = (m ? 0x800A : 0x000A); - *(uint16_t *) (c->buf + c->length + 0) = htons(l); - *(uint16_t *) (c->buf + c->length + 2) = htons(0); - *(uint16_t *) (c->buf + c->length + 4) = htons(avp); - *(uint32_t *) (c->buf + c->length + 6) = htonl(val); + uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0); + uint32_t *pint32 = (uint32_t *) (c->buf + c->length + 6); + pint16[0] = htons(l); + pint16[1] = htons(0); + pint16[2] = htons(avp); + pint32[0] = htonl(val); c->length += 10; } @@ -1866,9 +1871,10 @@ static void control32(controlt * c, uint16_t avp, uint32_t val, uint8_t m) static void controls(controlt * c, uint16_t avp, char *val, uint8_t m) { uint16_t l = ((m ? 0x8000 : 0) + strlen(val) + 6); - *(uint16_t *) (c->buf + c->length + 0) = htons(l); - *(uint16_t *) (c->buf + c->length + 2) = htons(0); - *(uint16_t *) (c->buf + c->length + 4) = htons(avp); + uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0); + pint16[0] = htons(l); + pint16[1] = htons(0); + pint16[2] = htons(avp); memcpy(c->buf + c->length + 6, val, strlen(val)); c->length += 6 + strlen(val); } @@ -1877,9 +1883,10 @@ static void controls(controlt * c, uint16_t avp, char *val, uint8_t m) static void controlb(controlt * c, uint16_t avp, uint8_t *val, unsigned int len, uint8_t m) { uint16_t l = ((m ? 0x8000 : 0) + len + 6); - *(uint16_t *) (c->buf + c->length + 0) = htons(l); - *(uint16_t *) (c->buf + c->length + 2) = htons(0); - *(uint16_t *) (c->buf + c->length + 4) = htons(avp); + uint16_t *pint16 = (uint16_t *) (c->buf + c->length + 0); + pint16[0] = htons(l); + pint16[1] = htons(0); + pint16[2] = htons(avp); memcpy(c->buf + c->length + 6, val, len); c->length += 6 + len; } @@ -1924,10 +1931,11 @@ static void controlnull(tunnelidt t) // add a control message to a tunnel, and send if within window static void controladd(controlt *c, sessionidt far, tunnelidt t) { - *(uint16_t *) (c->buf + 2) = htons(c->length); // length - *(uint16_t *) (c->buf + 4) = htons(tunnel[t].far); // tunnel - *(uint16_t *) (c->buf + 6) = htons(far); // session - *(uint16_t *) (c->buf + 8) = htons(tunnel[t].ns); // sequence + uint16_t *pint16 = (uint16_t *) (c->buf + 2); + pint16[0] = htons(c->length); // length + pint16[1] = htons(tunnel[t].far); // tunnel + pint16[2] = htons(far); // session + pint16[3] = htons(tunnel[t].ns); // sequence tunnel[t].ns++; // advance sequence // link in message in to queue if (tunnel[t].controlc) @@ -6275,7 +6283,7 @@ void become_master(void) } } -int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc) +int cmd_show_hist_idle(struct cli_def *cli, const char *command, char **argv, int argc) { int s, i; int count = 0; @@ -6313,7 +6321,7 @@ int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc return CLI_OK; } -int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc) +int cmd_show_hist_open(struct cli_def *cli, const char *command, char **argv, int argc) { int s, i; int count = 0; diff --git a/l2tpns.h b/l2tpns.h index 1d6055d..4f2f784 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -948,9 +948,9 @@ void processipout(uint8_t *buf, int len); void snoop_send_packet(uint8_t *packet, uint16_t size, in_addr_t destination, uint16_t port); int find_filter(char const *name, size_t len); int ip_filter(uint8_t *buf, int len, uint8_t filter); -int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc); -int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc); -int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc); +int cmd_show_ipcache(struct cli_def *cli, const char *command, char **argv, int argc); +int cmd_show_hist_idle(struct cli_def *cli, const char *command, char **argv, int argc); +int cmd_show_hist_open(struct cli_def *cli, const char *command, char **argv, int argc); tunnelidt lac_new_tunnel(); void lac_tunnelclear(tunnelidt t); void lac_send_SCCRQ(tunnelidt t, uint8_t * auth, unsigned int auth_len); diff --git a/tbf.c b/tbf.c index c6273ce..93e1025 100644 --- a/tbf.c +++ b/tbf.c @@ -307,7 +307,7 @@ int tbf_run_timer(void) return 1; } -int cmd_show_tbf(struct cli_def *cli, char *command, char **argv, int argc) +int cmd_show_tbf(struct cli_def *cli, const char *command, char **argv, int argc) { int i; int count = 0; diff --git a/tbf.h b/tbf.h index 925e4f7..3acc3f8 100644 --- a/tbf.h +++ b/tbf.h @@ -40,6 +40,6 @@ int new_tbf(int sid, int max_credit, int rate, void (*f)(sessionidt, uint8_t *, int free_tbf(int tid); void fsck_tbfs(void); -int cmd_show_tbf(struct cli_def *cli, char *command, char **argv, int argc); +int cmd_show_tbf(struct cli_def *cli, const char *command, char **argv, int argc); #endif /* __TBF_H__ */ -- 2.20.1