From c223bc0c14861540d5c08d4f187c0433261c17cc Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Wed, 1 Dec 2004 02:51:06 +0000 Subject: [PATCH 01/16] cosmetic --- cli.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cli.c b/cli.c index 24e9115..86751ea 100644 --- a/cli.c +++ b/cli.c @@ -2,7 +2,7 @@ // vim: sw=8 ts=8 char const *cvs_name = "$Name: $"; -char const *cvs_id_cli = "$Id: cli.c,v 1.37 2004-11-29 12:36:54 bodea Exp $"; +char const *cvs_id_cli = "$Id: cli.c,v 1.38 2004-12-01 02:51:06 bodea Exp $"; #include #include @@ -1003,7 +1003,7 @@ static int cmd_show_radius(struct cli_def *cli, char *command, char **argv, int NULL); } - cli_print(cli, "%6s%6s%5s%6s%9s%9s%4s", "ID", "Radius", "Sock", "State", "Session", "Retry", "Try"); + cli_print(cli, "%6s%7s%5s%6s%9s%9s%4s", "ID", "Radius", "Sock", "State", "Session", "Retry", "Try"); time(&time_now); @@ -1019,7 +1019,7 @@ static int cmd_show_radius(struct cli_def *cli, char *command, char **argv, int if (!show_all && radius[i].state == RADIUSNULL) continue; - cli_print(cli, "%6d%6d%5d%6s%9d%9u%4d", + cli_print(cli, "%6d%7d%5d%6s%9d%9u%4d", i, i >> RADIUS_SHIFT, i & RADIUS_MASK, -- 2.20.1 From f6f41eb77779fd7d961a704e5071dde8b7e4f835 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Wed, 1 Dec 2004 02:52:46 +0000 Subject: [PATCH 02/16] don't send a RADIUS start record when ungardening on shutdown --- Changes | 3 +++ garden.c | 24 +++++++++++++----------- l2tpns.h | 4 ++-- l2tpns.spec | 6 +++--- 4 files changed, 21 insertions(+), 16 deletions(-) diff --git a/Changes b/Changes index c443d07..8dbf579 100644 --- a/Changes +++ b/Changes @@ -1,3 +1,6 @@ +* Wed Dec 1 2004 Brendan O'Dea 2.0.11 +- Don't send a RADIUS start record when ungardening on shutdown. + * Wed Dec 1 2004 Brendan O'Dea 2.0.10 - Fix byte ordering of LCP header length (thanks Yuri). - Increase ip_conntrack_max due to dropped packets. diff --git a/garden.c b/garden.c index 5041f50..ecf3390 100644 --- a/garden.c +++ b/garden.c @@ -9,7 +9,7 @@ /* walled garden */ -char const *cvs_id = "$Id: garden.c,v 1.18 2004-11-30 21:54:23 bodea Exp $"; +char const *cvs_id = "$Id: garden.c,v 1.19 2004-12-01 02:52:46 bodea Exp $"; int plugin_api_version = PLUGIN_API_VERSION; static struct pluginfuncs *p = 0; @@ -40,6 +40,10 @@ char *down_commands[] = { NULL, }; +#define F_UNGARDEN 0 +#define F_GARDEN 1 +#define F_CLEANUP 2 + int garden_session(sessiont *s, int flag); int plugin_post_auth(struct param_post_auth *data) @@ -59,7 +63,7 @@ int plugin_new_session(struct param_new_session *data) return PLUGIN_RET_OK; // Slaves don't do walled garden processing. if (data->s->walled_garden) - garden_session(data->s, 1); + garden_session(data->s, F_GARDEN); return PLUGIN_RET_OK; } @@ -70,7 +74,7 @@ int plugin_kill_session(struct param_new_session *data) return PLUGIN_RET_OK; // Slaves don't do walled garden processing. if (data->s->walled_garden) - garden_session(data->s, 0); + garden_session(data->s, F_CLEANUP); return PLUGIN_RET_OK; } @@ -97,7 +101,7 @@ int plugin_control(struct param_control *data) if (!iam_master) return PLUGIN_RET_NOTMASTER; - flag = data->argv[0][0] != 'u'; + flag = data->argv[0][0] == 'g' ? F_GARDEN : F_UNGARDEN; if (data->argc != 2) { @@ -158,10 +162,7 @@ int plugin_become_master(void) int plugin_new_session_master(sessiont *s) { if (s->walled_garden) - { - s->walled_garden = 0; - garden_session(s, 1); - } + garden_session(s, F_GARDEN); return PLUGIN_RET_OK; } @@ -175,7 +176,7 @@ int garden_session(sessiont *s, int flag) if (!s->opened) return 0; sess = p->get_id_by_session(s); - if (flag == 1) + if (flag == F_GARDEN) { p->log(2, sess, s->tunnel, "Garden user %s (%s)\n", s->user, p->fmtaddr(htonl(s->ip), 0)); snprintf(cmd, sizeof(cmd), "iptables -t nat -A garden_users -s %s -j garden", p->fmtaddr(htonl(s->ip), 0)); @@ -209,13 +210,14 @@ int garden_session(sessiont *s, int flag) s->walled_garden = 0; - if (!s->die) { + if (flag != F_CLEANUP) + { /* OK, we're up! */ u16 r = p->radiusnew(p->get_id_by_session(s)); p->radiussend(r, RADIUSSTART); } } - s->walled_garden = flag; + return 1; } diff --git a/l2tpns.h b/l2tpns.h index 79dcc57..99c685d 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -1,5 +1,5 @@ // L2TPNS Global Stuff -// $Id: l2tpns.h,v 1.42 2004-11-30 19:37:46 bodea Exp $ +// $Id: l2tpns.h,v 1.43 2004-12-01 02:52:46 bodea Exp $ #ifndef __L2TPNS_H__ #define __L2TPNS_H__ @@ -15,7 +15,7 @@ #include #include -#define VERSION "2.0.10" +#define VERSION "2.0.11" // Limits #define MAXTUNNEL 500 // could be up to 65535 diff --git a/l2tpns.spec b/l2tpns.spec index 29907c7..22e3aff 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -1,6 +1,6 @@ Summary: A high-speed clustered L2TP LNS Name: l2tpns -Version: 2.0.10 +Version: 2.0.11 Release: 1 Copyright: GPL Group: System Environment/Daemons @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Wed Dec 1 2004 Brendan O'Dea 2.0.10-1 -- 2.0.10 release, see /usr/share/doc/l2tpns-2.0.10/Changes +* Wed Dec 1 2004 Brendan O'Dea 2.0.11-1 +- 2.0.11 release, see /usr/share/doc/l2tpns-2.0.11/Changes -- 2.20.1 From 28a49c442bdb926f79de1bd39821b77dda7d862d Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Wed, 1 Dec 2004 03:37:20 +0000 Subject: [PATCH 03/16] fix cut-n-paste error --- throttlectl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/throttlectl.c b/throttlectl.c index 9e0ca34..9b89b96 100644 --- a/throttlectl.c +++ b/throttlectl.c @@ -5,7 +5,7 @@ /* throttle control */ -char const *cvs_id = "$Id: throttlectl.c,v 1.3 2004-11-18 06:41:03 bodea Exp $"; +char const *cvs_id = "$Id: throttlectl.c,v 1.4 2004-12-01 03:37:20 bodea Exp $"; int plugin_api_version = PLUGIN_API_VERSION; static struct pluginfuncs *p = 0; @@ -44,7 +44,7 @@ int plugin_control(struct param_control *data) if (!data->iam_master) return PLUGIN_RET_NOTMASTER; - flag = data->argv[0][0] != 'g'; + flag = data->argv[0][0] == 't'; if (flag) { -- 2.20.1 From b4a359b61069bcb403f314cc33c7e5f03bb7d896 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Wed, 1 Dec 2004 04:14:55 +0000 Subject: [PATCH 04/16] release 2.0.12 --- Changes | 4 ++++ l2tpns.h | 4 ++-- l2tpns.spec | 6 +++--- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/Changes b/Changes index 8dbf579..38562f7 100644 --- a/Changes +++ b/Changes @@ -1,3 +1,7 @@ +* Wed Dec 1 2004 Brendan O'Dea 2.0.12 +- The "This time, for sure!" release. +- Fix throttlectl plugin "unthrottle" command. + * Wed Dec 1 2004 Brendan O'Dea 2.0.11 - Don't send a RADIUS start record when ungardening on shutdown. diff --git a/l2tpns.h b/l2tpns.h index 99c685d..2091c9c 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -1,5 +1,5 @@ // L2TPNS Global Stuff -// $Id: l2tpns.h,v 1.43 2004-12-01 02:52:46 bodea Exp $ +// $Id: l2tpns.h,v 1.44 2004-12-01 04:14:55 bodea Exp $ #ifndef __L2TPNS_H__ #define __L2TPNS_H__ @@ -15,7 +15,7 @@ #include #include -#define VERSION "2.0.11" +#define VERSION "2.0.12" // Limits #define MAXTUNNEL 500 // could be up to 65535 diff --git a/l2tpns.spec b/l2tpns.spec index 22e3aff..383daf8 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -1,6 +1,6 @@ Summary: A high-speed clustered L2TP LNS Name: l2tpns -Version: 2.0.11 +Version: 2.0.12 Release: 1 Copyright: GPL Group: System Environment/Daemons @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Wed Dec 1 2004 Brendan O'Dea 2.0.11-1 -- 2.0.11 release, see /usr/share/doc/l2tpns-2.0.11/Changes +* Wed Dec 1 2004 Brendan O'Dea 2.0.12-1 +- 2.0.12 release, see /usr/share/doc/l2tpns-2.0.12/Changes -- 2.20.1 From 142090db873b959f5d8dd130d3c3a50ba151c05e Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Wed, 1 Dec 2004 04:35:09 +0000 Subject: [PATCH 05/16] allow in N, out N --- throttlectl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/throttlectl.c b/throttlectl.c index 9b89b96..9254eee 100644 --- a/throttlectl.c +++ b/throttlectl.c @@ -5,7 +5,7 @@ /* throttle control */ -char const *cvs_id = "$Id: throttlectl.c,v 1.4 2004-12-01 03:37:20 bodea Exp $"; +char const *cvs_id = "$Id: throttlectl.c,v 1.5 2004-12-01 04:35:09 bodea Exp $"; int plugin_api_version = PLUGIN_API_VERSION; static struct pluginfuncs *p = 0; @@ -48,7 +48,7 @@ int plugin_control(struct param_control *data) if (flag) { - if (data->argc < 2 || data->argc > 4) + if (data->argc < 2 || data->argc > 5) { data->response = NSCTL_RES_ERR; data->additional = "requires username or session id and optional rate(s)"; -- 2.20.1 From f5f10978a34f869a55756f32fac497a5dfad75c8 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Wed, 1 Dec 2004 04:36:59 +0000 Subject: [PATCH 06/16] 2.0.12 redux --- Changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Changes b/Changes index 38562f7..8a7cd21 100644 --- a/Changes +++ b/Changes @@ -1,6 +1,6 @@ * Wed Dec 1 2004 Brendan O'Dea 2.0.12 - The "This time, for sure!" release. -- Fix throttlectl plugin "unthrottle" command. +- Fix throttlectl plugin argument parsing. * Wed Dec 1 2004 Brendan O'Dea 2.0.11 - Don't send a RADIUS start record when ungardening on shutdown. -- 2.20.1 From ba155b265c8d9fa9a7fc768018aaeed0908a9308 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Wed, 1 Dec 2004 04:44:29 +0000 Subject: [PATCH 07/16] *really* fix --- throttlectl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/throttlectl.c b/throttlectl.c index 9254eee..3aeb963 100644 --- a/throttlectl.c +++ b/throttlectl.c @@ -5,7 +5,7 @@ /* throttle control */ -char const *cvs_id = "$Id: throttlectl.c,v 1.5 2004-12-01 04:35:09 bodea Exp $"; +char const *cvs_id = "$Id: throttlectl.c,v 1.6 2004-12-01 04:44:29 bodea Exp $"; int plugin_api_version = PLUGIN_API_VERSION; static struct pluginfuncs *p = 0; @@ -48,7 +48,7 @@ int plugin_control(struct param_control *data) if (flag) { - if (data->argc < 2 || data->argc > 5) + if (data->argc < 2 || data->argc > 6) { data->response = NSCTL_RES_ERR; data->additional = "requires username or session id and optional rate(s)"; -- 2.20.1 From f5fb6dea8634c6c3d41857225c4b26d4c0f1c960 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Fri, 3 Dec 2004 06:40:02 +0000 Subject: [PATCH 08/16] better cluster master collision resolution --- Changes | 6 ++++++ cluster.c | 58 +++++++++++++++++++++++++++++++++-------------------- cluster.h | 12 ++++++----- l2tpns.h | 6 ++++-- l2tpns.spec | 6 +++--- 5 files changed, 56 insertions(+), 32 deletions(-) diff --git a/Changes b/Changes index 8a7cd21..676e2aa 100644 --- a/Changes +++ b/Changes @@ -1,3 +1,9 @@ +* Fri Dec 3 2004 Brendan O'Dea 2.0.13 +- Better cluster master collision resolution: keep a counter of state + changes, propagated in the heartbeats; the master with the highest # + of changes (that has kept in contact with the LAC through the + outage) prevails. + * Wed Dec 1 2004 Brendan O'Dea 2.0.12 - The "This time, for sure!" release. - Fix throttlectl plugin argument parsing. diff --git a/cluster.c b/cluster.c index fdfe2dd..d06852a 100644 --- a/cluster.c +++ b/cluster.c @@ -1,6 +1,6 @@ // L2TPNS Clustering Stuff -char const *cvs_id_cluster = "$Id: cluster.c,v 1.19 2004-11-29 02:17:17 bodea Exp $"; +char const *cvs_id_cluster = "$Id: cluster.c,v 1.20 2004-12-03 06:40:02 bodea Exp $"; #include #include @@ -744,6 +744,8 @@ void cluster_heartbeat() if (!config->cluster_iam_master) // Only the master does this. return; + config->cluster_table_version += config->cluster_num_changes; + // Fill out the heartbeat header. memset(&h, 0, sizeof(h)); @@ -759,6 +761,7 @@ void cluster_heartbeat() h.size_tunn = sizeof(tunnelt); h.interval = config->cluster_hb_interval; h.timeout = config->cluster_hb_timeout; + h.table_version = config->cluster_table_version; add_type(&p, C_HEARTBEAT, HB_VERSION, (char*) &h, sizeof(h)); @@ -817,8 +820,10 @@ void cluster_heartbeat() exit(1); } - LOG(3, 0, 0, "Sending heartbeat #%d with %d changes (%d x-sess, %d x-tunnels, %d highsess, %d hightun, size %d)\n", - h.seq, config->cluster_num_changes, count, tcount, config->cluster_highest_sessionid, + LOG(3, 0, 0, "Sending v%d heartbeat #%d, change #%llu with %d changes " + "(%d x-sess, %d x-tunnels, %d highsess, %d hightun, size %d)\n", + HB_VERSION, h.seq, h.table_version, config->cluster_num_changes, + count, tcount, config->cluster_highest_sessionid, config->cluster_highest_tunnelid, (p-buff)); config->cluster_num_changes = 0; @@ -1096,18 +1101,20 @@ static int cluster_recv_tunnel(int more, u8 *p) // // Process a heartbeat.. // +// v3: added interval, timeout +// v4: added table_version static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32 addr) { heartt * h; int s = size - (p-data); int i, type; -#if HB_VERSION != 3 +#if HB_VERSION != 4 # error "need to update cluster_process_heartbeat()" #endif - // we handle version 2+ - if (more < 2 || more > HB_VERSION) { + // we handle versions 3 through 4 + if (more < 3 || more > HB_VERSION) { LOG(0, 0, 0, "Received a heartbeat version that I don't support (%d)!\n", more); return -1; // Ignore it?? } @@ -1126,13 +1133,20 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32 if (config->cluster_iam_master) { // Sanity... // Note that this MUST match the election process above! - LOG(0, 0, 0, "I just got a packet claiming to be from a master but _I_ am the master!\n"); + LOG(0, 0, 0, "I just got a heartbeat from master %s, but _I_ am the master!\n", fmtaddr(addr, 0)); if (!h->basetime) { - LOG(0, 0, 0, "Heartbeat from addr %s with zero basetime!\n", fmtaddr(addr, 0)); + LOG(0, 0, 0, "Heartbeat with zero basetime! Ignoring\n"); return -1; // Skip it. } + if (more >= 4 && h->table_version > config->cluster_table_version) { + LOG(0, 0, 0, "They've seen more state changes (%llu vs my %llu) so I'm gone!\n", + h->table_version, config->cluster_table_version); + + kill(0, SIGTERM); + exit(1); + } if (basetime > h->basetime) { - LOG(0, 0, 0, "They're (%s) an older master than me so I'm gone!\n", fmtaddr(addr, 0)); + LOG(0, 0, 0, "They're an older master than me so I'm gone!\n"); kill(0, SIGTERM); exit(1); } @@ -1173,23 +1187,20 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32 // that the free session pointer is correct. cluster_check_sessions(h->highsession, h->freesession, h->hightunnel); - if (more > 2) // reserved section of heartt was not initialized prior to v3 + if (h->interval != config->cluster_hb_interval) { - if (h->interval != config->cluster_hb_interval) - { - LOG(2, 0, 0, "Master set ping/heartbeat interval to %u (was %u)\n", - h->interval, config->cluster_hb_interval); + LOG(2, 0, 0, "Master set ping/heartbeat interval to %u (was %u)\n", + h->interval, config->cluster_hb_interval); - config->cluster_hb_interval = h->interval; - } + config->cluster_hb_interval = h->interval; + } - if (h->timeout != config->cluster_hb_timeout) - { - LOG(2, 0, 0, "Master set heartbeat timeout to %u (was %u)\n", - h->timeout, config->cluster_hb_timeout); + if (h->timeout != config->cluster_hb_timeout) + { + LOG(2, 0, 0, "Master set heartbeat timeout to %u (was %u)\n", + h->timeout, config->cluster_hb_timeout); - config->cluster_hb_timeout = h->timeout; - } + config->cluster_hb_timeout = h->timeout; } // Ok. process the packet... @@ -1273,6 +1284,7 @@ static int cluster_process_heartbeat(u8 * data, int size, int more, u8 * p, u32 } config->cluster_last_hb = TIME; // Successfully received a heartbeat! + config->cluster_table_version = h->table_version; return 0; shortpacket: @@ -1414,10 +1426,12 @@ int cmd_show_cluster(struct cli_def *cli, char *command, char **argv, int argc) : "Not defined", 0.1 * (TIME - config->cluster_last_hb)); cli_print(cli, "Uptodate : %s", config->cluster_iam_uptodate ? "Yes" : "No"); + cli_print(cli, "Table version # : %llu", config->cluster_table_version); cli_print(cli, "Next sequence number expected: %d", config->cluster_seq_number); cli_print(cli, "%d sessions undefined of %d", config->cluster_undefined_sessions, config->cluster_highest_sessionid); cli_print(cli, "%d tunnels undefined of %d", config->cluster_undefined_tunnels, config->cluster_highest_tunnelid); } else { + cli_print(cli, "Table version # : %llu", config->cluster_table_version); cli_print(cli, "Next heartbeat # : %d", config->cluster_seq_number); cli_print(cli, "Highest session : %d", config->cluster_highest_sessionid); cli_print(cli, "Highest tunnel : %d", config->cluster_highest_tunnelid); diff --git a/cluster.h b/cluster.h index 20e1d75..1fb2789 100644 --- a/cluster.h +++ b/cluster.h @@ -1,5 +1,5 @@ // L2TPNS Clustering Stuff -// $Id: cluster.h,v 1.7 2004-11-16 07:54:32 bodea Exp $ +// $Id: cluster.h,v 1.8 2004-12-03 06:40:02 bodea Exp $ #ifndef __CLUSTER_H__ #define __CLUSTER_H__ @@ -20,7 +20,7 @@ #define C_CTUNNEL 13 // Compressed tunnel structure. #define C_GARDEN 14 // Gardened packet -#define HB_VERSION 3 // Protocol version number.. +#define HB_VERSION 4 // Protocol version number.. #define HB_MAX_SEQ (1<<30) // Maximum sequence number. (MUST BE A POWER OF 2!) #define HB_HISTORY_SIZE 64 // How many old heartbeats we remember?? (Must be a factor of HB_MAX_SEQ) @@ -45,10 +45,12 @@ typedef struct { u32 size_sess; // Size of the session structure. u32 size_tunn; // size of the tunnel structure. - u32 interval; // ping/heartbeat interval (if changed) - u32 timeout; // heartbeat timeout (if changed) + u32 interval; // ping/heartbeat interval + u32 timeout; // heartbeat timeout - char reserved[128 - 11*sizeof(u32)]; // Pad out to 128 bytes. + u64 table_version; // # state changes processed by cluster + + char reserved[128 - 13*sizeof(u32)]; // Pad out to 128 bytes. } heartt; typedef struct { /* Used to update byte counters on the */ diff --git a/l2tpns.h b/l2tpns.h index 2091c9c..41d10b0 100644 --- a/l2tpns.h +++ b/l2tpns.h @@ -1,5 +1,5 @@ // L2TPNS Global Stuff -// $Id: l2tpns.h,v 1.44 2004-12-01 04:14:55 bodea Exp $ +// $Id: l2tpns.h,v 1.45 2004-12-03 06:40:02 bodea Exp $ #ifndef __L2TPNS_H__ #define __L2TPNS_H__ @@ -15,7 +15,7 @@ #include #include -#define VERSION "2.0.12" +#define VERSION "2.0.13" // Limits #define MAXTUNNEL 500 // could be up to 65535 @@ -109,6 +109,7 @@ enum // Types typedef unsigned short u16; typedef unsigned int u32; +typedef unsigned long long u64; typedef unsigned char u8; typedef u32 ipt; typedef u16 portt; @@ -465,6 +466,7 @@ typedef struct int cluster_hb_interval; // How often to send a heartbeat. int cluster_hb_timeout; // How many missed heartbeats trigger an election. + u64 cluster_table_version; // # state changes processed by cluster #ifdef BGP #define BGP_NUM_PEERS 2 diff --git a/l2tpns.spec b/l2tpns.spec index 383daf8..7edc33f 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -1,6 +1,6 @@ Summary: A high-speed clustered L2TP LNS Name: l2tpns -Version: 2.0.12 +Version: 2.0.13 Release: 1 Copyright: GPL Group: System Environment/Daemons @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Wed Dec 1 2004 Brendan O'Dea 2.0.12-1 -- 2.0.12 release, see /usr/share/doc/l2tpns-2.0.12/Changes +* Fri Dec 3 2004 Brendan O'Dea 2.0.13-1 +- 2.0.13 release, see /usr/share/doc/l2tpns-2.0.13/Changes -- 2.20.1 From 502ab2735286f7933991f37f80932c943d8cd10c Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Fri, 3 Dec 2004 06:41:11 +0000 Subject: [PATCH 09/16] skip newlines in ringbuffer messages --- Changes | 1 + cli.c | 52 +++++++++++++++++++++++++++------------------------- 2 files changed, 28 insertions(+), 25 deletions(-) diff --git a/Changes b/Changes index 676e2aa..e6ac0bf 100644 --- a/Changes +++ b/Changes @@ -3,6 +3,7 @@ changes, propagated in the heartbeats; the master with the highest # of changes (that has kept in contact with the LAC through the outage) prevails. +- Skip newlines in ringbuffer messages to CLI. * Wed Dec 1 2004 Brendan O'Dea 2.0.12 - The "This time, for sure!" release. diff --git a/cli.c b/cli.c index 86751ea..daeee2b 100644 --- a/cli.c +++ b/cli.c @@ -2,7 +2,7 @@ // vim: sw=8 ts=8 char const *cvs_name = "$Name: $"; -char const *cvs_id_cli = "$Id: cli.c,v 1.38 2004-12-01 02:51:06 bodea Exp $"; +char const *cvs_id_cli = "$Id: cli.c,v 1.39 2004-12-03 06:41:11 bodea Exp $"; #include #include @@ -1861,42 +1861,44 @@ static int cmd_set(struct cli_def *cli, char *command, char **argv, int argc) int regular_stuff(struct cli_def *cli) { - int i = debug_rb_tail; - int reprompt = 0; + int out = 0; + int i; #ifdef RINGBUFFER - while (i != ringbuffer->tail) + for (i = debug_rb_tail; i != ringbuffer->tail; i = (i + 1) % RINGBUFFER_SIZE) { - int show_message = 0; + char *m = ringbuffer->buffer[i].message; + char *p; + int show = 0; + + if (!*m) continue; - if (*ringbuffer->buffer[i].message) + switch (ringbuffer->buffer[i].level) { - // Always show messages if we are doing general debug - if (ringbuffer->buffer[i].level == 0 && debug_flags.critical) show_message = 1; - if (ringbuffer->buffer[i].level == 1 && debug_flags.error) show_message = 1; - if (ringbuffer->buffer[i].level == 2 && debug_flags.warning) show_message = 1; - if (ringbuffer->buffer[i].level == 3 && debug_flags.info) show_message = 1; - if (ringbuffer->buffer[i].level == 4 && debug_flags.calls) show_message = 1; - if (ringbuffer->buffer[i].level == 5 && debug_flags.data) show_message = 1; + case 0: show = debug_flags.critical; break; + case 1: show = debug_flags.error; break; + case 2: show = debug_flags.warning; break; + case 3: show = debug_flags.info; break; + case 4: show = debug_flags.calls; break; + case 5: show = debug_flags.data; break; } - if (show_message) - { - cli_print(cli, "\r%s-%u-%u %s", - debug_levels[(int)ringbuffer->buffer[i].level], - ringbuffer->buffer[i].tunnel, - ringbuffer->buffer[i].session, - ringbuffer->buffer[i].message); + if (!show) continue; - reprompt = 1; - } + if (!(p = strchr(m, '\n'))) + p = m + strlen(p); + + cli_print(cli, "\r%s-%u-%u %.*s", + debug_levels[(int)ringbuffer->buffer[i].level], + ringbuffer->buffer[i].tunnel, + ringbuffer->buffer[i].session, + p - m, m); - if (++i == ringbuffer->tail) break; - if (i == RINGBUFFER_SIZE) i = 0; + out++; } debug_rb_tail = ringbuffer->tail; - if (reprompt) + if (out) cli_reprompt(cli); #endif return CLI_OK; -- 2.20.1 From 38abd6684e569573dd3b9dd3e06b5f42fdfb494f Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Sun, 5 Dec 2004 23:45:04 +0000 Subject: [PATCH 10/16] drop "Session N is closing" message level to 4; don't process PPPIP packets in this state --- Changes | 4 +++- l2tpns.c | 27 ++++++++++++++------------- l2tpns.spec | 2 +- 3 files changed, 18 insertions(+), 15 deletions(-) diff --git a/Changes b/Changes index e6ac0bf..146423c 100644 --- a/Changes +++ b/Changes @@ -1,9 +1,11 @@ -* Fri Dec 3 2004 Brendan O'Dea 2.0.13 +* Mon Dec 6 2004 Brendan O'Dea 2.0.13 - Better cluster master collision resolution: keep a counter of state changes, propagated in the heartbeats; the master with the highest # of changes (that has kept in contact with the LAC through the outage) prevails. - Skip newlines in ringbuffer messages to CLI. +- Drop "Session N is closing" message level to 4; don't process PPPIP + packets in this state. * Wed Dec 1 2004 Brendan O'Dea 2.0.12 - The "This time, for sure!" release. diff --git a/l2tpns.c b/l2tpns.c index 488287f..15bce3b 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.61 2004-11-29 03:55:21 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.62 2004-12-05 23:45:04 bodea Exp $"; #include #include @@ -1731,7 +1731,7 @@ void processudp(u8 * buf, int len, struct sockaddr_in *addr) case 39: // seq required - we control it as an LNS anyway... break; case 36: // Random Vector - LOG(4, s, t, " Random Vector received. Enabled AVP Hiding.\n"); + LOG(4, s, t, " Random Vector received. Enabled AVP Hiding.\n"); memset(session[s].random_vector, 0, sizeof(session[s].random_vector)); memcpy(session[s].random_vector, b, n); session[s].random_vector_length = n; @@ -1912,12 +1912,6 @@ void processudp(u8 * buf, int len, struct sockaddr_in *addr) return; } - if (session[s].die) - { - LOG(3, s, t, "Session %d is closing. Don't process PPP packets\n", s); -// I'm pretty sure this isn't right -- mo. -// return; // closing session, PPP not processed - } if (prot == PPPPAP) { session[s].last_packet = time_now; @@ -1950,12 +1944,19 @@ void processudp(u8 * buf, int len, struct sockaddr_in *addr) } else if (prot == PPPIP) { + if (session[s].die) + { + LOG(4, s, t, "Session %d is closing. Don't process PPP packets\n", s); + return; // closing session, PPP not processed + } + session[s].last_packet = time_now; if (session[s].walled_garden && !config->cluster_iam_master) { master_forward_packet(buf, len, addr->sin_addr.s_addr, addr->sin_port); return; } + processipin(t, s, p, l); } else @@ -2232,7 +2233,7 @@ static int still_busy(void) // We stop waiting for radius after BUSY_WAIT_TIME 1/10th seconds if (abs(TIME - start_busy_wait) > BUSY_WAIT_TIME) { - LOG(1, 0, 0, "Giving up waiting for RADIUS to be empty. Shutting down anyway.\n"); + LOG(1, 0, 0, "Giving up waiting for RADIUS to be empty. Shutting down anyway.\n"); return 0; } @@ -2266,7 +2267,7 @@ static void mainloop(void) clockt next_cluster_ping = 0; // send initial ping immediately time_t next_clean = time_now + config->cleanup_interval; - LOG(4, 0, 0, "Beginning of main loop. udpfd=%d, tunfd=%d, cluster_sockfd=%d, controlfd=%d\n", + LOG(4, 0, 0, "Beginning of main loop. udpfd=%d, tunfd=%d, cluster_sockfd=%d, controlfd=%d\n", udpfd, tunfd, cluster_sockfd, controlfd); FD_ZERO(&readset); @@ -3069,7 +3070,7 @@ int main(int argc, char *argv[]) { if ((ret = sched_setscheduler(0, SCHED_FIFO, ¶ms)) == 0) { - LOG(1, 0, 0, "Using FIFO scheduler. Say goodbye to any other processes running\n"); + LOG(1, 0, 0, "Using FIFO scheduler. Say goodbye to any other processes running\n"); } else { @@ -3612,11 +3613,11 @@ int sessionsetup(tunnelidt t, sessionidt s) assign_ip_address(s); if (!session[s].ip) { - LOG(0, s, t, " No IP allocated. The IP address pool is FULL!\n"); + LOG(0, s, t, " No IP allocated. The IP address pool is FULL!\n"); sessionshutdown(s, "No IP addresses available"); return 0; } - LOG(3, s, t, " No IP allocated. Assigned %s from pool\n", + LOG(3, s, t, " No IP allocated. Assigned %s from pool\n", fmtaddr(htonl(session[s].ip), 0)); } diff --git a/l2tpns.spec b/l2tpns.spec index 7edc33f..e061227 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Fri Dec 3 2004 Brendan O'Dea 2.0.13-1 +* Mon Dec 6 2004 Brendan O'Dea 2.0.13-1 - 2.0.13 release, see /usr/share/doc/l2tpns-2.0.13/Changes -- 2.20.1 From cdc0c4887cb33f48cf72d7f18b0442959d5d418a Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Thu, 9 Dec 2004 00:38:44 +0000 Subject: [PATCH 11/16] typo in log message --- cluster.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster.c b/cluster.c index d06852a..8295954 100644 --- a/cluster.c +++ b/cluster.c @@ -1,6 +1,6 @@ // L2TPNS Clustering Stuff -char const *cvs_id_cluster = "$Id: cluster.c,v 1.20 2004-12-03 06:40:02 bodea Exp $"; +char const *cvs_id_cluster = "$Id: cluster.c,v 1.21 2004-12-09 00:38:44 bodea Exp $"; #include #include @@ -896,7 +896,7 @@ static int cluster_catchup_slave(int seq, u32 slave) diff += HB_MAX_SEQ; if (diff >= HB_HISTORY_SIZE) { // Ouch. We don't have the packet to send it! - LOG(0, 0, 0, "A slaved asked for message %d when our seq number is %d. Killing it.\n", + LOG(0, 0, 0, "A slave asked for message %d when our seq number is %d. Killing it.\n", seq, config->cluster_seq_number); return peer_send_message(slave, C_KILL, seq, NULL, 0);// Kill the slave. Nothing else to do. } -- 2.20.1 From f7cda1ed1b9385f5d260d758c7b06e80d4adb876 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Thu, 9 Dec 2004 00:50:45 +0000 Subject: [PATCH 12/16] read multiple packets off cluster_sockfd as well as udpfd, tunfd --- l2tpns.c | 128 ++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 80 insertions(+), 48 deletions(-) diff --git a/l2tpns.c b/l2tpns.c index 15bce3b..ddcd7db 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -4,7 +4,7 @@ // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced // vim: sw=8 ts=8 -char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.62 2004-12-05 23:45:04 bodea Exp $"; +char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.63 2004-12-09 00:50:45 bodea Exp $"; #include #include @@ -1254,7 +1254,7 @@ static void tunnelshutdown(tunnelidt t, char *reason) // TBA - should we wait for sessions to stop? { // Send StopCCN controlt *c = controlnew(4); // sending StopCCN - control16(c, 1, 1, 1); // result code (admin reasons - TBA make error, general error, add message + control16(c, 1, 1, 1); // result code (admin reasons - TBA make error, general error, add message) control16(c, 9, t, 1); // assigned tunnel (our end) controladd(c, t, 0); // send the message } @@ -2340,60 +2340,101 @@ static void mainloop(void) else if (n) { struct sockaddr_in addr; - int alen = sizeof(addr); - if (FD_ISSET(udpfd, &r)) - { - int c, n; - for (c = 0; c < config->multi_read_count; c++) - { - if ((n = recvfrom(udpfd, buf, sizeof(buf), 0, (void *) &addr, &alen)) > 0) - processudp(buf, n, &addr); - else - break; - } - } - if (FD_ISSET(tunfd, &r)) + int alen, c, s; + + // nsctl commands + if (FD_ISSET(controlfd, &r)) { - int c, n; - for (c = 0; c < config->multi_read_count; c++) - { - if ((n = read(tunfd, buf, sizeof(buf))) > 0) - processtun(buf, n); - else - break; - } + alen = sizeof(addr); + processcontrol(buf, recvfrom(controlfd, buf, sizeof(buf), MSG_WAITALL, (void *) &addr, &alen), &addr, alen); + n--; } + // RADIUS responses if (config->cluster_iam_master) + { for (i = 0; i < config->num_radfds; i++) + { if (FD_ISSET(radfds[i], &r)) + { processrad(buf, recv(radfds[i], buf, sizeof(buf), 0), i); + n--; + } + } + } - if (FD_ISSET(cluster_sockfd, &r)) + // CLI connections + if (FD_ISSET(clifd, &r)) { - int size; - size = recvfrom(cluster_sockfd, buf, sizeof(buf), MSG_WAITALL, (void *) &addr, &alen); - processcluster(buf, size, addr.sin_addr.s_addr); + int cli; + + alen = sizeof(addr); + if ((cli = accept(clifd, (struct sockaddr *)&addr, &len)) >= 0) + { + cli_do(cli); + close(cli); + } + else + LOG(0, 0, 0, "accept error: %s\n", strerror(errno)); + + n--; } - if (FD_ISSET(controlfd, &r)) - processcontrol(buf, recvfrom(controlfd, buf, sizeof(buf), MSG_WAITALL, (void *) &addr, &alen), &addr, alen); +#ifdef BGP + for (i = 0; i < BGP_NUM_PEERS; i++) + { + int isr = bgp_set[i] ? FD_ISSET(bgp_peers[i].sock, &r) : 0; + int isw = bgp_set[i] ? FD_ISSET(bgp_peers[i].sock, &w) : 0; + bgp_process(&bgp_peers[i], isr, isw); + if (isr) n--; + if (isw) n--; + } +#endif /* BGP */ - if (FD_ISSET(clifd, &r)) + for (c = 0; n && c < config->multi_read_count; c++) { - struct sockaddr_in addr; - int sockfd; - int len = sizeof(addr); + // L2TP + if (FD_ISSET(udpfd, &r)) + { + alen = sizeof(addr); + if ((s = recvfrom(udpfd, buf, sizeof(buf), 0, (void *) &addr, &alen)) > 0) + { + processudp(buf, s, &addr); + } + else + { + FD_CLR(udpfd, &r); + n--; + } + } - if ((sockfd = accept(clifd, (struct sockaddr *)&addr, &len)) <= 0) + // incoming IP + if (FD_ISSET(tunfd, &r)) { - LOG(0, 0, 0, "accept error: %s\n", strerror(errno)); - continue; + if ((n = read(tunfd, buf, sizeof(buf))) > 0) + { + processtun(buf, n); + } + else + { + FD_CLR(tunfd, &r); + n--; + } } - else + + // cluster + if (FD_ISSET(cluster_sockfd, &r)) { - cli_do(sockfd); - close(sockfd); + alen = sizeof(addr); + if ((s = recvfrom(cluster_sockfd, buf, sizeof(buf), MSG_WAITALL, (void *) &addr, &alen)) > 0) + { + processcluster(buf, s, addr.sin_addr.s_addr); + } + else + { + FD_CLR(cluster_sockfd, &r); + n--; + } } } } @@ -2445,15 +2486,6 @@ static void mainloop(void) next_clean = time_now + config->cleanup_interval; // Did. Move to next interval. } } - -#ifdef BGP - for (i = 0; i < BGP_NUM_PEERS; i++) - { - bgp_process(&bgp_peers[i], - bgp_set[i] ? FD_ISSET(bgp_peers[i].sock, &r) : 0, - bgp_set[i] ? FD_ISSET(bgp_peers[i].sock, &w) : 0); - } -#endif /* BGP */ } // Are we the master and shutting down?? -- 2.20.1 From 877ade4dfb46829c25a62b43462d3e94f971ea98 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Thu, 9 Dec 2004 00:52:35 +0000 Subject: [PATCH 13/16] use gzip --best for man pages re-order DEFINES to better allow for optional features which add to $(OBJS) --- Makefile | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 940a505..8bbbc42 100644 --- a/Makefile +++ b/Makefile @@ -7,15 +7,12 @@ man8dir = /usr/share/man/man8 statedir = /var/lib/l2tpns DEFINES = -DEFINES += -DSTATISTICS -DEFINES += -DSTAT_CALLS -DEFINES += -DRINGBUFFER -DEFINES += -DBGP DEFINES += -DLIBDIR='"$(libdir)"' DEFINES += -DETCDIR='"$(etcdir)"' DEFINES += -DSTATEDIR='"$(statedir)"' -OPTIM = -g +OPTIM = +OPTIM += -g OPTIM += -O3 OPTIM += -funroll-loops OPTIM += -fomit-frame-pointer @@ -33,8 +30,8 @@ INSTALL = install -c -D -o root -g root l2tpns.LIBS = -lm -lcli -ldl -OBJS = arp.o bgp.o cli.o cluster.o constants.o control.o icmp.o \ - l2tpns.o ll.o md5.o ppp.o radius.o tbf.o util.o +OBJS = arp.o cli.o cluster.o constants.o control.o icmp.o l2tpns.o \ + ll.o md5.o ppp.o radius.o tbf.o util.o PROGRAMS = l2tpns nsctl PLUGINS = garden.so throttlectl.so autothrottle.so snoopctl.so \ @@ -42,6 +39,13 @@ PLUGINS = garden.so throttlectl.so autothrottle.so snoopctl.so \ TESTS = generateload bounce +DEFINES += -DSTATISTICS +DEFINES += -DSTAT_CALLS +DEFINES += -DRINGBUFFER + +DEFINES += -DBGP +OBJS += bgp.o + all: programs plugins tests programs: $(PROGRAMS) plugins: $(PLUGINS) @@ -87,7 +91,7 @@ install: all $(INSTALL) -m 0644 Docs/l2tpns.8 $(DESTDIR)$(man8dir)/l2tpns.8 $(INSTALL) -m 0644 Docs/nsctl.8 $(DESTDIR)$(man8dir)/nsctl.8 - gzip $(DESTDIR)$(man5dir)/*.5 $(DESTDIR)$(man8dir)/*.8 + gzip --best $(DESTDIR)$(man5dir)/*.5 $(DESTDIR)$(man8dir)/*.8 @if [ -f $(DESTDIR)$(etcdir)/startup-config ]; then \ echo '***' Installing default config files in $(DESTDIR)$(etcdir) as .defaults; \ -- 2.20.1 From b8c714c7eb5d02ef212abbe0778c482189217ea0 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Thu, 9 Dec 2004 00:53:14 +0000 Subject: [PATCH 14/16] add pid_file as in Debian package --- etc/startup-config.default | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/etc/startup-config.default b/etc/startup-config.default index 2e565b9..f0b5ac4 100644 --- a/etc/startup-config.default +++ b/etc/startup-config.default @@ -1,5 +1,6 @@ set debug 3 set log_file "/var/log/l2tpns" +set pid_file "/var/run/l2tpns.pid" set l2tp_secret "secret" set primary_dns 1.2.3.4 set secondary_dns 1.2.3.5 @@ -11,7 +12,7 @@ set radius_secret "secret" set bind_address 0.0.0.0 set cluster_master 0.0.0.0 set throttle_speed 64 -set accounting_dir "/var/run/l2tpns/acct/" +set accounting_dir "/var/run/l2tpns/acct" set setuid 0 set dump_speed no load plugin "garden" -- 2.20.1 From 06ec43669e5dfda88b869a1bdcf7b52d67614956 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Thu, 9 Dec 2004 00:53:45 +0000 Subject: [PATCH 15/16] - Use gzip --best for man pages, include pid_file in sample startup-config (from Jonathan's Debian package patches). - Read multiple packets off cluster_sockfd as well as udpfd, tunfd in an attempt to avoid losing the cluster in high load (DoS) conditions. --- Changes | 6 +++++- l2tpns.spec | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/Changes b/Changes index 146423c..48e7585 100644 --- a/Changes +++ b/Changes @@ -1,4 +1,4 @@ -* Mon Dec 6 2004 Brendan O'Dea 2.0.13 +* Thu Dec 9 2004 Brendan O'Dea 2.0.13 - Better cluster master collision resolution: keep a counter of state changes, propagated in the heartbeats; the master with the highest # of changes (that has kept in contact with the LAC through the @@ -6,6 +6,10 @@ - Skip newlines in ringbuffer messages to CLI. - Drop "Session N is closing" message level to 4; don't process PPPIP packets in this state. +- Use gzip --best for man pages, include pid_file in sample + startup-config (from Jonathan's Debian package patches). +- Read multiple packets off cluster_sockfd as well as udpfd, tunfd in an + attempt to avoid losing the cluster in high load (DoS) conditions. * Wed Dec 1 2004 Brendan O'Dea 2.0.12 - The "This time, for sure!" release. diff --git a/l2tpns.spec b/l2tpns.spec index e061227..a234233 100644 --- a/l2tpns.spec +++ b/l2tpns.spec @@ -43,5 +43,5 @@ rm -rf %{buildroot} %attr(644,root,root) /usr/share/man/man[58]/* %changelog -* Mon Dec 6 2004 Brendan O'Dea 2.0.13-1 +* Thu Dec 9 2004 Brendan O'Dea 2.0.13-1 - 2.0.13 release, see /usr/share/doc/l2tpns-2.0.13/Changes -- 2.20.1 From 8bcba9459528199e63c820daeffdc7f6573e32f8 Mon Sep 17 00:00:00 2001 From: Brendan O'Dea Date: Thu, 9 Dec 2004 12:54:03 +0000 Subject: [PATCH 16/16] compress logs --- Changes | 1 + etc/l2tpns.logrotate | 13 +++++++------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/Changes b/Changes index 48e7585..334224c 100644 --- a/Changes +++ b/Changes @@ -10,6 +10,7 @@ startup-config (from Jonathan's Debian package patches). - Read multiple packets off cluster_sockfd as well as udpfd, tunfd in an attempt to avoid losing the cluster in high load (DoS) conditions. +- Compress logs. * Wed Dec 1 2004 Brendan O'Dea 2.0.12 - The "This time, for sure!" release. diff --git a/etc/l2tpns.logrotate b/etc/l2tpns.logrotate index c6cf5e2..d937c3a 100644 --- a/etc/l2tpns.logrotate +++ b/etc/l2tpns.logrotate @@ -1,8 +1,9 @@ /var/log/l2tpns { - daily - missingok - rotate 14 - postrotate - /usr/bin/killall -HUP l2tpns - endscript + daily + missingok + rotate 14 + compress + postrotate + /usr/bin/killall -HUP l2tpns + endscript } -- 2.20.1