welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Authorize to change the source IP of the tunnels l2tp

Browse source
This commit is contained in:
fendo 2012-12-26 11:13:09 +01:00
parent f9243ffec5
commit ddffeb1ceb
4 changed files with 33 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

12
Docs/manual.html
View file

@ -265,6 +265,10 @@ from the address of "bind_address" (For use in cases of specific configuration).
If no address is given to iftun_address and bind_address, 1.1.1.1 is used. If no address is given to iftun_address and bind_address, 1.1.1.1 is used.
</LI> </LI>
<LI><B>tundevicename</B> (string)<BR>
Name of the tun interface (default: "tun0").
</LI>
<LI><B>peer_address</B> (ip address)<BR> <LI><B>peer_address</B> (ip address)<BR>
Address to send to clients as the default gateway. Address to send to clients as the default gateway.
</LI> </LI>
@ -384,6 +388,14 @@ If no address is given, all interfaces are listened (Any Address).
Port to bind for the Remote LNS (default: 65432). Port to bind for the Remote LNS (default: 65432).
</LI> </LI>
<LI><B>auth_tunnel_change_addr_src</B> (boolean)<BR>
This parameter authorize to change the source IP of the tunnels l2tp.
This parameter can be used when the remotes BAS/LAC are l2tpns server
configured in cluster mode, but that the interface to remote LNS are
not clustered (the tunnel can be coming from different source IP)
(default: no).
</LI>
</UL> </UL>
<P>The REMOTES LNS configuration is entered by the command: <P>The REMOTES LNS configuration is entered by the command:

6
debian/changelog vendored
View file

@ -1,3 +1,9 @@
l2tpns (2.2.1-2fdn3.2) unstable; urgency=low
* Authorize to change the source IP of the tunnels l2tp.
-- Fernando Alves <fernando.alves@sameswireless.fr> Wed, 26 Dec 2012 10:57:10 +0100
l2tpns (2.2.1-2fdn3.1) unstable; urgency=low l2tpns (2.2.1-2fdn3.1) unstable; urgency=low
* Add tundevicename configuration option * Add tundevicename configuration option

15
l2tpns.c
View file

@ -182,6 +182,7 @@ config_descriptt config_values[] = {
CONFIG("tundevicename", tundevicename, STRING), CONFIG("tundevicename", tundevicename, STRING),
#ifdef LAC #ifdef LAC
CONFIG("disable_lac_func", disable_lac_func, BOOL), CONFIG("disable_lac_func", disable_lac_func, BOOL),
CONFIG("auth_tunnel_change_addr_src", auth_tunnel_change_addr_src, BOOL),
CONFIG("bind_address_remotelns", bind_address_remotelns, IPv4), CONFIG("bind_address_remotelns", bind_address_remotelns, IPv4),
CONFIG("bind_portremotelns", bind_portremotelns, SHORT), CONFIG("bind_portremotelns", bind_portremotelns, SHORT),
#endif #endif
@ -3229,10 +3230,22 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr)
if (session[s].forwardtosession) if (session[s].forwardtosession)
{ {
LOG(5, s, t, "Forwarding data session to session %u\n", session[s].forwardtosession); LOG(5, s, t, "Forwarding data session to session %u\n", session[s].forwardtosession);
// Forward to LAC or Remote LNS session // Forward to LAC/BAS or Remote LNS session
lac_session_forward(buf, len, s, proto, addr->sin_addr.s_addr, addr->sin_port); lac_session_forward(buf, len, s, proto, addr->sin_addr.s_addr, addr->sin_port);
return; return;
} }
else if (config->auth_tunnel_change_addr_src)
{
if (tunnel[t].ip != ntohl(addr->sin_addr.s_addr) &&
tunnel[t].port == ntohs(addr->sin_port))
{
// The remotes BAS are a clustered l2tpns server and the source IP has changed
LOG(5, s, t, "The tunnel IP source (%s) has changed by new IP (%s)\n",
fmtaddr(htonl(tunnel[t].ip), 0), fmtaddr(addr->sin_addr.s_addr, 0));
tunnel[t].ip = ntohl(addr->sin_addr.s_addr);
}
}
#endif /* LAC */ #endif /* LAC */
if (s && !session[s].opened) // Is something wrong?? if (s && !session[s].opened) // Is something wrong??

1
l2tpns.h
View file

@ -764,6 +764,7 @@ typedef struct
in_addr_t iftun_address; in_addr_t iftun_address;
#ifdef LAC #ifdef LAC
int disable_lac_func; int disable_lac_func;
int auth_tunnel_change_addr_src;
int highest_rlnsid; int highest_rlnsid;
uint16_t bind_portremotelns; uint16_t bind_portremotelns;
in_addr_t bind_address_remotelns; in_addr_t bind_address_remotelns;