- Check control serial before clearing window, prevents looping tunnel
setup in some instances.
- Add configuration syntax for adding named access lists (work in progress).
- Call sessionshutdown() when a tunnel is dropped rather than
sessionkill() to ensure that RADIUS stop records are sent.
- Cleanup: make a bunch of global functions/variables static.
- Add startup script and monitor script from Yuri
- Some logging correctness fixes from Iain Wade
- Combined LCP patches from Iain and Yuri. This should allow Windows 2k/XP
clients to connect, as well Linksys DSL modems.
- fix for LASTSEEN breakage: don't do anything in the CLI other than
flag changes to be made by the parent
- split out master parts from cluster_check_master() into cluster_check_slaves()
- add assertions to help identify odd LASTSEEN breakage
- make cluster_hb_interval work; include interval/timeout in heartbeats
so that a change on the master is propagated immediately to the slaves
- use fast heartbeats when there are slaves not up to date
- ensure basetime of shut down master is set to zero (prevent delayed election)
- fix radius session leak on IPCP timeout
- fix some off-by-one errors in tunnel/session loops
This supports privileged and unprivileged commands, as well as a configuration
mode
* Add help for all cli commands
* Add "show version" command
* Fix uptime counter display
* Fix nasty bug where cluster basetime can be set to 0 when sending initial
heartbeat
* Don't rmmod ip_conntrack, as this can take a lot of time
* Re-order logging in routeset such that the action is given before any error
* Use the correct gateway address when deleting routes
* Remove any routes when address changes
* Require authentication if telnet from remote ip
* Require enable password always
* Return error if show pool done on slave
* We MUST immediately exit if we're the wrong master!
- Major release
- Completely replace active/standby clustering with a new peer-to-peer
clustering method which allows much greater throughput and is a lot more fault
tolerant
- Add internal tbf implementation for throttling without relying on tc and
kernel HTB
- Add support for iBGP and eBGP to advertise routes
- Add cli commands "show cluster", "show bgp", "show ipcache", "show throttle",
"show tbf", "suspend bgp", "restart bgp", "show user"
- Interception destination must be set per-user
- If SMP machine, allow use of SCHED_FIFO, which should improve performance
- Added config option to send GARP at startup
- Added plugin_become_master and plugin_new_session_master plugin hooks
- Remove useless sessionsendarp(). This isn't needed now that we are using TUN
instead of TAP.
- ICMP rate limiting so not every unreachable packet is replied with an ICMP
unreachable message
- mangle table is not required on anything but the cluster master, so slaves
will drop the mangle table and attempt to unload the ip_conntrack module
- Statically assigned IP addresses (by Radius) work now
- Add -d command-line flag to detach and become a daemon
- Configuration file is now "/etc/l2tpns/startup-config"
- Reduced MIN_IP_SIZE to 0x19 to stop a pile of Short IP warnings
- Resend initial IPCP request until it's acknowleged by the client
- Better radius session cleanup logic
- Many miscellaenous bugfixes and performance enhancements
- Thanks to Michael O'Reilly and Brendan O'Dea for most of these new features
Use multiple radius sockets to allow more concurrent authentication requests
Fix minimum length of IP packets
Add support for reading more than one packet per fd in each processing loop
Add variable cleanup_interval for changing cleanup interval
Bump version to 1.2.0
