welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1316 commits 1 branch 0 tags 3.7 MiB
Commit graph

257 commits

Author SHA1 Message Date
Tassilo Schweyer
54d36d7512 Merge remote-tracking branch 'upstream/master' 2025-05-03 10:55:58 +02:00
Tassilo Schweyer
0c9338b03a Make sure to add HDLC header when forwarding over L2TP 2025-04-29 00:43:00 +02:00
Samuel Thibault
e7db528544 Add lcp_renegotiation option 
To support proxy LCP negotiation.

Note: we *have* to take the auth id from the proxy answer, otherwise we would
replay previous ids, for which the client might cache the answer and thus
ignore our new challenge and just repeat their outdated answer.
 2025-04-18 14:41:36 -04:00
Samuel Thibault
817ce35748 ppp: Move LCP received configuration parsing to a separate function 
So it can be reused for proxy LCP negotiation.
 2025-04-18 14:41:36 -04:00
Samuel Thibault
366faaea76 ipcp: try to re-send CHAP ack on timeout 
If it was lost, some clients (e.g. pppd) may not try to re-send their CHAP reply.
 2025-03-31 03:43:05 +02:00
Samuel Thibault
fa64a8010d chap: cope with our ack being lost 2025-03-30 17:57:33 +02:00
Samuel Thibault
2af4b47f46 Permanently store authentication id in sess_local[s].auth_id 
rather than ping-ponging with radius[r].id

This also make sendchap use a different id on each call, necessary for
some clients which cache responses.
 2025-03-29 16:11:40 +01:00
Samuel Thibault
75144a546c l2tp: Add CHAP auth information in ICCN 
To support proxy auth.
 2025-03-28 20:38:19 +01:00
Samuel Thibault
40796d2adb l2tp: Add PAP auth information in ICCN 
To support proxy auth.
 2025-03-23 03:17:44 +01:00
Samuel Thibault
6f04a5c390 l2tp: Add Last Sent/Received LCP ConfReq in ICCN 
To support proxy LCP negotiation.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
ffcaf851ca ppp: Also choke on options with invalid length 1 2025-03-09 13:31:36 -04:00
Samuel Thibault
3ab80a9d66 IPV6CP: suggest an interface identifier option 
Some peers seem to be sending no such option. The rfc says in that case
to try to send an option with a suggested value. Don't insist on it
however if the peer still doesn't send any.

That can fix IPv6 for some peers.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
c3eb1be0b4 Separate out DHCP processing 
So we can later call it on UDP datagrams obtained from UDP socket.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
8c04e26f3f Consolidate adding/removing routes 
into routesset and routes6set.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
c7853de428 Consolidate stat update code 
into
update_session_in_stat
update_session_out_stat
 2024-05-13 20:14:38 +02:00
Samuel Thibault
05772e2295 Add periodic RA sends 
The RFC indeed say that we should send them periodically.  We were
previously only sending them along LCP echo replies, but echo requests
are typically sent only when there is no trafic, which RA need to be
sent even when there is trafic.
 2023-12-04 19:41:57 +01:00
Samuel Thibault
3667bdfe80 Also clamp MSS on IPv6 
Some routers erratically drop "Packet too big" icmp messages, and PMTU
discovery then doesn't work. We can however easily clamp MSS on IPv6 too.
 2023-11-05 17:21:14 +01:00
Samuel Thibault
b0a93e8809 Lower log level of IPV6CP warning 
Level 2 is actually often used.

Ref #10
 2023-04-23 13:56:48 +02:00
Samuel Thibault
af9cb755ab LCP: accept an auth nack to CHAP with length == 4 
It seems at least some products send this:

 {LCP (0xc021), length 12: LCP, Conf-Nack (0x03), id 9, length 10
        encoded length 8 (=Option(s) length 4)
        0x0000:  c021 0309 0008
          Auth-Prot Option (0x03), length 4: CHAP[|lcp]}

If we refuse to nack to CHAP, we'd stay stuck with PAP and eventually
get a reject.
 2022-12-14 19:08:07 +01:00
Samuel Thibault
92733074db Fix state name 
Dead and Initial happen to both equal 0, so this is actually a
no-behavior-change.
 2022-11-03 11:50:39 +01:00
Samuel Thibault
ab58da4056 Reduce loglevel of warning 
Various clients are making the same mistake, let's not flood our own
logs with errors that are actually from the client.

Ref #10
 2022-07-13 11:18:50 +02:00
fendo
7034e6a018 Sending IPv6_ra more often. 2017-01-14 14:03:34 +01:00
fendo
8d94f2020d new feature: If the user attribute "Framed-IPv6-Address" is defined then the ICMPv6_RA advertise this IPv6 address. 
Fix: Incorrect delegation of IPv6 prefixes when multiple of 4 bits (nibble) (eg: /44, /52 ...).
 2014-09-18 18:16:21 +02:00
fendo
e98fe68174 Added ability to define up to 5 IPv6 prefix delegation by user 2014-09-16 17:34:39 +02:00
fendo
b3f40f41f7 Add DHCPv6 functionality. 2014-09-11 16:19:57 +02:00
fendo
6b70732490 add attribut >no_throttle_local_IP 2013-11-12 21:33:42 +01:00
fendo
9c1869ccb1 Adding the possibility to set multiple hostname. 2013-05-21 11:42:48 +02:00
fendo
c1d1c2a8c4 Merge branch 'multibind' 2013-03-28 10:35:18 +01:00
fendo
4ac1a26396 Fix possible IPv6 spoofing 2013-03-17 20:14:05 +01:00
fendo
137bcc9981 Adding the possibility to listening multiple IP L2TP tunnels. 2013-03-06 22:18:32 +01:00
fendo
ec1507a6c2 Add param disable no spoof 2013-02-11 00:15:36 +01:00
fendo
f5354e1754 Update debian/changelog 2013-02-10 23:43:53 +01:00
fendo
b85ea86670 small performance improvement in download (internet -> customer) 2013-02-07 00:00:37 +01:00
fendo
11996ba414 Add PPPOE-SERVER functionality 2013-01-08 10:50:57 +01:00
fendo
35f10d93f4 Final development LAC functionality. 
Fix Possible ring buffer overflow.
 2012-12-15 00:00:13 +01:00
fendo
bcc2c7408b Fix LAC functionnality 2012-12-07 23:42:44 +01:00
fendo
5e65215ed4 Following development LAC functionality 2012-12-06 01:40:12 +01:00
fendo
4df24fd868 first version of the LAC functionality 2012-11-28 23:43:33 +01:00
Fernando Alves
76ae461853 Add a echo_timeout configuration option. 
Add a idle_echo_timeout configuration option.
 2012-02-20 20:50:57 +01:00
Fernando Alves
81ca38323a Fix: Sends small packets in the MPPPP frame (for reorder). 
Fix: Calculates jitter and jitter traces for analysis.
 2012-02-15 14:23:12 +01:00
Fernando Alves
ff1db279d1 Fix: MLPPP improvents. 2012-02-12 13:56:27 +01:00
Fernando Alves
43d9ea52f9 Fix: MLPPP complete lost frame. 2012-02-04 18:18:26 +01:00
Fernando Alves
442b04cea2 Fix MLPPP functionality. 2012-02-03 16:28:14 +01:00
Benjamin Cama
99921507eb Merge branch 'common-cvs-git-upstream' into fdn-mods 
Signed-off-by: Benjamin Cama <benoar@dolka.fr>
 2012-02-02 02:15:14 +01:00
Benjamin Cama
5694e076d6 Fix a format string pointer diff specifier. 
Signed-off-by: Benjamin Cama <benoar@dolka.fr>
 2011-09-25 21:14:32 +02:00
Benjamin Cama
d484cd0e36 Use uint32_t buffer instead of uint8_t one. 
Make it easier to use, and pleases gcc.

Signed-off-by: Benjamin Cama <benoar@dolka.fr>
 2011-09-25 14:31:25 +02:00
Brendan O'Dea
b939b00afd clean up some compiler errors 2011-09-12 20:46:07 +10:00
Benjamin Cama
4f1a9aa378 Kill sessions receiving a ConfReq while closing. 
Signed-off-by: Benjamin Cama <benoar@dolka.fr>
 2011-07-29 12:54:55 +02:00
Brendan O'Dea
d5c6f84271 Import to git from cvs. Remove keywords. 2011-01-27 17:36:01 +11:00
bodea
ac773ac88d Apply MLPPP patch from Muhammad Tayseer Alquoatli, very belatedly, with 
thanks.  Changes:
- Handle session shutdown gracefully regarding leaving the bundle (bug that is
  caused when a all session leaves a bundle then another join)
- IP assignment is done only for the first session in the bundle (save IP
  waste for multiple MLPPP sessions)
- Route is being added only for the first session in the bundle (less routes
  on l2tpns system)
- Fix route deletion problem for MLPPP sessions (bug that caused when a
  session leaves a bundle)
- Uniformity of sequence number space satisfied (according to RFC1990)
- Fix reassembling fragmented packets and handling lost fragments (according
  to RFC 1990)
- FragmentatConnection to l2tpns.cvs.sourceforge.net closed by remote host.n
  across N session rather than two)
- Sequence numbers extraction mask has been corrected (bug in extracting
  sequence numbers)
- some clustering support fixes
- Upload/Download statistics has been corrected
- add "kill_timedout_sessions" config option
 2009-12-08 14:49:28 +00:00