- Adject cli_loop args for libcli 1.8.0
- Allow for backward compatabity in C_PING packets
- Don't send RADIUS stop messages from sessionshutdown when called from
sessionkill.
- Adject cli_loop args for libcli 1.8.0
- Allow for backward compatabity in C_PING packets
- Don't send RADIUS stop messages from sessionshutdown when called from
sessionkill.
- fix for LASTSEEN breakage: don't do anything in the CLI other than
flag changes to be made by the parent
- split out master parts from cluster_check_master() into cluster_check_slaves()
- fix for LASTSEEN breakage: don't do anything in the CLI other than
flag changes to be made by the parent
- split out master parts from cluster_check_master() into cluster_check_slaves()
- add assertions to help identify odd LASTSEEN breakage
- make cluster_hb_interval work; include interval/timeout in heartbeats
so that a change on the master is propagated immediately to the slaves
- use fast heartbeats when there are slaves not up to date
- ensure basetime of shut down master is set to zero (prevent delayed election)
- fix radius session leak on IPCP timeout
- fix some off-by-one errors in tunnel/session loops
- add assertions to help identify odd LASTSEEN breakage
- make cluster_hb_interval work; include interval/timeout in heartbeats
so that a change on the master is propagated immediately to the slaves
- use fast heartbeats when there are slaves not up to date
- ensure basetime of shut down master is set to zero (prevent delayed election)
- fix radius session leak on IPCP timeout
- fix some off-by-one errors in tunnel/session loops
This supports privileged and unprivileged commands, as well as a configuration
mode
* Add help for all cli commands
* Add "show version" command
* Fix uptime counter display
* Fix nasty bug where cluster basetime can be set to 0 when sending initial
heartbeat
* Don't rmmod ip_conntrack, as this can take a lot of time
* Re-order logging in routeset such that the action is given before any error
* Use the correct gateway address when deleting routes
* Remove any routes when address changes
* Require authentication if telnet from remote ip
* Require enable password always
* Return error if show pool done on slave
* We MUST immediately exit if we're the wrong master!
This supports privileged and unprivileged commands, as well as a configuration
mode
* Add help for all cli commands
* Add "show version" command
* Fix uptime counter display
* Fix nasty bug where cluster basetime can be set to 0 when sending initial
heartbeat
* Don't rmmod ip_conntrack, as this can take a lot of time
* Re-order logging in routeset such that the action is given before any error
* Use the correct gateway address when deleting routes
* Remove any routes when address changes
* Require authentication if telnet from remote ip
* Require enable password always
* Return error if show pool done on slave
* We MUST immediately exit if we're the wrong master!
- Major release
- Completely replace active/standby clustering with a new peer-to-peer
clustering method which allows much greater throughput and is a lot more fault
tolerant
- Add internal tbf implementation for throttling without relying on tc and
kernel HTB
- Add support for iBGP and eBGP to advertise routes
- Add cli commands "show cluster", "show bgp", "show ipcache", "show throttle",
"show tbf", "suspend bgp", "restart bgp", "show user"
- Interception destination must be set per-user
- If SMP machine, allow use of SCHED_FIFO, which should improve performance
- Added config option to send GARP at startup
- Added plugin_become_master and plugin_new_session_master plugin hooks
- Remove useless sessionsendarp(). This isn't needed now that we are using TUN
instead of TAP.
- ICMP rate limiting so not every unreachable packet is replied with an ICMP
unreachable message
- mangle table is not required on anything but the cluster master, so slaves
will drop the mangle table and attempt to unload the ip_conntrack module
- Statically assigned IP addresses (by Radius) work now
- Add -d command-line flag to detach and become a daemon
- Configuration file is now "/etc/l2tpns/startup-config"
- Reduced MIN_IP_SIZE to 0x19 to stop a pile of Short IP warnings
- Resend initial IPCP request until it's acknowleged by the client
- Better radius session cleanup logic
- Many miscellaenous bugfixes and performance enhancements
- Thanks to Michael O'Reilly and Brendan O'Dea for most of these new features
- Major release
- Completely replace active/standby clustering with a new peer-to-peer
clustering method which allows much greater throughput and is a lot more fault
tolerant
- Add internal tbf implementation for throttling without relying on tc and
kernel HTB
- Add support for iBGP and eBGP to advertise routes
- Add cli commands "show cluster", "show bgp", "show ipcache", "show throttle",
"show tbf", "suspend bgp", "restart bgp", "show user"
- Interception destination must be set per-user
- If SMP machine, allow use of SCHED_FIFO, which should improve performance
- Added config option to send GARP at startup
- Added plugin_become_master and plugin_new_session_master plugin hooks
- Remove useless sessionsendarp(). This isn't needed now that we are using TUN
instead of TAP.
- ICMP rate limiting so not every unreachable packet is replied with an ICMP
unreachable message
- mangle table is not required on anything but the cluster master, so slaves
will drop the mangle table and attempt to unload the ip_conntrack module
- Statically assigned IP addresses (by Radius) work now
- Add -d command-line flag to detach and become a daemon
- Configuration file is now "/etc/l2tpns/startup-config"
- Reduced MIN_IP_SIZE to 0x19 to stop a pile of Short IP warnings
- Resend initial IPCP request until it's acknowleged by the client
- Better radius session cleanup logic
- Many miscellaenous bugfixes and performance enhancements
- Thanks to Michael O'Reilly and Brendan O'Dea for most of these new features
Use multiple radius sockets to allow more concurrent authentication requests
Fix minimum length of IP packets
Add support for reading more than one packet per fd in each processing loop
Add variable cleanup_interval for changing cleanup interval
Bump version to 1.2.0
Use multiple radius sockets to allow more concurrent authentication requests
Fix minimum length of IP packets
Add support for reading more than one packet per fd in each processing loop
Add variable cleanup_interval for changing cleanup interval
Bump version to 1.2.0
- Add gcc __attribute__ to logging functions
- Fix warnings shown by __attribute__
- Make sure regular cleanup happens regularly under high load
- Add variable cleanup_interval for changing cleanup interval
- Add support for reading more than one packet per fd in each processing loop
- This is configurable with the multi_read_count variable
- Remove segv handler so core dumps can happen
- Use nonblocking sockets
- Increase tun queue length
- Fix minimum length of IP packets
- Remove per-packet plugin hooks (they are slow)
- Don't drop session if no free RADIUS
- Don't expire more than 1000 sessions per cleanup interval
- Remove -a and -c command-line options. They don't work anyway
- Don't require file: in log_filename
- Add gcc __attribute__ to logging functions
- Fix warnings shown by __attribute__
- Make sure regular cleanup happens regularly under high load
- Add variable cleanup_interval for changing cleanup interval
- Add support for reading more than one packet per fd in each processing loop
- This is configurable with the multi_read_count variable
- Remove segv handler so core dumps can happen
- Use nonblocking sockets
- Increase tun queue length
- Fix minimum length of IP packets
- Remove per-packet plugin hooks (they are slow)
- Don't drop session if no free RADIUS
- Don't expire more than 1000 sessions per cleanup interval
- Remove -a and -c command-line options. They don't work anyway
- Don't require file: in log_filename
