- Check control serial before clearing window, prevents looping tunnel
setup in some instances.
- Add configuration syntax for adding named access lists (work in progress).
- Call sessionshutdown() when a tunnel is dropped rather than
sessionkill() to ensure that RADIUS stop records are sent.
- Cleanup: make a bunch of global functions/variables static.
- Adject cli_loop args for libcli 1.8.0
- Allow for backward compatabity in C_PING packets
- Don't send RADIUS stop messages from sessionshutdown when called from
sessionkill.
- fix for LASTSEEN breakage: don't do anything in the CLI other than
flag changes to be made by the parent
- split out master parts from cluster_check_master() into cluster_check_slaves()
- add assertions to help identify odd LASTSEEN breakage
- make cluster_hb_interval work; include interval/timeout in heartbeats
so that a change on the master is propagated immediately to the slaves
- use fast heartbeats when there are slaves not up to date
- ensure basetime of shut down master is set to zero (prevent delayed election)
- fix radius session leak on IPCP timeout
- fix some off-by-one errors in tunnel/session loops
This supports privileged and unprivileged commands, as well as a configuration
mode
* Add help for all cli commands
* Add "show version" command
* Fix uptime counter display
* Fix nasty bug where cluster basetime can be set to 0 when sending initial
heartbeat
* Don't rmmod ip_conntrack, as this can take a lot of time
* Re-order logging in routeset such that the action is given before any error
* Use the correct gateway address when deleting routes
* Remove any routes when address changes
* Require authentication if telnet from remote ip
* Require enable password always
* Return error if show pool done on slave
* We MUST immediately exit if we're the wrong master!
- Major release
- Completely replace active/standby clustering with a new peer-to-peer
clustering method which allows much greater throughput and is a lot more fault
tolerant
- Add internal tbf implementation for throttling without relying on tc and
kernel HTB
- Add support for iBGP and eBGP to advertise routes
- Add cli commands "show cluster", "show bgp", "show ipcache", "show throttle",
"show tbf", "suspend bgp", "restart bgp", "show user"
- Interception destination must be set per-user
- If SMP machine, allow use of SCHED_FIFO, which should improve performance
- Added config option to send GARP at startup
- Added plugin_become_master and plugin_new_session_master plugin hooks
- Remove useless sessionsendarp(). This isn't needed now that we are using TUN
instead of TAP.
- ICMP rate limiting so not every unreachable packet is replied with an ICMP
unreachable message
- mangle table is not required on anything but the cluster master, so slaves
will drop the mangle table and attempt to unload the ip_conntrack module
- Statically assigned IP addresses (by Radius) work now
- Add -d command-line flag to detach and become a daemon
- Configuration file is now "/etc/l2tpns/startup-config"
- Reduced MIN_IP_SIZE to 0x19 to stop a pile of Short IP warnings
- Resend initial IPCP request until it's acknowleged by the client
- Better radius session cleanup logic
- Many miscellaenous bugfixes and performance enhancements
- Thanks to Michael O'Reilly and Brendan O'Dea for most of these new features
