welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1267 commits 1 branch 0 tags 3.7 MiB
Commit graph

485 commits

Author SHA1 Message Date
Samuel Thibault
6f04a5c390 l2tp: Add Last Sent/Received LCP ConfReq in ICCN 
To support proxy LCP negotiation.
 2025-03-09 19:02:49 +01:00
Samuel Thibault
557a3944e6 Typo 2025-03-09 16:07:39 +01:00
Samuel Thibault
011d9a726c Enable kernel acceleration for one-link mppp links 
Clients may have enabled mppp without actually using several links. We
can support acceleration in that case.
 2024-10-20 01:52:01 +02:00
Samuel Thibault
cc012e18fa Add MessageAuthenticator support 
To address RadiusBLAST vulnerability.

Fixes #16
 2024-10-20 01:43:26 +02:00
Samuel Thibault
85044bc6a4 control: Queue packets received Out-of-Order 
Retransmissions are done very slowly, so we'd really better store the
Out-of-Order messages so that we can catch up quickly once we get the
missing piece.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
3add0afa38 Log from which IPs odd UDP packets come from 2024-05-13 20:14:58 +02:00
Samuel Thibault
38bfd3f738 Add L2TP bridging offloading support 2024-05-13 20:14:58 +02:00
Samuel Thibault
a957ff08ee Throttle switching kernel acceleration 
Creating/destroying interfaces etc. does take some time. When e.g. receiving
a lot of sessions as new slave, we don't want to stay stuck creating
hundreds of interfaces while we are already receiving control messages
that we have to forward to master not too late. Switching kernel
acceleration can wait a bit most of the time.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
a22295d804 Fasten quitting l2tp game 
Drop routes as quickly as possible to lose as few packets as possible in the
meanwhile.
 2024-05-13 20:14:58 +02:00
Samuel Thibault
0ac498d7d3 cli: Show acceleration interface name 
And allow selecting a session through it
 2024-05-13 20:14:56 +02:00
Dominique Martinet
72fca9b8f0 create/update_kernel_tunnel: add some debug logs 2024-05-13 20:14:39 +02:00
Dominique Martinet
c8c197bf3a processppp: fix IP log when tunnel IP source change 
fmtaddr formats the string to a static buffer that must be selected
manually, but this log message was re-using the same buffer.

Use another index for 2nd IP so we get to know which is what.

Fixes: 2429969bd04d ("Add L2TP offloading support")
 2024-05-13 20:14:38 +02:00
Samuel Thibault
58d038dc0b Add ICMPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
5dcbd68b75 Add DHCPv6 support with acceleration 2024-05-13 20:14:38 +02:00
Samuel Thibault
a9e18411d3 Add L2TP offloading support 
Fixes #13

Also-by: Dominique Martinet <asmadeus@codewreck.org>
 2024-05-13 20:14:38 +02:00
Samuel Thibault
13d7080ac1 Add recvfromto6 2024-05-13 20:14:38 +02:00
Samuel Thibault
e53fccd36c Add route for session-specific subprefix of the ipv6 prefix 
Otherwise with kernel acceleration we would only have the same /64 route
on all ppp devices. We need separate /96 routes on each ppp device for
packets of the /96 subprefix to be routed to the correct session.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
8c04e26f3f Consolidate adding/removing routes 
into routesset and routes6set.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
c7853de428 Consolidate stat update code 
into
update_session_in_stat
update_session_out_stat
 2024-05-13 20:14:38 +02:00
Samuel Thibault
1db43fc51d Separate out PPP processing 
So we can later call it on frames obtained from kernel ppp interface.

Better seen with diff -w
 2024-05-13 20:14:38 +02:00
Samuel Thibault
79a08faea9 Generalize L2TP UDP socket creation 
So we can later use it to create per-tunnel L2TP sockets.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
5df78e9467 Separate out if configuration into setupif 
So we can later apply it to ppp interfaces.

Better seen with diff -w
 2024-05-13 20:14:38 +02:00
Samuel Thibault
b2bc6da827 Add support for deleting all kernel tunnels/sessions 
Unfortunately, tunnels and session can survive us, so we have to drop any
tunnel/session left from a previous instance that might have crashed.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
1f4d79ce85 Add L2TP kernel infrastructure 
This essentially exposes the kernel features, without using them yet.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
5db476bb6e Add generic netlink infrastructure 2024-05-13 20:14:38 +02:00
Samuel Thibault
60329986b2 Rename netlink infrastructure to rtnetlink 
We will introduce genetlink infrastructure just after this.
 2024-05-13 20:14:38 +02:00
Samuel Thibault
fdf19f5467 cli: Fix missing closing file descriptors 2024-05-13 20:14:38 +02:00
Samuel Thibault
e9c1c31682 cluster: Save counters before we leave 2024-03-12 19:45:20 +01:00
sthibaul
cbe2b3910f Merge branch 'chap_passwd' into 'master' 
Fix the password used when acting as LAC

See merge request l2tpns/l2tpns!22
 2024-03-12 00:49:17 +00:00
Samuel Thibault
9daccab8ba shutdown_handler: really shutdown when we are last 
If we are a master and we don't have peers, there is no use keeping the
sessions alive, when we'll restart we will have forgotten them all.
Better gracefully close them, so they can be quickly respawn on restart,
instead of having to wait for timeouts.
 2024-01-21 00:36:39 +01:00
Samuel Thibault
2229ac6a8a RA: Fix announcing on the right tunnel 
We were previously just announcing on the last tunnel looked at in the loop
much above.
 2024-01-18 11:53:00 +01:00
Samuel Thibault
e6a933153d RA: announce after the actions which may be dropping the session 
It's useless to announce RA just before dropping the session.
 2024-01-18 10:13:00 +01:00
Samuel Thibault
1d19366e15 typo 2024-01-18 02:39:32 +01:00
sthibaul
7ddeea4205 Merge branch 'data_out_warn' into 'master' 
Warn about tunnel buffer being full only once per second

See merge request l2tpns/l2tpns!24
 2024-01-18 01:02:56 +00:00
Samuel Thibault
05772e2295 Add periodic RA sends 
The RFC indeed say that we should send them periodically.  We were
previously only sending them along LCP echo replies, but echo requests
are typically sent only when there is no trafic, which RA need to be
sent even when there is trafic.
 2023-12-04 19:41:57 +01:00
Samuel Thibault
3667bdfe80 Also clamp MSS on IPv6 
Some routers erratically drop "Packet too big" icmp messages, and PMTU
discovery then doesn't work. We can however easily clamp MSS on IPv6 too.
 2023-11-05 17:21:14 +01:00
Dominique Martinet
1a89fc3f63 initippool: drop redundant memset 
The size of the memset was just wrong, but the data has already been
zeroed in initdata so we can just remove it.
# This is the commit message #2:

# squash! initippool: fix initialization of ip_address_pool
 2023-08-03 06:10:27 +09:00
Samuel Thibault
7fd81113e6 Warn about tunnel buffer being full only once per second 
Otherwise, when the network output bandwidth is full, we additionally
fill the disk with logs.
 2023-04-30 16:31:55 +02:00
Samuel Thibault
7bf791816c Fix the password used when acting as LAC 
When acting as LNS, we have to answer challenges with our own secret, but
when acting as LAC, we have to answer challenges with the LNS secret, not
ours.
 2023-03-26 18:01:00 +02:00
Samuel Thibault
8e7bfa9a77 Add mp_mrru option 
Some equipments seem not able to actually put options in Configure-Reject
messages, so we then have to disable MRRU by hand.
 2023-02-07 12:45:29 +01:00
Dominique Martinet
af92de5eeb processudp: fix memory leak 
send/recvchalresponse should be freed before early returns in the function,
as there are code paths where they would be allocated before these.

Note free is no-op on null pointer so checking for non-null value is useless.

Reported-by: Coverity#375342
 2022-11-05 21:18:36 +09:00
Samuel Thibault
4d906e595d Fix liveness of buf 
So that domain can point to it.
 2022-11-03 13:27:54 +01:00
Samuel Thibault
233f7e8526 Drop useless test 2022-11-03 11:49:48 +01:00
Samuel Thibault
31dedbbe66 Use 64bit counters for accounting 
Otherwise with 5-minute reporting we overflow with >= ~100Mbps.

Fixes #12
 2022-01-24 00:40:26 +01:00
Dominique Rousseau
7c715f16fc fix bgp_add_route with bind_address ( fix #9 ) 2021-10-15 21:55:31 +02:00
Fernando ALVES
2d6fe53a7a Fix infinite loop error 'Unknown AVP vendor' 2021-01-17 22:19:01 +01:00
Sebastien Badia
745de1082a
(maint) Fixes common spelling error 
* minumum minimum
* remaing remaining
* Mismaching Mismatching
 2020-04-28 10:53:18 +02:00
fendo
0f20bfda6a Add cluster_port parameter for Multiple clusters 2017-05-27 00:09:19 +02:00
fendo
07e1df5b92 Add of the ppp_keepalive option. 2015-09-22 23:19:01 +02:00
fendo
9c77145f71 Add of the RDNSS option to ICMPv6 Router Advertisement (RA). 2014-10-02 00:28:57 +02:00