welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1319 commits 1 branch 0 tags 3.7 MiB
Commit graph

1319 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tassilo Schweyer
702ed1ec72 Quick fix to at least decode slightly larger hidden AVPs correctly 2025-05-05 03:15:52 +02:00
Tassilo Schweyer
690e09ba57 Initialize memory so we get zero-terminated string 2025-05-05 03:15:26 +02:00
Tassilo Schweyer
2b13f59f6a Only send in hacky case 2025-05-05 00:52:28 +02:00
Tassilo Schweyer
225ac28120 ugly hack 2025-05-05 00:24:15 +02:00
Tassilo Schweyer
f21401a0cc Also save last recv/sent LCP confreq 2025-05-05 00:10:09 +02:00
Tassilo Schweyer
035b4604ee gnah.. take3 2025-05-04 23:53:45 +02:00
Tassilo Schweyer
a11374b80a Derp.. wrong struct 2025-05-04 23:53:04 +02:00
Tassilo Schweyer
088d44a572 Also copy auth_name 2025-05-04 23:52:00 +02:00
Tassilo Schweyer
60be20cf32 Fix possible buffer overflow when dealing with auth challenge/response 2025-05-04 13:42:47 +02:00
Tassilo Schweyer
3015533293 Store proxy auth information also when forwarding session 2025-05-04 12:35:27 +02:00
Tassilo Schweyer
54d36d7512 Merge remote-tracking branch 'upstream/master' 2025-05-03 10:55:58 +02:00
Tassilo Schweyer
57004c5744 Attempt to hack in acceleration for PPPoE 2025-04-29 00:43:40 +02:00
Tassilo Schweyer
0c9338b03a Make sure to add HDLC header when forwarding over L2TP 2025-04-29 00:43:00 +02:00
Tassilo Schweyer
7442bddd3d More example configs 2025-04-29 00:41:21 +02:00
Tassilo Schweyer
ace7452145 Create socket for PPPoE 2025-04-22 14:02:55 +02:00
Samuel Thibault
e7db528544 Add lcp_renegotiation option 
To support proxy LCP negotiation.

Note: we *have* to take the auth id from the proxy answer, otherwise we would
replay previous ids, for which the client might cache the answer and thus
ignore our new challenge and just repeat their outdated answer.
 2025-04-18 14:41:36 -04:00
Samuel Thibault
817ce35748 ppp: Move LCP received configuration parsing to a separate function 
So it can be reused for proxy LCP negotiation.
 2025-04-18 14:41:36 -04:00
Samuel Thibault
9425c725c9 Note kernel requirement for LAC acceleration 2025-04-01 17:48:05 +02:00
Samuel Thibault
a56de89a4c kernel accel: if switching takes a long time, back off 
That can happen even with not many sessions, e.g. on a loaded machine with a
lot of routes
 2025-03-31 03:46:05 +02:00
Samuel Thibault
b2942b3c53 cluster: Support running multiple instances on the same host 
With IP_MULTICAST_LOOP they can see each other. We "just" have to make sure
they use different IP addresses and route metrics to distinguish from each
other.
 2025-03-31 03:45:19 +02:00
Samuel Thibault
366faaea76 ipcp: try to re-send CHAP ack on timeout 
If it was lost, some clients (e.g. pppd) may not try to re-send their CHAP reply.
 2025-03-31 03:43:05 +02:00
Samuel Thibault
b3b052a483 cluster: Close l2tp sockets before routes 
So another l2tpns on the same host can receive l2tp while we are quickly
removing our routes.
 2025-03-31 03:39:31 +02:00
Samuel Thibault
7d2d97436c cluster: Don't wait for peer chap answer before leaving 
The next master can restart the authentication
 2025-03-31 03:37:05 +02:00
Samuel Thibault
5c0e3949f8 route: Add if index in log 2025-03-30 21:51:43 +02:00
Samuel Thibault
c9aac241ea route: Update time while adding/removing routes 
So we seen when adding/removing a lot of them if that takes a long time
 2025-03-30 20:47:14 +02:00
Samuel Thibault
ebb8784ec3 kernel_accel: Cope with receiving freed sessions 2025-03-30 19:59:56 +02:00
Samuel Thibault
8b3ccb2ac5 l2tp: Increase queue size 
So we can catch up according to the window that we announce.
 2025-03-30 19:17:16 +02:00
Samuel Thibault
b64ad7990b Update comment 2025-03-30 18:05:45 +02:00
Samuel Thibault
fa64a8010d chap: cope with our ack being lost 2025-03-30 17:57:33 +02:00
Samuel Thibault
22f650d828 Log explicitly when shutting down 2025-03-30 17:57:33 +02:00
Samuel Thibault
4ba646d2af Reduce loglevel of multi_read_count 2025-03-30 17:53:29 +02:00
Samuel Thibault
37ff318b32 cli: Show tunnel queue length 2025-03-30 17:32:56 +02:00
Samuel Thibault
0845ec8a19 Add route_metric option 
To be able to keep different routes from several running l2tpns instances.
 2025-03-30 17:12:01 +02:00
Samuel Thibault
b793850d2f Add route_protocol option 
To be able to distinguish routes from several running l2tpns instances.
 2025-03-30 17:11:53 +02:00
Samuel Thibault
44b01d70c6 regenerate docs 2025-03-30 12:01:08 +02:00
Samuel Thibault
544a622c2a Make it clear that the cluster peer list is currently at the time of connection 2025-03-29 17:20:39 +01:00
Samuel Thibault
2af4b47f46 Permanently store authentication id in sess_local[s].auth_id 
rather than ping-ponging with radius[r].id

This also make sendchap use a different id on each call, necessary for
some clients which cache responses.
 2025-03-29 16:11:40 +01:00
Samuel Thibault
c4147ed3cc typo 2025-03-29 15:58:40 +01:00
Samuel Thibault
43cbe0e4b2 Fix setting route metric (aka priority) 2025-03-29 14:43:28 +01:00
Samuel Thibault
75144a546c l2tp: Add CHAP auth information in ICCN 
To support proxy auth.
 2025-03-28 20:38:19 +01:00
Samuel Thibault
12cc3c39b0 Advertise LAC support 2025-03-25 02:26:39 +01:00
Samuel Thibault
450467d626 Fix split words 2025-03-25 02:24:40 +01:00
Samuel Thibault
c8c24f515b Fix links 2025-03-25 02:21:10 +01:00
Samuel Thibault
6f214e57ef Add links to documentations 2025-03-25 02:19:26 +01:00
Samuel Thibault
499677627f l2tp: Expose a control receive window > 4 
The default 4 is really small, and imposes very sequential processing of
reconnections in case we lose all sessions. Nowadays we easily have
memory for a lot more.
 2025-03-23 19:06:07 +01:00
Samuel Thibault
c12eab7a9c l2tp: Disable ZLB send optimization 
controlc doesn't mean we will send more messages, but only that some of them
are pending ack. If we have already sent them and the peer has just not
acked them yet, controlnull() would not send a ZLB, and once the peer
has acked our control messages, we wouldn't send a ZLB with an updated Nr.
 2025-03-23 18:52:32 +01:00
Samuel Thibault
40796d2adb l2tp: Add PAP auth information in ICCN 
To support proxy auth.
 2025-03-23 03:17:44 +01:00
Samuel Thibault
e701644d37 load_tunnel: reset scccn 
If we later turn master, we want scccn already reset like when clearing a
tunnel.
 2025-03-16 02:14:50 +01:00
Samuel Thibault
e801ce0c4f Fix setting SO_REUSEADDR 
It expects a boolean, not an address
 2025-03-16 01:19:47 +01:00
Samuel Thibault
b5c198ae87 l2tplac: fast-forward session that triggered tunnel creation 
Previously, when we got a call to be forwarded to another LNS and we didn't
have a tunnel to it yet, we would wait for a PAP/CHAP re-send to trigger the
creation of a session in the fresh tunnel. We do not have to wait, we can
trigger that on SCCCN ack.
 2025-03-09 19:02:49 +01:00