fc0a363208
- Change all strcpy() calls to strncpy() to avoid buffer overflow potential - Add ICMP host unreachable support - Logging to syslog if log_file = "syslog:facility" - Now requires libcli 1.5 - All configuration moves to a config structure - Ability to modify and write config on the fly through command-line interface - Config file support is removed, and now handled by the cli - Show hostname in cli prompt - Keep current state type for tunnels - Add uptime command do CLI, which also shows real-time bandwidth utilisation - Add goodbye command to cluster master, which forces droppping a slave - Cache IP address allocation, so that reconnecting users get the same address - Fix tunnel resend timeouts, so that dead tunnels will be cleaned up - Allocate tunnels and radius without using a linked list which had issues - Fix some off-by-one errors in tunnel and session and radius arrays - Save and reload ip address pool when dieing - Check version and size of reloaded data when restarting - Remove plugin_config support - Remove old support for TBF which didn't work anyway. HTB is required to do throttling now. - Add COPYING and Changes files
74 lines
1.8 KiB
C
74 lines
1.8 KiB
C
// L2TPNS Throttle Stuff
|
|
// $Id: throttle.c,v 1.2 2004-03-05 00:09:03 fred_nerk Exp $
|
|
|
|
#include <stdio.h>
|
|
#include <sys/file.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/wait.h>
|
|
#include <sys/types.h>
|
|
#include <malloc.h>
|
|
#include <string.h>
|
|
#include <stdlib.h>
|
|
#include <time.h>
|
|
#include <arpa/inet.h>
|
|
#include <errno.h>
|
|
#include <unistd.h>
|
|
#include "l2tpns.h"
|
|
#include "util.h"
|
|
|
|
extern radiust *radius;
|
|
extern sessiont *session;
|
|
extern u32 sessionid;
|
|
extern int radfd;
|
|
extern tbft *filter_buckets;
|
|
extern struct configt *config;
|
|
|
|
// Throttle or Unthrottle a session
|
|
int throttle_session(sessionidt s, int throttle)
|
|
{
|
|
if (!config->rl_rate) return 0;
|
|
|
|
if (!*session[s].user)
|
|
return 0; // User not logged in
|
|
|
|
if (throttle)
|
|
{
|
|
// Throttle them
|
|
char cmd[2048] = {0};
|
|
if (!session[s].tbf) session[s].tbf = rl_get_tbf();
|
|
if (!session[s].tbf)
|
|
{
|
|
log(1, 0, s, session[s].tunnel, "Error creating a filtering bucket for user %s\n", session[s].user);
|
|
return 0;
|
|
}
|
|
log(2, 0, s, session[s].tunnel, "Throttling session %d for user %s\n", s, session[s].user);
|
|
snprintf(cmd, 2048, "iptables -t mangle -A throttle -d %s -j MARK --set-mark %d",
|
|
inet_toa(ntohl(session[s].ip)),
|
|
session[s].tbf);
|
|
log(4, 0, s, session[s].tunnel, "Running %s\n", cmd);
|
|
system(cmd);
|
|
}
|
|
else
|
|
{
|
|
char cmd[2048] = {0};
|
|
log(2, 0, s, session[s].tunnel, "Unthrottling session %d for user %s\n", s, session[s].user);
|
|
if (session[s].tbf)
|
|
{
|
|
int count = 10;
|
|
snprintf(cmd, 2048, "iptables -t mangle -D throttle -d %s -j MARK --set-mark %d", inet_toa(ntohl(session[s].ip)), session[s].tbf);
|
|
log(4, 0, s, session[s].tunnel, "Running %s\n", cmd);
|
|
while (--count)
|
|
{
|
|
int status = system(cmd);
|
|
if (WEXITSTATUS(status) != 0) break;
|
|
}
|
|
system(cmd);
|
|
|
|
rl_done_tbf(session[s].tbf);
|
|
session[s].tbf = 0;
|
|
}
|
|
}
|
|
session[s].throttle = throttle;
|
|
return 0;
|
|
}
|
|
|