c239d4b228
- Major release - Completely replace active/standby clustering with a new peer-to-peer clustering method which allows much greater throughput and is a lot more fault tolerant - Add internal tbf implementation for throttling without relying on tc and kernel HTB - Add support for iBGP and eBGP to advertise routes - Add cli commands "show cluster", "show bgp", "show ipcache", "show throttle", "show tbf", "suspend bgp", "restart bgp", "show user" - Interception destination must be set per-user - If SMP machine, allow use of SCHED_FIFO, which should improve performance - Added config option to send GARP at startup - Added plugin_become_master and plugin_new_session_master plugin hooks - Remove useless sessionsendarp(). This isn't needed now that we are using TUN instead of TAP. - ICMP rate limiting so not every unreachable packet is replied with an ICMP unreachable message - mangle table is not required on anything but the cluster master, so slaves will drop the mangle table and attempt to unload the ip_conntrack module - Statically assigned IP addresses (by Radius) work now - Add -d command-line flag to detach and become a daemon - Configuration file is now "/etc/l2tpns/startup-config" - Reduced MIN_IP_SIZE to 0x19 to stop a pile of Short IP warnings - Resend initial IPCP request until it's acknowleged by the client - Better radius session cleanup logic - Many miscellaenous bugfixes and performance enhancements - Thanks to Michael O'Reilly and Brendan O'Dea for most of these new features
120 lines
1.9 KiB
C
120 lines
1.9 KiB
C
#ifndef __PLUGIN_H__
|
|
#define __PLUGIN_H__
|
|
|
|
#define PLUGIN_API_VERSION 1
|
|
#define MAX_PLUGIN_TYPES 30
|
|
|
|
enum
|
|
{
|
|
PLUGIN_PRE_AUTH = 1,
|
|
PLUGIN_POST_AUTH,
|
|
PLUGIN_PACKET_RX,
|
|
PLUGIN_PACKET_TX,
|
|
PLUGIN_TIMER,
|
|
PLUGIN_NEW_SESSION,
|
|
PLUGIN_KILL_SESSION,
|
|
PLUGIN_CONTROL,
|
|
PLUGIN_RADIUS_RESPONSE,
|
|
PLUGIN_BECOME_MASTER,
|
|
PLUGIN_NEW_SESSION_MASTER,
|
|
};
|
|
|
|
#define PLUGIN_RET_ERROR 0
|
|
#define PLUGIN_RET_OK 1
|
|
#define PLUGIN_RET_STOP 2
|
|
|
|
struct pluginfuncs
|
|
{
|
|
void (*_log)(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...);
|
|
void (*_log_hex)(int level, ipt address, sessionidt s, tunnelidt t, const char *title, const char *data, int maxsize);
|
|
char *(*inet_toa)(unsigned long addr);
|
|
sessionidt (*get_session_by_username)(char *username);
|
|
sessiont *(*get_session_by_id)(sessionidt s);
|
|
sessionidt (*get_id_by_session)(sessiont *s);
|
|
void (*sessionkill)(sessionidt s, char *reason);
|
|
u16 (*radiusnew)(sessionidt s);
|
|
void (*radiussend)(u16 r, u8 state);
|
|
};
|
|
|
|
struct param_pre_auth
|
|
{
|
|
tunnelt *t;
|
|
sessiont *s;
|
|
char *username;
|
|
char *password;
|
|
int protocol;
|
|
int continue_auth;
|
|
};
|
|
|
|
struct param_post_auth
|
|
{
|
|
tunnelt *t;
|
|
sessiont *s;
|
|
char *username;
|
|
short auth_allowed;
|
|
int protocol;
|
|
};
|
|
|
|
struct param_packet_rx
|
|
{
|
|
tunnelt *t;
|
|
sessiont *s;
|
|
char *buf;
|
|
int len;
|
|
};
|
|
|
|
struct param_packet_tx
|
|
{
|
|
tunnelt *t;
|
|
sessiont *s;
|
|
char *buf;
|
|
int len;
|
|
};
|
|
|
|
struct param_timer
|
|
{
|
|
time_t time_now;
|
|
};
|
|
|
|
struct param_config
|
|
{
|
|
char *key;
|
|
char *value;
|
|
};
|
|
|
|
struct param_control
|
|
{
|
|
char *buf;
|
|
int l;
|
|
unsigned int source_ip;
|
|
unsigned short source_port;
|
|
char *response;
|
|
int response_length;
|
|
int send_response;
|
|
short type;
|
|
int id;
|
|
char *data;
|
|
int data_length;
|
|
};
|
|
|
|
struct param_new_session
|
|
{
|
|
tunnelt *t;
|
|
sessiont *s;
|
|
};
|
|
|
|
struct param_kill_session
|
|
{
|
|
tunnelt *t;
|
|
sessiont *s;
|
|
};
|
|
|
|
struct param_radius_response
|
|
{
|
|
tunnelt *t;
|
|
sessiont *s;
|
|
char *key;
|
|
char *value;
|
|
};
|
|
|
|
#endif /* __PLUGIN_H__ */
|