ed90ea49e0
- Major release - Completely replace active/standby clustering with a new peer-to-peer clustering method which allows much greater throughput and is a lot more fault tolerant - Add internal tbf implementation for throttling without relying on tc and kernel HTB - Add support for iBGP and eBGP to advertise routes - Add cli commands "show cluster", "show bgp", "show ipcache", "show throttle", "show tbf", "suspend bgp", "restart bgp", "show user" - Interception destination must be set per-user - If SMP machine, allow use of SCHED_FIFO, which should improve performance - Added config option to send GARP at startup - Added plugin_become_master and plugin_new_session_master plugin hooks - Remove useless sessionsendarp(). This isn't needed now that we are using TUN instead of TAP. - ICMP rate limiting so not every unreachable packet is replied with an ICMP unreachable message - mangle table is not required on anything but the cluster master, so slaves will drop the mangle table and attempt to unload the ip_conntrack module - Statically assigned IP addresses (by Radius) work now - Add -d command-line flag to detach and become a daemon - Configuration file is now "/etc/l2tpns/startup-config" - Reduced MIN_IP_SIZE to 0x19 to stop a pile of Short IP warnings - Resend initial IPCP request until it's acknowleged by the client - Better radius session cleanup logic - Many miscellaenous bugfixes and performance enhancements - Thanks to Michael O'Reilly and Brendan O'Dea for most of these new features
45 lines
990 B
C
45 lines
990 B
C
#include <string.h>
|
|
#include <malloc.h>
|
|
#include <stdlib.h>
|
|
#include <sys/wait.h>
|
|
#include <sys/types.h>
|
|
#include "l2tpns.h"
|
|
#include "plugin.h"
|
|
#include "control.h"
|
|
|
|
int __plugin_api_version = 1;
|
|
struct pluginfuncs *p;
|
|
|
|
int plugin_radius_response(struct param_radius_response *data)
|
|
{
|
|
if (strcmp(data->key, "intercept") == 0)
|
|
{
|
|
char *x;
|
|
data->s->snoop_ip = 0;
|
|
data->s->snoop_port = 0;
|
|
if ((x = strchr(data->value, ':')))
|
|
{
|
|
*x++ = 0;
|
|
if (*data->value) data->s->snoop_ip = inet_addr(data->value);
|
|
if (data->s->snoop_ip == INADDR_NONE) data->s->snoop_ip = 0;
|
|
if (*x) data->s->snoop_port = atoi(x);
|
|
p->log(3, 0, 0, 0, " Intercepting user to %s:%d\n",
|
|
p->inet_toa(data->s->snoop_ip), data->s->snoop_port);
|
|
}
|
|
else
|
|
{
|
|
p->log(3, 0, 0, 0, " Not Intercepting user (reply string should be snoop=ip:port)\n");
|
|
}
|
|
}
|
|
return PLUGIN_RET_OK;
|
|
}
|
|
|
|
int plugin_init(struct pluginfuncs *funcs)
|
|
{
|
|
return ((p = funcs)) ? 1 : 0;
|
|
}
|
|
|
|
void plugin_done()
|
|
{
|
|
}
|
|
|