Age | Commit message (Collapse) | Author |
|
|
|
once radius server has returned User-Name attribute in Access-Accept
packet, it'll be used for any subsequent Accounting-Request packets
instead of internal username per RFC2865 5.1
other way of just replacing session username is possible, but not
desired at the moment due potential issues with single-session modes
in case of different ppp logins / ipoe macs and same contract number
returned by radius for that accounts.
|
|
Added protocol IPoE and SSTP to init.d description
|
|
|
|
sstp: implement ssl-protocol option and add unsupported features logging
|
|
[Fix] - Increment Accounting-Request id for Acct-Status-Type Stop
|
|
|
|
shaper: adding default rate-limit
|
|
|
|
Prepared check-ip and for ipoe, migrate to [common]check-ip
|
|
|
|
Make gcc8 happy
|
|
|
|
* triton: rewrited context sleeping implementation
* triton: prevent alloc_context function to be inlined (fixes improper stack size calculation)
* triton: fixed improper locking
* triton: fixed context schedule/wakeup race
* radius: implemented split request queue to 2 subqueues
* radius: fixed invalid behaviour when route to radius server is not existing
* radius: implemented lua support
* radius: fixed memory leak
* radius: add support for route priority (metric) in Framed-Route
* radius: allow CoA/DM by single username attribute
* radius: implemented Framed-IPv6-Route attribute
* radius: fixed bug (inserting empty Class)
* radius: fixed bug after radius server recovery
* chap-secrets: allow to use pool name instead of address to specify ipv4 pool
* auth: fixed re-authentication of peer in all chap modules
* ipv6: improved dhcpv6
* ipv6: implemented special handling of /128 prefixes
* ipv6: ignore "unspecified address" (::/128)
* ipv6: fixed host scope routes
* dhcpv6: fix delegated prefix routes
* dhcpv6: fix PD linklocal route for ipoe clients
* ipv6pool: added gw-ip6-address option and special handling for /128 prefixes
* ipoe: implemented new load balancing mechanism "weight"
* ipoe: implemented ipv6 in shared mode
* ipoe: implemented interface option mtu=N
* ipoe: improved handling of DHCP Request for nonexistent sessions.
* ipoe: improved support DHCP option-82.
* ipoe: fixed handling DHCP vendor-specific attributes.
* ipoe: arp: do not reply on requests from 0.0.0.0
* ipoe: implemented "noauth" for ipoe
* ipoe: use DHCP-Server-Identifier attribute as siaddr if DHCP-Server-IP-Address is not supplied
* ipoe: lua: introduced hwaddr field to session object
* ipoe: lua: introduced ipaddr field to session object
* ipoe: adding wins1/wins2 config options support
* ipoe: always ignore Gratoitous ARP
* ipoe: Fixed send NAK for REQUEST with 3 same XID for not existing sessions
* ipoe_mod: use least byte of hwaddr as hash key
* ipoe_mod: accept ipv6 packets from link-local address if session doesnot exists
* ipoe_mod: fixed ipv6 from non-shared mode
* lua: improved lua support, implemented support for lua 5.2/5.3.
* ppp: implemented per-ctrl ppp interface rename support, may be overrided by radius
* ppp: changed behaviour of lcp-echo-timeout
* ppp: fixed interface wildcard rename if kernel returns not zero, but picked index
* ppp: fixed bug in ppp_terminate
* ppp: fix mtu/mru negotiation in preallocate/unit-cache modes
* sstp: implemented sstp protocol support
* pppoe: fixed PADO delaying function
* pppoe: fixed invalid behaviour after changing pado-delay
* pptp: implemented adaptive pptp echo
* pptp: added the ppp-max-mtu option
* ippool: implemented next pool support
* ippool: fixed parsing /32 ranges
* ippool: exclude gw-ip-address from address pool
* shaper: install skbedit filter for all protocols
* shaper: ignore radius CoA request if shaper attributes are absent
* pppd-compat: implemented fork-limit.
* pppd_compat: do not call ip-down if session was not started.
* pppd_compat: fixed bug caused fork queue to stall.
* pppd_compat: fixed call ip-down even if ip-up is not specified
* pppd_compat: fixed argv[0] when calling ip-pre-up
* pppd_compat: run scripts in the PPP device netns
* pppd_compat: fixed handling of fork() failures
* pppd_compat: write human readable values of IPv6 address to radattr file
* connlimit: implemented connlimit for UP (unclassified packet) sessions
* cli: introduced ip6 and ip6-dp fields in "show sessions" command
* cli: show sessions: added uptime-raw columnt to print uptime in seconds
* cli: added to accel-cmd -P/--password support
* cli: add network namespace column in "show sessions"
* net-snmp: fixed crash on table request
* common: wait for previous session to finish when single-session=replace
* crypto: internal: add missed header and fix x64 build
|
|
|
|
|
|
|
|
|
|
possible protocols are ssl2, ssl3, tls1, tls1.1, tls1.2 and tls1.3,
but support does depend on openssl library.
defaults are up to openssl library w/o ssl2/ssl3.
|
|
Added support for Debian10 DEB pack generation
|
|
dhcpv6: fix delegated prefix routes
|
|
fix warnings with openssl 1.1.0+
|
|
|
|
older api causes "none" rtm type
|
|
openssl's thread locking/calbacks is noop since 1.1.0, internal
locking is used automagically.
|
|
Change variable name sid_in_auth radius.c
|
|
Add sid-in-auth info to accel-ppp.conf.5
|
|
|
|
|
|
Add info [ipoe]session-timeout and [ipoe]idle-timeout to accel-ppp.conf.5
|
|
Add info [modules]connlimit to accel-ppp.conf.5
|
|
Fix: ipv6-dns accel-ppp.conf.5
|
|
Fix typos accel-ppp.conf.5
|
|
shaper: fix fq_codel
|
|
Added extra AVP to SCCCN as known to allow MPD5 tunnels
|
|
Fix work on fresh kernels
|
|
|
|
|
|
|
|
|
|
|
|
original commit author is @dyangol
|
|
|
|
|
|
|
|
This reverts commit 6f433706a152ea987899fd830ff399e257b0f2a6.
|
|
|
|
|
|
Fix bug after radius server recovery
|
|
|