| Age | Commit message (Collapse) | Author |
|---|
|
|
|
related net-snmp change: https://github.com/net-snmp/net-snmp/commit/a2cb167514ac0c7e1b04e8f151e0b015501362e0
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
|
|
clsact + fwmark
|
|
|
|
On Gentoo __free_fn_t wont be detected properly without
this include.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
Reported-by: Stanislav <stasn77@gmail.com>
Author: Stanislav <stasn77@gmail.com>
|
|
shaper: add clsact policer support
|
|
log_tcp: Fix small memory leak
|
|
Discovered using clang sanitizers.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Use the following configuration to enable clsact up and down limiters:
[shaper]
up-limiter=police
down-limiter=clsact
It is also recommended to set down-burst-factor=1.0
How to check current configuration in Linux:
tc qdisc show dev ppp0
tc filter show dev ppp0 egress
tc filter show dev ppp0 ingress
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
|
|
As we fixed musl compatibility, we can add also basic check
if accel keep working in Alpine Linux
Also update default config, enable connlimit and place it
before pptp, otherwise Alpine generate error:
```
[2024-04-09 22:30:09.911]loader: failed to load 'pptp': Error relocating /usr/local/lib64/accel-ppp/libpptp.so: connlimit_check: symbol not found
```
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
Thanks for hints Alpine Linux project and their patches:
https://git.alpinelinux.org/aports/tree/community/accel-ppp?h=master
We can adjust a bit code and cmake config files to make accel-ppp
buildable under musl "as is".
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
In case of invalid configuration we might get stack overflow
with unexpected consequences.
Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
|
|
|
|
ipoe: check localnet only for start=UP (unclassified packets) sessions
|
|
|
|
|
|
Adding support to Radius IPV6 address
|
|
Co-authored-by: Peter Adam <p.adam@cygnusnetworks.de>
|
|
This change enables ipv6 connections between accel-ppp and radius server
|
|
CLI: PPPoE: Add possibility to display inbound interface and service-…
|
|
ipoe: fix memory access violation with unset link-selection
|
|
show sessions command
|
|
libnetlink: fix a crash with a non vlan interface
|
|
When accel-ppp has no connected clients, CLI interface add command it try to use net == NULL and crush code.
|
|
Link-selection pointer is not set to NULL when link-selection IPOE
option is not set. It results in a memory access violation in
dhcpv4_packet_insert_opt82()
Set link-selection pointer to NULL if unset to fix the issue.
Fixes: 61e31c591e ("ipoe: add dhcp link selection sub-option")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
|
|
Fix a segmentation fault when starting when accel-ppp is configured with
an non vlan interface.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
|
|
Add information about link-selection ipoe option in accel-ppp.conf man.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
|
|
DHCP "agent remote id" sub-option 2 of option 82 can already be
configured with [ipoe] / "agent-remote-id". However, it is not
documented.
Add information about agent-remote-id in accel-ppp.conf man.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
|
|
Add the support of DHCP option 82 "Agent Information" sub-option 5
"link selection". The IPv4 value can be specified in the [ipoe]
"link-selection" configuration option.
Link: https://www.rfc-editor.org/rfc/rfc3527.html
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
|
|
Patially fixes 6e5f9980a8a71015a228279e07970621d23c7b35, there's
no really requirement for packed internal sockaddr_t struct.
Also, constantify several struct pointer arguments as well.
|
|
There's no alignment reason for making temporary vars on
stack assuming unaligned block copy.
|
|
Fixes ad94c19554d7c6bb18ab2e251e4ee403ee0b7732, tios is sill left
partially initialized with sane values. Also, log get/set attr errors
with error level as well since it raises pty allocation error and
connection drop therefore.
|
|
|
|
|
|
|
|
Use 64-bit interface statistics and some more env parameters for pppd-compat
|
|
T72: Fix compilations warnings for unaligned variable access
|
|
As per the docs:
The openpty() function finds an available pseudoterminal and
returns file descriptors for the master and slave in amaster and
aslave. [...] If termp is not NULL, the terminal parameters
of the slave will be set to the values in termp. [...]
So openpty() would set the pty parameters to something undefined.
This undefinedness will be fixed by the later tcsetattr() call.
As a result, we don't need that parameter in the first place.
Additionally, fixes a -Wmaybe-uninitialized warning.
|
|
|
|
|
|
handling.
When a link has a relatively high throughput, the 32-bit packet and byte counters could overflow multiple times between accounting runs.
To accommodate this limitation, directly use 64-bit interface statistics.
This also gets rid of the internal giga-word counters.
|
|
Add missing dhcp end option on dhcp notify packet
|
|
- IPoE/DHCP4: Specify minimal suitable alignment explicitly.
We need to guarantee 2 byte alignment for the `hdr` pointer in
`ip_csum(uint16_t *buf)` calculation
- PPPOE: Suppress false-positive warning for `sockaddr_pppox`.
Similiar issue: https://github.com/kernelslacker/trinity/pull/40
- Introduce tmp variables to avoid alignment issues for SSTP/DHCPv6
For additional details:
https://phabricator.accel-ppp.org/T72
Signed-off-by: Volodymyr Huti <v.huti@vyos.io>
|
|
|
|
Fix ipv6 inside netns
|
|
This commit proposes to modify the log message in dhcpv6.c to include
the correct file name. It avoids confusion when reading the logs
|
|
T60: Implement configurable session-timeout param for all connection …
|
|
This fix allow to create the socket inside the netns for ipv6-dhcp module.
|
|
ipv6 auto-configuration generate error when link is
terminated inside netns. The error message is :
"ipv6_nd: setsockopt(SO_BINDTODEVICE): No such device"
This error is generated because socket is not created inside
the netns but it’s created in the default netns.
This fix allow to create the socket in the right place.
to propose this fix, i was inspired by :
issue : https://phabricator.accel-ppp.org/T68
commit : https://github.com/accel-ppp/accel-ppp/commit/f1d616d91914be493b6a32a96323fa871733f8e0
|
|
Per https://datatracker.ietf.org/doc/html/rfc1334#section-2.2.1:
Implementation Note: Because the Authenticate-Ack might be
lost, the authenticator MUST allow repeated Authenticate-
Request packets after completing the Authentication phase.
Protocol phase MUST return the same reply Code returned when
the Authentication phase completed (the message portion MAY be
different). Any Authenticate-Request packets received during
any other phase MUST be silently discarded.
|
