diff options
| author | Guillaume Nault <g.nault@alphalink.fr> | 2013-06-06 14:25:15 +0200 |
|---|---|---|
| committer | Dmitry Kozlov <xeb@mail.ru> | 2013-06-06 17:26:40 +0400 |
| commit | 386ad8576077fedb7ed83c2bea078c1082701b03 (patch) | |
| tree | e80fb4cd690b346119108ec0762d1c2ee885d183 | |
| parent | 0b4e47b70a46ecbb1cdceae2cf2396f26e2ee99d (diff) | |
| download | accel-ppp-xebd-386ad8576077fedb7ed83c2bea078c1082701b03.tar.gz accel-ppp-xebd-386ad8576077fedb7ed83c2bea078c1082701b03.zip | |
l2tp: Optionally deactivate ephemeral ports
Define option 'use-ephemeral-ports' for accel-ppp.conf. When set
to 0, this option deactivates the use of ephemeral ports. That is,
accel-ppp won't choose an arbitrary source port when replying to a
tunnel establishment request, but will use the SCCRQ's destination
port instead.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
| -rw-r--r-- | accel-pppd/accel-ppp.conf.5 | 6 | ||||
| -rw-r--r-- | accel-pppd/ctrl/l2tp/l2tp.c | 10 |
2 files changed, 15 insertions, 1 deletions
diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5 index 0263358..f331ea6 100644 --- a/accel-pppd/accel-ppp.conf.5 +++ b/accel-pppd/accel-ppp.conf.5 @@ -436,6 +436,12 @@ If this option is given and .B n is greater than 0, then attributes sent in L2TP packets will be hidden (for AVPs that support it). +.TP +.BI "use-ephemeral-ports=" 0|1 +Specifies if an arbitrary source port is used when replying to a tunnel +establishment request. When this option is deactivated, the destination +port of the incoming request (SCCRQ) is used as source port for the +reply (SCCRP). Default value is 1. .SH [radius] .br Configuration of RADIUS module. diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c index 46c0be6..df8fda6 100644 --- a/accel-pppd/ctrl/l2tp/l2tp.c +++ b/accel-pppd/ctrl/l2tp/l2tp.c @@ -52,6 +52,7 @@ int conf_verbose = 0; int conf_hide_avps = 0; int conf_avp_permissive = 0; static int conf_port = L2TP_PORT; +static int conf_ephemeral_ports = 1; static int conf_timeout = 60; static int conf_rtimeout = 5; static int conf_retransmit = 5; @@ -2054,7 +2055,10 @@ static int l2tp_recv_SCCRQ(const struct l2tp_serv_t *serv, host_addr.sin_family = AF_INET; host_addr.sin_addr = pkt_info->ipi_addr; - host_addr.sin_port = 0; + if (conf_ephemeral_ports) + host_addr.sin_port = 0; + else + host_addr.sin_port = serv->addr.sin_port; conn = l2tp_tunnel_alloc(&pack->addr, &host_addr, framing_cap->val.uint32, 1, 1, @@ -3778,6 +3782,10 @@ static void load_config(void) if (opt && atoi(opt) >= 0) conf_verbose = atoi(opt) > 0; + opt = conf_get_opt("l2tp", "use-ephemeral-ports"); + if (opt && atoi(opt) >= 0) + conf_ephemeral_ports = atoi(opt) > 0; + opt = conf_get_opt("l2tp", "hide-avps"); if (opt && atoi(opt) >= 0) conf_hide_avps = atoi(opt) > 0; |