| Age | Commit message (Collapse) | Author |
|---|
|
If set to 1 then allocate unit (interface) before authorization, so Nas-Port and Nas-Port-Id would be defined in Access-Request phase
|
|
If start=auto is specified then accel-pppd automatically starts session with username = interface name on shared=0 interfaces.
Use it with conjuction vlan_mon. So any packet may start session.
|
|
local-net is used to filter incomming packets which may start UP session
|
|
|
|
|
|
|
|
This option specifies value of Calling-Station-Id value.
Available options are 'mac' and 'ip'.
|
|
Default behaviour of accel-ppp when it receives DHCP request with same Option 82 but different MAC address
is termination of old session (with previous MAC address).
This option can turn off such behaviour, so multiple sessions with same Option 82 but different MAC may coesist.
|
|
|
|
If password=csid then password will we same as Calling-Station-Id.
|
|
If specified then fwmark filters will be installed to bypass shaper
|
|
shaper: introduced moderate-quantum option
If fixed quantum is not specified and moderate-quantum is specified then shaper module
will check for quantum value to be in valid range (1000-200000).
This suppresses annoying kernel messages.
Remark: quantum is rate/r2q, rate is in bytes/sec.
|
|
If authentication rejects session, but l4-redirect-on-reject is specified in config then
temporary session will be created and l4 redirect rule will be applied to IP of that session.
Session will be terminated after specified number of seconds.
Also if l4-redirect-ip-pool option is specified then IP will be allocated from that special pool.
|
|
|
|
If verbose=0 then cli won't produce any logging
if verbose=1 then log only connections
if verbose=2 then log also executed commands
|
|
|
|
Parameters are same as for tc:
[shaper]
leaf-qdisc=fq_codel [ limit PACKETS ] [flows NUMBER ] [ target TIME ] [ interval TIME ] [ quantum BYTES ] [ [no]ecn ]
|
|
If specified then accel-ppp will send tunnel type as string (pppoe,pptp,l2tp,ipoe).
|
|
New options are applied to server option as server=...[,weight=x][,backup]
Weight is used for multi-server configurations (larger weight takes more users).
Backup is used to mark backup server f.e. server which will be used only if all other servers are failed.
|
|
By default list of IP address is serial at startup.
This option shuffles initial IP list so it becomes more random.
|
|
This new option will control how to represent Called-Station-ID.
Its value maybe ifname,mac or ifname:mac.
By default mac is used to keep compatibility with old versions.
Also old option ifname-in-sid is removed from documentation, but is still supported for compatibility.
|
|
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
* Set default retransmission timeout to 1 second. Since we now have
exponential backoff, we can afford a smaller value.
* Add the rtimeout-cap option to set the maximum value the
retransmission timer has to respect during exponential backoff.
* Store the maximun number of retransmissions in tunnel's structure
(like other retransmission parameters).
* Describe all these changes in man page and reset them to their
default values if they're removed from configuration file before a
reload.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Add the recv-window option in accel-ppp.conf.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
This new option is pattern for naming newly created vlans.
Pattern may contain following macros:
%I - name of parent interface
%N - number of vlan
By default vlan-name=%I.%N
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
Signed-off-by: Vladislav Grishenko <themiron@mail.ru>
|
|
|
|
|
|
|
|
|
|
|
|
radius sends in different basis
|
|
Acct-Status-Type=Accounting-On on startup and Acct-Status-Type=Accounting-Off on shutdown
|
|
As the maximum acceptable MTU for an L2TP link may vary depending on
IP and L2TP packet headers options, it is better to make it
configurable so that an administrator can adapt it to its network
constraints.
Use the original value (1420) as default.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Disable use of ephemeral ports by default since it poses problems with
NAT and wasn't used in earlier versions of accel-ppp.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
address and mask if radius can assign only client address
|
|
|
|
Fix indentation of sections 'log' and 'ip-pool'.
Remove space before comma in section 'chap-secret/username-hash'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Define option 'use-ephemeral-ports' for accel-ppp.conf. When set
to 0, this option deactivates the use of ephemeral ports. That is,
accel-ppp won't choose an arbitrary source port when replying to a
tunnel establishment request, but will use the SCCRQ's destination
port instead.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Add option "hide-avps" in the "l2tp" section for hiding attributes
sent to peer. This same option is also made available on accel-ppp's
command line interface:
accel-ppp# tunnel create tunnel peer-addr 192.0.2.1 hide-avps 1
Attribute hiding is performed upon attribute creation (in the
l2tp_packet_add_*() functions family) rather than upon packet sending.
This avoid running the cipher for every retransmission; the counterpart
is that l2tp_packet_print() can't dump original attributes of hidden
AVPs.
Currently, only one random vector is used for all hidden AVPs in a
packet. This is easily extensible though, as the 'last_RV' field in
struct l2tp_packet_t may be overridden to use new vectors for next
AVPs.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
