| Age | Commit message (Collapse) | Author |
|---|
|
|
|
If prefix length is 128 then send RA with 64 prefix length and add point-to-point ipv6 address on interface
|
|
If pool specified with /128 prefix length, then initialize intf_id by gw_ip6_address and peer_intf_id by generated pool address.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ppp: fix interface rename if kernel returns not zero, but picked index
|
|
|
|
config changes:
[ip-pool]
x.x.x.x/mask,name=pool1
y.y.y.y/mask,name=pool2,next=pool1
|
|
|
|
|
|
|
|
|
|
chap-secrets: add pool name support
|
|
Simplify previous commit, if 4th field isn't empty and doesn't
start with reserved chars (*-!), assume it as pool name.
Also, fix build warn without OPENSSL.
|
|
ppp: implement per-ctrl ppp interface rename support
|
|
Chap-secrets' ipdb uses 4th field as static peer ipv4 address. With no radius
and multiple same username sessions, it's impossible to use non-default pool
for such sessions.
Abuse chap-secret's 4th field as pool=name to specify session's pool name.
With ippool module loaded after chap-secrets (default order), it will be
used for allocation from the specified poll name.
Compatibility considerations:
* pppd will skip 'pool=*' with warn 'unknown host in auth. address list'
same as 5th field - shaper, because starting from 4th field pppd
parse list of value. so, no new effects here.
* previous versions of accel-ppp will parse 'pool=*' as empty address.
* with no 'pool=*' in chap-secrets or with no chap-secrets loaded, no
behavior change.
* with no ippool loaded, session will get no peer address.
* with ippool loaded before chap-secrets, chap-secrets's ipdb will not
be used, therefore neither ip addess not pool name will has no effect.
* if chap-secrets' pool is invalid or not found, default pool will be
used by ippool or address came from radius.
* chap-secret's pool name might override pool came from radius, if
radius module is loaded after chap-secrets and no address came from
radius.
|
|
Reuse exsisting radius functionality and allow set iterface name
template for pppoe/pptp/l2tp, '%d' specification will be replaced
automagically to the next available index by kernel.
PPP interface rename allows to easy differ client's interfaces from
the other ppp ones, for example, with just netfilter interface rules.
Example:
[pptp]
ifname=pptp%d will produce pptp0, pptp1, ...
|
|
|
|
|
|
|
|
|
|
|
|
pptp/l2tp: echo failure improvements
|
|
With incoming l2tp hello there's no need to ask peer for
replies in configured hello-interval, so just postpone it.
Helps against false-positive echo failures with heavily
loaded channels and/or peers.
|
|
With incoming pptp echo request there's no need to ask
peer for replies in configured echo-interval, so just
postpone it. Helps against false-positive echo failures
with heavily loaded channels and/or peers.
|
|
Sent echos counter is overloaded with random icmp id, so
echo-failure setting is either ignored or causes random pptp
channel stops within valid accumulated fail count range, i.e
on the the first fail. Since icmp id is not actually used for
checking, fix issue by dropping overload.
Default echo-failure value is 3, so allow endless echo fails
without channel drop by setting echo-failure to 0.
|
|
After session is freed on our end, kernel doesn't bother with possible
incoming data packets and just passes them to userspace, in turn
they are mistreated as short control packets with corresponding errors.
Since there's no special data packet handling, just ignore them.
|
|
default value for renew-time fixed
|
|
ipv6: nd: add non-/64 prefixes & AdvOnLinkFlag option support
|
|
|
|
print parsing
|
|
non-/64 subnets still needs Router Advertimenets for the
default route & RDNSS.
|
|
|
|
|
|
|
|
|
|
Assign opt82_ses=ses if shared=0
|
|
|
|
to get radius object use session:module("radius") function
radius object provides flollowing functions:
radius:attrs() - returns array of attributes {"name" = NAME, "vendor" = VENDOR|nil}
radius:attr(name[,vendor]) - returns value of attribute (may return multiple results)
Example:
function ip_up(ses)
rad = ses:module("radius")
attrs = rad:attrs()
if attrs then
print("attrs:")
for _,a in pairs(attrs) do
io.write("\t")
if a.vendor then io.write(a.vendor..":") end
io.write(a.name.."=")
print(rad:attr(a.name, a.vendor))
end
end
end
|
|
to access module specific object introduced new function session:module(NAME)
|
|
|
|
to lua scripts
session object consists of following functions:
ifname() - interface name
ifindex() - interface ifindex
sid() - Acct-Session-ID
uptime() - session uptime in seconds
username()
ctrl_type() - type of session (pppt/pppoe/l2tp/ipoe)
calling_sid() - Calling-Station-ID
called_sid() - Called-Station-ID
ipv4() - retuns pair (peer address, local address)
ipv6() - ipv6 address or nil
rx_bytes()
tx_bytes()
|
|
|
|
|
|
|
|
|
