| Age | Commit message (Collapse) | Author |
|---|
|
shaper: introduced moderate-quantum option
If fixed quantum is not specified and moderate-quantum is specified then shaper module
will check for quantum value to be in valid range (1000-200000).
This suppresses annoying kernel messages.
Remark: quantum is rate/r2q, rate is in bytes/sec.
|
|
If authentication rejects session, but l4-redirect-on-reject is specified in config then
temporary session will be created and l4 redirect rule will be applied to IP of that session.
Session will be terminated after specified number of seconds.
Also if l4-redirect-ip-pool option is specified then IP will be allocated from that special pool.
|
|
|
|
If verbose=0 then cli won't produce any logging
if verbose=1 then log only connections
if verbose=2 then log also executed commands
|
|
|
|
Parameters are same as for tc:
[shaper]
leaf-qdisc=fq_codel [ limit PACKETS ] [flows NUMBER ] [ target TIME ] [ interval TIME ] [ quantum BYTES ] [ [no]ecn ]
|
|
If specified then accel-ppp will send tunnel type as string (pppoe,pptp,l2tp,ipoe).
|
|
New options are applied to server option as server=...[,weight=x][,backup]
Weight is used for multi-server configurations (larger weight takes more users).
Backup is used to mark backup server f.e. server which will be used only if all other servers are failed.
|
|
By default list of IP address is serial at startup.
This option shuffles initial IP list so it becomes more random.
|
|
This new option will control how to represent Called-Station-ID.
Its value maybe ifname,mac or ifname:mac.
By default mac is used to keep compatibility with old versions.
Also old option ifname-in-sid is removed from documentation, but is still supported for compatibility.
|
|
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
* Set default retransmission timeout to 1 second. Since we now have
exponential backoff, we can afford a smaller value.
* Add the rtimeout-cap option to set the maximum value the
retransmission timer has to respect during exponential backoff.
* Store the maximun number of retransmissions in tunnel's structure
(like other retransmission parameters).
* Describe all these changes in man page and reset them to their
default values if they're removed from configuration file before a
reload.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Add the recv-window option in accel-ppp.conf.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
This new option is pattern for naming newly created vlans.
Pattern may contain following macros:
%I - name of parent interface
%N - number of vlan
By default vlan-name=%I.%N
Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
|
|
Signed-off-by: Vladislav Grishenko <themiron@mail.ru>
|
|
|
|
|
|
|
|
|
|
|
|
radius sends in different basis
|
|
Acct-Status-Type=Accounting-On on startup and Acct-Status-Type=Accounting-Off on shutdown
|
|
As the maximum acceptable MTU for an L2TP link may vary depending on
IP and L2TP packet headers options, it is better to make it
configurable so that an administrator can adapt it to its network
constraints.
Use the original value (1420) as default.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Disable use of ephemeral ports by default since it poses problems with
NAT and wasn't used in earlier versions of accel-ppp.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
address and mask if radius can assign only client address
|
|
|
|
Fix indentation of sections 'log' and 'ip-pool'.
Remove space before comma in section 'chap-secret/username-hash'.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Define option 'use-ephemeral-ports' for accel-ppp.conf. When set
to 0, this option deactivates the use of ephemeral ports. That is,
accel-ppp won't choose an arbitrary source port when replying to a
tunnel establishment request, but will use the SCCRQ's destination
port instead.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
Add option "hide-avps" in the "l2tp" section for hiding attributes
sent to peer. This same option is also made available on accel-ppp's
command line interface:
accel-ppp# tunnel create tunnel peer-addr 192.0.2.1 hide-avps 1
Attribute hiding is performed upon attribute creation (in the
l2tp_packet_add_*() functions family) rather than upon packet sending.
This avoid running the cipher for every retransmission; the counterpart
is that l2tp_packet_print() can't dump original attributes of hidden
AVPs.
Currently, only one random vector is used for all hidden AVPs in a
packet. This is easily extensible though, as the 'last_RV' field in
struct l2tp_packet_t may be overridden to use new vectors for next
AVPs.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
|
|
Add entries in accel-ppp.conf.5 for configuration options defined by
the CLI module.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
|
|
* l2tp: Fix allocation checking when adding octets AVP
* cli, tcp: Fix non-NULL terminated string reception
* Fix va_end() missing calls
* chap-secrets: implemented encryption
* auth_pap: make messages like other auth modules
* cli: check xmit_buf is not null at enter to write function
* pppoe: implemented regular expression support
* chap-secrets: implemented encryption
* ippool: fixed initialization order
* optional shaper compiling
* ppp: dns/wins code cleanup
|
|
|
|
|
|
|
|
|
|
If enabled accel-pppd will not destroy interface immediately after corresponding session is terminated, instead interface will be brought down and placed to cache for later use for new sessions.
It should reduce kernel interface creation/deletion rate lack and increase responsibility of daemon
|
|
|
|
|
|
|
|
containes pool name
|
