| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Notes:
svn path=/head/; revision=228990
|
|
|
|
| |
Notes:
svn path=/head/; revision=134833
|
|
|
|
| |
Notes:
svn path=/head/; revision=134789
|
|
|
|
|
|
|
| |
Suggested by: mike
Notes:
svn path=/head/; revision=102500
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Bump version number to 3.0.4
o When talking to a RADIUS server, provide a NAS-Port-Type.
When the NAS-Port-Type is Ethernet, provide a NAS-Port value equal
to the SESSIONID from the environment in direct mode or the
NGM_PPPOE_SESSIONID message in other modes. If no SESSIONID is found,
default to the interface index in client mode or zero in server mode.
When the NAS-Port-Type is ISDN, set the NAS-Port to the minor number
of the physical device (ie, the N in /dev/i4brbchN).
This makes it easier for the RADIUS server to identify the client
WRT accounting data etc.
Prompted by: lsz8425 <lsz8425@mail.cd.hn.cn>
Notes:
svn path=/head/; revision=96582
|
|
|
|
|
|
|
|
|
|
|
| |
just send PROTO_IP packets when we've got only one link up in multi-link
mode.
Problem noted by: Adrian Close <adrian@fernhilltec.com.au>
MFC after: 1 week
Notes:
svn path=/head/; revision=96552
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
inbound queue.
Submitted by: "Amit K. Rao" <arao@niksun.com>
PR: 37813
MFC after: 1 week
Also fix a typo while I'm here.
Notes:
svn path=/head/; revision=96159
|
|
|
|
|
|
|
| |
address family.
Notes:
svn path=/head/; revision=89422
|
|
|
|
| |
Notes:
svn path=/head/; revision=89420
|
|
|
|
| |
Notes:
svn path=/head/; revision=81902
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
structures (well, they're treated as opaque).
It's now possible to manage IPv6 interface addresses and routing
table entries and to filter IPV6 traffic whether encapsulated or
not.
IPV6CP support is crude for now, and hasn't been tested against
any other implementations.
RADIUS and IPv6 are independent of eachother for now.
ppp.linkup/ppp.linkdown aren't currently used by IPV6CP
o Understand all protocols(5) in filter rules rather than only a select
few.
o Allow a mask specification for the ``delete'' command. It's now
possible to specifically delete one of two conflicting routes.
o When creating and deleting proxy arp entries, do it for all IPv4
interface addresses rather than doing it just for the ``current''
peer address.
o When iface-alias isn't in effect, don't blow away manually (via ``iface
add'') added interface addresses.
o When listening on a tcp server (diagnostic) socket, bind so that a
tcp46 socket is created -- allowing both IPv4 and IPv6 connections.
o When displaying ICMP traffic, don't display the icmp type twice.
When display traffic, display at least some information about unrecognised
traffic.
o Bump version
Inspired after filtering work by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org>
Notes:
svn path=/head/; revision=81634
|
|
|
|
|
|
|
|
|
|
|
|
| |
static proxy arp entry is deleted.
Rename a function (for consistency) and remove some whitespace
(for readability).
MFC after: 1 week
Notes:
svn path=/head/; revision=80730
|
|
|
|
|
|
|
|
|
| |
This is necessary because MPPE will combine the protocol id with the
payload received on the tun interface, encrypt it, then prepend its
own protocol id, effectively increasing the payload by two bytes.
Notes:
svn path=/head/; revision=79165
|
|
|
|
|
|
|
| |
Make some functions static.
Notes:
svn path=/head/; revision=67912
|
|
|
|
|
|
|
|
|
|
|
| |
isn't open and the links MRU >= our MRRU, send outbound traffic as
PROTO_IP rather than PROTO_MP. This shaves some bytes off the front
of each packet 'till the second link is brought up.
Idea obtained from: Cisco
Notes:
svn path=/head/; revision=64780
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of the two when calculating the MP throughput average for the ``set
autoload'' implementation.
This makes more sense as all links I know of are full-duplex. This
also means that people may need to adjust their autoload settings
as 100% bandwidth is now the theoretical maximum rather than 200%
(but of course, halfing the current settings is probably not the
correct answer either!).
This involves a ppp version bump as we need to pass an extra
throughput array through the MP local domain socket.
Notes:
svn path=/head/; revision=64670
|
|
|
|
|
|
|
|
|
|
|
| |
cumulative total of all active links rather than basing it on the
total of PROTO_MP traffic.
This fixes a problem whereby Cisco routers send PROTO_IP packets only
when there's only one link (hmm, what a good idea!).
Notes:
svn path=/head/; revision=64652
|
|
|
|
|
|
|
| |
thorough an MP setup with only a single link.
Notes:
svn path=/head/; revision=63020
|
|
|
|
|
|
|
| |
peer enddisc/authname is different.
Notes:
svn path=/head/; revision=60778
|
|
|
|
|
|
|
| |
``struct descriptor'' -> ``struct fdescriptor''
Notes:
svn path=/head/; revision=58028
|
|
|
|
| |
Notes:
svn path=/head/; revision=55527
|
|
|
|
| |
Notes:
svn path=/head/; revision=54912
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
method avoided all race conditions, but suffered from
sometimes running out of buffer space if enough clients
were piled up at the same time.
Now, the client pushes the link descriptor, one end of a
socketpair() and the ppp version via sendmsg() at the
server. The server replies with a pid. The client then
transfers any link lock with uu_lock_txfr() and writev()s
the actual link contents. The socketpair is now the only
place we need to have large socket buffers and the bind()ed
socket can keep the default 4k buffer while still handling
around 90 racing clients.
Notes:
svn path=/head/; revision=53970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, ppp attempted to bind() to a local domain tcp socket
based on the peer authname & enddisc. If it succeeded, it listen()ed
and became MP server. If it failed, it connect()ed and became MP
client. The server then select()ed on the descriptor, accept()ed
it and wrote its pid to it then read the link data & link file descriptor,
and finally sent an ack (``!''). The client would read() the server
pid, transfer the link lock to that pid, send the link data & descriptor
and read the ack. It would then close the descriptor and clean up.
There was a race between the bind() and listen() where someone could
attempt to connect() and fail.
This change removes the race. Now ppp makes the RCVBUF big enough on a
socket descriptor and attempts to bind() to a local domain *udp* socket
(same name as before). If it succeeds, it becomes MP server. If it
fails, it sets the SNDBUF and connect()s, becoming MP client. The server
select()s on the descriptor and recvmsg()s the message, insisting on at
least two descriptors (plus the link data). It uses the second descriptor
to write() its pid then read()s an ack (``!''). The client creates a
socketpair() and sendmsg()s the link data, link descriptor and one of
the socketpair descriptors. It then read()s the server pid from the
other socketpair descriptor, transfers any locks and write()s an ack.
Now, there can be no race, and a connect() failure indicates a stale
socket file.
This also fixes MP ppp over ethernet, where the struct msghdr was being
misconstructed when transferring the control socket descriptor.
Also, if we fail to send the link, don't hang around in a ``session
owner'' state, just do the setsid() and fork() if it's required to
disown a tty.
UDP idea suggested by: Chris Bennet from Mindspring at FreeBSDCon
Notes:
svn path=/head/; revision=53684
|
|
|
|
|
|
|
|
|
|
| |
The original report was due to a mis-installation of the NetBS
header files :-/
Submitted by: Kazuyoshi Kato <kazk@yyy.or.jp>
Notes:
svn path=/head/; revision=51517
|
|
|
|
|
|
|
| |
Submitted by: Kazuyoshi Kato <kazk@yyy.or.jp>
Notes:
svn path=/head/; revision=51449
|
|
|
|
|
|
|
| |
alias_cmd -> nat_cmd after a repo-copy
Notes:
svn path=/head/; revision=51075
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(LCP/CCP/IPCP), one for urgent IP traffic and one for
everything else.
o Add the ``set urgent'' command for adjusting the list of
urgent port numbers. The default urgent ports are 21, 22,
23, 513, 514, 543 and 544 (Ports 80 and 81 have been
removed from the default priority list).
o Increase the buffered packet threshold from 20 to 30.
o Report the number of packets in the IP output queue and the
list of urgent ports under ``show ipcp''.
Notes:
svn path=/head/; revision=50867
|
|
|
|
| |
Notes:
svn path=/head/; revision=50479
|
|
|
|
|
|
|
|
|
|
|
|
| |
that ppp stays in the foreground.
o Add the -quiet switch to quieten ppps startup
o Add the -nat flag and discourage the use of the -alias flag. Both do
the same thing.
o Correct some nat usage strings.
o Change the internal ``alias'' command to ``nat''.
Notes:
svn path=/head/; revision=50059
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o If we're using RADIUS and the RADIUS mtu is less than our
peers mru/mrru, reduce our mtu to this value for NetBSD too.
o Make struct throughput's sample period dynamic and tweak the ppp
version number to reflect the extra stuff being passed through
the local domain socket as a result (MP mode).
o Measure the current throughput based on the number of samples actually
taken rather than on the full sample period.
o Keep the throughput statisics persistent while being passed to
another ppp invocation through the local domain socket.
o When showing throughput statistics after the timer has stopped, use
the stopped time for overall calculations, not the current time.
Also show the stopped time and how long the current throughput has
been sampled for.
o Use time() consistently in throughput.c
o Tighten up the ``show bundle'' output.
o Introduce the ``set bandwidth'' command.
o Rewrite the ``set autoload'' command. It now takes three arguments
and works based on a rolling bundle throughput average compared against
the theoretical bundle bandwidth over a given period (read: it's now
functional).
Notes:
svn path=/head/; revision=49434
|
|
|
|
|
|
|
|
|
| |
and denied. This is necessary for some MP implementations that
get confused if you accept their endpoint discriminator but reject
their MRRU.
Notes:
svn path=/head/; revision=47858
|
|
|
|
|
|
|
|
|
|
| |
having different speed links in a bundle. This would manifest itself
by having the link occasionally hang, but revive when a new connection
is made....
Make ``show mp'' a bit prettier.
Notes:
svn path=/head/; revision=47712
|
|
|
|
| |
Notes:
svn path=/head/; revision=47700
|
|
|
|
|
|
|
|
|
|
|
| |
o Show more information about missing MP fragments in ``show mp''.
o Do away with mbuf_Log(). It was showing mbuf stats twice on
receipt of LCP/CCP/IPCP packets.... ???!!?
o Pre-allocate a bit extra when creating LQR packets to avoid having
to allocate another mbuf in mbuf_Prepend().
Notes:
svn path=/head/; revision=47695
|
|
|
|
|
|
|
|
| |
mp_Assemble().
Leak spotted by: louqi
Notes:
svn path=/head/; revision=47577
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
being the same as the previous (still supported) ``host:port''
syntax for tcp socket devices.
A udp device uses synchronous ppp rather than async, and avoids
the double-retransmit overhead that comes with ppp over tcp (it's
usually a bad idea to transport IP over a reliable transport that
itself is using an unreliable transport). PPP over UDP provides
througput of ** 1.5Mb per second ** with all compression disabled,
maxing out a PPro/200 when running ppp twice, back-to-back.
This proves that PPPoE is plausable in userland....
This change adds a few more handler functions to struct device and
allows derivations of struct device (which may contain their own
data etc) to pass themselves through the unix domain socket for MP.
** At last **, struct physical has lost all the tty crud !
iov2physical() is now smart enough to restore the correct stack of
layers so that MP servers will work again.
The version number has bumped as our MP link transfer contents have
changed (they now may contain a `struct device').
Don't extract the protocol twice in MP mode (resulting in protocol
rejects for every MP packet). This was broken with my original
layering changes.
Add ``Physical'' and ``Sync'' log levels for logging the relevent
raw packets and add protocol-tracking LogDEBUG stuff in various
LayerPush & LayerPull functions.
Assign our physical device name for incoming tcp connections by
calling getpeername().
Assign our physical device name for incoming udp connections from
the address retrieved by the first recvfrom().
Notes:
svn path=/head/; revision=47061
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the layering.
We now ``stack'' layers as soon as we open the device (when we figure
out what we're dealing with). A static set of `dispatch' routines are
also declared for dealing with incoming packets after they've been
`pulled' up through the stacked layers.
Physical devices are now assigned handlers based on the device type
when they're opened. For the moment there are three device types;
ttys, execs and tcps.
o Increment version number to 2.2
o Make an entry in [uw]tmp for non-tty -direct invocations (after
pap/chap authentication).
o Make throughput counters quad_t's
o Account for the absolute number of mbuf malloc()s and free()s in
``show mem''.
o ``show modem'' becomes ``show physical''.
Notes:
svn path=/head/; revision=46686
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
details. Compiling with -DNORADIUS (the default for `release')
removes support.
TODO: The functionality in libradius::rad_send_request() needs
to be supplied as a set of routines so that ppp doesn't
have to wait indefinitely for the radius server(s). Instead,
we need to get a descriptor back, select() on the descriptor,
and ask libradius to service it when necessary.
For now, ppp blocks SIGALRM while in rad_send_request(), so
it misses PAP/CHAP retries & timeouts if they occur.
Only PAP is functional. When CHAP is attempted, libradius
complains that no User-Password has been specified... rfc2138
says that it *mustn't* be used for CHAP :-(
Sponsored by: Internet Business Solutions Ltd., Switzerland
Notes:
svn path=/head/; revision=43313
|
|
|
|
|
|
|
|
|
|
|
| |
shortseq, authname and authkey.
o Auth{name,key} may additionally be set in PHASE_ESTABLISH.
o The others may be set in PHASE_ESTABLISH as long as no links
have yet reached DATALINK_LCP.
Notes:
svn path=/head/; revision=40622
|
|
|
|
|
|
|
|
| |
non-char types on non-i386 architectures.
On Alpha and Sparc we get a bus error if we do.
Notes:
svn path=/head/; revision=38814
|
|
|
|
|
|
|
| |
Forgotten by: me
Notes:
svn path=/head/; revision=38557
|
|
|
|
|
|
|
|
|
|
|
| |
anything for two mintues (see ``set choked'' and ``show
bundle''), nuke the ip, mp and link level buffer queues.
This should fix problems where ``ppp -auto'' seems to stop
responding after failing to connect to the peer a few times.
Notes:
svn path=/head/; revision=38544
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
allow a fifth field for specifying auth/cbcp dialback
parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.
Notes:
svn path=/head/; revision=38174
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o If we've denied and disabled all compression protocols, stay
in ST_INITIAL and do an LCP protocol reject if we receive any
CCP packets.
o If we've disabled all compression protocols, go to ST_STOPPED
and wait for the other side to ask for something.
o If we've got anything enabled, start REQing as soon as the auth
layer is up.
o If we're in multilink mode, than the link level CCP goes
straight to ST_STOPPED irrespective of what's configured so that
we never try to compress compressed stuff by default.
Notes:
svn path=/head/; revision=37320
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
end up writing zero bytes, sleep for 1/10 of a second so that
we don't end up using up too much cpu.
This should only ever happen on systems that wrongly report a
descriptor as writable despite the tty buffer being full.
Discussed with: Jeff Evarts
o Do an initial run-time check to see if select() alters the passed
timeval. This knowledge isn't yet used, but will be soon.
Notes:
svn path=/head/; revision=37141
|
|
|
|
|
|
|
|
| |
state machine back to ST_INITIAL without going
through any unnecessary TLS/TLF pairs.
Notes:
svn path=/head/; revision=37060
|
|
|
|
|
|
|
|
|
| |
something that can't happen happens or when everyone
needs to know. ERRORs are only logged when something
unexpected happens.
Notes:
svn path=/head/; revision=37019
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Bring the static ``ttystate'' into struct prompt so that
the tilde context is per prompt and not global.
o Comment the remaining static variables so that it's
clear why they're static.
o Add some XXX comments suggesting that our interface list
and our hostname should be re-generated after a signal
(say SIGUSR1) so that a machine with PCCARDs has a chance.
Notes:
svn path=/head/; revision=37010
|
|
|
|
|
|
|
|
| |
when running ``link * load label'' as we ended up recursing
back into command_Interpret after nuking our command arg list.
Notes:
svn path=/head/; revision=37009
|