Commit Graph

283 Commits

Author SHA1 Message Date
Brian Somers
4faec43070 Add ``show layers'' to see the protocol layering for a link. 1999-05-15 02:24:18 +00:00
Brian Somers
6815097bf7 Allow `host:port/udp'' devices and support `host:port/tcp'' as
being the same as the previous (still supported) ``host:port''
syntax for tcp socket devices.

A udp device uses synchronous ppp rather than async, and avoids
the double-retransmit overhead that comes with ppp over tcp (it's
usually a bad idea to transport IP over a reliable transport that
itself is using an unreliable transport).  PPP over UDP provides
througput of ** 1.5Mb per second ** with all compression disabled,
maxing out a PPro/200 when running ppp twice, back-to-back.

This proves that PPPoE is plausable in userland....

This change adds a few more handler functions to struct device and
allows derivations of struct device (which may contain their own
data etc) to pass themselves through the unix domain socket for MP.
** At last **, struct physical has lost all the tty crud !

iov2physical() is now smart enough to restore the correct stack of
layers so that MP servers will work again.

The version number has bumped as our MP link transfer contents have
changed (they now may contain a `struct device').

Don't extract the protocol twice in MP mode (resulting in protocol
rejects for every MP packet).  This was broken with my original
layering changes.

Add ``Physical'' and ``Sync'' log levels for logging the relevent
raw packets and add protocol-tracking LogDEBUG stuff in various
LayerPush & LayerPull functions.

Assign our physical device name for incoming tcp connections by
calling getpeername().

Assign our physical device name for incoming udp connections from
the address retrieved by the first recvfrom().
1999-05-12 09:49:12 +00:00
Brian Somers
5d9e610366 o Redesign the layering mechanism and make the aliasing code part of
the layering.

  We now ``stack'' layers as soon as we open the device (when we figure
  out what we're dealing with).  A static set of `dispatch' routines are
  also declared for dealing with incoming packets after they've been
  `pulled' up through the stacked layers.

  Physical devices are now assigned handlers based on the device type
  when they're opened.  For the moment there are three device types;
  ttys, execs and tcps.

o Increment version number to 2.2
o Make an entry in [uw]tmp for non-tty -direct invocations (after
  pap/chap authentication).
o Make throughput counters quad_t's
o Account for the absolute number of mbuf malloc()s and free()s in
  ``show mem''.
o ``show modem'' becomes ``show physical''.
1999-05-08 11:07:56 +00:00
Brian Somers
7884358fdd Add support for NetBSD 1999-04-26 08:54:34 +00:00
Brian Somers
fe3094cdd7 Allow port ranges in ``alias port''. 1999-03-25 23:36:25 +00:00
Brian Somers
521e2a5300 Don't forget to fully initialise the configured values
for MYADDR and HISADDR in ``set ifaddr'' so that unspecified
values don't end up retaining their `width'.
1999-03-19 00:05:32 +00:00
Brian Somers
50a63ab997 Support PPTP via libalias (``alias pptp addr''). 1999-03-07 18:13:44 +00:00
Brian Somers
d318fe8e17 Support proxying & transparent proxying curtesy of libalias(3).
Order the alias command descriptions.
Order the SEE ALSO entries.
1999-03-07 15:02:38 +00:00
Brian Somers
c11e57a340 Extend the ``set redial'' command to allow incremental
redial timeouts.
1999-03-04 17:42:15 +00:00
Brian Somers
bc76350ef9 Correct some ntohl/htonl bogons in the netmask handling.
This was pretty harmless as netmasks on a POINTOPOINT
interface are pretty much ignored, but it looked funny.

Mention the configured netmask in ``show ipcp''.

Describe in more detail what a proxy arp entry is.
1999-03-03 23:00:41 +00:00
Brian Somers
479508cf28 Allow control over the number of ConfigREQ & TermREQ attempts
that are made in each of the FSMs (LCP, CCP & IPCP) and the
number of REQs/Challenges for PAP/CHAP by accepting more arguments
in the ``set {c,ip,l}cpretry'' and ``set {ch,p}apretry'' commands.

Change the non-convergence thresholds to 3 times the number of configured
REQ tries (rather than the previous fixed ``10'').  We now notice
repeated NAKs and REJs rather than just REQs.

Don't suggest that CHAP 0x05 isn't supported when it's not configured.

Fix some bugs that expose themselves with smaller numbers of retries:
o Handle instantaneous disconnects (set device /dev/null) correctly
  by stopping all fsm timers in fsm2initial.
o Don't forget to uu_unlock() devices that are files but are not
  ttys (set device /dev/zero).

Fix a *HORRENDOUS* bug in RFC1661 (already fixed for an Open event in state
``Closed''):
  According to the state transition table, a RCR+ or RCR- received in
  the ``Stopped'' state are supposed to InitRestartCounter, SendConfigReq
  and SendConfig{Ack,Nak}.  However, in ``Stopped'', we haven't yet
  done a TLS (or the last thing we did is a TLF).  We must therefore
  do the TLS at this point !

  This was never noticed before because LCP and CCP used not use
  LayerStart() for anything interesting, and IPCP tends to go into
  Stopped then get a Down because of an LCP RTR rather than getting a
  RCR again.
1999-02-26 21:28:14 +00:00
Brian Somers
26baedc5e4 Parse IP addresses more securely - specifically, don't allow
a bum name to return as 0.0.0.0... we don't want ``delete xxx''
to delete the default route when xxx doesn't resolve.

Support IP number specifications as the host when specifying
a tcp-style device (rather than *just* hostnames).
1999-02-25 20:05:55 +00:00
Brian Somers
5e31549897 Fully support both NT and LANMan CHAP type 0x80 as both
authenticator and authenticatee.
1999-02-18 00:52:15 +00:00
Brian Somers
6b4286e0f5 Wait by default for one second after the login script
is complete before checking carrier.  If it's there,
the device supports carrier.  If it's not it doesn't.

Add the ``set cd'' command for deciding how soon to check
for carrier, and for deciding if carrier is REQUIRED.

The default has changed:  Pre 2.0 versions of ppp waited
for 1 second.  Version 2 didn't wait, but this causes
problems with some (few?) modems that don't assert carrier
immediately on reporting CONNECT.  The one second delay
is back now and can be removed with ``set cd 0''.

Bump the ppp version number in case this needs to be changed
again....
1999-02-16 00:16:56 +00:00
Brian Somers
58330d7bfa When resending chap challenges, resend the same challenge
each time rather than making up a new one.

Increase the authname/authkey max sizes to 100 characters.

Allow ``authkey'' specifications beginning with ``!''.
When a challenge is received, the text following the
``!'' is executed as a program (expanding stuff in the same
way that ``sh'' and ``!bg'' do).  The program is passed the
peer name, peer challenge and local ``authname'' on standard
input and is expected to output the name/key combination that
should be used to build the CHAP response.

This provides support for Secure ID cards (guess what I was
given at work recently!) using CHAP.

Examples will follow.
1999-02-11 10:14:08 +00:00
Brian Somers
4026c3661c Version 2.0 > 2.1 to reflection RADIUS additions. 1999-01-28 09:40:15 +00:00
Brian Somers
972a1bcf5d Initial RADIUS support (using libradius). See the man page for
details.  Compiling with -DNORADIUS (the default for `release')
removes support.

TODO: The functionality in libradius::rad_send_request() needs
      to be supplied as a set of routines so that ppp doesn't
      have to wait indefinitely for the radius server(s).  Instead,
      we need to get a descriptor back, select() on the descriptor,
      and ask libradius to service it when necessary.
      For now, ppp blocks SIGALRM while in rad_send_request(), so
      it misses PAP/CHAP retries & timeouts if they occur.

      Only PAP is functional.  When CHAP is attempted, libradius
      complains that no User-Password has been specified... rfc2138
      says that it *mustn't* be used for CHAP :-(

Sponsored by: Internet Business Solutions Ltd., Switzerland
1999-01-28 01:56:34 +00:00
Brian Somers
87766c5694 Allow a variable as the first arg to ``set proctitle''. 1998-12-14 01:15:34 +00:00
Brian Somers
c2896afbb9 Don't delete the primary interface address when
``iface clean'' is used in auto mode while there
are no active links.
1998-11-05 21:59:48 +00:00
Brian Somers
7cf368eb42 Allow multiple systems (config labels) on the command
line and in the ``load'' & ``dial'' commands.  The last
label loaded becomes the current label name.
Only require a label for -auto mode.
1998-10-31 17:38:47 +00:00
Brian Somers
0f781a7252 Add ``set proctitle'' for changing argv[0]. All substitutions
are done in the same way as command execution.

For example, ``set proctitle USER INTERFACE PROCESSID'' would
be useful in a -direct profile for identifying who's connected.
1998-10-27 22:53:22 +00:00
Brian Somers
a237dcba17 Add ``PROCESSID'' as a constant expanded when running
commands.
1998-10-27 22:53:19 +00:00
Brian Somers
3535dfb0be Shuffle the iface-alias option so that's in alphabetical
order like the rest of the options.
1998-10-26 19:07:42 +00:00
Brian Somers
3afe5ccb75 Add ``enable proxyall'' support. This adds proxy ARP entries
for every machine on every class C or smaller subnet that we
route to.
Add ``set {send,recv}pipe'' for controlling our socket buffer
sizes.
Mention the IP number with the problem in a few error messages.
All submitted by:     Craig Leres <leres@ee.lbl.gov>
Modified slightly by: me
1998-10-26 19:07:39 +00:00
Brian Somers
17871c5f6c Fix the interface alias code. Previously, I was expecting something
like

tun0: flags=blah
	10.0.0.1 -> 10.0.0.100
	10.0.0.2 -> 10.0.0.100
	10.0.0.3 -> 10.0.0.100

to DTRT, despite the SIOCAIFADDR for each new alias returning
-1 & EEXIST while adding the alias anyway.  In real life, once
we have the second alias with the same destination, nothing will
route any more !  Also, because I was ignoring EEXIST, the
dynamic IP assignment code was assigning duplicate addresses
('cos it was being lied to by iface_inAdd()).

Now we have

tun0: flags=blah
	10.0.0.1 -> 255.255.255.255
	10.0.0.2 -> 10.0.0.100
	10.0.0.3 -> 255.255.255.255

This works - stuff bound to 10.1 & 10.3 will be considered alive
by the kernel, and when they route back to the tun device, the
packets get aliased to 10.2 and go out to 10.100 (as with the
original plan).

We still see the EEXIST in SIOCAIFADDR, but ignore it when our
destination is 255.255.255.255, assuming that the alias *was*
actually added.

Additionally, ``iface add'' may now optionally be given only
the interface address.  The mask & destination default to
255.255.255.255.
1998-10-26 19:07:36 +00:00
Brian Somers
9b5f8ffdc6 Loosen our restrictions on setting enddisc, mrru,
shortseq, authname and authkey.

o Auth{name,key} may additionally be set in PHASE_ESTABLISH.
o The others may be set in PHASE_ESTABLISH as long as no links
  have yet reached DATALINK_LCP.
1998-10-24 01:08:45 +00:00
Brian Somers
8fa6ebe47d Solve the ``first connection'' problem that occurs on
demand-dial links with dynamic IP numbers where the program
that causes the dial bind()s to an interface address that is
subsequently changed after ppp negotiation.

The problem is defeated by adding negotiated addresses to the
tun interface as additional alias addresses and providing a set
of ``iface'' commands for managing the interface.  Libalias is
also required (and what a name clash!) - it happily IP-aliases
the address so that the source is that of the primary (negotiated)
interface and un-IP-aliases it on the way back.

An ``enable iface-alias'' is done implicitly by the -alias command
line switch.  If -alias isn't given, iface-aliasing is disabled by
default and can't be enabled 'till an ``alias enable yes'' is done.
``alias enable no'' silently disables iface-alias.

So, for dynamic-IP-type-connections, running ``ppp -alias -auto blah''
will work for the first connection, although existing bindings will
not survive a disconnect/connect as the TCP peer will be trying to
send to the old IP address - the packets won't route.

It's now a lot easier to add IPXCP to ppp with minor updates to
the new iface.[ch] (if anyone ever gets 'round to it).

It's also now possible to manually add interface aliases with
something like ``iface add 1.2.3.4/24 5.6.7.8''.  This allows
multi-homed ppp links :-)
1998-10-22 02:32:50 +00:00
Brian Somers
571b60bf70 Move help displays left one column to avoid problems with
broken terminals that can't handle 80 columns followed by
a linefeed.
Pointed out by: bde@FreeBSD.org
1998-10-17 12:28:05 +00:00
Brian Somers
1595bacdf6 Sync with OpenBSD ifdefs 1998-09-17 00:45:27 +00:00
Brian Somers
131ef891c7 Add the following word substitutions when running a shell
command:
  AUTHNAME:     The local authname
  ENDDISC:      The local endpoint discriminator
  LABEL:        The configuration label in use
  PEER_ENDDISC: The peers endpoint discriminator
  USER:         The peers authname
1998-08-29 23:02:42 +00:00
Brian Somers
080a2247c2 Allow the use of HISADDR, MYADDR and INTERFACE as words
embedded in the args of a "shell" or "!bg" command, and
only accept upper case versions.

We can now do:
  ! sh -c "ifconfig INTERFACE >/tmp/myfile"
1998-08-29 23:02:39 +00:00
Brian Somers
e227fded3f Mention `cbcp'' in `set log ?'' 1998-08-29 18:37:02 +00:00
Brian Somers
37d818fb21 Fix some OpenBSD/alpha warnings 1998-08-26 18:07:57 +00:00
Brian Somers
5a72b6eda3 Put the IP buffer queues into struct ipcp.
Forgotten by: me
1998-08-26 17:39:37 +00:00
Brian Somers
6f8e9f0a8a If we've got a full output buffer queue and cannot send
anything for two mintues (see ``set choked'' and ``show
bundle''), nuke the ip, mp and link level buffer queues.

This should fix problems where ``ppp -auto'' seems to stop
responding after failing to connect to the peer a few times.
1998-08-25 17:48:43 +00:00
Brian Somers
92b0955883 o Support callback types NONE, E.164, AUTH and CBCP.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
  ``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
  allow a fifth field for specifying auth/cbcp dialback
  parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
  rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.
1998-08-07 18:42:51 +00:00
Brian Somers
c31ac0b396 Always dial immediately on `open'', dial'' and `call''.
We don't need a ``!''.
1998-07-31 19:50:24 +00:00
Brian Somers
ba23f3976a Allow an optional ``!'' in the open, dial & call commands.
When used, the redial timer is ignored and the modem is
opened immediately.
1998-07-29 18:21:17 +00:00
Brian Somers
2062443fd7 Silence ``Network unreachable'' warnings when using
``add .... HISADDR''.  The network will never be
reachable at this point unless we're in -auto or reading
the command from ppp.linkup.

We can now run the following lines and get the expected
results:

  set ifaddr 1.2.3.4/0 5.6.7.8/0
  add default HISADDR

where a route is added immediately in auto mode and the
whole thing is delayed 'till the IP numbers have been
agreed in other modes.

Essentially, ppp.linkup is no longer required.
1998-07-28 21:54:54 +00:00
Brian Somers
3b09372a14 Correct enable/disable handling (broken when ironing out
32/64 bit issues recently).
1998-07-12 00:30:18 +00:00
Brian Somers
0dcb215a89 Don't require context when there's only one link
for ``open lcp''
1998-07-04 22:03:56 +00:00
Brian Somers
274211d743 Version 2.0-beta becomes 2.0 :-) 1998-07-04 10:24:49 +00:00
Brian Somers
3a2e4f621c o Fix remaining sizeof problems for 64 bit machines.
o Allow ``set ....'' when we have multiple links but aren't in
  multilink mode.
o Do a TLS when we receive a ``Open'' event in ``Closed'' state,
  despite the rfc state transition table.  This is clearly an
  error in the RFC as TLS cannot have yet been called (without
  TLF) in the ``Closed'' state.
  I've posted a message to comp.protocols.ppp for confirmation.
1998-06-27 23:48:54 +00:00
Brian Somers
10a9be1e88 Remove redundant includes 1998-06-27 14:18:15 +00:00
Brian Somers
615ad4f957 Don't dlopen()/dlsym() libalias, use it in the same way
as the rest of the world uses libraries.
1998-06-27 14:17:28 +00:00
Brian Somers
897f9429f9 Add `ipcp'' as an optional argument to `open'', and make
open capable of re-negotiatiating the various layers.

It is now possible to change various link options and then
re-open the relevant layer, making the changes effective -
for example, switching off VJ compression or starting ECHO
LQRs on-the-fly.
1998-06-25 22:33:31 +00:00
Brian Somers
09206a6f2a Create & use fsm2initial(), a function to bring a
state machine back to ST_INITIAL without going
through any unnecessary TLS/TLF pairs.
1998-06-20 00:19:42 +00:00
Brian Somers
c12b786782 o Allow `set mrru'' or `set mrru 0'' to disable
multi-link mode.
o Fix a typo in the ``set mrru'' description.
1998-06-16 23:23:57 +00:00
Brian Somers
a33b2ef772 Change some log levels. ALERTs are only logged when
something that can't happen happens or when everyone
needs to know.  ERRORs are only logged when something
unexpected happens.
1998-06-16 19:40:42 +00:00
Brian Somers
899011c4eb Don't bring the modem offline or hangup when ``down lcp''
is done.  Instead, behave like ``close lcp''.
1998-06-16 19:40:28 +00:00