d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
58,247 Commits 4 Branches 49 Tags 2 GiB
d78fa50ae3
Commit Graph

1037 Commits

Author SHA1 Message Date
brian
229a59bc61 Merge some OpenBSD/NetBSD fixes to the recent MPPE/CHAP0x81 update. 2000-11-05 03:25:09 +00:00
brian
6883207ac0 Don't ignore the return from tcsetattr() - moan about it instead. 
Suggested by: Andre Albsmeier <andre@akademie3000.de>
 2000-10-31 23:27:35 +00:00
hosokawa
11f32dfee0 Forgotten RELEASE_CRUNCH hack for mppe.c. 
This fix is for "make release" and "make boot.flp".
 2000-10-31 05:00:25 +00:00
brian
7ad8d82169 Use the new-style ngpppoe_init_data structure. 
Approved by: archie
 2000-10-31 02:46:12 +00:00
brian
8e712f5e48 Mention that ``nat deny_incoming'' drops unrecognised IP packets. 
Requested by: kris
 2000-10-31 02:25:54 +00:00
brian
77cc3172cc Drop PKT_ALIAS_IGNORED packets if ``nat deny_incoming yes'' is in effect. 
Approved by: rwatson, ru
 2000-10-30 18:02:01 +00:00
brian
9814de693a Add ``all'' logging. 
Submitted by: eivind
 2000-10-30 00:15:35 +00:00
brian
3d1630ef60 Bump our version to reflect the recent MPPE additions (and ccp struct 
size change).
 2000-10-30 00:15:34 +00:00
brian
aed543648b Move the MPPE keysize display in ``show ccp''. 2000-10-30 00:15:33 +00:00
brian
6d9a542bce Various whitespace changes. 
Make some functions static.
 2000-10-30 00:15:29 +00:00
brian
09731f0efc staticise mbuftype() 2000-10-30 00:15:27 +00:00
brian
06792c58d5 Add MPPE and MSChap v2 support (denied and disabled by default) 
Submitted by: Ustimenko Semen <semen@iclub.nsu.ru>
 2000-10-30 00:15:04 +00:00
brian
a03de14c0e Ignore ``#'' properly when told to 2000-10-28 23:56:03 +00:00
brian
e0b21f67bf Report the type of mbuf that couldn't be allocated before 
aborting ppp.
 2000-10-27 05:34:40 +00:00
brian
5ac0f571f0 Use rad_acct_open() instead of rad_auth_open(). 
Suggested by: Victor Ivanov <v0rbiz@icon.bg>
 2000-10-15 01:05:57 +00:00
brian
1d71e8b7ce Don't define NOATM now that /usr/include/netnatm/ is created properly. 2000-10-15 00:46:58 +00:00
brian
4d8e577298 If write() gives -1/ENOBUFS, keep the packet and sleep for 1/10th 
of a second before attempting to write it again (unless there's
something else to do instead).
 2000-10-09 22:49:44 +00:00
brian
38c4d01137 Create fd_sets big enough to handle getdtablesize() descriptors. 2000-10-09 21:18:23 +00:00
brian
b48cc31f09 Fix some style nits 2000-09-14 22:03:13 +00:00
brian
54bef4135c Support PPPoATM, disabled for now as /usr/include/netnatm doesn't exist 
Submitted by: Jakob Stoklund Olesen <stoklund@taxidriver.dk>
 2000-09-14 22:02:54 +00:00
brian
3ca5232d93 Understand IPPROTO_ESP and IPPROTO_AH packets 
Submitted by: Angelos D. Keromytis <angelos@dsl.cis.upenn.edu>
 2000-09-14 18:01:54 +00:00
brian
1c08fd2080 Spelling police 
Submitted by:	des
 2000-09-06 21:02:06 +00:00
brian
e9aa407589 libutil.h is no longer required for setproctitle() 2000-09-02 02:16:51 +00:00
rse
f1908a0e71 Fix resolv.conf line hint: "name-server" -> "nameserver" 2000-08-31 11:13:20 +00:00
brian
ed0f07d9dd Use arc4random() instead of random() 2000-08-31 00:45:24 +00:00
brian
543225026f Don't treat two or more whitespace followed by a comment as 
an empty argument

PR:	20937 (maybe)
PR:	20938
 2000-08-30 20:51:13 +00:00
brian
50a3c4fd88 Complain about invalid arguments passed to ``set ifaddr'' 2000-08-30 20:49:50 +00:00
brian
a0d9c873d0 Correct LogMAX 
Broken by:	me
Submitted by:	Mark Hannon <markhannon@one.net.au>
 2000-08-29 17:00:52 +00:00
brian
ff7c637251 Use srandom() under OpenBSD 
Submitted by:	Matt Behrens <matt@megaweapon.zigg.com>
 2000-08-29 16:47:45 +00:00
brian
f1f515c997 Add LogFILTER logging to log packets allowed by the dial filter and 
dropped by any filter.

Submitted by: Mark Hannon <markhannon@one.net.au>

with some small tweaks by me.
 2000-08-28 23:24:52 +00:00
brian
cb1cdc90fa Support radius accounting, and add a packet count to throughput 
statistics as a side effect.

Submitted by: Marcin Cieslak <saper@system.pl>

with some tweaks to RAD_ACCT_SESSION_ID and
RAD_ACCT_MULTI_SESSION_ID generation by me.
 2000-08-28 22:44:54 +00:00
brian
bac59a32d0 Make -DNOSUID (or -DPPP_NOSUID) possible to build ppp without SUID 
capabilities.
 2000-08-18 00:01:44 +00:00
brian
c0049c3df2 Warn that the ``alias'' command is depricated. 
We still process it for now though.
 2000-08-18 00:01:30 +00:00
brian
c2fd0b7000 If we're in MP mode with a single open link, MP link level compression 
isn't open and the links MRU >= our MRRU, send outbound traffic as
PROTO_IP rather than PROTO_MP.  This shaves some bytes off the front
of each packet 'till the second link is brought up.

Idea obtained from: Cisco
 2000-08-17 14:14:54 +00:00
brian
65f020c63b ISDN B channels have a bandwidth of 64000, not 65536 
Pointed out by: Christian Weisgerber <naddy@mips.inka.de>
 2000-08-16 13:54:04 +00:00
brian
a7aa2e6cdb setproctitle() doesn't need to be called with root privs, so move 
it from id.c into defs.c
 2000-08-16 09:07:23 +00:00
brian
724f61b07d Default the bandwidth of an ISDN B channel to 65536bps 2000-08-16 09:06:59 +00:00
brian
2e8f0fe474 Maintain input and output throughput averages and choose the highest 
of the two when calculating the MP throughput average for the ``set
autoload'' implementation.

This makes more sense as all links I know of are full-duplex.  This
also means that people may need to adjust their autoload settings
as 100% bandwidth is now the theoretical maximum rather than 200%
(but of course, halfing the current settings is probably not the
correct answer either!).

This involves a ppp version bump as we need to pass an extra
throughput array through the MP local domain socket.
 2000-08-15 10:25:42 +00:00
brian
99a91bd0c2 Calculate the average link throughput using a counter based on the 
cumulative total of all active links rather than basing it on the
total of PROTO_MP traffic.

This fixes a problem whereby Cisco routers send PROTO_IP packets only
when there's only one link (hmm, what a good idea!).
 2000-08-15 00:59:21 +00:00
brian
b6a0e38086 Don't delete sticky routes when unconfiguring the interface. 
Deleting all routes that match the interface is sufficient.
 2000-08-14 08:43:40 +00:00
brian
f0e7cc686d Index: ppp.8 
===================================================================
RCS file: /home/ncvs/src/usr.sbin/ppp/ppp.8,v
retrieving revision 1.233
diff -u -r1.233 ppp.8
--- ppp.8	2000/08/10 13:26:01	1.233
+++ ppp.8	2000/08/12 19:50:41
@@ -1,8 +1,8 @@
 .\" $FreeBSD: src/usr.sbin/ppp/ppp.8,v 1.233 2000/08/10 13:26:01 brian Exp $
 .Dd 20 September 1995
 .nr XX \w'\fC00'
-.Os FreeBSD
 .Dt PPP 8
+.Os
 .Sh NAME
 .Nm ppp
 .Nd Point to Point Protocol (a.k.a. user-ppp)
 2000-08-13 22:03:42 +00:00
brian
b45901a5b4 Mention that pppoe requires netgraph(4) and without it, an external 
pppoe program must be used (such as pppoe(8) on OpenBSD).
 2000-08-10 13:26:01 +00:00
brian
f56c93c8c2 Allow leading ``!'' characters in authkeys and chat scripts to 
be doubled up to mean a single literaly ``!''.
 2000-08-09 19:29:50 +00:00
brian
f77ad6d1af If the first character of the `set title'' argument is -', 
put it into the format string, supporting ps's tweak to
setproctitle().
 2000-08-09 10:22:48 +00:00
brian
9466668148 Don't mis-interpret sockaddr_in6 structures as sockaddr_in structures 
when purging routes.
 2000-07-20 10:38:12 +00:00
brian
500d4d6905 Describe the new VERSION and COMPILATIONDATE macros and mention that the 
``ident'' command will expand macros.
 2000-07-19 10:14:00 +00:00
brian
9a38ef3d03 Support link identification from rfc1570 
Two new commands are available; ``ident'' and ``sendident''.
 2000-07-19 02:10:35 +00:00
brian
bf36609078 Permit multiple ``allow user'' lines in any given section 
This avoids line length limits when large numbers of users are allowed
access to ppp.
 2000-07-12 23:13:52 +00:00
brian
8f207589cd Correct ``set filter'' usage 
Spotted by:	sheldonh
 2000-07-12 16:31:47 +00:00
brian
e19f8cf941 Fix a rather nasty latency problem that occurs with single tcp sessions 
thorough an MP setup with only a single link.
 2000-07-12 15:08:03 +00:00
brian
7bc7c104ee Allow a ``timeout secs'' filter option to let specific packet types 
effect the idle timer in different ways.

Submitted by: Stefan Esser <se@freebsd.org>

With adjustments by me to document the option in the man page and to
give the same semantics for outgoing traffic as incoming.

I made the style more consistent in ip.c - this should really have
been done as a separate commit.
 2000-07-11 22:11:36 +00:00
brian
c1aed73081 Fix -auto breakage introduced with the last commit. 2000-07-11 09:26:02 +00:00
brian
9f59f2175a o Log the (payload/size) of all packet types, not just TCP packets 
o  If the new ``filter-decapsulation'' is enabled, delve into UDP packets
   that contain 0xff 0x03 as the first two bytes, and if we recognise it
   as PROTO_IP, decapsulate it for the purpose of filter checking.

   If we recognise it as PROTO_<anything else> mention this for logging
   purposes only.

This change is aimed at people running PPPoUDP where the UDP traffic is
being sent over another PPP link.  It's desireable to have the top level
link connected all the time, but to have the bottom level link capable
of decapsulating the traffic and comparing the payload against the filters,
thus allowing ``set filter dial ...'' to work in tunnelled environments.

The caveat here is that the top ppp cannot employ any compression layers
without making the data unreadable for the bottom ppp.  ``disable deflate
pred1 vj'' and ``deny deflate pred1 vj'' is suggested.
 2000-07-07 14:22:08 +00:00
brian
15dc9f70e6 kldload ng_ether if we need to. 2000-06-28 09:30:30 +00:00
brian
e37cd78ecc Don't assign an MTU based on the peers first-link MRU in MP mode. 
Use the peers MRRU as we're supposed to.
 2000-06-24 23:37:14 +00:00
brian
8996addced Fix a printf-style arg cast (again) 2000-06-23 09:48:26 +00:00
brian
446b9bad35 e.g. -> e.g., 
Obtained from: OpenBSD
 2000-06-23 09:48:02 +00:00
brian
5008f3663f Correct PPPoE in multi-link mode 
Submitted by: jason@OpenBSD.org
 2000-06-22 20:51:03 +00:00
brian
c14925aabb Remove ``nat pptp'' as this is now done transparently by libalias. 2000-06-20 12:18:40 +00:00
brian
be62e8bf23 Allow padding in LQR ECHO requests 
Problem found by: Tomaz Borstnar <tomaz.borstnar@over.net>
 2000-06-20 09:13:25 +00:00
brian
d765e4453f Don't mis-match interface names in iface_Create() 
Submitted by: Adrian Penisoara <ady@freebsd.ady.ro>
 2000-06-19 21:43:48 +00:00
brian
d043bb7c6c Fix a printf-style format error 2000-06-18 10:07:53 +00:00
brian
37f3007f82 A few more hard-sentence breaks. 2000-06-13 10:03:28 +00:00
brian
f916881111 Hard sentence breaks and trailing space tidy-ups 
Obtained from: OpenBSD
 2000-06-11 14:58:32 +00:00
brian
e88906a1c1 Don't oan about padding characters 2000-06-11 12:22:06 +00:00
brian
41ff0cf693 Add ``set ifqueue'' to control the size of the outgoing packet 
queue.  Doing ``set ifqueue 0'' and ``set urgent none'' will allow
full use of luigi's WF2Q code.

Requested by: luigi
 2000-06-11 02:30:51 +00:00
brian
a1cdd9887d Allow ``set urgent none'' to disable all urgent ports and IPTOS_LOWDELAY 
prioritisation.

Requested by: luigi
 2000-06-08 20:07:48 +00:00
brian
af615e019d Use mp_CheckAutoloadTimer() rather than mp_StopAutoloadTimer() 
when opening or closing an auto link due to the autoload
setting.

Spotted by: David Hedley <david@inty.co.uk>
 2000-05-31 15:35:29 +00:00
brian
27d9c9b35a Don't use the umask to chmod local domain server sockets, use 
the mask
 2000-05-31 09:06:52 +00:00
brian
8c66999e1d If the fsm header reports a length greater than the packet size, 
drop the packet rather than just whinging about it in the log.
If the fsm header has a smaller length, continue to whinge.
 2000-05-26 21:11:55 +00:00
brian
61fc03a88c Remove an unused variable 2000-05-26 08:29:11 +00:00
brian
c756c66b29 When we do a `dial'' or `open'' from DATALINK_READY, go to 
DATALINK_CARRIER and turn off scripting.

This should fix instances where ``term'' is used followed by ~.
and then ``dial''/``open'' (it currently just sits there looking
at you).

Reported by: Tim Vanderhoek <vanderh@ecf.utoronto.ca>
 2000-05-26 08:26:56 +00:00
brian
e959f1027d Fix a topy (if (expr); command;) 
Submitted by:	Renaud Waldura <renaud@guppy.evolunet.com>
 2000-05-25 16:12:55 +00:00
brian
600aec722a The name /var/log/alias.log is *not* likely to change in the near 
future...
 2000-05-24 20:56:30 +00:00
brian
8fb3702804 Mention what ``enable proxy'' actually does 2000-05-24 13:49:39 +00:00
brian
54ab76295f Honour `set speed sync'' and `set device !program'' when 
used together by creating a SOCK_DGRAM socketpair() between
the processes.

Be polite when closing !program links and send a HUP to the
process.  This makes ssh tunnels over unreliable media (such
as via httptunnel) reconnect properly.
 2000-05-24 09:05:58 +00:00
brian
300b5cdddb Mention it in the log file when we HUP a process that 
controls a link.
 2000-05-24 09:05:45 +00:00
brian
defab84a46 Don't attempt to fputs(NULL, fp) when ``enable dns'' is given and 
there's no resolv.conf.
Use a umask of 022 when creating resolv.conf, not 0644 !
 2000-05-24 01:00:24 +00:00
brian
9316f17a65 Always pass packets through libalias when NAT is enabled. 
Submitted by: luoqi
Forgotten by: me
 2000-05-23 14:55:08 +00:00
brian
7bd588a76b Return -2 when tcp_OpenConnection() fails so that ppp doesn't 
report that the device name is of an invalid format.
 2000-05-22 08:23:35 +00:00
brian
4e4578620b Be more verbose when a second link doesn't match the first because the 
peer enddisc/authname is different.
 2000-05-22 08:23:13 +00:00
brian
4d248969a4 Fix a typo 2000-05-11 07:59:21 +00:00
brian
ba5219342d Mention that the default is to let external traffic route to 
the internal network when NAT is enabled.

Allow ``set target MYADDR'' to stop packets at the gateway.
 2000-05-11 07:55:44 +00:00
brian
8bec1e1f9d Correct a bad bug in m_prepend() 
Submitted by: luoqi
 2000-05-07 10:08:24 +00:00
brian
c4b2f80d92 Remove a rogue space 2000-04-13 00:00:46 +00:00
brian
eb7aa2809f Add a missing ``break'' 2000-04-09 18:27:08 +00:00
brian
825b93bffd When running ppp -background, show comfort messages showing 
when we're redialing/reconnecting.

While we're here, log redial, reconnect and phone number
announcements to LogCHAT, and reduce some other logging to
LogDEBUG.
 2000-04-07 23:46:14 +00:00
brian
9b2d3e1632 I didn't get this right the last time.... 
When an NCP reaches TLF, *ONLY* datalink_Close() links that are
in DATALINK_OPEN.

When the last link reaches TLD, DOWN all NCPs (as we used to in the
links TLF (which was the wrong place anyway)), as the NCPs aren't
now going to datalink_Close() us unexpectedly, we get to continue
doing what we were told to do in the first place.

The result:  When we lose a link, the IPCP layer goes down and
we actually call the stuff in ppp.linkdown !
 2000-04-06 10:03:48 +00:00
gj
8efc52e239 Pass me the pointy hat. 
It was not a good idea to remove csu_header from struct cspace, it had
ramifications which I didn't notice.

Restore src/usr.sbin/ppp/slcompress.h to the way it was, since MAX_HDR
was already defined as 128 there and it's a user program anyway.

In sys/net/slcompress.h make MAX_HDR 128 intead of MLEN to avoid
bloat.

My apologies for any inconvenience.
 2000-04-04 09:20:53 +00:00
brian
56ae0558f5 Plug two file descriptor leaks 2000-04-03 19:56:49 +00:00
gj
08bbcfe72f Nuke csu_hdr from struct cspace. csu_hdr is not used anywhere in the 
tree. This considerably reduces unnecessary bloat in struct slcompress.

I'm running with this change right now and have seen no negative
side-effects.

On my sytem this reduced kernel BSS by about 25KB.

Submitted by:	bde
Approved by:	brian for user-ppp
 2000-04-03 19:54:33 +00:00
brian
2b63c0a8d4 Allow authname to be changed at any phase, just emit a warning 
if it's not DEAD or ESTABLISH
 2000-03-31 21:08:43 +00:00
brian
c4adf04181 Use INADDR_NONE with PacketAliasSetTarget() if no args are given to 
``nat target'', and suggest the use of ``nat target default'' as an
interesting possibility.
 2000-03-31 20:42:24 +00:00
brian
408c8069a6 Undo the damage done to this file in my last commit 2000-03-31 14:31:36 +00:00
brian
542750c808 Add the ``nat target'' command. 2000-03-31 14:26:23 +00:00
brian
96a4cabd64 Correct address parsing 
Pointed out by: Maxim Sobolev <sobomax@altavista.net>
 2000-03-30 10:46:20 +00:00
brian
a12619f868 Log information about packets being dropped (probably due to 
``nat deny_incoming yes'') by libalias.
 2000-03-29 09:31:52 +00:00
brian
657714f28b Allow the use of hostnames instead of (and as well as) IP 
numbers in all commands.
If people use hostnames and have dodgy resolvers or try to resolve
the hostname before the link is up, they get what they deserve....

Requested by: ru
 2000-03-29 09:31:27 +00:00
brian
a252b602e2 Mention the value of the unexpected return code in nat_LayerPull() 2000-03-29 00:14:24 +00:00
brian
2442f64e8a don't treat # specially if PARSE_NOHASH is passed 2000-03-28 15:14:15 +00:00