#
5d9e6103 |
| 08-May-1999 |
Brian Somers <brian@FreeBSD.org> |
o Redesign the layering mechanism and make the aliasing code part of the layering.
We now ``stack'' layers as soon as we open the device (when we figure out what we're dealing with). A static
o Redesign the layering mechanism and make the aliasing code part of the layering.
We now ``stack'' layers as soon as we open the device (when we figure out what we're dealing with). A static set of `dispatch' routines are also declared for dealing with incoming packets after they've been `pulled' up through the stacked layers.
Physical devices are now assigned handlers based on the device type when they're opened. For the moment there are three device types; ttys, execs and tcps.
o Increment version number to 2.2 o Make an entry in [uw]tmp for non-tty -direct invocations (after pap/chap authentication). o Make throughput counters quad_t's o Account for the absolute number of mbuf malloc()s and free()s in ``show mem''. o ``show modem'' becomes ``show physical''.
show more ...
|
Revision tags: vendor/perl5/5.005.03, vendor/SGI/v_2_17, vendor/SGI/vjs_990324, vendor/gdb/4.18, vendor/isc-dhcp/2.0b1-pl.27 |
|
#
7884358f |
| 26-Apr-1999 |
Brian Somers <brian@FreeBSD.org> |
Add support for NetBSD
|
#
fe3094cd |
| 25-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Allow port ranges in ``alias port''.
|
Revision tags: vendor/isc-dhcp/2.0b1-pl.18 |
|
#
521e2a53 |
| 19-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Don't forget to fully initialise the configured values for MYADDR and HISADDR in ``set ifaddr'' so that unspecified values don't end up retaining their `width'.
|
Revision tags: vendor/misc-GNU/cvs/1.10, vendor/groff/1.11, vendor/tcp_wrappers/7.6, vendor/NetBSD/v990310 |
|
#
50a63ab9 |
| 07-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Support PPTP via libalias (``alias pptp addr'').
|
#
d318fe8e |
| 07-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Support proxying & transparent proxying curtesy of libalias(3). Order the alias command descriptions. Order the SEE ALSO entries.
|
#
c11e57a3 |
| 04-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Extend the ``set redial'' command to allow incremental redial timeouts.
|
#
bc76350e |
| 03-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Correct some ntohl/htonl bogons in the netmask handling. This was pretty harmless as netmasks on a POINTOPOINT interface are pretty much ignored, but it looked funny.
Mention the configured netmask
Correct some ntohl/htonl bogons in the netmask handling. This was pretty harmless as netmasks on a POINTOPOINT interface are pretty much ignored, but it looked funny.
Mention the configured netmask in ``show ipcp''.
Describe in more detail what a proxy arp entry is.
show more ...
|
Revision tags: vendor/isc-dhcp/2.0b1-pl.17 |
|
#
479508cf |
| 26-Feb-1999 |
Brian Somers <brian@FreeBSD.org> |
Allow control over the number of ConfigREQ & TermREQ attempts that are made in each of the FSMs (LCP, CCP & IPCP) and the number of REQs/Challenges for PAP/CHAP by accepting more arguments in the ``s
Allow control over the number of ConfigREQ & TermREQ attempts that are made in each of the FSMs (LCP, CCP & IPCP) and the number of REQs/Challenges for PAP/CHAP by accepting more arguments in the ``set {c,ip,l}cpretry'' and ``set {ch,p}apretry'' commands.
Change the non-convergence thresholds to 3 times the number of configured REQ tries (rather than the previous fixed ``10''). We now notice repeated NAKs and REJs rather than just REQs.
Don't suggest that CHAP 0x05 isn't supported when it's not configured.
Fix some bugs that expose themselves with smaller numbers of retries: o Handle instantaneous disconnects (set device /dev/null) correctly by stopping all fsm timers in fsm2initial. o Don't forget to uu_unlock() devices that are files but are not ttys (set device /dev/zero).
Fix a *HORRENDOUS* bug in RFC1661 (already fixed for an Open event in state ``Closed''): According to the state transition table, a RCR+ or RCR- received in the ``Stopped'' state are supposed to InitRestartCounter, SendConfigReq and SendConfig{Ack,Nak}. However, in ``Stopped'', we haven't yet done a TLS (or the last thing we did is a TLF). We must therefore do the TLS at this point !
This was never noticed before because LCP and CCP used not use LayerStart() for anything interesting, and IPCP tends to go into Stopped then get a Down because of an LCP RTR rather than getting a RCR again.
show more ...
|
#
26baedc5 |
| 25-Feb-1999 |
Brian Somers <brian@FreeBSD.org> |
Parse IP addresses more securely - specifically, don't allow a bum name to return as 0.0.0.0... we don't want ``delete xxx'' to delete the default route when xxx doesn't resolve.
Support IP number s
Parse IP addresses more securely - specifically, don't allow a bum name to return as 0.0.0.0... we don't want ``delete xxx'' to delete the default route when xxx doesn't resolve.
Support IP number specifications as the host when specifying a tcp-style device (rather than *just* hostnames).
show more ...
|
#
5e315498 |
| 18-Feb-1999 |
Brian Somers <brian@FreeBSD.org> |
Fully support both NT and LANMan CHAP type 0x80 as both authenticator and authenticatee.
|
Revision tags: release/3.1.0_cvs |
|
#
6b4286e0 |
| 16-Feb-1999 |
Brian Somers <brian@FreeBSD.org> |
Wait by default for one second after the login script is complete before checking carrier. If it's there, the device supports carrier. If it's not it doesn't.
Add the ``set cd'' command for decidi
Wait by default for one second after the login script is complete before checking carrier. If it's there, the device supports carrier. If it's not it doesn't.
Add the ``set cd'' command for deciding how soon to check for carrier, and for deciding if carrier is REQUIRED.
The default has changed: Pre 2.0 versions of ppp waited for 1 second. Version 2 didn't wait, but this causes problems with some (few?) modems that don't assert carrier immediately on reporting CONNECT. The one second delay is back now and can be removed with ``set cd 0''.
Bump the ppp version number in case this needs to be changed again....
show more ...
|
Revision tags: vendor/isc-dhcp/2.0b1-pl.11 |
|
#
58330d7b |
| 11-Feb-1999 |
Brian Somers <brian@FreeBSD.org> |
When resending chap challenges, resend the same challenge each time rather than making up a new one.
Increase the authname/authkey max sizes to 100 characters.
Allow ``authkey'' specifications begi
When resending chap challenges, resend the same challenge each time rather than making up a new one.
Increase the authname/authkey max sizes to 100 characters.
Allow ``authkey'' specifications beginning with ``!''. When a challenge is received, the text following the ``!'' is executed as a program (expanding stuff in the same way that ``sh'' and ``!bg'' do). The program is passed the peer name, peer challenge and local ``authname'' on standard input and is expected to output the name/key combination that should be used to build the CHAP response.
This provides support for Secure ID cards (guess what I was given at work recently!) using CHAP.
Examples will follow.
show more ...
|
Revision tags: vendor/OpenBSD/dhclient_1_0, vendor/isc-dhcp/2.0b1-pl.6, vendor/sendmail/8.9.3, vendor/tzdata/tzdata1999b |
|
#
4026c366 |
| 28-Jan-1999 |
Brian Somers <brian@FreeBSD.org> |
Version 2.0 > 2.1 to reflection RADIUS additions.
|
#
972a1bcf |
| 28-Jan-1999 |
Brian Somers <brian@FreeBSD.org> |
Initial RADIUS support (using libradius). See the man page for details. Compiling with -DNORADIUS (the default for `release') removes support.
TODO: The functionality in libradius::rad_send_reques
Initial RADIUS support (using libradius). See the man page for details. Compiling with -DNORADIUS (the default for `release') removes support.
TODO: The functionality in libradius::rad_send_request() needs to be supplied as a set of routines so that ppp doesn't have to wait indefinitely for the radius server(s). Instead, we need to get a descriptor back, select() on the descriptor, and ask libradius to service it when necessary. For now, ppp blocks SIGALRM while in rad_send_request(), so it misses PAP/CHAP retries & timeouts if they occur.
Only PAP is functional. When CHAP is attempted, libradius complains that no User-Password has been specified... rfc2138 says that it *mustn't* be used for CHAP :-(
Sponsored by: Internet Business Solutions Ltd., Switzerland
show more ...
|
Revision tags: vendor/sendmail/8.9.2-header, vendor/tzdata/tzdata1999a, vendor/tzcode/tzcode1999a, release/3.0.0_cvs, release/2.2.8, vendor/mrouted/3.9-beta3, vendor/mrouted/mtrace-5.2, vendor/global/3.4.2, vendor/misc-GNU/texinfo/3.12, vendor/amd/6.0, vendor/sendmail/8.9.2, vendor/zlib/1.1.3 |
|
#
87766c56 |
| 14-Dec-1998 |
Brian Somers <brian@FreeBSD.org> |
Allow a variable as the first arg to ``set proctitle''.
|
Revision tags: vendor/libpam/unpruned, vendor/libpam/0.65, vendor/amd/6.0b1 |
|
#
c2896afb |
| 05-Nov-1998 |
Brian Somers <brian@FreeBSD.org> |
Don't delete the primary interface address when ``iface clean'' is used in auto mode while there are no active links.
|
#
7cf368eb |
| 31-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Allow multiple systems (config labels) on the command line and in the ``load'' & ``dial'' commands. The last label loaded becomes the current label name. Only require a label for -auto mode.
|
#
0f781a72 |
| 27-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Add ``set proctitle'' for changing argv[0]. All substitutions are done in the same way as command execution.
For example, ``set proctitle USER INTERFACE PROCESSID'' would be useful in a -direct pro
Add ``set proctitle'' for changing argv[0]. All substitutions are done in the same way as command execution.
For example, ``set proctitle USER INTERFACE PROCESSID'' would be useful in a -direct profile for identifying who's connected.
show more ...
|
#
a237dcba |
| 27-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Add ``PROCESSID'' as a constant expanded when running commands.
|
#
3535dfb0 |
| 26-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Shuffle the iface-alias option so that's in alphabetical order like the rest of the options.
|
#
3afe5ccb |
| 26-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Add ``enable proxyall'' support. This adds proxy ARP entries for every machine on every class C or smaller subnet that we route to. Add ``set {send,recv}pipe'' for controlling our socket buffer size
Add ``enable proxyall'' support. This adds proxy ARP entries for every machine on every class C or smaller subnet that we route to. Add ``set {send,recv}pipe'' for controlling our socket buffer sizes. Mention the IP number with the problem in a few error messages. All submitted by: Craig Leres <leres@ee.lbl.gov> Modified slightly by: me
show more ...
|
#
17871c5f |
| 26-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Fix the interface alias code. Previously, I was expecting something like
tun0: flags=blah 10.0.0.1 -> 10.0.0.100 10.0.0.2 -> 10.0.0.100 10.0.0.3 -> 10.0.0.100
to DTRT, despite the SIOCAIFADDR f
Fix the interface alias code. Previously, I was expecting something like
tun0: flags=blah 10.0.0.1 -> 10.0.0.100 10.0.0.2 -> 10.0.0.100 10.0.0.3 -> 10.0.0.100
to DTRT, despite the SIOCAIFADDR for each new alias returning -1 & EEXIST while adding the alias anyway. In real life, once we have the second alias with the same destination, nothing will route any more ! Also, because I was ignoring EEXIST, the dynamic IP assignment code was assigning duplicate addresses ('cos it was being lied to by iface_inAdd()).
Now we have
tun0: flags=blah 10.0.0.1 -> 255.255.255.255 10.0.0.2 -> 10.0.0.100 10.0.0.3 -> 255.255.255.255
This works - stuff bound to 10.1 & 10.3 will be considered alive by the kernel, and when they route back to the tun device, the packets get aliased to 10.2 and go out to 10.100 (as with the original plan).
We still see the EEXIST in SIOCAIFADDR, but ignore it when our destination is 255.255.255.255, assuming that the alias *was* actually added.
Additionally, ``iface add'' may now optionally be given only the interface address. The mask & destination default to 255.255.255.255.
show more ...
|
#
9b5f8ffd |
| 24-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Loosen our restrictions on setting enddisc, mrru, shortseq, authname and authkey.
o Auth{name,key} may additionally be set in PHASE_ESTABLISH. o The others may be set in PHASE_ESTABLISH as long as n
Loosen our restrictions on setting enddisc, mrru, shortseq, authname and authkey.
o Auth{name,key} may additionally be set in PHASE_ESTABLISH. o The others may be set in PHASE_ESTABLISH as long as no links have yet reached DATALINK_LCP.
show more ...
|
#
8fa6ebe4 |
| 22-Oct-1998 |
Brian Somers <brian@FreeBSD.org> |
Solve the ``first connection'' problem that occurs on demand-dial links with dynamic IP numbers where the program that causes the dial bind()s to an interface address that is subsequently changed aft
Solve the ``first connection'' problem that occurs on demand-dial links with dynamic IP numbers where the program that causes the dial bind()s to an interface address that is subsequently changed after ppp negotiation.
The problem is defeated by adding negotiated addresses to the tun interface as additional alias addresses and providing a set of ``iface'' commands for managing the interface. Libalias is also required (and what a name clash!) - it happily IP-aliases the address so that the source is that of the primary (negotiated) interface and un-IP-aliases it on the way back.
An ``enable iface-alias'' is done implicitly by the -alias command line switch. If -alias isn't given, iface-aliasing is disabled by default and can't be enabled 'till an ``alias enable yes'' is done. ``alias enable no'' silently disables iface-alias.
So, for dynamic-IP-type-connections, running ``ppp -alias -auto blah'' will work for the first connection, although existing bindings will not survive a disconnect/connect as the TCP peer will be trying to send to the old IP address - the packets won't route.
It's now a lot easier to add IPXCP to ppp with minor updates to the new iface.[ch] (if anyone ever gets 'round to it).
It's also now possible to manually add interface aliases with something like ``iface add 1.2.3.4/24 5.6.7.8''. This allows multi-homed ppp links :-)
show more ...
|