aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNicolas Thill <nico@openwrt.org>2006-04-12 00:17:43 +0000
committerNicolas Thill <nico@openwrt.org>2006-04-12 00:17:43 +0000
commite8ea9b7a06335c6f5c96deed4aa1e4adffd42e5e (patch)
tree85043a51647b2449a705a5d05258cc97747c66ea
parente918cf37c4e9f0759b291f341e49458090cbac5a (diff)
downloadmaster-187ad058-e8ea9b7a06335c6f5c96deed4aa1e4adffd42e5e.tar.gz
master-187ad058-e8ea9b7a06335c6f5c96deed4aa1e4adffd42e5e.tar.bz2
master-187ad058-e8ea9b7a06335c6f5c96deed4aa1e4adffd42e5e.zip
Prevent l2tpd from using PMTU discovery, setting the DF bit on all outgoing UDP packets (closes: #471)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@3621 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r--package/l2tpd/Makefile2
-rw-r--r--package/l2tpd/patches/05-df-disable.patch25
2 files changed, 26 insertions, 1 deletions
diff --git a/package/l2tpd/Makefile b/package/l2tpd/Makefile
index fa1a0f9489..6435f35a7d 100644
--- a/package/l2tpd/Makefile
+++ b/package/l2tpd/Makefile
@@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=l2tpd
PKG_VERSION:=0.70pre
PKG_UPSTREAM_VERSION:=0.70-pre20031121
-PKG_RELEASE:=3.1
+PKG_RELEASE:=4.1
PKG_MD5SUM:=3f2707b6e16a8cb72e7bf64f574202fa
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/l/l2tpd
diff --git a/package/l2tpd/patches/05-df-disable.patch b/package/l2tpd/patches/05-df-disable.patch
new file mode 100644
index 0000000000..806c48d128
--- /dev/null
+++ b/package/l2tpd/patches/05-df-disable.patch
@@ -0,0 +1,25 @@
+Patch to stop l2tpd setting the DF bit on each of the packets it sends.
+Apart from not being useful with L2TP, this also prevents interoperating
+with Cisco IOS over IPSEC.
+
+--- l2tpd-0.70-pre20031121.orig/network.c.orig 2006-04-11 08:50:38.000000000 +0100
++++ l2tpd-0.70-pre20031121.orig/network.c 2006-04-11 08:58:18.000000000 +0100
+@@ -56,6 +56,18 @@
+ __FUNCTION__);
+ return -EINVAL;
+ };
++#ifdef IP_MTU_DISCOVER
++#ifdef IP_PMTUDISC_DONT
++ {
++ /* Don't set DF bit on outbound packets */
++ int val = IP_PMTUDISC_DONT;
++ if (setsockopt(server_socket, IPPROTO_IP, IP_MTU_DISCOVER, &val, sizeof(val)) < 0)
++ {
++ log (LOG_LOG, "Failed to disable PMTU discovery\n");
++ }
++ }
++#endif
++#endif
+ /* L2TP/IPSec: Set up SA for listening port here? NTB 20011015
+ */
+ if (bind (server_socket, (struct sockaddr *) &server, sizeof (server)))