Use sources on github and add myself as maintainer. Signed-off-by: Daniel Golle <daniel@makrotopia.org>lilik-openwrt-22.03
@ -0,0 +1,71 @@ | |||||
# | |||||
# Copyright (C) 2006-2014 OpenWrt.org | |||||
# | |||||
# This is free software, licensed under the GNU General Public License v2. | |||||
# See /LICENSE for more information. | |||||
# | |||||
include $(TOPDIR)/rules.mk | |||||
PKG_NAME:=xl2tpd | |||||
PKG_VERSION:=1.3.6 | |||||
PKG_RELEASE:=1 | |||||
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org> | |||||
PKG_RELEASE=$(PKG_SOURCE_VERSION) | |||||
PKG_SOURCE_PROTO:=git | |||||
PKG_SOURCE_URL:=https://github.com/xelerance/xl2tpd.git | |||||
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) | |||||
PKG_SOURCE_VERSION:=5619e1771048e74b729804e8602f409af0f3faea | |||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz | |||||
PKG_INSTALL:=1 | |||||
include $(INCLUDE_DIR)/package.mk | |||||
define Package/xl2tpd | |||||
SECTION:=net | |||||
CATEGORY:=Network | |||||
TITLE:=An L2TP (Layer 2 Tunneling Protocol) daemon | |||||
URL:=http://www.xelerance.com/software/xl2tpd/ | |||||
SUBMENU:=VPN | |||||
DEPENDS:=+ppp-mod-pppol2tp +ip +resolveip | |||||
endef | |||||
define Package/xl2tpd/description | |||||
l2tpd is the open source implementation of the L2TP tunneling protocol (RFC2661). | |||||
It does implement both LAC and LNS role in a L2TP networking architecture. The | |||||
main goal of this protocol is to tunnel PPP frame trough an IP network. | |||||
endef | |||||
# XXX: CFLAGS are already set by Build/Compile/Default | |||||
MAKE_FLAGS+= \ | |||||
OFLAGS="" | |||||
define Package/xl2tpd/conffiles | |||||
/etc/xl2tpd/xl2tpd.conf | |||||
/etc/xl2tpd/xl2tp-secrets | |||||
/etc/ppp/options.xl2tpd | |||||
endef | |||||
define Package/xl2tpd/install | |||||
$(INSTALL_DIR) $(1)/usr/sbin | |||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/sbin/xl2tpd $(1)/usr/sbin/ | |||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/sbin/xl2tpd-control $(1)/usr/sbin/ | |||||
$(INSTALL_DIR) $(1)/etc/init.d | |||||
$(INSTALL_BIN) ./files/xl2tpd.init $(1)/etc/init.d/xl2tpd | |||||
$(INSTALL_DIR) $(1)/etc/xl2tpd | |||||
$(INSTALL_DATA) ./files/xl2tpd.conf $(1)/etc/xl2tpd/ | |||||
$(INSTALL_CONF) ./files/xl2tp-secrets $(1)/etc/xl2tpd/ | |||||
$(INSTALL_DIR) $(1)/etc/ppp | |||||
$(INSTALL_DATA) ./files/options.xl2tpd $(1)/etc/ppp/ | |||||
$(INSTALL_DIR) $(1)/lib/netifd/proto | |||||
$(INSTALL_BIN) ./files/l2tp.sh $(1)/lib/netifd/proto | |||||
endef | |||||
$(eval $(call BuildPackage,xl2tpd)) |
@ -0,0 +1,23 @@ | |||||
OpenWRT Package for xl2tpd | |||||
xl2tpd is a development from the original l2tpd package originally written by | |||||
Mark Spencer, subsequently forked by Scott Balmos and David Stipp, inherited | |||||
by Jeff McAdams, modified substantially by Jacco de Leeuw and then forked | |||||
again by Xelerance (after it was abandoned by l2tpd.org). | |||||
Rationale for inclusion in OpenWRT: | |||||
l2tpd has some serious alignment problems on RISC platforms. It also runs | |||||
purely in userspace. | |||||
Some of the features added in this fork include: | |||||
1. IPSec SA reference tracking inconjunction with openswan's IPSec transport | |||||
mode, which adds support for multiple clients behind the same NAT router | |||||
and multiple clients on the same internal IP behind different NAT routers. | |||||
2. Support for the pppol2tp kernel mode L2TP. | |||||
3. Alignment and endian problems resolved. | |||||
hcg |
@ -0,0 +1,107 @@ | |||||
#!/bin/sh | |||||
[ -x /usr/sbin/xl2tpd ] || exit 0 | |||||
[ -n "$INCLUDE_ONLY" ] || { | |||||
. /lib/functions.sh | |||||
. ../netifd-proto.sh | |||||
init_proto "$@" | |||||
} | |||||
proto_l2tp_init_config() { | |||||
proto_config_add_string "username" | |||||
proto_config_add_string "password" | |||||
proto_config_add_string "keepalive" | |||||
proto_config_add_string "pppd_options" | |||||
proto_config_add_boolean "ipv6" | |||||
proto_config_add_int "mtu" | |||||
proto_config_add_string "server" | |||||
available=1 | |||||
no_device=1 | |||||
} | |||||
proto_l2tp_setup() { | |||||
local config="$1" | |||||
local iface="$2" | |||||
local optfile="/tmp/l2tp/options.${config}" | |||||
local ip serv_addr server | |||||
json_get_var server server && { | |||||
for ip in $(resolveip -t 5 "$server"); do | |||||
( proto_add_host_dependency "$config" "$ip" ) | |||||
serv_addr=1 | |||||
done | |||||
} | |||||
[ -n "$serv_addr" ] || { | |||||
echo "Could not resolve server address" | |||||
sleep 5 | |||||
proto_setup_failed "$config" | |||||
exit 1 | |||||
} | |||||
if [ ! -p /var/run/xl2tpd/l2tp-control ]; then | |||||
/etc/init.d/xl2tpd start | |||||
fi | |||||
json_get_vars ipv6 demand keepalive username password pppd_options | |||||
[ "$ipv6" = 1 ] || ipv6="" | |||||
if [ "${demand:-0}" -gt 0 ]; then | |||||
demand="precompiled-active-filter /etc/ppp/filter demand idle $demand" | |||||
else | |||||
demand="persist" | |||||
fi | |||||
[ -n "$mtu" ] || json_get_var mtu mtu | |||||
local interval="${keepalive##*[, ]}" | |||||
[ "$interval" != "$keepalive" ] || interval=5 | |||||
mkdir -p /tmp/l2tp | |||||
echo "${keepalive:+lcp-echo-interval $interval lcp-echo-failure ${keepalive%%[, ]*}}" > "${optfile}" | |||||
echo "usepeerdns" >> "${optfile}" | |||||
echo "nodefaultroute" >> "${optfile}" | |||||
echo "${username:+user \"$username\" password \"$password\"}" >> "${optfile}" | |||||
echo "ipparam \"$config\"" >> "${optfile}" | |||||
echo "ifname \"l2tp-$config\"" >> "${optfile}" | |||||
echo "ip-up-script /lib/netifd/ppp-up" >> "${optfile}" | |||||
echo "ipv6-up-script /lib/netifd/ppp-up" >> "${optfile}" | |||||
echo "ip-down-script /lib/netifd/ppp-down" >> "${optfile}" | |||||
echo "ipv6-down-script /lib/netifd/ppp-down" >> "${optfile}" | |||||
# Don't wait for LCP term responses; exit immediately when killed. | |||||
echo "lcp-max-terminate 0" >> "${optfile}" | |||||
echo "${ipv6:++ipv6} ${pppd_options}" >> "${optfile}" | |||||
echo "${mtu:+mtu $mtu mru $mtu}" >> "${optfile}" | |||||
xl2tpd-control add l2tp-${config} pppoptfile=${optfile} lns=${server} redial=yes redial timeout=20 | |||||
xl2tpd-control connect l2tp-${config} | |||||
} | |||||
proto_l2tp_teardown() { | |||||
local interface="$1" | |||||
local optfile="/tmp/l2tp/options.${interface}" | |||||
case "$ERROR" in | |||||
11|19) | |||||
proto_notify_error "$interface" AUTH_FAILED | |||||
proto_block_restart "$interface" | |||||
;; | |||||
2) | |||||
proto_notify_error "$interface" INVALID_OPTIONS | |||||
proto_block_restart "$interface" | |||||
;; | |||||
esac | |||||
xl2tpd-control disconnect l2tp-${interface} | |||||
# Wait for interface to go down | |||||
while [ -d /sys/class/net/l2tp-${interface} ]; do | |||||
sleep 1 | |||||
done | |||||
xl2tpd-control remove l2tp-${interface} | |||||
rm -f ${optfile} | |||||
} | |||||
[ -n "$INCLUDE_ONLY" ] || { | |||||
add_protocol l2tp | |||||
} |
@ -0,0 +1,13 @@ | |||||
# | |||||
lock | |||||
noauth | |||||
debug | |||||
dump | |||||
logfd 2 | |||||
logfile /var/log/xl2tpd.log | |||||
noccp | |||||
novj | |||||
novjccomp | |||||
nopcomp | |||||
noaccomp |
@ -0,0 +1,5 @@ | |||||
# Secrets for authenticating l2tp tunnels | |||||
# us them secret | |||||
# * marko blah2 | |||||
# zeus marko blah | |||||
# * * interop |
@ -0,0 +1,23 @@ | |||||
[global] | |||||
port = 1701 | |||||
auth file = /etc/xl2tpd/xl2tp-secrets | |||||
access control = no | |||||
;[lns default] | |||||
;exclusive = yes | |||||
;ip range = 192.168.254.202-192.168.254.210 | |||||
;lac = 10.0.1.2 | |||||
;hidden bit = no | |||||
;local ip = 192.168.254.200 | |||||
;length bit = yes | |||||
;refuse authentication = yes | |||||
;name = VersaLink | |||||
;ppp debug = yes | |||||
;pppoptfile = /etc/ppp/options.xl2tpd | |||||
;[lac left] | |||||
;lns = 10.0.1.2 | |||||
;refuse authentication = yes | |||||
;name = VersaLink | |||||
;ppp debug = yes | |||||
;pppoptfile = /etc/ppp/options.xl2tpd |
@ -0,0 +1,73 @@ | |||||
; | |||||
; Sample l2tpd configuration file | |||||
; | |||||
; This example file should give you some idea of how the options for l2tpd | |||||
; should work. The best place to look for a list of all options is in | |||||
; the source code itself, until I have the time to write better documetation :) | |||||
; Specifically, the file "file.c" contains a list of commands at the end. | |||||
; | |||||
; You most definitely don't have to spell out everything as it is done here | |||||
; | |||||
; [global] ; Global parameters: | |||||
; port = 1701 ; * Bind to port 1701 | |||||
; auth file = /etc/xl2tpd/xl2tp-secrets ; * Where our challenge secrets are | |||||
; access control = yes ; * Refuse connections without IP match | |||||
; rand source = dev ; Source for entropy for random | |||||
; ; numbers, options are: | |||||
; ; dev - reads of /dev/urandom | |||||
; ; sys - uses rand() | |||||
; ; egd - reads from egd socket | |||||
; ; egd is not yet implemented | |||||
; | |||||
; [lns default] ; Our fallthrough LNS definition | |||||
; exclusive = no ; * Only permit one tunnel per host | |||||
; ip range = 192.168.0.1-192.168.0.20 ; * Allocate from this IP range | |||||
; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts | |||||
; ip range = 192.168.0.5 ; * But this one is okay | |||||
; ip range = lac1-lac2 ; * And anything from lac1 to lac2's IP | |||||
; lac = 192.168.1.4 - 192.168.1.8 ; * These can connect as LAC's | |||||
; no lac = untrusted.marko.net ; * This guy can't connect | |||||
; hidden bit = no ; * Use hidden AVP's? | |||||
; local ip = 192.168.1.2 ; * Our local IP to use | |||||
; length bit = yes ; * Use length bit in payload? | |||||
; require chap = yes ; * Require CHAP auth. by peer | |||||
; refuse pap = yes ; * Refuse PAP authentication | |||||
; refuse chap = no ; * Refuse CHAP authentication | |||||
; refuse authentication = no ; * Refuse authentication altogether | |||||
; require authentication = yes ; * Require peer to authenticate | |||||
; unix authentication = no ; * Use /etc/passwd for auth. | |||||
; name = myhostname ; * Report this as our hostname | |||||
; ppp debug = no ; * Turn on PPP debugging | |||||
; pppoptfile = /etc/ppp/options.xl2tpd.lns ; * ppp options file | |||||
; call rws = 10 ; * RWS for call (-1 is valid) | |||||
; tunnel rws = 4 ; * RWS for tunnel (must be > 0) | |||||
; flow bit = yes ; * Include sequence numbers | |||||
; challenge = yes ; * Challenge authenticate peer ; | |||||
; | |||||
; [lac marko] ; Example VPN LAC definition | |||||
; lns = lns.marko.net ; * Who is our LNS? | |||||
; lns = lns2.marko.net ; * A backup LNS (not yet used) | |||||
; redial = yes ; * Redial if disconnected? | |||||
; redial timeout = 15 ; * Wait n seconds between redials | |||||
; max redials = 5 ; * Give up after n consecutive failures | |||||
; hidden bit = yes ; * User hidden AVP's? | |||||
; local ip = 192.168.1.1 ; * Force peer to use this IP for us | |||||
; remote ip = 192.168.1.2 ; * Force peer to use this as their IP | |||||
; length bit = no ; * Use length bit in payload? | |||||
; require pap = no ; * Require PAP auth. by peer | |||||
; require chap = yes ; * Require CHAP auth. by peer | |||||
; refuse pap = yes ; * Refuse PAP authentication | |||||
; refuse chap = no ; * Refuse CHAP authentication | |||||
; refuse authentication = no ; * Refuse authentication altogether | |||||
; require authentication = yes ; * Require peer to authenticate | |||||
; name = marko ; * Report this as our hostname | |||||
; ppp debug = no ; * Turn on PPP debugging | |||||
; pppoptfile = /etc/ppp/options.xl2tpd.marko ; * ppp options file for this lac | |||||
; call rws = 10 ; * RWS for call (-1 is valid) | |||||
; tunnel rws = 4 ; * RWS for tunnel (must be > 0) | |||||
; flow bit = yes ; * Include sequence numbers | |||||
; challenge = yes ; * Challenge authenticate peer | |||||
; | |||||
; [lac cisco] ; Another quick LAC | |||||
; lns = cisco.marko.net ; * Required, but can take from default | |||||
; require authentication = yes |
@ -0,0 +1,18 @@ | |||||
#!/bin/sh /etc/rc.common | |||||
# Copyright (C) 2006-2010 OpenWrt.org | |||||
START=60 | |||||
BIN=xl2tpd | |||||
DEFAULT=/etc/default/$BIN | |||||
RUN_D=/var/run | |||||
PID_F=$RUN_D/$BIN.pid | |||||
start() { | |||||
mkdir -p $RUN_D/$BIN | |||||
[ -f $DEFAULT ] && . $DEFAULT | |||||
$BIN $OPTIONS | |||||
} | |||||
stop() { | |||||
[ -f $PID_F ] && kill $(cat $PID_F) | |||||
} |
@ -0,0 +1,12 @@ | |||||
--- a/Makefile | |||||
+++ b/Makefile | |||||
@@ -91,7 +91,8 @@ OSFLAGS+= -DUSE_KERNEL | |||||
IPFLAGS?= -DIP_ALLOCATION | |||||
-CFLAGS+= $(DFLAGS) -O2 -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS) | |||||
+OFLAGS=-O2 | |||||
+CFLAGS+= $(DFLAGS) $(OFLAGS) -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS) | |||||
HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h | |||||
OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o | |||||
SRCS=${OBJS:.o=.c} ${HDRS} |
@ -0,0 +1,43 @@ | |||||
--- a/Makefile | |||||
+++ b/Makefile | |||||
@@ -107,10 +107,10 @@ BINDIR?=$(DESTDIR)${PREFIX}/bin | |||||
MANDIR?=$(DESTDIR)${PREFIX}/share/man | |||||
-all: $(EXEC) pfc $(CONTROL_EXEC) | |||||
+all: $(EXEC) $(CONTROL_EXEC) | |||||
clean: | |||||
- rm -f $(OBJS) $(EXEC) pfc.o pfc $(CONTROL_EXEC) | |||||
+ rm -f $(OBJS) $(EXEC) $(CONTROL_EXEC) | |||||
$(EXEC): $(OBJS) $(HDRS) | |||||
$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LDLIBS) | |||||
@@ -118,14 +118,10 @@ $(EXEC): $(OBJS) $(HDRS) | |||||
$(CONTROL_EXEC): $(CONTROL_SRCS) | |||||
$(CC) $(CFLAGS) $(LDFLAGS) $(CONTROL_SRCS) -o $@ | |||||
-pfc: | |||||
- $(CC) $(CFLAGS) -c contrib/pfc.c | |||||
- $(CC) $(LDFLAGS) -o pfc pfc.o -lpcap $(LDLIBS) | |||||
- | |||||
romfs: | |||||
$(ROMFSINST) /bin/$(EXEC) | |||||
-install: ${EXEC} pfc ${CONTROL_EXEC} | |||||
+install: ${EXEC} ${CONTROL_EXEC} | |||||
install -d -m 0755 ${SBINDIR} | |||||
install -m 0755 $(EXEC) ${SBINDIR}/$(EXEC) | |||||
install -d -m 0755 ${MANDIR}/man5 | |||||
@@ -133,11 +129,6 @@ install: ${EXEC} pfc ${CONTROL_EXEC} | |||||
install -m 0644 doc/xl2tpd.8 ${MANDIR}/man8/ | |||||
install -m 0644 doc/xl2tpd.conf.5 doc/l2tp-secrets.5 \ | |||||
${MANDIR}/man5/ | |||||
- # pfc | |||||
- install -d -m 0755 ${BINDIR} | |||||
- install -m 0755 pfc ${BINDIR}/pfc | |||||
- install -d -m 0755 ${MANDIR}/man1 | |||||
- install -m 0644 contrib/pfc.1 ${MANDIR}/man1/ | |||||
# control exec | |||||
install -d -m 0755 ${SBINDIR} | |||||
install -m 0755 $(CONTROL_EXEC) ${SBINDIR}/$(CONTROL_EXEC) |