diff options
author | nico <nico@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2006-04-12 00:17:43 +0000 |
---|---|---|
committer | nico <nico@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2006-04-12 00:17:43 +0000 |
commit | 5a910c1d85d4fc4247073c16392d573bea3cff76 (patch) | |
tree | 85043a51647b2449a705a5d05258cc97747c66ea | |
parent | 25347f6ae6fe8e8d832962b63eab48a7cd7937da (diff) |
Prevent l2tpd from using PMTU discovery, setting the DF bit on all outgoing UDP packets (closes: #471)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@3621 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r-- | package/l2tpd/Makefile | 2 | ||||
-rw-r--r-- | package/l2tpd/patches/05-df-disable.patch | 25 |
2 files changed, 26 insertions, 1 deletions
diff --git a/package/l2tpd/Makefile b/package/l2tpd/Makefile index fa1a0f948..6435f35a7 100644 --- a/package/l2tpd/Makefile +++ b/package/l2tpd/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=l2tpd PKG_VERSION:=0.70pre PKG_UPSTREAM_VERSION:=0.70-pre20031121 -PKG_RELEASE:=3.1 +PKG_RELEASE:=4.1 PKG_MD5SUM:=3f2707b6e16a8cb72e7bf64f574202fa PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/l/l2tpd diff --git a/package/l2tpd/patches/05-df-disable.patch b/package/l2tpd/patches/05-df-disable.patch new file mode 100644 index 000000000..806c48d12 --- /dev/null +++ b/package/l2tpd/patches/05-df-disable.patch @@ -0,0 +1,25 @@ +Patch to stop l2tpd setting the DF bit on each of the packets it sends. +Apart from not being useful with L2TP, this also prevents interoperating +with Cisco IOS over IPSEC. + +--- l2tpd-0.70-pre20031121.orig/network.c.orig 2006-04-11 08:50:38.000000000 +0100 ++++ l2tpd-0.70-pre20031121.orig/network.c 2006-04-11 08:58:18.000000000 +0100 +@@ -56,6 +56,18 @@ + __FUNCTION__); + return -EINVAL; + }; ++#ifdef IP_MTU_DISCOVER ++#ifdef IP_PMTUDISC_DONT ++ { ++ /* Don't set DF bit on outbound packets */ ++ int val = IP_PMTUDISC_DONT; ++ if (setsockopt(server_socket, IPPROTO_IP, IP_MTU_DISCOVER, &val, sizeof(val)) < 0) ++ { ++ log (LOG_LOG, "Failed to disable PMTU discovery\n"); ++ } ++ } ++#endif ++#endif + /* L2TP/IPSec: Set up SA for listening port here? NTB 20011015 + */ + if (bind (server_socket, (struct sockaddr *) &server, sizeof (server))) |