Prevent l2tpd from using PMTU discovery, setting the DF bit on all outgoing UDP packets (closes: #471)

SVN-Revision: 3621
This commit is contained in:
Nicolas Thill 2006-04-12 00:17:43 +00:00
parent 7f83bd07b3
commit 4f22b94e09
2 changed files with 26 additions and 1 deletions

View File

@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=l2tpd
PKG_VERSION:=0.70pre
PKG_UPSTREAM_VERSION:=0.70-pre20031121
PKG_RELEASE:=3.1
PKG_RELEASE:=4.1
PKG_MD5SUM:=3f2707b6e16a8cb72e7bf64f574202fa
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/l/l2tpd

View File

@ -0,0 +1,25 @@
Patch to stop l2tpd setting the DF bit on each of the packets it sends.
Apart from not being useful with L2TP, this also prevents interoperating
with Cisco IOS over IPSEC.
--- l2tpd-0.70-pre20031121.orig/network.c.orig 2006-04-11 08:50:38.000000000 +0100
+++ l2tpd-0.70-pre20031121.orig/network.c 2006-04-11 08:58:18.000000000 +0100
@@ -56,6 +56,18 @@
__FUNCTION__);
return -EINVAL;
};
+#ifdef IP_MTU_DISCOVER
+#ifdef IP_PMTUDISC_DONT
+ {
+ /* Don't set DF bit on outbound packets */
+ int val = IP_PMTUDISC_DONT;
+ if (setsockopt(server_socket, IPPROTO_IP, IP_MTU_DISCOVER, &val, sizeof(val)) < 0)
+ {
+ log (LOG_LOG, "Failed to disable PMTU discovery\n");
+ }
+ }
+#endif
+#endif
/* L2TP/IPSec: Set up SA for listening port here? NTB 20011015
*/
if (bind (server_socket, (struct sockaddr *) &server, sizeof (server)))