From: Nicolas Thill Date: Wed, 12 Apr 2006 00:17:43 +0000 (+0000) Subject: Prevent l2tpd from using PMTU discovery, setting the DF bit on all outgoing UDP packe... X-Git-Tag: reboot~30848 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=4f22b94e09e81480d2bbe00372e0b536ff0cd12a;p=openwrt%2Fstaging%2Fblogic.git Prevent l2tpd from using PMTU discovery, setting the DF bit on all outgoing UDP packets (closes: #471) SVN-Revision: 3621 --- diff --git a/openwrt/package/l2tpd/Makefile b/openwrt/package/l2tpd/Makefile index fa1a0f948907..6435f35a7d4c 100644 --- a/openwrt/package/l2tpd/Makefile +++ b/openwrt/package/l2tpd/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=l2tpd PKG_VERSION:=0.70pre PKG_UPSTREAM_VERSION:=0.70-pre20031121 -PKG_RELEASE:=3.1 +PKG_RELEASE:=4.1 PKG_MD5SUM:=3f2707b6e16a8cb72e7bf64f574202fa PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/l/l2tpd diff --git a/openwrt/package/l2tpd/patches/05-df-disable.patch b/openwrt/package/l2tpd/patches/05-df-disable.patch new file mode 100644 index 000000000000..806c48d128ae --- /dev/null +++ b/openwrt/package/l2tpd/patches/05-df-disable.patch @@ -0,0 +1,25 @@ +Patch to stop l2tpd setting the DF bit on each of the packets it sends. +Apart from not being useful with L2TP, this also prevents interoperating +with Cisco IOS over IPSEC. + +--- l2tpd-0.70-pre20031121.orig/network.c.orig 2006-04-11 08:50:38.000000000 +0100 ++++ l2tpd-0.70-pre20031121.orig/network.c 2006-04-11 08:58:18.000000000 +0100 +@@ -56,6 +56,18 @@ + __FUNCTION__); + return -EINVAL; + }; ++#ifdef IP_MTU_DISCOVER ++#ifdef IP_PMTUDISC_DONT ++ { ++ /* Don't set DF bit on outbound packets */ ++ int val = IP_PMTUDISC_DONT; ++ if (setsockopt(server_socket, IPPROTO_IP, IP_MTU_DISCOVER, &val, sizeof(val)) < 0) ++ { ++ log (LOG_LOG, "Failed to disable PMTU discovery\n"); ++ } ++ } ++#endif ++#endif + /* L2TP/IPSec: Set up SA for listening port here? NTB 20011015 + */ + if (bind (server_socket, (struct sockaddr *) &server, sizeof (server)))