diff -brau openl2tp-1.8.o/doc/openl2tp_rpc.4 openl2tp-1.8/doc/openl2tp_rpc.4 --- openl2tp-1.8.o/doc/openl2tp_rpc.4 2011-06-04 10:02:34.000000000 +0200 +++ openl2tp-1.8/doc/openl2tp_rpc.4 2011-06-04 21:17:22.000000000 +0200 @@ -719,6 +719,10 @@ .B chap_restart Retransmission timeout for CHAP challenges. Default=3. .TP +.B clientip_as_ipparam +Whether or not to pass the remote client ip (connecting IP) as ipparam to pppd +(similar to to pptpd). +.TP .B pap_max_auth_reqs Maximum number of PAP authenticate-request transmissions. Default=10. .TP diff -brau openl2tp-1.8.o/l2tp_common.c openl2tp-1.8/l2tp_common.c --- openl2tp-1.8.o/l2tp_common.c 2011-06-04 21:00:45.000000000 +0200 +++ openl2tp-1.8/l2tp_common.c 2011-06-04 21:19:46.000000000 +0200 @@ -931,6 +931,7 @@ if (OPTSTRING_PTR(pp->remote_name) != NULL) { len += fprintf(file, " remote name for authentication: %s\n", OPTSTRING(pp->remote_name)); } + len += fprintf(file, " clientip as ipparam: %s\n", pp->clientip_as_ipparam ? "YES" : "NO"); len += fprintf(file, " max connect time: %d, max failure count: %d, idle timeout: %d\n", pp->max_connect_time, pp->max_failure_count, pp->idle_timeout); if (pp->asyncmap != 0) { diff -brau openl2tp-1.8.o/l2tp_config.c openl2tp-1.8/l2tp_config.c --- openl2tp-1.8.o/l2tp_config.c 2011-06-04 11:43:03.000000000 +0200 +++ openl2tp-1.8/l2tp_config.c 2011-06-04 21:30:48.000000000 +0200 @@ -3124,6 +3124,7 @@ L2TP_PPP_ARGID_REMOTE_NAME, L2TP_PPP_ARGID_PROXY_ARP, L2TP_PPP_ARGID_OPTIONSFILE, + L2TP_PPP_ARGID_CLIENTIP_AS_IPPARAM, } l2tp_ppp_arg_ids_t; #undef ARG @@ -3189,7 +3190,8 @@ ARG(USE_AS_DEFAULT_ROUTE, "default_route", 0, bool, "Use link as default route"), \ ARG(MULTILINK, "multilink", 0, bool, "Enable PPP multilink connections."), \ ARG(PROXY_ARP, "proxy_arp", 0, bool, "Use proxy arp."), \ - ARG(OPTIONSFILE, "optionsfile", 0, string, "ppp options file to use") + ARG(OPTIONSFILE, "optionsfile", 0, string, "ppp options file to use"), \ + ARG(CLIENTIP_AS_IPPARAM, "clientip_as_ipparam", 0, bool, "Pass the connecting client's IP as ipparam to pppd.") static struct cli_arg_entry l2tp_args_ppp_profile_create[] = { @@ -3270,6 +3272,7 @@ FLG(MULTILINK, "multilink", "Enable PPP multilink connections."), \ FLG(PROXY_ARP, "proxy_arp", "Use proxy arp."), FLG(OPTIONSFILE, "optionsfile", "ppp options file to use"), + FLG(CLIENTIP_AS_IPPARAM, "clientip_as_ipparam", "Pass the connecting client's IP as ipparam to pppd."), { NULL, }, }; @@ -3500,6 +3503,9 @@ msg->optionsfile.valid = 1; msg->flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; break; + case L2TP_PPP_ARGID_CLIENTIP_AS_IPPARAM: + L2TP_ACT_PARSE_ARG(arg, arg_value, msg->clientip_as_ipparam, msg->flags2, L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM); + break; } result = 0; @@ -3871,6 +3877,9 @@ case L2TP_PPP_ARGID_OPTIONSFILE: msg.flags2 |= L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE; break; + case L2TP_PPP_ARGID_CLIENTIP_AS_IPPARAM: + msg.flags2 |= L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM; + break; } } L2TP_ACT_END(); @@ -4883,6 +4892,7 @@ L2TP_API_PPP_PROFILE_FLAG_REMOTE_NAME | L2TP_API_PPP_PROFILE_FLAG_PROXY_ARP | L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE | + L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM | L2TP_API_PPP_PROFILE_FLAG_AUTH_NONE | L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_EAP | L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_MSCHAPV2 | @@ -5047,6 +5057,9 @@ if ((cfg->flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) && (OPTSTRING_PTR(cfg->optionsfile) != NULL)) { fprintf(file, "\toptionsfile=%s \\\n", OPTSTRING_PTR(cfg->optionsfile)); } + if (cfg->flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { + fprintf(file, "\tclientip_as_ipparam=%s \\\n", Y_OR_N(cfg->clientip_as_ipparam)); + } fprintf(file, "\n"); } } diff -brau openl2tp-1.8.o/l2tp_config_parse.y openl2tp-1.8/l2tp_config_parse.y --- openl2tp-1.8.o/l2tp_config_parse.y 2011-06-04 11:11:42.000000000 +0200 +++ openl2tp-1.8/l2tp_config_parse.y 2011-06-04 21:34:04.000000000 +0200 @@ -155,6 +155,7 @@ %token BOOL %token IPADDRESS %token OPTIONSFILE +%token CLIENTIP_AS_IPPARAM %token INITIAL_RCVD_LCP_CONFREQ %token CALLING_NUMBER @@ -1180,6 +1181,11 @@ OPTSTRING(ppp_profile.optionsfile) = $3.buf; ppp_profile.optionsfile.valid = 1; } + | CLIENTIP_AS_IPPARAM EQUALS BOOL + { + ppp_profile.flags2 |= L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM; + ppp_profile.clientip_as_ipparam = $3; + } ; tunnel_command diff -brau openl2tp-1.8.o/l2tp_config_token.l openl2tp-1.8/l2tp_config_token.l --- openl2tp-1.8.o/l2tp_config_token.l 2011-06-04 11:08:31.000000000 +0200 +++ openl2tp-1.8/l2tp_config_token.l 2011-06-04 21:34:50.000000000 +0200 @@ -192,6 +192,7 @@ auth_none { return(AUTH_NOAUTH); } auth_peer { return(AUTH_PEER); } optionsfile { return(OPTIONSFILE); } +clientip_as_ipparam { return(CLIENTIP_AS_IPPARAM); } {ws} { } {linecont} { lineno++; } diff -brau openl2tp-1.8.o/l2tp_ppp.c openl2tp-1.8/l2tp_ppp.c --- openl2tp-1.8.o/l2tp_ppp.c 2011-06-04 16:08:25.000000000 +0200 +++ openl2tp-1.8/l2tp_ppp.c 2011-06-04 21:42:37.000000000 +0200 @@ -71,6 +71,7 @@ int auth_refuse_mschapv2:1; int auth_refuse_eap:1; char *optionsfile; + int clientip_as_ipparam; }; static struct l2tp_ppp_profile *l2tp_ppp_defaults; @@ -245,6 +246,9 @@ if (msg->flags2 & L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE) { L2TP_SET_OPTSTRING_VAR(profile, optionsfile); } + if (msg->flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { + profile->clientip_as_ipparam = msg->clientip_as_ipparam; + } out: return result; @@ -294,6 +298,7 @@ profile->chap_interval = l2tp_ppp_defaults->chap_interval; profile->chap_max_challenge = l2tp_ppp_defaults->chap_max_challenge; profile->chap_restart = l2tp_ppp_defaults->chap_restart; + profile->clientip_as_ipparam = l2tp_ppp_defaults->clientip_as_ipparam; profile->pap_max_auth_requests = l2tp_ppp_defaults->pap_max_auth_requests; profile->pap_restart_interval = l2tp_ppp_defaults->pap_restart_interval; profile->pap_timeout = l2tp_ppp_defaults->pap_timeout; @@ -553,6 +558,7 @@ result->chap_interval = profile->chap_interval; result->chap_max_challenge = profile->chap_max_challenge; result->chap_restart = profile->chap_restart; + result->clientip_as_ipparam = profile->clientip_as_ipparam; result->pap_max_auth_requests = profile->pap_max_auth_requests; result->pap_restart_interval = profile->pap_restart_interval; result->pap_timeout = profile->pap_timeout; @@ -893,6 +899,9 @@ } profile->optionsfile = NULL; } + if (msg.flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { + profile->use_radius = L2TP_API_PPP_PROFILE_DEFAULT_CLIENTIP_AS_IPPARAM; + } /* Clear all requested flags */ profile->flags &= ~(msg.flags); diff -brau openl2tp-1.8.o/l2tp_rpc.x openl2tp-1.8/l2tp_rpc.x --- openl2tp-1.8.o/l2tp_rpc.x 2011-06-04 11:06:08.000000000 +0200 +++ openl2tp-1.8/l2tp_rpc.x 2011-06-04 21:45:00.000000000 +0200 @@ -947,6 +947,7 @@ const L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_PAP = 131072; const L2TP_API_PPP_PROFILE_FLAG_AUTH_PEER = 262144; const L2TP_API_PPP_PROFILE_FLAG_OPTIONSFILE = 524288; +const L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM = 1048576; /* Default values for PPP profile attributes. * These are used if an explicit value is not provided by the user. @@ -995,6 +996,7 @@ const L2TP_API_PPP_PROFILE_DEFAULT_MULTILINK = 0; const L2TP_API_PPP_PROFILE_DEFAULT_PROXY_ARP = 0; const L2TP_API_PPP_PROFILE_DEFAULT_OPTIONSFILE = ""; +const L2TP_API_PPP_PROFILE_DEFAULT_CLIENTIP_AS_IPPARAM = 0; enum l2tp_api_ppp_sync_mode { L2TP_API_PPP_SYNCMODE_SYNC_ASYNC, @@ -1054,6 +1056,7 @@ optstring remote_name; bool proxy_arp; optstring optionsfile; + bool clientip_as_ipparam; }; struct l2tp_api_ppp_profile_list_entry { diff -brau openl2tp-1.8.o/plugins/ppp_unix.c openl2tp-1.8/plugins/ppp_unix.c --- openl2tp-1.8.o/plugins/ppp_unix.c 2011-06-04 14:41:43.000000000 +0200 +++ openl2tp-1.8/plugins/ppp_unix.c 2011-06-04 22:11:54.000000000 +0200 @@ -295,6 +295,13 @@ argv[arg++] = "sync"; } + /* Check if we should pass ipparam */ + if (params->flags2 & L2TP_API_PPP_PROFILE_FLAG_CLIENTIP_AS_IPPARAM) { + argv[arg++] = "ipparam"; + ip.s_addr = l2tp_tunnel_get_peer_addr(ppp->tunnel)->sin_addr.s_addr; + argv[arg++] = strdup(inet_ntoa(ip)); + } + /* ppp auth options */ if ((params->flags2 & L2TP_API_PPP_PROFILE_FLAG_AUTH_REFUSE_EAP) && params->auth_refuse_eap) {