Hi,
On Sun, 29 Jan 2023 14:35:05 +0300
Vitaliy Makkoveev <[email protected]> wrote:
> While switchind pppx(4) and pppac(4) from selwakeup() to KNOTE(9), I
> found npppd(8) doesn't create pppx interface with "pipex no" in
> npppd.conf, but successfully connects the client. So packets don't flow.
> However, the pppac(4) has no this problem, because corresponding pppac
> interface always created when npppd(8) opened device node.
>
> In fact, npppd(8) will not work with pppx(4) interfaces without pipex(4)
> support. Otherwise npppd(8) should create pppx(4) sessions with not
> pipex(4) specific PIPEXASESSION ioctl(2) command.
>
> I propose to remove "pipex" option from npppd(8). We already have
> "net.pipex.enable" sysctl MIB to control pipex behaviour. In the case
> then "net.pipex.enable" is set to 0, pipex(4) sessions will be always
> created, but the traffic will go outside pipex(4) layer.
>
> The "ifdef USE_NPPPD_PIPEX" left as is. If we decide to remove them, I
> will do this with the next diffs.
Will the next diff remove the networking part (MPPE, IP) as well?
> Please note, we never have complains about the problem described above,
> so I doubt someone uses npppd(8) with "pipex no" in the npppd.conf(5).
I don't know why you configured "pipex no", I suppose it was for
debug. I also actually use "pipex no" when debug or development.
If having "pipex yes/no" configuration is misleading, we can improve
the man page or the configuration itself.
> I tested both pppac(4) and pppx(4) cases with both "net.pipex.enable=1"
> and "net.pipex.enable=0".
>
> Index: usr.sbin/npppd/npppd/npppd.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/npppd/npppd/npppd.c,v
> retrieving revision 1.53
> diff -u -p -r1.53 npppd.c
> --- usr.sbin/npppd/npppd/npppd.c 1 Jul 2022 09:57:24 -0000 1.53
> +++ usr.sbin/npppd/npppd/npppd.c 29 Jan 2023 11:04:30 -0000
> @@ -235,14 +235,12 @@ npppd_get_npppd()
> int
> npppd_init(npppd *_this, const char *config_file)
> {
> - int i, status = -1, value;
> + int i, status = -1;
> const char *pidpath0;
> FILE *pidfp = NULL;
> struct tunnconf *tunn;
> struct ipcpconf *ipcpconf;
> struct ipcpstat *ipcpstat;
> - int mib[] = { CTL_NET, PF_PIPEX, PIPEXCTL_ENABLE };
> - size_t size;
>
> memset(_this, 0, sizeof(npppd));
> #ifndef NO_ROUTE_FOR_POOLED_ADDRESS
> @@ -294,17 +292,6 @@ npppd_init(npppd *_this, const char *con
> if ((status = npppd_reload_config(_this)) != 0)
> return status;
>
> - TAILQ_FOREACH(tunn, &_this->conf.tunnconfs, entry) {
> - if (tunn->pipex) {
> - size = sizeof(value);
> - if (!sysctl(mib, nitems(mib), &value, &size, NULL, 0)
> - && value == 0)
> - log_printf(LOG_WARNING,
> - "pipex(4) is disabled by sysctl");
> - break;
> - }
> - }
> -
> if ((_this->map_user_ppp = hash_create(
> (int (*) (const void *, const void *))strcmp, str_hash,
> NPPPD_USER_HASH_SIZ)) == NULL) {
> @@ -1052,7 +1039,6 @@ npppd_ppp_pipex_enable(npppd *_this, npp
>
> NPPPD_ASSERT(ppp != NULL);
> NPPPD_ASSERT(ppp->phy_context != NULL);
> - NPPPD_ASSERT(ppp->use_pipex != 0);
>
> pipex_setup_common(ppp, &req);
>
> Index: usr.sbin/npppd/npppd/npppd.conf.5
> ===================================================================
> RCS file: /cvs/src/usr.sbin/npppd/npppd/npppd.conf.5,v
> retrieving revision 1.30
> diff -u -p -r1.30 npppd.conf.5
> --- usr.sbin/npppd/npppd/npppd.conf.5 31 Mar 2022 17:27:30 -0000 1.30
> +++ usr.sbin/npppd/npppd/npppd.conf.5 29 Jan 2023 11:04:30 -0000
> @@ -349,19 +349,6 @@ the address assigned by
> for the link.
> The default value is
> .Dq no .
> -.It Ic pipex Ar yes | no
> -Specify whether
> -.Xr npppd 8
> -uses
> -.Xr pipex 4 .
> -The default is
> -.Dq yes .
> -The
> -.Xr sysctl 8
> -variable
> -.Va net.pipex.enable
> -should also be enabled to use
> -.Xr pipex 4 .
> .It Ic debug-dump-pktin Ar protocol ...
> If this option is specified,
> .Xr npppd 8
> Index: usr.sbin/npppd/npppd/npppd.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/npppd/npppd/npppd.h,v
> retrieving revision 1.19
> diff -u -p -r1.19 npppd.h
> --- usr.sbin/npppd/npppd/npppd.h 12 Aug 2017 11:20:34 -0000 1.19
> +++ usr.sbin/npppd/npppd/npppd.h 29 Jan 2023 11:04:30 -0000
> @@ -133,8 +133,6 @@ struct tunnconf {
> bool ingress_filter;
> int callnum_check;
>
> - bool pipex;
> -
> u_int debug_dump_pktin;
> u_int debug_dump_pktout;
> };
> Index: usr.sbin/npppd/npppd/parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/npppd/npppd/parse.y,v
> retrieving revision 1.25
> diff -u -p -r1.25 parse.y
> --- usr.sbin/npppd/npppd/parse.y 15 Oct 2021 15:01:28 -0000 1.25
> +++ usr.sbin/npppd/npppd/parse.y 29 Jan 2023 11:04:30 -0000
> @@ -125,7 +125,7 @@ typedef struct {
> %token L2TP_HELLO_INTERVAL L2TP_HELLO_TIMEOUT L2TP_ACCEPT_DIALIN
> %token MPPE MPPE_KEY_LENGTH MPPE_KEY_STATE
> %token IDLE_TIMEOUT TCP_MSS_ADJUST INGRESS_FILTER CALLNUM_CHECK
> -%token PIPEX DEBUG_DUMP_PKTIN DEBUG_DUMP_PKTOUT
> +%token DEBUG_DUMP_PKTIN DEBUG_DUMP_PKTOUT
> %token AUTHENTICATION TYPE LOCAL USERNAME_SUFFIX USERNAME_PREFIX
> EAP_CAPABLE
> %token STRIP_NT_DOMAIN STRIP_ATMARK_REALM USERS_FILE
> %token RADIUS AUTHENTICATION_SERVER ACCOUNTING_SERVER PORT
> @@ -504,9 +504,6 @@ tunnopt : LISTEN ON addressport {
> | CALLNUM_CHECK yesno {
> curr_tunnconf->callnum_check = $2;
> }
> - | PIPEX yesno {
> - curr_tunnconf->pipex = $2;
> - }
> | DEBUG_DUMP_PKTIN protobit_l {
> curr_tunnconf->debug_dump_pktin = $2;
> }
> @@ -1054,7 +1051,6 @@ lookup(char *s)
> { "no", NO},
> { "on", ON},
> { "pap", PAP},
> - { "pipex", PIPEX},
> { "pool-address", POOL_ADDRESS},
> { "port", PORT},
> { "pppoe", PPPOE},
> Index: usr.sbin/npppd/npppd/ppp.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/npppd/npppd/ppp.c,v
> retrieving revision 1.30
> diff -u -p -r1.30 ppp.c
> --- usr.sbin/npppd/npppd/ppp.c 29 Mar 2021 03:54:39 -0000 1.30
> +++ usr.sbin/npppd/npppd/ppp.c 29 Jan 2023 11:04:30 -0000
> @@ -151,9 +151,6 @@ ppp_init(npppd *pppd, npppd_ppp *_this)
> }
> _this->adjust_mss = (conf->tcp_mss_adjust)? 1 : 0;
>
> -#ifdef USE_NPPPD_PIPEX
> - _this->use_pipex = (conf->pipex)? 1 : 0;
> -#endif
> /* load the logging configuration */
> _this->ingress_filter = (conf->ingress_filter)? 1 : 0;
>
> @@ -1120,8 +1117,6 @@ fail:
> static void
> ppp_on_network_pipex(npppd_ppp *_this)
> {
> - if (_this->use_pipex == 0)
> - return;
> if (_this->tunnel_type != NPPPD_TUNNEL_PPTP &&
> _this->tunnel_type != NPPPD_TUNNEL_PPPOE &&
> _this->tunnel_type != NPPPD_TUNNEL_L2TP)
> @@ -1167,7 +1162,6 @@ ppp_proto_bit(int proto)
> struct tunnconf tunnconf_default_l2tp = {
> .mru = 1360,
> .tcp_mss_adjust = false,
> - .pipex = true,
> .ingress_filter = false,
> .lcp_keepalive = false,
> .lcp_keepalive_interval = DEFAULT_LCP_ECHO_INTERVAL,
> @@ -1202,7 +1196,6 @@ struct tunnconf tunnconf_default_l2tp =
> struct tunnconf tunnconf_default_pptp = {
> .mru = 1400,
> .tcp_mss_adjust = false,
> - .pipex = true,
> .ingress_filter = false,
> .lcp_keepalive = true,
> .lcp_keepalive_interval = DEFAULT_LCP_ECHO_INTERVAL,
> @@ -1228,7 +1221,6 @@ struct tunnconf tunnconf_default_pptp =
> struct tunnconf tunnconf_default_pppoe = {
> .mru = 1492,
> .tcp_mss_adjust = false,
> - .pipex = true,
> .ingress_filter = false,
> .lcp_keepalive = true,
> .lcp_keepalive_interval = DEFAULT_LCP_ECHO_INTERVAL,
> Index: usr.sbin/npppd/npppd/ppp.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/npppd/npppd/ppp.h,v
> retrieving revision 1.24
> diff -u -p -r1.24 ppp.h
> --- usr.sbin/npppd/npppd/ppp.h 28 Dec 2022 21:30:17 -0000 1.24
> +++ usr.sbin/npppd/npppd/ppp.h 29 Jan 2023 11:04:30 -0000
> @@ -533,8 +533,6 @@ struct _npppd_ppp {
> adjust_mss:1,
> /** authentication once */
> auth_runonce:1,
> - /** use pipex? */
> - use_pipex:1,
> /** pipex is started? (even if it is not available) */
> pipex_started:1,
> /** pipex is enabled? */
