Mpd 3.18 User Manual
: Introduction
: Change history
Previous: Organization of this manual
Next: Installation
1.4. Change history
Changes since version 3.17:
- BugFix: an empty authname was passed to the iface up/down scripts
in client-mode.
- BugFix: fix a mem-leak in the PPTP-Ctrl handling.
- BugFix: handle IP-Address-Assignement correctly, if the RADIUS
server doesen't send the Framed-IP-Address attribute.
Submitted by: Damir Bikmukhametov,
boco at ufanet dot ru
- BugFix: fix a SEGV when no bundles are defined and user types "quit".
- BugFix: fix a SEGV when no bundles are defined and the telnet console
was opened (in this case the tcp-wrapper option can't be checked).
- BugFix: fix build errors with newer versions of libradius.
- Added a new option for PPTP links for disabling the windowing mechanism
specified by the protocol. Disabling this will cause Mpd to violate
the protocol, possibly confusing other PPTP peers, but often results
in better performance. The windowing mechanism is a design error in
the PPTP protocol; L2TP, the successor to PPTP, removes it. You need
a recent version of FreeBSD (NGM_PPTPGRE_COOKIE >= 1082548365) in order
to get this feature.
set pptp disable windowing
Changes since version 3.16:
- BugFix: keep-alives were b0rked, and every other function wich relys on
valid link-stats.
- Added sample configs for ADSL-Austria.
- Fixed missing command line flags in man page and manual.
Changes since version 3.15:
- Added
set bundle max-logins num
option at bundle level
for limiting the max. amount of concurrent logins with the same username.
Original idea submitted by Andrey V. Elsukov <bu7cher@land.ru>
.
- Mpd has now its own link-stats with 64 bit counters. This
is a workaround for the 32 bit limitation of ng_ppp_link_stat.
- RADIUS enhancements:
- Set the RAD_ACCT_INPUT_GIGAWORDS and RAD_ACCT_OUTPUT_GIGAWORDS
attributes when sending accounting requests.
- Use the RAD_ACCT_INTERIM_INTERVAL attribute.
- Implemented PPPoE server functionality
- Added ability to configure ipfw firewall for clients using
vendor specific RADIUS attributes. Submitted by Alexander Motin
<mav@alkar.net>
.
- Added the possibility of choosing link by it's number (same as RAD_NAS_PORT) instead of name
Changes since version 3.14:
- Implemented a workaround for weird crashes when using RADIUS and PAP.
Thanx to Alexey Popov for helping debugging this problem.
- Added the possibility of sending periodic RADIUS Accounting updates.
Submitted by Vitaliy Akimov
<vx@bigline.net>
.
- Fixed usage of RAD_FRAMED_MTU, it is now interpreted as an upper limit and
not as absolute value.
set iface enable tcpmssfix
option added.
Submitted by Sergey Korolew
<dsATbittu.org.ru>
.
- New command line flag
-a
for specifying the telnet console
IP address. Original idea submitted by Andrey V. Elsukov
<bu7cher@land.ru>
.
Changes since version 3.13:
- Added session timeout, configurable at iface level.
- Added new configuration params:
chap-md5
chap-msv1
chap-msv2
at link level for explicitly configuring
the different CHAP methods. The formerly chap
parameter
is now an alias for chap-md5 chap-msv1 chap-msv2
.
MS-CHAPv1 is now disabled and denied by default. A better fallback
mechanism through the different auth-methods was implemented.
- More RADIUS fixes/features:
- Use also the RAD_SESSION_TIMEOUT.
- Fixed RAD_ACCT_TERMINATE_CAUSE.
- Fixed MPPE-Types negotiation.
- Session time is now calculated per link.
- Use RAD_FRAMED_ROUTE attribute.
- When no MPPE-Info's are returned by the server, but
MPPE-Keys are, then implicitely allow encryption with
all types (workaround for Microsoft IAS).
- Reset link statistics when the link goes down
set iface radius-route
option added.
Submitted by Alexander Motin
<mav@alkar.net>
.
- DNS servers added to interface up script.
Submitted by Josh Elsasser
<jre@vineyard.net>
.
- Fix bug in multi-session PPPoE support caused by incorrect
application of the original patch. Submitted by OGAWA Takaya
<t-ogawa@triaez.kaisei.org>
.
- Fix problem where IP address assignment from
mpd.secrets
would linger and affect subsequent connections on the same bundle.
Changes since version 3.12:
- Support for PPPoE node re-use added. Patch submitted by
Gleb Smirnoff
<glebius@cell.sick.ru>
.
See also FreeBSD PR
<ports/48138>
.
- Multi-session PPPoE support added. Patch submitted by
Hideyuki Nishiyama
<hnishi@mx5.harmonix.ne.jp>
- More RADIUS fixes from Michael Bretterklieber
<mbretter@jawa.at>
- After configuring the IP address, add a route to the
local IP address via
lo0
. This prevents packets destined
for the local machine from needlessly travelling across the link
and back. Patch submitted by Fabio Vilan
<fabio@isec.com.br>
Changes since version 3.11:
- Fixed bug in client-side MPPE key generation.
Changes since version 3.10:
- Support for authentication and IP address assignment via
RADIUS was added. Thanks to Michael Bretterklieber
<mbretter@jawa.at>
for submitting the patches.
- Support for finding passwords using an external authentication
script was added. Thanks to Gregory Bond
<gnb@itga.com.au>
for submitting the patches.
- Fixed build failure when MICROSOFT_CHAP is not enabled.
- Enabled support for DES encryption by default in the build.
- Fixed bug where LCP echo reply packets were being sent
with garbled payload contents.
- Fixed bug with
set iface mtu
where an inadvertent
set iface up-script
command would also be invoked.
- Removed LCP_MRU_MARGIN hack which should no longer be needed.
Note: you may need to explicitly use
set iface mtu
and/or
set link mtu
to get the previous MTU behavior for your
configuration.
- Fixed bug where outgoing PPTP requests were not being initiated
with the configured local source IP address. Note: using multiple PPTP
IP addresses at the same time for incoming connections still does not
work properly; workaround: use multiple MPD processes.
- Log the MTU being used each time an interface is configured.
- New command added:
set udp origination
.
- Link with libcrypto instead of the obsolete libdes.
- Added new command bundle option
noretry
.
- Install the PostScript version of the documentation as well.
- Bumped the max length for an up or down script to 128 (from 32).
Changes since version 3.9:
- Fixed more bugs when computing the interface MTU
- Added the
set iface mtu
command.
- Added troubleshooting chapter to the documentation.
- Peer authname is appended as an extra parameter to the
interface up and down scripts.
- Fixed broken links to IETR RFC's in the references chapter
of the documentation.
- Fixed bugs that only showed up on non-i386 hardware
(mostly alignment bugs).
- Added new GCC -W flags and fixed lots of GCC warnings.
Changes since version 3.8:
- Added the
set link mtu
command.
- Fixed typo in description of
set bundle period
command.
- Fixed incorrect description of
set ng hook
command.
- Updated HTML links to on-line Netgraph documents.
- Added HTML link to Microsoft update for Windows 95/98.
- When displaying bundles and links, show the links LCP state as well.
Changes since version 3.7:
- Now setting
max-redial
to -1 means mpd will never redial.
This is useful for dial-in servers.
- Increased the default
FD_SETSIZE
to 2048 so we can
handle lots of bundles, and made it compile-time adjustable.
- Allow multiple PPTP connections from the same IP address
when this is OK to do (no explicit peer IP addresses configured).
This allows multiple incoming connections through a remote NAT device.
- Added support for 56-bit MPPE encryption.
- Allow the inner and outer PPTP IP addresses to be the same,
relying on the kernel to return an error if it needs to.
This reverts the change put into version 3.3.
- Fixed bug in MTU calculation when doing MPPC/MPPE.
- Added the
set pptp phonenum number
command.
- Added documentation for the
delayed-ack
and always-ack
PPTP device configuration options.
- Minor tweaks to the sample config files.
Changes since version 3.6:
- Fix a bug where the MPPE keys were being incorrectly generated
when MS-CHAP was used to authenticate in both directions.
Changes since version 3.5:
- Fix MS-CHAPv2 acknowledge reply to workaround Win9x bug when
trying to negotiate MPPE encryption.
Changes since version 3.4:
- Fix an install problem on FreeBSD-current.
- Display the peer's authname and EID in ``show bundle'' command.
Changes since version 3.3:
- Support for MS-CHAPv2 when we are the server.
Always request MS-CHAPv2 first, then accept MS-CHAPv1
if the peer requests that instead.
- Fix for possible core dump in ECP code.
- Fix for bug in event library when an invalid file
descriptor is passed.
- Disallow allow PPTP peer inside and outside IP addresses
from being the same; we know this won't work.
- Fixed bug in PAP code where the PAP response packet would
be improperly formatted.
- Accept EINPROGRESS error from ng_ksocket connect message.
This happens on FreeBSD-current for some reason.
- Accept PPTP messages with non-zero values in reserved
fields. They violate the specification but some peers
send them anyway.
- Remove bogus extra field in definition of PPTP StopCtrlConnReply.
Changes since version 3.2:
- There is no longer a fixed limit to the number of
bundles and/or links that may be created.
- Better random number generation using
srandomdev(4)
.
- Miscellaneous minor bug fixes.
- Support for authenticating to the peer using Microsoft CHAP Version 2
has been added.
Note:
When authenticating the peer, only Version 1 is requested.
- Hostnames are allowed in the configuration files.
The latter two are thanks to Franco Venturi
<fventuri@mediaone.net>
Mpd 3.18 User Manual
: Introduction
: Change history
Previous: Organization of this manual
Next: Installation