ppp/ppp-2.4.3-noexttraffic.patch

diff -Naurp ppp-2.4.4/pppd/Makefile.linux ppp-2.4.4.oden/pppd/Makefile.linux
--- ppp-2.4.4/pppd/Makefile.linux	2008-12-17 18:25:33.000000000 +0100
+++ ppp-2.4.4.oden/pppd/Makefile.linux	2008-12-17 18:25:46.000000000 +0100
@@ -60,6 +60,8 @@ HAVE_MULTILINK=y
 # Linux distributions: Please leave TDB ENABLED in your builds.
 USE_TDB=y
 
+NOEXT_TRAFFIC=y
+
 HAS_SHADOW=y
 USE_PAM=y
 #HAVE_INET6=y
@@ -94,6 +96,10 @@ CFLAGS   += -DMPPE=1
 endif
 endif
 
+ifdef NOEXT_TRAFFIC
+CFLAGS += -DNOEXT_TRAFFIC
+endif
+
 # EAP SRP-SHA1
 ifdef USE_SRP
 CFLAGS	+= -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
diff -Naurp ppp-2.4.4/pppd/auth.c ppp-2.4.4.oden/pppd/auth.c
--- ppp-2.4.4/pppd/auth.c	2006-06-18 13:26:00.000000000 +0200
+++ ppp-2.4.4.oden/pppd/auth.c	2008-12-17 18:25:46.000000000 +0100
@@ -242,6 +242,11 @@ static char *uafname;		/* name of most r
 
 extern char *crypt __P((const char *, const char *));
 
+#ifdef NOEXT_TRAFFIC
+/* Boolean to care for external traffic or not. Defined in options.c */
+extern int noexttraffic;
+#endif
+
 /* Prototypes for procedures local to this file. */
 
 static void network_phase __P((int));
@@ -1182,6 +1187,14 @@ check_idle(arg)
 	tlim = idle_time_hook(&idle);
     } else {
 	itime = MIN(idle.xmit_idle, idle.recv_idle);
+#ifdef NOEXT_TRAFFIC  /* modified version, additional commandline-switch noext-traffic */
+	if (!noexttraffic)
+		itime = MIN(idle.xmit_idle, idle.recv_idle);
+	else
+		itime = idle.xmit_idle;
+#else  /* standard version */
+          itime = MIN(idle.xmit_idle, idle.recv_idle);
+#endif
 	tlim = idle_time_limit - itime;
     }
     if (tlim <= 0) {
diff -Naurp ppp-2.4.4/pppd/options.c ppp-2.4.4.oden/pppd/options.c
--- ppp-2.4.4/pppd/options.c	2006-06-18 13:26:00.000000000 +0200
+++ ppp-2.4.4.oden/pppd/options.c	2008-12-17 18:25:46.000000000 +0100
@@ -127,6 +127,10 @@ int maxoctets_timeout = 1;   /* default 
 #endif
 
 
+#ifdef NOEXT_TRAFFIC
+int noexttraffic = 0; /* decide whether or not we want to care for traffic from extern */
+#endif
+
 extern option_t auth_options[];
 extern struct stat devstat;
 
@@ -307,6 +311,9 @@ option_t general_options[] = {
     { "active-filter", o_special, setactivefilter,
       "set filter for active pkts", OPT_PRIO },
 #endif
+#ifdef NOEXT_TRAFFIC
+    { "noext-traffic", o_bool, (void *)&noexttraffic, "ignore external pkts for timeout", 1 },
+#endif
 
 #ifdef MAXOCTETS
     { "maxoctets", o_int, &maxoctets,
diff -Naurp ppp-2.4.4/pppd/pppd.8 ppp-2.4.4.oden/pppd/pppd.8
--- ppp-2.4.4/pppd/pppd.8	2006-06-16 02:01:23.000000000 +0200
+++ ppp-2.4.4.oden/pppd/pppd.8	2008-12-17 18:25:46.000000000 +0100
@@ -292,6 +292,20 @@ logged through syslog with facility \fId
 \fIdebug\fR.  This information can be directed to a file by setting up
 /etc/syslog.conf appropriately (see syslog.conf(5)).
 .TP
+.B noext-traffic
+Do not count incoming traffic against the idle time set with the idle
+option.  The default idle option behavior is to count both outgoing
+and incoming traffic.  This can be very helpful when remote hosts
+keeping sending unwanted traffic, thereby keeping the connection up.
+
+Note that this \fIcannot\fR prevent programs from responding to incoming
+requests and in doing so defeat the idle option.  The route program
+\fIreject\fR parameter might help in that case when enough is known about
+IP address space of the site generating the unwanted requests.  If you
+initiated contact with the site generating the requests, say with a
+web browser, then denying ingress with the "reject" parameter probably
+won't be a viable option.
+.
 .B default\-asyncmap
 Disable asyncmap negotiation, forcing all control characters to be
 escaped for both the transmit and the receive direction.
Automatic import for version 2.4.5 2012-02-01 14:14:20 +04:00			`diff -Naurp ppp-2.4.4/pppd/Makefile.linux ppp-2.4.4.oden/pppd/Makefile.linux`
			`--- ppp-2.4.4/pppd/Makefile.linux 2008-12-17 18:25:33.000000000 +0100`
			`+++ ppp-2.4.4.oden/pppd/Makefile.linux 2008-12-17 18:25:46.000000000 +0100`
			`@@ -60,6 +60,8 @@ HAVE_MULTILINK=y`
			`# Linux distributions: Please leave TDB ENABLED in your builds.`
			`USE_TDB=y`

			`+NOEXT_TRAFFIC=y`
			`+`
			`HAS_SHADOW=y`
			`USE_PAM=y`
			`#HAVE_INET6=y`
			`@@ -94,6 +96,10 @@ CFLAGS += -DMPPE=1`
			`endif`
			`endif`

			`+ifdef NOEXT_TRAFFIC`
			`+CFLAGS += -DNOEXT_TRAFFIC`
			`+endif`
			`+`
			`# EAP SRP-SHA1`
			`ifdef USE_SRP`
			`CFLAGS += -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include`
			`diff -Naurp ppp-2.4.4/pppd/auth.c ppp-2.4.4.oden/pppd/auth.c`
			`--- ppp-2.4.4/pppd/auth.c 2006-06-18 13:26:00.000000000 +0200`
			`+++ ppp-2.4.4.oden/pppd/auth.c 2008-12-17 18:25:46.000000000 +0100`
			`@@ -242,6 +242,11 @@ static char uafname; / name of most r`

			`extern char crypt __P((const char , const char *));`

			`+#ifdef NOEXT_TRAFFIC`
			`+/* Boolean to care for external traffic or not. Defined in options.c */`
			`+extern int noexttraffic;`
			`+#endif`
			`+`
			`/* Prototypes for procedures local to this file. */`

			`static void network_phase __P((int));`
			`@@ -1182,6 +1187,14 @@ check_idle(arg)`
			`tlim = idle_time_hook(&idle);`
			`} else {`
			`itime = MIN(idle.xmit_idle, idle.recv_idle);`
			`+#ifdef NOEXT_TRAFFIC /* modified version, additional commandline-switch noext-traffic */`
			`+ if (!noexttraffic)`
			`+ itime = MIN(idle.xmit_idle, idle.recv_idle);`
			`+ else`
			`+ itime = idle.xmit_idle;`
			`+#else /* standard version */`
			`+ itime = MIN(idle.xmit_idle, idle.recv_idle);`
			`+#endif`
			`tlim = idle_time_limit - itime;`
			`}`
			`if (tlim <= 0) {`
			`diff -Naurp ppp-2.4.4/pppd/options.c ppp-2.4.4.oden/pppd/options.c`
			`--- ppp-2.4.4/pppd/options.c 2006-06-18 13:26:00.000000000 +0200`
			`+++ ppp-2.4.4.oden/pppd/options.c 2008-12-17 18:25:46.000000000 +0100`
			`@@ -127,6 +127,10 @@ int maxoctets_timeout = 1; /* default`
			`#endif`


			`+#ifdef NOEXT_TRAFFIC`
			`+int noexttraffic = 0; /* decide whether or not we want to care for traffic from extern */`
			`+#endif`
			`+`
			`extern option_t auth_options[];`
			`extern struct stat devstat;`

			`@@ -307,6 +311,9 @@ option_t general_options[] = {`
			`{ "active-filter", o_special, setactivefilter,`
			`"set filter for active pkts", OPT_PRIO },`
			`#endif`
			`+#ifdef NOEXT_TRAFFIC`
			`+ { "noext-traffic", o_bool, (void *)&noexttraffic, "ignore external pkts for timeout", 1 },`
			`+#endif`

			`#ifdef MAXOCTETS`
			`{ "maxoctets", o_int, &maxoctets,`
			`diff -Naurp ppp-2.4.4/pppd/pppd.8 ppp-2.4.4.oden/pppd/pppd.8`
			`--- ppp-2.4.4/pppd/pppd.8 2006-06-16 02:01:23.000000000 +0200`
			`+++ ppp-2.4.4.oden/pppd/pppd.8 2008-12-17 18:25:46.000000000 +0100`
			`@@ -292,6 +292,20 @@ logged through syslog with facility \fId`
			`\fIdebug\fR. This information can be directed to a file by setting up`
			`/etc/syslog.conf appropriately (see syslog.conf(5)).`
			`.TP`
			`+.B noext-traffic`
			`+Do not count incoming traffic against the idle time set with the idle`
			`+option. The default idle option behavior is to count both outgoing`
			`+and incoming traffic. This can be very helpful when remote hosts`
			`+keeping sending unwanted traffic, thereby keeping the connection up.`
			`+`
			`+Note that this \fIcannot\fR prevent programs from responding to incoming`
			`+requests and in doing so defeat the idle option. The route program`
			`+\fIreject\fR parameter might help in that case when enough is known about`
			`+IP address space of the site generating the unwanted requests. If you`
			`+initiated contact with the site generating the requests, say with a`
			`+web browser, then denying ingress with the "reject" parameter probably`
			`+won't be a viable option.`
			`+.`
			`.B default\-asyncmap`
			`Disable asyncmap negotiation, forcing all control characters to be`
			`escaped for both the transmit and the receive direction.`