From owner-freebsd-net@FreeBSD.ORG  Tue Feb 28 00:02:46 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 48C0116A420
	for <freebsd-net@freebsd.org>; Tue, 28 Feb 2006 00:02:46 +0000 (GMT)
	(envelope-from andre@netvision.com.br)
Received: from mx.netvision.com.br (mx7.netvision.com.br [200.215.94.44])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C3FE943D45
	for <freebsd-net@freebsd.org>; Tue, 28 Feb 2006 00:02:41 +0000 (GMT)
	(envelope-from andre@netvision.com.br)
Received: from localhost (localhost [127.0.0.1])
	by mailer.netvision.com.br (Postfix) with ESMTP id 9F65E20D91B
	for <freebsd-net@freebsd.org>; Mon, 27 Feb 2006 21:02:38 -0300 (BRT)
Received: from devel.netvision.com.br (unknown [201.14.160.71])
	by mx.netvision.com.br (Postfix) with ESMTP id CD5A61F80A1
	for <freebsd-net@freebsd.org>; Mon, 27 Feb 2006 21:02:37 -0300 (BRT)
From: Andre Luiz dos Santos <andre@netvision.com.br>
To: freebsd-net@freebsd.org
Date: Mon, 20 Feb 2006 10:09:34 -0300
User-Agent: KMail/1.8.2
X-ReadMe: What are you doing reading the headers? :-)
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200602201009.35208.andre@netvision.com.br>
X-Virus-Scanned: amavisd-new at netvision.com.br
Subject: pppoed patch
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Feb 2006 00:02:46 -0000

I've written a patch for pppoed.c 1.24 that adds the following options:

-c <procs> Maximum number of processes pppoed can run simultaneously.
-m <procs/mac> Same as -c but per MAC address.
-f <file> Format is <mac> [<procs>]\n. <procs> defaults to 1. Overrides -m.
-t <secs> A pppoed child must start ppp in this many seconds or die.

For -m and -f: -1 means no limit, 0 means forbidden.

http://thiago.joi.com.br/andre/pppoed.patch.gz
Feedback is welcome.

What I wanted to do was "-m 0 -f macs -t 10": only allow connections from MAC 
addresses listed in the file "macs" and never run more than one process 
simultaneously for a single MAC address. And pppoed processes that don't 
start ppp in 10 seconds should die.
Is there some way to do the same thing without this patch?

Thank you.