Top

A Linux User Reference

Search tips
  • search ignores words that are less than 4 characters in length
  • searches are case insensitve
  • if a search does not return anything try it in Boolean mode then Query expansion mode by checking the appropriate radio button e.g. searching for 'cron' in just the Administration category returns nothing - presumably because the 50% threshold is reached. Boolean mode ignores this threshold so a search for 'cron' returns several hits
  • in Boolean mode preceding a word with a '+' means the result must include that word, a '-' means it must not
  • in Boolean mode '+crontab -anacron' means match articles about crontab that DO NOT mention anacron
  • to match a phrase e.g. 'manage system' check the Boolean mode radio button and enclose the phrase in quotes "some phrase ..."
  • in Query expansion mode the search context is expanded beyond the keywords you entered - relevancy of hits may well be degraded

NETWORK CONFIGURATION

PPP

  • Peer to Peer Protocol (PPP)

    Summary of files and protocols

    Distribution Program
    Debian pppconfig
    Slackware pppsetup
    Fedora system-config-network-tui
    RedHat redhat-config
    Independent pon, poff, wvdial (connect/disconnect from ISP)
    File name Description
    /etc/ppp/options PPPd system options file, always scanned when pppd starts.
    ~/.ppprc Allows each user to specify their own set of default options.
    /etc/ppp/pap-secrets System PAP passwords file.
    /etc/ppp/chap-secrets System CHAP passwords file.
    /etc/ppp/peers/ Directory holding the peer options files. The default = provider.
    /etc/chatscripts/ The chat script invoked from the default /etc/ppp/peers/provider.
    /var/log/ppp.log The default PPP log file.
    /etc/ppp/ip-up Executed by pppd after the PPP interface has been configured. ip-up
    /etc/ppp/ip-down Executed by pppd after the PPP connection has terminated
    Protocol Description
    IPCP Internetwork Protocol Control Protocol, negotiates a number of IP parameters at link configuration time
    NCP Network Control Protocol, provided by PPP, layer 3, supports IP, IPX
    PPP Layer 2 (OSI Link layer) protocol
    LCP Link Control Protocol, provided by PPP
  • PPP Server

    PPP Server

    Setting up a PPP server involves the configuration of a serial tty device to invoke 'pppd' with appropriate options when an incoming data call is received.

    Method 1 - using 'pppd' at startup

    Create a special account, say ppp and give it a script to run as a login shell. The script will invoke 'pppd' on system startup.

    Sample account - /etc/passwd

    ppp:x:500:200:Public PPP Account:/tmp:/etc/ppp/ppplogin
    

    /etc/shadow

    ppp:!:10913:0:99999:7:::
    

    Sample script

    #!/bin/sh
    
    # ppplogin script to fire up pppd on login
    mesg n                                 # Disables other users from writing to the tty
    stty -echo                             # Turns off character echoing
    exec pppd -detach silent modem crtscts
    

    Options used:

    -detach          Prevents pppd going into the background and thereby making the
                    script exit.
    silent           Waits until it receives a pkt from the calling system before it
                    starts sending. Prevents transmit timeouts from occurring when
                    the calling system is slow in firing up its PPP client.
    modem            'pppd' drives the modem control lines of the serial port. Turn
                    ON if using pppd and a modem.
    crtscts          Turns on hardware handshake.
    
    Method 2 - using 'mgetty' at start-up

    To implement PAP or CHAP authentication use 'mgetty' which, if the modem supports it, exploits the modem's /AutoPPP/ feature.

    Configure mgetty to run on start-up - /etc/inittab

    T0:23:respawn:/sbin/mgetty ttyS0
    

    Configure 'pppd' for either PAP or CHAP authentication - /etc/mgetty/login.config

    /AutoPPP/ -     ppp   /usr/sbin/pppd auth -chap +pap login
    
  • IP Control Protocol (IPCP)
    • Before 'pppd' parses its command-line arguments, it scans several files for default options.
    • One such file is /etc/ppp/options.
    • IPCP can be used for configuring IP options.
    • The PPP program at one end of a point-to-point link can assign an IP address for the remote end to use or each may use its own.
    • PPP servers that handle a lot of client sites may well assign addresses dynamically.
    • Addresses are assigned to systems only when calling in and are reclaimed after they have logged off.

    Sample entries - /etc/ppp/options

    lock                           # Use UUCP-style device locking
    auth                           # Require authentication
    usehostname                    # Use local hostname for CHAP
    domain example.com             # Domain name
    hide-password                  # Don't show passwords when logging contents of PAP packets
    -ip                            # Disable IP address negotiation.  Remote IP must be 
                                   # specified as a cmd-line option.
    <local_addr>:<remote_addr>     # Dotted quad notation or hostnames.  pppd tries to use 
                                   # <local_addr> as its own, <remote_addr> for remote.
                                   # If the peer rejects either during IPCP negotiation
                                   # then the client is assigned an IP by server.
    
    # To set only the local address but accept any address
    # the peer uses, leave out the remote_addr part
    
    noipdefault                    # Stops pppd from trying to use the IP address associated 
                                   # with the hostname as the local address. Leave local_addr
                                   # blank/empty
    
  • Chatscripts
    • The 'chat' program defines a conversational exchange between the computer and the modem.
    • Its primary purpose is to establish the connection between the client and server 'pppd' processes.
    • It consults a chat script (containing pairs of strings that each side is supposed to send) to handle authentication and PPP configuration.
    • /etc/chatscripts/<isp name> file is used to 'tie in' with the /etc/ppp/peers/<isp name>.

    In the following example the provider is '4free'.

    Sample configuration - /etc/chatscripts/4free

    #REPORT  CONNECT        # See connection speed, logged to stderr or 'chat -r <logfile>'
    ABORT  BUSY
    ABORT  VOICE
    ABORT  "NO CARRIER"
    ABORT  "NO DIALTONE"
    ABORT  "NO DIAL TONE"
    ""  ATZ
    OK  ATDT\T
    CONNECT  
    

    Ubuntu default chatscript - /etc/chatscripts/provider

    # Not using PAP or CHAP and used by 'pon' if no additional cmd-line args given
    ABORT  BUSY
    ABORT  "NO CARRIER"
    ABORT  VOICE
    ABORT  "NO DIALTONE"
    ""  ATZW2
    OK  ATDT<put phone number here>
    ogin   <put login name here>
    word   \q<put password here>
    
  • Authentication

    Authentication is configured via /etc/ppp/options - whether to use authentication and if so which protocol to use and that authentication protocols configuration file.

    Sample entries - /etc/ppp/options

    #auth                 Peer must authenticate itself before packets are sent/received
    noauth                Uses the pppd 'call isp' option to disable authentication
    # + | - pap           Require or do not require peer to authenticate itself using PAP
    # + | - chap          As for PAP but using CHAP
    
  • Password Authentication Protocol (PAP)

    Sample configuration file entries - /etc/ppp/pap-secrets

    # Client sends its name and a clear text password to the server.
    
    # INBOUND connections
    hostname " *                   # Every user can use PPP and has to use passwords
                                   # from /etc/passwd
    guest hostname "*" -           # Guest cannot use PPP at all
    root hostname "*" -            # Root cannot use PPP at all
    
    # OUTBOUND connections
    # <user> <host> <password>
    connect * 4free                # *  => Password is to be used for ANY host
                                   # you connect to
    
  • Challenge Handshake Authentication Protocol (CHAP)

    Challenge Handshake Authentication Protocol (CHAP)

    • MSCHAP is microsoft's version of 'chap'.
    • Server sends a challenge to the client (the challenge packet includes the server's name).
    • The client response includes its name plus a hash value of the shared secret and the challenge.

    Sample entry - /etc/ppp/chap-secrets

    # Secrets for authentication using CHAP
    # <user> <host> <secret>
    connect  *   "4free"
    
  • Connecting with a modem
    (1) Create a file per ISP - /etc/ppp/peers/

    It's contents overrides any equivalent settings in /etc/ppp/options.

    If using authentication configure /etc/ppp/chap-secrets or pap-secrets to supply the password and username.

    Example ISP (4free) connection configuration - /etc/ppp/peers/4free

    user "connect"                                # Logon username
    
    # Chat script to run, number to dial
    connect "/usr/sbin/chat -v -f /etc/chatscripts/4free -T 08445352150"
    
    /dev/modem                                    # Symlink to serial port modem is attached to
    460800                                        # Speed of the serial line
    noipdefault                                   # Dynamic IP allocated by ISP
    usepeerdns                                    # Try to get nameserver addrs from ISP
    defaultroute                                  # Default route
    persist                                       # Dial again when connection is lost
    noauth                                        # Do not ask remote to authenticate
    # hide-password
    # debug
    

    The '/etc/ppp/chap-secrets' is the same as that used in the CHAP article example.

    (2) Connect, check and terminate

    Make a connection

    # pon 4free
    

    Check connection

    # ifconfig ppp0
    ppp0  Link encap:Point-to-Point Protocol
         inet addr:213.218.213.155  P-t-P:213.130.146.216  Mask:255.255.255.255
         .....
    
    # route -n
    213.130.146.216   0.0.0.0       255.255.255.255 UH    0      0   0 ppp0
    0.0.0.0           192.168.0.1   0.0.0.0         UG    100    0   0 eth0
    

    Terminate connection

    # poff 4free
    Jan 20 15:24:07 xdf6-basing9-3-8-cust213 pppd[5938]: Exit.
    

    Logging - /var/log/messages

    Jan 20 15:21:05 xdf6-basing9-3-8-cust213 kernel:[8320.483658] PPP generic driver version 2.4.2
    
    .....
    Jan 20 15:21:34 xdf6-basing9-3-8-cust213 pppd[5938]: CHAP authentication succeeded
    

    The same but with a single command

    # pppd /dev/ttyS0 115200 nodetach lock debug crtscts asyncmap 0 \
    connect "/usr/sbin/chat -vf /etc/chatscripts/4free"
    
  • Start, stop a PPP connection
    /usr/bin/pon, poff

    Start a PPP connection. 'pon' runs /etc/ppp/ppp_on_boot (if exists and is executable) else uses /etc/ppp/peers/provider.

    Command usage

    pon <isp-name> [options]
    
    Options:
     -q | --quick     Disconnect when ip-up finishes running, root only
    

    Stop a PPP connection - /usr/bin/poff

    poff [option] [provider]
    
    Options:
     -r               Cause pppd to drop the line and redial.
     -d               Toggle the state of pppd's debug option.
     -c               Cause pppd to renegotiate compression.
     -a               Stop all pppd's.  'provider' will be ignored.
     -h               Print this help summary and exit.
     -v               Print version and exit.
     none             Stop pppd. ONLY if ONE instance of pppd else 
                      use '-a' to stop all
    
  • PPP log viewer
    /usr/bin/plog

    Display the last few lines of /var/log/ppp.log, if the file does not exists then uses /var/log/syslog. Uses the 'tail' command, options are therefore the same as tail.

    Command usage

    plog [options]
    
  • PPP over Ethernet (PPPoE)

    Used for ADSL (DSL) modems.

    1. Install the rp-pppoe client software
    2. Add ISP username and password to the PAP or CHAP secrets
    3. Configure pppd to use PPPoE
    4. Connect

    Sample PPPoE configuration - /etc/ppp/options

    "/usr/sbin/pppoe -I eth0"
    name "your userid"
    noipdefault
    hide-password
    defaultroute
    persist
    lock
    

    Connect

    # ppp
    

    Some implementations may require eth0 to have an IP.

  • A PPP dialer with built-in intelligence
    /usr/bin/wvdial

    Command usage

    wvdial [options] [section]... [option=value]...
    
    Options:
     -c | --chat                          Used when running wvdial from pppd
     -C | --config=configfile             Use configfile instead of /etc/wvdial.conf
     -n | --no-syslog                     Don't send output to SYSLOG
    

    When 'wvdial' starts it first loads its configuration from '/etc/wvdial.conf' and '~/.wvdialrc', these contain basic info. about the modem port, speed, and init string, ISP number, username, password.

    Generate a wvdial.conf

    # wvdialconf /etc/wvdial.conf
    [Dialer Defaults]
    Init1 = ATZ
    Init2 = ATQ0 V1 E1 S0=0 &amp;C1 &amp;D2 +FCLASS=0
    Modem Type = Analog Modem
    Baud = 460800
    New PPPD = yes
    Modem = /dev/modem
    ISDN = 0
    ; Phone = <phone number to dial>
    ; Password = <password>
    ; Username = <login name>
    

    Uncomment and provide values for Phone, Password, Username

    Make a connection

    # wvdial
    --> WvDial: Internet dialer version 1.60
    .....
    --> pppd: ![06][08]??[06][08]
    --> local  IP address 213.218.216.235
    --> pppd: ![06][08]??[06][08]
    --> remote IP address 213.130.146.216
    --> pppd: ![06][08]??[06][08]
    --> primary   DNS address 213.130.128.32
    --> pppd: ![06][08]??[06][08]
    --> secondary DNS address 213.130.128.33
    .....
    

    Wvdial authentication

    The file /etc/ppp/peers/wvdial is required for correct authentication in pppd version 2.3.0 or newer. Sample entries below:

    noauth
    name wvdial
    usepeerdns
    
  • Integrated Services Digital Network (ISDN)
    Essential programs Description
    ippd Modified ppp to provide synchronous PPP over ISDN
    isdnctrl Creates and deletes ISDN networks

    ISDN daemon - ippd

    ippd [options] [device]
    
    Options:
     -bsdcomp                     Disable use of compression
     defaultroute                 Use this interface as default route UNLESS 
                                  one already exists
     -detach                      Run in the foreground
     mru <int>                    Maximum Receive Unit (size). Default=1500
     noipdefault                  Use ISP provided IP address
     user <user name>             Matching entry must be in /etc/ppp/pap-secrets
    

    ISDN's ippd control program - isdnctrl

    isdnctrl <action> <device>
    

    Manually configure an ISDN connection

    # isdnctrl addif ippp0                 (Add the interface)
    # isdnctrl addphone ippp0 out 2176590  (Link to ISP's number for the dial-in ISDN pool)
    # isdnctrl huptimeout ippp0 120        (Drop connection if no traffic in a 120s period)
    # isdnctrl secure ippp0 on             (Dial-in ONLY, can filter on telephone numbers)
    # isdnctrl l2_prot ippp0 hdlc          (Use HDLC for link layer protocol)
    # isdnctrl l3_proto ippp0 trans        (Use TRANS for layer 3 protocol. Default)
    # isdnctrl encap ippp0 syncppp         (Encapsulate IP using synchronous PPP)
    # isdnctrl pppbind ippp0 0             (Link ISDN device to PPP device)
    # isdnctrl dialmode ippp0 auto         ([off | manual | auto]
                                             off    - no connections possible
                                             manual - establish an outgoing connection
                                             auto   - establish an outgoing on demand)
    # isdnctrl eaz ippp0 675432909         (Add ISDN number to dial)
    

    Run ippd to link PPP stack to ISDN system

    # ippd user mark defaultroute noipdefault -detach mru 1524 -bsdcomp /dev/ippp0 &
    # isdnctrl dial ippp0
    # isdnctrl hangup ippp0