Date: Mon, 27 Mar 2000 21:33:06 +0200 From: "D. Rock" <rock@dead-end.net> To: Andreas Klemm <andreas@klemm.gtn.com> Cc: isdn@freebsd.org Subject: Re: problems with right sppp settings in rc.conf ??? Message-ID: <38DFB772.E98D7544@dead-end.net> References: <20000326234139.A31884@titan.klemm.gtn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------B55D59FAF37AD8866E8B37E3
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Andreas Klemm wrote:
>
> Hi !
>
> I can't get isdn to run... certainly I only overlooked a little thing...
> When browsing through the mailinglist I think I have an idea
[...]
> Could you please have a look at my trace and tell me if it's this what
> went wrong ? Too bad the machine isn't here at the moment.
I'm curious why user level ppp isn't propagated more in this mailing list.
Ok, it's only available since 3.3 (?) but after I switched over to it from
sppp setup I don't want to miss it again.
Here are excerpts from my configuration:
- /etc/rc.conf
ppp_enable="YES"
ppp_mode="auto"
ppp_profile="t-online"
isdn_enable="YES"
isdn_fsdev="/dev/ttyv4"
isdn_flags="-d0"
[no defaultrouter. This should be done by ppp]
- /etc/ppp/ppp.conf
- /etc/isdn/isdnd.rc see attachment
I included some filter rules in ppp.conf which don't keep sessions alive
simply
for DNS traffic. With old sppp setup it cost me a complete weekend of online
costs, because I forgot to "ifconfig isp0 down" before I left.
On the downside I mostly still have to activate the link manually, since
most external traffic first needs a DNS lookup (which is then cached, since I
run my own cache-only nameserver).
But at least I can go to sleep without a worry.
Be sure to include
pseudo-device "i4brbch" 2
pseudo-device tun
in your kernel configuration.
It works like a charm. Much better than the old sppp setup. The only (maybe
only
cosmetic) problem I'm having is that the IP addresses from previous sessions
don't get released automatically. After some days of uptime they stack up:
# ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 172.23.11.1 --> 172.23.11.2 netmask 0xffffffff
inet 193.159.132.104 --> 255.255.255.255 netmask 0xffffffff
inet 62.156.55.183 --> 212.185.253.237 netmask 0xffffffff
inet 62.158.15.113 --> 255.255.255.255 netmask 0xffffffff
inet 62.158.15.78 --> 255.255.255.255 netmask 0xffffffff
inet 62.158.14.216 --> 212.185.253.241 netmask 0xffffffff
Opened by PID 63
I have created a communication socket for pppctl, so with a
# pppctl /var/run/ppp.0 iface clear
I can release old entries, but I don't know how to achieve this automatically
in the log file. Maybe some hints from other users?
--
Daniel
--------------B55D59FAF37AD8866E8B37E3
Content-Type: text/plain; charset=iso-8859-1;
name="ppp.conf"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline;
filename="ppp.conf"
default:
set socket /var/run/ppp.%d ""
t-online:
load filters
set phone 0191011
set authname "08/15-4711"
set authkey "deadbeef"
set enddisc mac
enable lqr
set reconnect 5 3
set redial 3 5
set lqrperiod 50
set timeout 170 300
set dial
set login
set hangup
set device /dev/i4brbch0 /dev/i4brbch1
set speed sync
set bandwidth 65536
link * set cd 6
set ifaddr 172.23.11.1/0 172.23.11.2/0 255.255.255.255 0.0.0.0
add! default HISADDR
nat enable yes
filters:
# Was hält Verbindung aufrecht?
# Kein ICMP
set filter alive 0 deny icmp
# Kein DNS
set filter alive 1 deny udp src eq domain
set filter alive 2 deny udp dst eq domain
# Kein NTP
set filter alive 3 deny udp dst eq ntp
set filter alive 4 deny tcp dst eq ntp
# Rest OK
set filter alive 5 permit 0 0
# Was baut Verbindung auf?
set filter dial 0 9 0 0 tcp dst eq http
set filter dial 1 9 0 0 tcp dst eq smtp
set filter dial 2 9 0 0 tcp dst eq ftp
set filter dial 3 9 0 0 tcp dst eq ssh
set filter dial 4 9 0 0 tcp dst eq imap
set filter dial 5 9 0 0 tcp dst eq cvsup
set filter dial 6 9 0 0 tcp dst eq nntp
set filter dial 7 9 0 0 tcp dst eq pop3
set filter dial 8 deny ! 0 0 tcp dst eq cvspserver
set filter dial 9 permit 0 0
--------------B55D59FAF37AD8866E8B37E3
Content-Type: text/plain; charset=us-ascii;
name="isdnd.rc"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="isdnd.rc"
system
# accounting
# ----------
acctall = on # generate info for everything
acctfile = /var/log/isdnd.acct # name & location of accounting file
useacctfile = yes # generate accouting info to file
ratesfile = /etc/isdn/isdnd.rates # name & location of rates file
rtprio = 25 # modify isdnd's process priority
entry
name = Access1
usrdevicename = rbch
usrdeviceunit = 0
isdncontroller = 0
isdnchannel = -1
local-phone-incoming = 12345
remote-phone-incoming = *
local-phone-dialout = 12345
remote-phone-dialout = 98765
dialin-reaction = ignore
dialout-type = normal
b1protocol = hdlc
idletime-incoming = 0
idletime-outgoing = 0
ratetype = 3
unitlength = 60
unitlengthsrc = conf
dialretries = 1
dialrandincr = on
recoverytime = 1
usedown = off
downtries = 2
downtime = 30
--------------B55D59FAF37AD8866E8B37E3--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isdn" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38DFB772.E98D7544>