Date: Fri, 14 Dec 2001 15:52:27 -0800 (PST) From: Joesph Barbish <barbish@a1poweruser.com> To: freebsd-gnats-submit@FreeBSD.org Subject: conf/32842: User ppp sample configuration files in /etc/ppp are out of date with FBSD version 4.4 Message-ID: <200112142352.fBENqRI81815@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 32842
>Category: conf
>Synopsis: User ppp sample configuration files in /etc/ppp are out of date with FBSD version 4.4
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Dec 14 16:00:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: Joesph Barbish
>Release: version 4.4
>Organization:
none
>Environment:
n/a
>Description:
The sample user ppp configuration files distributed with the version 4.4 located in /etc/ppp are out of date and obsolete.
>How-To-Repeat:
look at them yourself.
>Fix:
Replace content of /etc/ppp/ppp.conf with following content for ppp.conf, and update default section of existing /etc/gettytab as showen by included sample gettytab file.
##############################################################################
# /etc/ppp/ppp.conf File for dial out modem to ISP and Dial in modem for
# connection to this FBSD system.
# Written by Joe Barbish 12/10/2001
#
# This is a working ppp.conf file I use to dial in to my ISP, and to connect
# my Win98 box by dialing in to this FBSD box and accessing the internet.
# There are options in this ppp.conf file that I do not use, But present them
# here for you to turn on by un-commenting the statements to meet your needs.
#
# For Nic to DSL configuration see www.daemonnews/200101/pppoe.html
#
# This ppp.conf documentation is based on a fresh install of FBSD 4.4 with
# all file content as delivered with no user changes.
#
# As of 1/1/2001 FBSD 4.4 does not work with Winmodems. Winmodems are modems
# especially manufactured for the Microsoft Windows market and do not have
# dial controllers so they are inexpensive. The dial function is provided by
# driver software which gets installed in to mswindows. A Winmodem driver has
# been developed for Linux systems 4/2001 and was ported to FBSD around
# 10/2001. It is not part of the FBSD port collection yet. To find the port
# search the FBSD questions archives looking for subject = Lucent LT WinModem
#
# NOTE Any FBSD documentation that says that the physical modem has to have
# it's default options profile set to, NO command echo ATE0 and NO results
# string ATQ1 and saved to the physical modems onboard non-volatile memory
# (NVRAM) or any references to using programs tip, kermit, mgetty, or minicom
# to perform the dial function is obsolete and out dated as of FBSD 4.0.
#
# Setup Instructions.
# 1. Recompile kernel and change pseudo-device tun 1 to tun 4
# GENERIC kernel defaults to 1 and you need 1 tun device for each com port
# 2. Add gateway_enable="YES" to /etc/rc.conf so dialin connection can gain
# access to internet.
# 3. Since a private internal IP address numbering scheme is used for IP
# addresses behind this FBSD box the -nat option must be included on the
# ppp command that starts the ppp task to dial the ISP.
# NAT = Network Address Translation. Changes your private internal IP
# address to your public IP address that you get from your ISP for
# outbound messages and does the reverse for inbound messages.
# From the command line example ppp -background -nat dialisp
# 4. Using root create file /etc/ppp/ppplogin
# Create file ppplogin with following 2 statements
# #! /bin/sh
# exec /usr/sbin/ppp -direct incoming
#
# incoming is the section label name in ppp.conf to be processed when
# ppp is started by this script's exec command.
#
# This script will be launched by getty when it detects a ppp dialin
# connection attempt. Program ppp belongs to group network, so you have to
# change file ppplogin group to network and it's permissions to read/write
# for the owner, read/execute for group, and none for everyone else.
# chgrp network ppplogin # assign file ppplogin to group network
# chmod 650 ppplogin # set permissions
# 5. Change the default section of /etc/gettytab file for automatic ppp
# recognition by specifying the pp capability. Add following to default
# :pp=/etc/ppp/ppplogin:
# 6. Edit /etc/ttys to enable a getty on the port where the dialin modem
# is attached. com2 = ttyd1 find statement like this
# ttyd1 "/usr/libexec/getty std.38400" dialup off secure
# Change off to on to activate. Verify line speed is correct (std.38400)
# This value is defined in /etc/gettytab. After saving edited results
# issue kill -1 1 command to spawn getty. Use ps ax to show active tasks.
# 7. cp /usr/share/examples/ppp/ppp.secret.sample /etc/ppp/ppp.secret
# Edit /etc/ppp/ppp.secret file adding the ID and password for each user
# that is authorized to login to this FBSD box using dialin modems.
# 8. TESTING Issue command ppp -background -nat dialisp to test configuration
# Use commands ps ax to see task list. ifconfig -a to see if tun is running
# netstat -r to see routing. /var/log/ppp.log to view ppp log events
# ps ax to get ppp -background task number & kill -1 number to terminate.
# 9. Once you are done with testing, make functions permanent.
# Dial ISP at FBSD bootup. Add following to /etc/rc.conf file
# ppp_enable="YES"
# ppp_mode="ddial"
# ppp_profile="dialisp"
# ppp_nat="YES"
#
#############################################################################
default:
# The default section is processed ever time user ppp is started.
# Ever thing set here applies to all the following section.
set log Phase Chat LCP IPCP CCP tun command #use for testing
#set log Phase tun #use to avoid excessive log sizes
# If 115200 connection speed does not work (it should work with any modem newer
# that 1998) step down to 57600 or 38400 or 19200 for legacy modems.
set speed 57600 # connection speed
set timeout 0 # no idle time out, will not disconnect
disable pred1 deflate lqr # compression features & line quality reporting
deny pred1 deflate lqr # compression features & line quality reporting
dialisp:
# This label is used in the ppp -background -nat dialisp startup
# command for auto logon to ISP provider.
# Ensure that "device" references the correct serial port
# for your modem. (cuaa0 = COM1, cuaa1 = COM2)
# Only needed for dial out device.
set device /dev/cuaa0
# This dial string is needed for ISP's which use standard Unix style
# login. Not needed if ISP uses chap or pap login.
#
set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
\"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT"
# edit the next three lines and replace the values with
# the values which have been assigned by your ISP.
# Needed for Unix, chap, and Pap style logins.
#set phone 1111111:2222222:3333333 # if first number busy try next number
set phone 7777777 # only use this phone number
set authname barbish # name of you account at your ISP
set authkey 555555 # password to get into your ISP
set redial 10 4 # if busy redial 4 times with 10 second pause
# enable chap # select chap login authentication
# enable pap # select pap login authentication
# get dynamic IP address from ISP if that’s how they do it.
set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0
# use static IP address from ISP if that’s how they do it.
# set static IP address your ISP assigned to you.
# s.s.s.s = your static IP address
# g.g.g.g = IP of machine you connect to at ISP or default to 10.0.0.0/0
# set ifaddr s.s.s.s g.g.g.g 255.255.255.255 0.0.0.0
add default HISADDR # Add a (sticky) default route (Mandatory)
enable dns # Gets the ISP's DNS IP address & places them
# in resolv.conf for reference by FBSD box.
incoming:
# Configuration for dial in modem access to this FBSD system.
# This label is used in ppp -direct incoming command
# which is buried in script /etc/ppp/ppplogin that starts
# the whole process of accepting the incoming call.
# Enable passwdauth forces use of /etc/passwd file
# instead of /etc/ppp/ppp.secret file for PAP only.
# CHAP must use ppp.secret because ppp must have access to
# unencrypted passwords. This is ok over dialin modem lines.
# A unique IP address is assigned to the ttyd activated in the
# /etc/ttys/ file from the internal Private IP pool range.
# Every user that will be using PPP login must have there login ID
# in the allow user command to authorize them to run ppp and you also
# must perform adduser to create a FBSD account for them and then
# edit ppp.secret adding ID and password.
allow users barbish
# SECURITY WARNING - It is VITAL that either pap or chap are enabled. If
# one or the other is not, you are allowing anybody to establish an dialin
# ppp session with your FBSD box using any ID/password. There is no
# authentication being done on incoming ppp connections if pap or chap is not
# enabled. SECURITY WARNING
# enable passwdauth #force pap to use passwd file
# enable pap
enable chap # uses ppp.secret file
accept dns # give dialin connection access to dns lookup
# To get access to other machines on the LAN
# enable proxy
# Assign static IP address to this dialin line
# 10.0.0.74 = static IP address for this dialin line
# 10.0.0.1 = IP address of this FBSD box
set ifaddr 10.0.0.1 10.0.0.74 255.255.255.255
# If I had 4 modems connected to com1-com4 for dialin access and activated
# ttyd0-ttyd3 in /etc/ttys file this ppp.conf section [incoming] will work
# as is. Set ifaddr command assigns dynamic IP address from a range of
# reserved IP address. 10.0.0.71 through 10.0.0.74 inclusive) is the
# IP address pool reserved for dialin users in this sample.
# set ifaddr 10.0.0.1 10.0.0.71-10.0.0.74 255.255.255.0
# $FreeBSD: /etc/gettytab
#
default:\
:cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
:if=/etc/issue:\
:pp=/etc/ppp/ppplogin:
# The pp= line above added to activate ppp modem inbound login
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112142352.fBENqRI81815>