On Fri, 21 Jul 2000, Bret Hughes wrote:
> Bill Sandiford wrote:
>
> > Help :
> >
> > I need a hand (or point in the right direction) for setting up redhat as a
> > dial on demand router. I already have the ppp connection configured and
> > working properly. What I need to do is figure out how to make it
> > automatically dial when it receives traffic headed for the internet on the
> > network interface, and then drop the call after a small idle timeout.
> >
> > I have read the PPP Howto which deals with how to automate the dial process
> > using the pppon script but that still requires a human to type pppon...what
> > I need is for the interface to automatically come up when there is traffic
> > and automatically go down when the traffic is done.
> >
>
> look at the demand option to ppp. It does exactly this, There is a thread
> about six moths ago discussing my experience with this. The only problem I
> really had was that the ifup ppp script would hang until the interface
> actually came up. seems like I put a pind in the scripts somewhere to
> kickstart it.
>
/etc/sysconfig/network-scripts/ifcfg-ppp0:
DEVICE="ppp0"
ONBOOT="yes"
USERCTL="no"
MODEMPORT="/dev/ttyS3" (internal ISA set to COM4) (/dev/ttyS0 external)
LINESPEED="115200"
PERSIST="yes"
DEFABORT="yes"
DEBUG="no"
INITSTRING="ATZ"
DEFROUTE="yes"
HARDFLOWCTL="yes"
ESCAPECHARS="no"
PPPOPTIONS="ipcp-accept-local ipcp-accept-remote demand idle 3000"
PAPNAME="yourisploginname"
REMIP="10.0.0.2"
NETMASK=""
IPADDR="10.0.0.1"
MRU=""
MTU=""
DISCONNECTTIMEOUT="60"
RETRYTIMEOUT="5"
BOOTPROTO="dhcp"
PEERDNS="yes"
(In the above, I use 192.168.1.0 as my LAN,
so I use 10.0.0 as the "fake" temporary
network to initially connect ppp.
The idle command is time in seconds to allow
to be idle before dropping connection from your end (3000 sec=50 minutes)
(Note: the ISP may still drop you sooner than that.)
Create: /etc/ppp/ip-up.local:
#!/bin/bash
/etc/rc.d/rc.firewall (your ipchains firewall script)
This will cause the firewall to run and redefine the route
using the new ppp interface numbers each time a connection is
re-established.
This means, of course, that your firewall script must be set up to
find out what the new IP number for ppp0 interface is each time the
script is run:
/etc/rc.d/rc.firewall:
#!/bin/sh
# ip chains firewall for ppp dialup
PATH=/sbin:/bin:/usr/sbin:/usr/bin
depmod -a
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
#
# define external ppp interface ip # and device
export extip="`/sbin/ifconfig | grep -A ppp0 | \
awk `/inet/{print $2}` | sed -e s/addr://`"
# (note: above line is a "one-liner")
#
export extint="ppp0"
export intint="eth0"
export intnet="192.168.1.0/24"
# (assumes LAN is 192.168.1.x,
# with eth0 = 192.168.1.1)
ipchains -M -S 7200 10 160
ipchains -F input
ipchains -P input REJECT
#incoming
ipchains -A input -i $intint -s $intnet -d 0.0.0.0/0 -j ACCEPT
ipchains -A input -i $extint -s $inetnet -d 0.0.0.0/0 -l -j REJECT
ipchains -A input -i $extint -s 0.0.0.0/0 -d $extip/32 -j ACCEPT
ipchains -A input -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT
ipchains -A input -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT
#outgoing
ipchains -F output
ipchains -P output REJECT
ipchains -A output -i $intint -s 0.0.0.0/0 -d $intnet -j REJECT
ipchains -A output -i $extint -s 0.0.0.0/0 -d $intnet -l -j REJECT
ipchains -A output -i $extint -s $intnet -d 0.0.0.0/0 -l -j REJECT
ipchains -A output -i $extint -s $extip/32 -d 0.0.0.0/0 -j ACCEPT
ipchains -A output -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT
ipchains -A output -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT
# forwarding
ipchains -F forward
ipchains -P forward DENY
ipchains -A forward -i $extint -s $intnet -d 0.0.0.0/0 -j MASQ
ipchains -A forward -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT
Create /etc/sysconfig/network-scripts/chat-ppp0 with the phone #, user
id, password, etc .
Use linuxconf to make sure that pppd is started up automatically.
Now, when startup occurs, ppp0 will appear to FAIL to start up.
That is expected. But it will background the connection request
and then you should hear it dialing just a little bit later.
Then, demand option should work. (To test, set idle to 300 seconds
(pppoptions in /etc/sysconfig/network-scripts/ifcfg-ppp0)
or something so it times-out and then you can try to access a web
page from a client again and see that it indeed redials and connects
successfully. Then, set the idle time back to something longer
(e.g. idle 3000 = 50 minutes).
> >
> > Also, how do I add a network card to the machine...I have added a new card
> > but it did not detect it. It is a Realtek Based ISA Card.
> >
>
If an ISA ethernet card doesn't want to be detected, then disable Plug n
Play on the card (create a DOS boot floppy, use the card's setup utility
to disable plug and play and set the IRQ (to something like 10) and the
IO Address (e.g. 300). Most often, when plug & play is disabled on a
card, it will be then emulating an NE2000 card (so the module will be
ne.o)
Then, you make an entry in the /etc/conf.modules file so the ISA card
can be found:
/etc/conf.modules:
alias eth0 ne
options eth0 io=0x300 irq=10
# assuming eth0 ISA card set to 10,300
Then you create /etc/ifcfg-eth0:
DEVICE="eth0"
BOOTPROTO=""
IPADDR="192.168.1.1"
NETMASK="255.255.255.0"
ONBOOT="yes"
Enjoy!
--
***************************************************************************
Jerry Winegarden OIT/Technical Support Duke University
[EMAIL PROTECTED] http://www-jerry.oit.duke.edu
phone: (919)-660-6911 pager: (919)-970-4270 fax: (919)-681-0808
***************************************************************************
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
