Table of Contents
We assume here that you can only get connected to internet through a serial modem connection and that you want to share that connection with other (internal) computers in your home or office. What follows describe the configuration of this dial-up modem router. Your external interface (to the internet) will be ppp0, your internal interface (to your internal network) is supposed to be done through an ethernet network card (eth0).
The PPP-Howto is a useful reference for this section.
Comments on this section should be addressed to its maintainer: Eric
Spakman <espakman at users.sourceforge.net>. Thanks to Lee
who provided useful additions to this section.
Bering-uClibc comes with two ppp daemons, one with filter support and one without. The ppp.lrp package on the base image contains the ppp daemon without filter support. The ppp-filter.lrp package can be used for demand-dialing mode and needs the libpcap.lrp package. Before using the filter version, the package needs to be renamed to ppp.lrp.
The ppp source is version 2.4.4 and supports ipv6, mschapv2, mppe and optional pppoe, pppoatm or pppol2p with plugins
Boot a Bering-uClibc floppy image. Once the LEAF menu appears get
access to the linux shell by (q)uitting the menu. Edit the
leaf.cfg file and replace the dhcpcd entry by ppp in
the list of packages to be loaded at boot. Check the Bering-uClibc Installation
Guide to learn how to do that.
In order to have a modem dialup connection working, you need to have ppp support enabled through the appropriate kernel modules. You also need to declare the driver module of the network card assigned to your internal network. In the following example, this card is supposed to be a standard ne 2000 PCI card.
To configure your modules, go to the LEAF Packages configuration
menu and choose modules. Enter 1) to edit the
/etc/modules file and enter the following
information:
# 8390 based ethernet cards 8390 ne2k-pci # Modules needed for PPP connection slhc ppp_generic ppp_async ppp_deflate # Masquerading 'helper' modules ip_conntrack_ftp ip_conntrack_irc ip_nat_ftp ip_nat_irc
The sample file above might be different in your own case: you might need another network module or some extra functionnalities. Adjust to your needs !
Connection with your ISP will be handled by PPP. The PPP How-to document will give you very detailed information about this protocol and how to set-up the numerous parameters.
Through the LEAF packages configuration menu get access to ppp configuration. The following menu will show-up
ppp configuration files
1) ISP pppd options
2) ISP login script
3) System wide pppd options
4) chap secret
5) pap secret
q) quit
----------------------------------------------------------------------------
Selection:Entry 1) allows you to adjust the parameter of your ppp connection
through the /etc/ppp/peers/provider file. The most
important argument is the ttySx parameter which
defines the serial port to which your modem is connected.
Look at your /var/log/syslog file after
booting Bering-uClibc. It will give you the list of the serial ports
recognized by your linux kernel.
A working /etc/ppp/peers/provider file for a
Compuserve connection could look like:
# ISP pppd options file # What follows is OK for Compuserve # noauth debug # log transaction to /var/log/messages /dev/ttyS0 # (ttyS0=com1, ttyS1=com2, ...) 115200 # baud rate modem crtscts # use hardware flow control asyncmap 0 defaultroute # ppp becomes default route to the internet noipdefault lock # don't let other processes besides PPP use the device connect "/usr/sbin/chat -v -f /etc/chatscripts/provider"
If you plan to dial into a Windows RAS server or a server that uses PAP or CHAP authentication, you need to add a line to this file. Just above the "connect" command, on a line of its own, add:
name your_ISP_login connect "/usr/sbin/chat -v -f /etc/chatscripts/provider"
You need this because ppp has to masquerade the firewall as you when using PAP or CHAP authentication.
Entry 2) allows you to adjust the communication script which will
handle the connection with your ISP. This script is stored in the
/etc/chatscripts/provider
A working script for a Compuserve connection could look like:
# ISP login script # What follows is OK for Compuserve # Adjust to your taste ABORT "BUSY" ABORT "NO CARRIER" ABORT "VOICE" ABORT "NO DIALTONE" ABORT "NO ANSWER" "" ATZ # ISP telephone number: 124567890 OK ATDT1234567890# CONNECT '' Name: CIS # With compuserve your_login_account=12345,6789 ID: your_login_account/go:pppconnect Password: your_password PPP
If you are not using Compuserve you should also delete all of the lines below the <CONNECT ''> line. A few - very few - ISPs require the final "PPP" line these days.
Edit Entry 3) - /etc/ppp/options "System-wide pppd options" if you want the system to demand dial and to drop the line if idle for a preset time. To do this, change "persist" to "demand" and add another line below "demand" that says "idle 600", where 600 is the number of seconds the system should wait before dropping hanging up if there is no network traffic.
Edit either the PAP (Entry 4) or CHAP (Entry 5) option to set up how your system authenticates. For PAP authentication, choose the PAP option and add a line giving your ISP login and password. Your ISP login must be the same antry as the one provided after the name entry in your ISP pppd options file. If you want to authenticate using CHAP, add the same entry to the CHAP item instead.
# pppd: pap-secrets # Secrets for authentication using PAP # client server secret IP addresses your_ISP_login * your_password
The "*" can be replaced with the IP address or name of the server you are dialling into if you know it. Usually, an asterisk is sufficient.
If you do not know if your ISP is using PAP or CHAP authenfication just provide the information on both pap-secrets and chap-secrets files. They have exactly the same structure.
Trough the LEAF configuration menu type 1 to access to the network
configuration menu and 1 again to edit your
/etc/network/interfaces file. Enter the following
information:
auto lo ppp0 eth0
iface lo inet loopback
iface ppp0 inet ppp
provider provider
iface eth0 inet static
address 192.168.1.254
netmask 255.255.255.0
broadcast 192.168.1.255The "auto" statement declares all the interfaces that will be
automatically set up at boot time. This job will be carried out by the
"ifup -a" statement in the /etc/init.d/networking
script.
The syntax of "iface" statements is explained in the Bering-uclibc's installation guide.
Through the LEAF packages configuration menu, choose shorwall and check the two following files:
A) The interfaces file (entry 3) defines your
interfaces. Here connection to the net goes through ppp0 and the
connection to the internal network through eth0. So we must set:
(...) #ZONE INTERFACE BROADCAST OPTIONS net ppp0 - loc eth0 detect routestopped #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
Do not forget the "-" under the BROADCAST heading for the net/ppp0 entry.
B) The masq file (entry 7). With a dial-up
modem setup it should look like:
(...) #INTERFACE SUBNET ppp0 eth0 #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
If you want to make your connection persistent, i.e. redial automatically your ISP when your line drops down, do the following:
Go back to the option 1) of the ppp configuration file menu to edit
the /etc/ppp/peers/provider file and add the
following options after the "baud rate" entry:
(...) 115200 # baud rate persist holdoff 10 (...)
To save the changes, start lrcfg. The added modules will be saved to moddb with the command "m) Backup modules". The configuration changes are saved with "s) Save config".
Your modem connection should be established automatically. Type
plog to check the login sequence with your ISP. If
there is no output check the logs in /var/log/ to get
a clue on potential problems.
If you want to be sure that your modem and/or script parameters are OK before backing up ppp.lrp, you can launch the connection manually just by typing pon. Use the plog command to see how the connection is going and poff to close down your ppp connection.
ppp-filter.lrp needs to be renamed to ppp.lrp before use and uses
libpcap.lrp (which also needs to be loaded in
leaf.cfg). The filter version can be used to specify
a packet filter to be applied to data packets to determine which packets
are to be regarded as link activity, and therefore reset the idle timer,
or cause the link to be brought down in demand-dialing mode. The
configuration (except for the filter-part) is done like the ppp
package.
You can enable active filtering by setting (from the pppd man-page):
active-filter
filter-expression
This option is useful in conjunction with the idle option if there are packets being sent or received regularly over the link (for example, routing information packets) which would otherwise prevent the link from ever appearing to be idle. The filter-expression syntax is as described for tcpdump, except that qualifiers which are inappropriate for a PPP link, such as ether and arp, are not permitted. Generally the filter expression should be enclosed in single-quotes to prevent whitespace in the expression from being interpreted by the shell.