Merge ppp configuration examples.

Add some useful bits & pieces.

9 files changed, 255 insertions, 388 deletions

diff --git a/etc/ppp/ppp.conf.filter.sample b/etc/ppp/ppp.conf.filter.sample
deleted file mode 100644
index 8510eb4..0000000
--- a/etc/ppp/ppp.conf.filter.sample
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# $Id: ppp.conf.filter.sample,v 1.4 1997/02/23 09:21:10 peter Exp $
-#
-# An example of packet filter definitions.  Merge whatever rules you
-# want into your ppp.conf file.
-#
-filterd:
-#       
-# Don't keep Alive with ICMP,DNS and RIP packets
-#
- set afilter 0 deny icmp
- set afilter 1 deny udp src eq 53
- set afilter 2 deny udp dst eq 53
- set afilter 3 deny udp src eq 520
- set afilter 4 deny udp dst eq 520
- set afilter 5 permit 0/0 0/0
-#
-# Don't let ICMP packets cause us to dial
-#
- set dfilter 0 deny icmp
- set dfilter 1 permit 0/0 0/0
-#
-# Allow ident packets to pass through
-#
- set ifilter 0 permit tcp dst eq 113
- set ofilter 0 permit tcp src eq 113
-#
-# Allow telnet connections to the Internet
-#
- set ifilter 1 permit tcp src eq 23 estab
- set ofilter 1 permit tcp dst eq 23
-#
-# Allow ftp access to the Internet
-#
- set ifilter 2 permit tcp src eq 21 estab
- set ofilter 2 permit tcp dst eq 21
- set ifilter 3 permit tcp src eq 20 dst gt 1023
- set ofilter 3 permit tcp dst eq 20
-#
-# Allow access to any DNS
-#
- set ifilter 4 permit udp src eq 53
- set ofilter 4 permit udp dst eq 53
-#
-# Allow access from/to my company network
-#
- set ifilter 5 permit 192.244.191.0/24 0/0
- set ofilter 5 permit 0/0 192.244.191.0/24
-#
-# Allow ping and traceroute response
-#
- set ifilter 6 permit icmp
- set ofilter 6 permit icmp
- set ifilter 7 permit udp dst gt 33433
- set ofilter 7 permit udp dst gt 33433
-#
-# If none of the above rules matche, then the packet is blocked.
-#
diff --git a/etc/ppp/ppp.conf.iij.sample b/etc/ppp/ppp.conf.iij.sample
deleted file mode 100644
index b3307d5e..0000000
--- a/etc/ppp/ppp.conf.iij.sample
+++ /dev/null
@@ -1,70 +0,0 @@
-#############################################################################
-#
-#  Examples to connect to IIJ Dialup PPP service
-#
-#	1) On IIJ service, both user side and server side address can
-#	   not be predicted by a customer. In this circumstance, you need
-#	   some trick to use on-demand dialup. See iij-demand for example.
-#
-#       2) IIJ has 3 kinds of authentication method; getty, PAP and CHAP.
-#	   In all cases, you can use same username and password assigned
-#	   from IIJ.
-#
-#  $Id: ppp.conf.iij.sample,v 1.3 1997/02/23 09:21:10 peter Exp $
-#
-#############################################################################
-#
-#  Very simple case. Note that this example automatically dials into IIJ.
-#  Please be sure to check phone number to access nearest location.
-#
-#	% ppp iij
-#
-iij:
- set phone 0332425701
- set authname MyUserName
- set authkey  MyPassword
- set login "TIMEOUT 5 login:-\\r-login: \\U word: \\P PPP"
- set timeout 0
- dial
-#
-#  If you prefer to use PAP authentication, use this one.
-#
-#	% ppp iij-pap
-#
-iij-pap:
- set phone 0332425701
- accept pap
- set authname MyUserName
- set authkey  MyPassword
- set login "TIMEOUT 5 login:-\\r-login:"
- set timeout 0
- dial
-#
-#  Use "% ppp iij-chap" for CHAP authentication
-#
-iij-chap:
- set phone 0332425701
- accept chap
- deny pap
- set authname MyUserName
- set authkey  MyPassword
- set login "TIMEOUT 5 login:-\\r-login:"
- set timeout 0
- dial
-#
-# Here, we assume that IIJ server has 192.244.177.2 as their address.
-# This assumption may not be correct, but we'll fix it later.
-# Also, take a look at ppp.linkup.
-#
-#	% ppp -auto iij-demand
-#
-# Use dummy ping to generate a call to IIJ.
-#
-#	% ping 192.244.177.2
-#
-iij-demand:
- set log lcp
- set phone 0355118852
- set login "TIMEOUT 5 login:-\\r-login: MyUserName word: MyPassword PPP"
- set ifaddr 10.10.10.10/0 192.244.177.2/20
- add 0 0 192.244.177.2
diff --git a/etc/ppp/ppp.conf.sample b/etc/ppp/ppp.conf.sample
index 75658f9..a1ef910 100644
--- a/etc/ppp/ppp.conf.sample
+++ b/etc/ppp/ppp.conf.sample
@@ -2,129 +2,242 @@
 #
 #  	PPP  Sample Configuration File
 #
-#	  Written by Toshiharu OHNO
+#	  Originally written by Toshiharu OHNO
 #
-# $Id: ppp.conf.sample,v 1.19 1997/09/08 20:22:39 brian Exp $
+# $Id: ppp.conf.sample,v 1.20 1997/09/10 00:52:30 brian Exp $
 #
 #################################################################
 
+# This file is separated into sections.  Each section is named with
+# a label starting in column 0 and followed directly by a ``:''.  The
+# section continues until the next section.  Blank lines and lines
+# beginning with ``#'' are ignored.
+#
+
 # Default setup. Always executed when PPP is invoked.
+#  This section is *not* loaded by the ``load'' or ``dial'' commands.
+#
+#  This is the best place to specify your modem device, it's DTR rate,
+#  and any logging specification.  Logging specs should be done first
+#  so that subsequent commands are logged.
 #
 default:
+ set log Phase Chat Connect Carrier LCP IPCP CCP tun command
  set device /dev/cuaa1
  set speed 115200
- set log Phase Chat Connect Carrier hdlc LCP IPCP CCP tun
  deny lqr
- set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATE1Q0 OK-AT-OK \\dATDT\\T TIMEOUT 40 CONNECT"
+ set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT"
+
+# Client side PPP
+#
+#  Although the PPP protocol is a peer to peer protocol, we normally
+#  consider the side that makes the connection as the client and the
+#  side that receives the connection as the server.  Authentication
+#  is required by the server either using a unix-style login proceedure
+#  or by demanding PAP or CHAP authentication from the client.
+#
 
-# Example with a login script
+# An on demand example where we have dynamic IP addresses:
+#  If the peer assigns us an arbitrary IP (most ISPs do this) and we
+#  can't predict what their IP will be either, take a wild guess at
+#  some IPs that you can't currently route to.  Ensure that the "delete"
+#  and "add" lines are also present in the pmdemand section of ppp.linkup
+#  so that when we connect, things will be put straight.
 #
-#   o From PPP prompt,
-#	ppp> dial simplesite
-#     automatically dials and performs the login script.
+#  This will work with static IP numbers too.  You can also use this entry
+#  if you don't want on-demand dialup.  The "set ifaddr", "delete" and
+#  "add" lines are required for on-demand.  Note, for dynamic IP numbers,
+#  whether dialing manually or on demand, there should *always* be an entry
+#  in ppp.linkup.
+#
+#  The /0 bit in "set ifaddr" says that we insist on 0 bits of the
+#  specified IP actually being correct, therefore, the other side can assign
+#  any IP numbers.
+#
+#  The forth arg to "set ifaddr" makes us send "0.0.0.0" as our requested
+#  IP number, forcing the peer to make the decision.
+#
+pmdemand:
+ set phone 1234567
+ set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp"
+ set timeout 120
+ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0
+ delete ALL
+ add 0 0 HISADDR
+
+# When we want to use PAP or CHAP instead of using a unix-style login
+# proceedure, we do the following.  Note, the peer suggests whether we
+# should send PAP or CHAP.  By default, we send whatever we're asked for.
+#
+PAPorCHAPpmdemand:
+ set phone 1234567
+ set login
+ set authname MyName
+ set authkey MyKey
+ set timeout 120
+ set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0
+ delete ALL
+ add 0 0 HISADDR
+
+# On demand dialup example with static IP addresses:
+#  Here, the local side uses 192.244.185.226 and the remote side
+#  uses 192.244.176.44.
 #
-#       ppp> load simplesite
-#     loads and executes commands, but doesn't dial.
+#  # ppp -auto ondemand
 #
-#   o From shell, invoke as
-#       $ ppp simplesite
-#     to load commands associated with the 'simplesite' label. Use,
-#       ppp> dial
-#     to establish the connection.
+#  It is not necessary to have an entry in ppp.linkup when both IP numbers
+#  are static.  Be warned though, the MYADDR: label is executed from
+#  ppp.linkup if the "ondemand:" label is not found.
 #
-simplesite:
- set phone 12345678
- set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp ocol: ppp"
+ondemand:
+ set phone 1234567
+ set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp"
  set timeout 120
+ set ifaddr 192.244.185.226 192.244.176.44 255.255.255.0
+ delete ALL
+ add 0 0 HISADDR
+
+#                          Example segments
+#
+# The following lines may be included as part of your configuration
+# section and aren't themselves complete.  They're provided as examples
+# of how to achieve different things.
 
 # Multi-phone example.  Numbers separated by a : are used sequentially.
 # Numbers separated by a | are used if the previous dial or login script
 # failed.  Usually, you will prefer to use only one of | or :, but both
 # are allowed.
 #
-multiphone:
- set phone 12345678|12345679:12345670|12345671
- set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp ocol: ppp"
-
-# If the peer requires that you use CHAP or PAP, you must supply authname
-# and authkey.  Both are "accepted" by default, so you don't have to do
-# any more.
+    set phone 12345678|12345679:12345670|12345671
 #
-PAPorCHAPsite:
- set phone 12345678
- set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp"
- set authname MySystemName
- set authkey  OurSecretKey
-
-# If you want the remote system to authenticate itself, you insist
-# that the peer uses CHAP (or PAP) with the "enable" keyword.  Both CHAP and
-# PAP are disabled by default.
-# When the peer authenticates itself, we use ppp.secret for verification.
+# When in -auto, -ddial, -direct or -background mode, ppp can accept
+# control instructions from the ``pppctl'' program.  First, you must
+# set up your control socket.  It's safest to use a UNIX domain socket:
+#
+    set server /var/run/internet 0660
+#
+# Although a TCP port may be used if you want to allow control
+# connections from other machines:
+#
+    set server 6670
+#
+# If we have a ``strange'' modem that must be re-initialized when we
+# hangup:
+#
+    set hangup "\"\" AT OK-AT-OK ATZ OK"
+#
+# To adjust logging withouth blasting the setting in default:
+#
+    set log -command +tcp/ip
+#
+# To see log messages on the screen in interactive mode:
 #
-# Ppp is launched with
+    set log local LCP IPCP CCP
 #
-#  ppp -direct CHAPserver
+# If you're seeing a lot of magic number problems and failed connections,
+# try this (check out the FAQ):
 #
-# Note:  We can supply a third field in ppp.secret specifying the IP address
-#        for that user.
+    set openmode passive
+#
+# For noisy lines, we may want to reconnect (up to 20 times) after loss
+# of carrier:
+#
+    set reconnect 3 20
+#
+# When playing server for M$ clients, tell them who our name servers are:
+#
+    set ns 10.0.0.1 10.0.0.2
+    set nbns 10.0.0.1 10.0.0.2
+    enable msext
+#
+# If we're using the -alias switch, redirect ftp and http to an internal
+# machine:
+#
+    alias port 10.0.0.2:ftp ftp
+    alias port 10.0.0.2:http http
+#
+# or don't trust the outside at all
+#
+    alias deny_incoming yes
+#
+# If we don't want ICMP and DNS packets to keep the connection alive:
+#
+    set afilter 0 deny icmp
+    set afilter 1 deny udp src eq 53
+    set afilter 2 deny udp dst eq 53
+    set afilter 3 permit 0/0 0/0
+#
+# And we don't want ICMPs to cause a dialup:
+#
+    set dfilter 0 deny icmp
+    set dfilter 1 permit 0/0 0/0
+#
+# Once the line's up, allow connections for ident (113), telnet (23),
+# ftp (20 & 21), DNS (53), my place of work (192.244.191.0/24),
+# ICMP (ping) and traceroute (>33433).
+#
+# Anything else is blocked by default
+#
+    set ifilter 0 permit tcp dst eq 113
+    set ofilter 0 permit tcp src eq 113
+    set ifilter 1 permit tcp src eq 23 estab
+    set ofilter 1 permit tcp dst eq 23
+    set ifilter 2 permit tcp src eq 21 estab
+    set ofilter 2 permit tcp dst eq 21
+    set ifilter 3 permit tcp src eq 20 dst gt 1023
+    set ofilter 3 permit tcp dst eq 20
+    set ifilter 4 permit udp src eq 53
+    set ofilter 4 permit udp dst eq 53
+    set ifilter 5 permit 192.244.191.0/24 0/0
+    set ofilter 5 permit 0/0 192.244.191.0/24
+    set ifilter 6 permit icmp
+    set ofilter 6 permit icmp
+    set ifilter 7 permit udp dst gt 33433
+    set ofilter 7 permit udp dst gt 33433
+
+
+# Server side PPP
+#  If you want the remote system to authenticate itself, you insist
+#  that the peer uses CHAP (or PAP) with the "enable" keyword.  Both CHAP and
+#  PAP are disabled by default (we usually only "enable" on of them if the
+#  other side is dialing into our server).
+#  When the peer authenticates itself, we use ppp.secret for verification.
+#
+#  Ppp is launched with:
+#   # ppp -direct CHAPserver
+#
+#  Note:  We can supply a third field in ppp.secret specifying the IP address
+#         for that user.
 #
 CHAPserver:
  enable chap
  enable proxy
  set ifaddr 192.244.176.44 292.244.184.31
 
-# If we wish to use /etc/passwd, we do this:
+# If we wish to act as a server, allowing PAP access according to
+# accounts in /etc/passwd, we do this:
+#
 PAPServerwithPASSWD:
  enable pap
  enable passwdauth
  enable proxy
  set ifaddr 192.244.176.44 292.244.184.31
 
-# On demand dialup example
-#  Here, we assume that local side use 192.244.185.226 and
-#  remote side use 192.244.176.44 as their IP address.
-#  You must supply -auto, -ddial or -background option to invoke PPP.
-#
-#  $ ppp -auto ondemand
-#
-ondemand:
- set phone 1234567
- set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp"
- set timeout 120
- set ifaddr 192.244.185.226 192.244.176.44 255.255.255.0
- add 0 0 HISADDR
-
-# Another on demand example
-#  If the peer assigns us an arbitrary IP and we can't predict what their
-#  IP will be either, take a wild guess at an some IPs that you can't
-#  currently route to.  Ensure that the "delete" and "add" lines are also
-#  present in ppp.linkup so that when we connect, things will be put straight.
-#
-#  The /0 bit says that we insist on 0 bits of the specified IP actually
-#  being correct, therefore, the other side can assign any IP numbers.
-#
-pmdemand:
- set phone 1234567
- set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp"
- set timeout 120
- set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0
- delete ALL
- add 0 0 HISADDR
 
-# Examples to connect using a null-modem cable from one machine to another.
-# The important thing here is to allow the lqr packets on both sides.
-# Without them enabled, we can't tell if the line's dropped - there
-# should always be carrier on a direct connection.
-# Here, the server sends lqr's every 10 seconds and quits if three in a
-# row fail.
+# Example to connect using a null-modem cable:
+#  The important thing here is to allow the lqr packets on both sides.
+#  Without them enabled, we can't tell if the line's dropped - there
+#  should always be carrier on a direct connection.
+#  Here, the server sends lqr's every 10 seconds and quits if three in a
+#  row fail.
 #
-# Make sure you don't have "deny lqr" in your default: on the client !
+#  Make sure you don't have "deny lqr" in your default: on the client !
 #
 direct-client:
  set dial ""
  set line /dev/cuaa0
  set sp 115200
- set timeout 900
+ set timeout 900 10 3
  set log Phase Chat LQM
  set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp HELLO"
  set ifaddr 10.0.4.2 10.0.4.1
@@ -138,24 +251,11 @@ direct-server:
  enable lqr
  accept lqr
 
-# Example of Callback Request
-#
-#  Here, we assume that peer will hangup the line and initiates a callback
-#  after successful authentication. We simply use chat script capability
-#  and wait for a "NO CARRIER" response from our modem.
-#
-#  $ ppp callback
-#
-callback:
- set phone 0312345678
- set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: MyName word: MySecret TIMEOUT 20 DUMMY"
- set log phase chat
- dial
- quit
 
-# Example for ppp over tcp.  We assume that inetd on tcpsrv.mynet has been
-# configured to run "ppp -direct tcp-server" when it gets a connection on
-# port 1234.  Read doc for further details
+# Example for PPP over TCP.
+#  We assume that inetd on tcpsrv.mynet has been
+#  configured to run "ppp -direct tcp-server" when it gets a connection on
+#  port 1234.  Read the man page for further details
 #
 tcp-client:
  set device tcpsrv.mynet:1234
diff --git a/etc/ppp/ppp.conf.server.sample b/etc/ppp/ppp.conf.server.sample
deleted file mode 100755
index 2f23869..0000000
--- a/etc/ppp/ppp.conf.server.sample
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# ppp.conf showing possible setup for ppp server
-#
-
-# default is to enable extentions to ppp to have Microsoft clients
-# negotiate nameservers and netbios nameservers
-
-default:
- disable lqr
- set log phase lcp chat
- set timeout 0
- enable msext
- set ns xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
- set nbns xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
-
-# standard dial-in PPP where authentication is done via a 
-# "login: password:" arrangement - usually a script handles that on
-# the client side
-
-cuaa0: 
- disable passwdauth
- set ifaddr myaddress client-address-1 
- enable proxy
-
-cuaa1:
- disable passwdauth
- set ifaddr myaddress xxx.xxx.xxx.2
- enable proxy
-
-# dial-in PPP where mgetty has "auto" detected PPP packets and ran
-#   /usr/sbin/ppp -direct pap(line)
-# (see sample.ppp-pap-dialup)
-# we enable pap to authenticate the user, and enable passwdauth 
-# (another modification) to use the password file to authenticate
-# the user, and log them on to the system 
-
-papcuaa0:
- enable pap
- enable passwdauth
- set ifaddr myaddress xxx.xxx.xxx.1
- enable proxy
-
-papcuaa0:
- enable pap
- enable passwdauth
- set ifaddr myaddress xxx.xxx.xxx.2
- enable proxy 
-
diff --git a/etc/ppp/ppp.dialup.sample b/etc/ppp/ppp.dialup.sample
deleted file mode 100755
index 2c80548..0000000
--- a/etc/ppp/ppp.dialup.sample
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh -
-## 
-## Copyright (c) 1995 Mark Newton
-## All rights reserved.
-## 
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted provided that the following conditions
-## are met:
-## 1. Redistributions of source code must retain the above copyright
-##    notice, this list of conditions and the following disclaimer.
-## 2. Redistributions in binary form must reproduce the above copyright
-##    notice, this list of conditions and the following disclaimer in the
-##    documentation and/or other materials provided with the distribution.
-## 
-## THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
-## ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-## IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-## ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE
-## FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-## DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-## OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-## HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-## LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-## OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-## SUCH DAMAGE.
-## 
-##	 @(#)ppp-shell.sh	1.03 951019
-## 
-
-IDENT=`echo $0 | sed -e 's/^.*-\(.*\)$/\1/'`
-echo IDENT is now $IDENT
-CALLEDAS="$IDENT"
-TTY=`tty`
-
-if [ x$IDENT = xdialup ]; then
-    IDENT=`basename $TTY`
-fi
-
-echo "PPP for $CALLEDAS on $TTY"
-echo "Starting PPP for $IDENT"
-echo "~~~~~~~~~~~~~~~~~~~~~~~~~"
-
-exec /usr/sbin/ppp -direct $IDENT
-
diff --git a/etc/ppp/ppp.linkdown.sample b/etc/ppp/ppp.linkdown.sample
new file mode 100644
index 0000000..7c2ca36
--- /dev/null
+++ b/etc/ppp/ppp.linkdown.sample
@@ -0,0 +1,26 @@
+#########################################################################
+#
+#          Example of ppp.linkdown file
+#
+#  This file is checked when ppp closes a connection.
+#  ppp searches the labels in this file as follows:
+#
+#  1) The label that matches the IP number assigned to our side.
+#
+#  2) The label specified on the command line to ppp.
+#
+#  3) If no label has been found, use MYADDR if it exists.
+#
+#
+# $Id$
+#
+#########################################################################
+
+# We don't really need to do much here.  If we have notified a DNS
+# of our temporary IP number, we may want to ``un-notify'' them.
+#
+# If you're into sound effects when the link goes down, you can run
+# ``auplay'' (assuming NAS is installed and configured).
+#
+MYADDR:
+ !bg /usr/X11R6/bin/auplay /etc/ppp/linkdown.au
diff --git a/etc/ppp/ppp.linkup.sample b/etc/ppp/ppp.linkup.sample
index 91d9c64..4b5357e 100644
--- a/etc/ppp/ppp.linkup.sample
+++ b/etc/ppp/ppp.linkup.sample
@@ -2,9 +2,8 @@
 #
 #          Example of ppp.linkup file
 #
-#
-#  This file is checked when PPP establishes a connection.
-#  PPP searches the labels in this file as follows:
+#  This file is checked when ppp establishes a connection.
+#  ppp searches the labels in this file as follows:
 #
 #  1) The label that matches the IP number assigned to our side.
 #
@@ -12,51 +11,45 @@
 #
 #  3) If no label has been found, use MYADDR if it exists.
 #
-# $Id: ppp.linkup.sample,v 1.9 1997/09/21 02:10:41 brian Exp $
+#
+# $Id: ppp.linkup.sample,v 1.10 1997/11/07 20:44:12 brian Exp $
 #
 #########################################################################
 
+# By default, simply delete any existing default route and add the peer
+# as default gateway.
+# If you're into sound effects when the link comes up, you can run
+# ``auplay'' (assuming NAS is installed and configured).
+#
+MYADDR:
+ delete 0
+ add 0 0 HISADDR
+ !bg /usr/X11R6/bin/auplay /etc/ppp/linkup.au
+
 # If we've got 192.244.176.32 as our address, then regard peer as a gateway
 # to 192.244.176.0 network.
 #
 192.244.176.32:
  add 192.244.176.0 0 HISADDR
 
-# If we are invoked with an argument ``iij-demand'', then delete all
-# existing route entries and add the peer as the default gateway.
-#
-iij-demand:
- delete ALL
- add 0 0 HISADDR
-
-# Otherwise, simply add peer as default gateway.
-#
-MYADDR:
- delete 0
- add 0 0 HISADDR
-
 # If we are invoked with an argument ``pmdemand'', then
 # delete all existing (wrong) routing entries and add the peer IP
 # as our default gateway.
 # This is vital if you don't already know either sides IP number.
 #
-# We create a loopback route to ourselves so that we can "ping"
-# our side of the connection
-#
 # We also want to execute a script on startup.  This script can do
 # nice things such as kick off "sendmail -q", "popclient my.isp" and
 # "slurp -d news".  It can be passed MYADDR, HISADDR and INTERFACE
-# too - useful for informing a DNS.
+# as arguments too - useful for informing a DNS of your assigned IP.
 #
 pmdemand:
  delete ALL
  add 0 0 HISADDR
- add MYADDR 255.255.255.255 127.0.0.1
  !bg /etc/ppp/ppp.etherup.pmdemand
 
 # If your minimum call charge is 5 minutes, you may as well stay on
 # the line for that amount of time.  If we want a 60 second subsequent
-# timeout, set your timeout to 0 in ppp.conf and then do this:
+# timeout, set your timeout to 300 in ppp.conf and then do this:
 # 
 min5minutes:
  !bg sh -c "sleep 240; pppctl -p mypassword 3000 set timeout 60"
diff --git a/etc/ppp/ppp.pap.dialup.sample b/etc/ppp/ppp.pap.dialup.sample
deleted file mode 100755
index a3f8da0..0000000
--- a/etc/ppp/ppp.pap.dialup.sample
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh -
-## 
-## Copyright (c) 1995 Mark Newton
-## All rights reserved.
-## 
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted provided that the following conditions
-## are met:
-## 1. Redistributions of source code must retain the above copyright
-##    notice, this list of conditions and the following disclaimer.
-## 2. Redistributions in binary form must reproduce the above copyright
-##    notice, this list of conditions and the following disclaimer in the
-##    documentation and/or other materials provided with the distribution.
-## 
-## THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
-## ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-## IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-## ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE
-## FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-## DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-## OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-## HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-## LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-## OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-## SUCH DAMAGE.
-## 
-##	 @(#)ppp-shell.sh	1.03 951019
-## 
-
-IDENT=`echo $0 | sed -e 's/^.*-\(.*\)$/\1/'`
-CALLEDAS="$IDENT"
-TTY=`tty`
-
-#  echo calledas: $CALLEDAS, ident: $IDENT, tty=$TTY
-#  exit
-
-if [ x$IDENT = xdialup ]; then
-    IDENT=`basename $TTY`
-fi
-
-echo "PPP for $CALLEDAS on $TTY"
-echo "Starting PPP for $IDENT"
-echo "~~~~~~~~~~~~~~~~~~~~~~~~~"
-
-exec /usr/sbin/ppp -direct pap$IDENT
-
diff --git a/etc/ppp/ppp.secret.sample b/etc/ppp/ppp.secret.sample
index d1a781c..4965790 100644
--- a/etc/ppp/ppp.secret.sample
+++ b/etc/ppp/ppp.secret.sample
@@ -1,9 +1,23 @@
 ##################################################
-# Sysname	Secret Key	Peer's IP address
 #
-# $Id$
+#          Example of ppp.secret file
+#
+#  This file is used to authenticate incoming connections.
+#  You must ``enable'' either PAP or CHAP in your ppp.conf file.
+#  The peer may then use any of the Authname/Authkey pairs listed.
+#  If an IP address is given, it will be assigned to the peer.
+#  
+#  If an entry exists for your local machine (as given by the
+#  ``hostname -s'' command), the password specified will be
+#  required for all server socket connections.  Refer to the ppp(8)
+#  and pppctl(8) man pages for further details.
+#
+# $Id: ppp.secret.sample,v 1.4 1997/02/23 09:21:12 peter Exp $
 #
 ##################################################
-oscar		OurSecretKey	192.244.184.34/24
-BigBird		X4dWg9327	192.244.184.33/32
+
+# Authname	Authkey			Peer's IP address
+
+oscar		OurSecretKey		192.244.184.34/24
+BigBird		X4dWg9327		192.244.184.33/32
 tama		localPasswdForControl