diff options
author | brian <brian@FreeBSD.org> | 1998-08-07 18:42:51 +0000 |
---|---|---|
committer | brian <brian@FreeBSD.org> | 1998-08-07 18:42:51 +0000 |
commit | f9ee8808e7fd6798eb442188b9b4b8e23c461f07 (patch) | |
tree | 4a1f01689ab26830c419f0100830cd94b3e03a62 /usr.sbin/ppp/ppp.8.m4 | |
parent | da1fbd5e2562a9182735d47266f718c37ce51225 (diff) | |
download | FreeBSD-src-f9ee8808e7fd6798eb442188b9b4b8e23c461f07.zip FreeBSD-src-f9ee8808e7fd6798eb442188b9b4b8e23c461f07.tar.gz |
o Support callback types NONE, E.164, AUTH and CBCP.
(see the new ``set callback'' and ``set cbcp'' commands)
o Add a ``cbcp'' log level and mbuf type.
o Don't dump core when \T is given in ``set login'' or
``set hangup''.
o Allow ``*'' and blanks as placeholders in ppp.secret and
allow a fifth field for specifying auth/cbcp dialback
parameters.
o Remove a few extraneous #includes
o Define the default number of REQs (restart counter) in defs.h
rather than hardcoding ``5'' all over the place.
o Fix a few man page inconsistencies.
Diffstat (limited to 'usr.sbin/ppp/ppp.8.m4')
-rw-r--r-- | usr.sbin/ppp/ppp.8.m4 | 137 |
1 files changed, 131 insertions, 6 deletions
diff --git a/usr.sbin/ppp/ppp.8.m4 b/usr.sbin/ppp/ppp.8.m4 index 2b09f56..15c7031 100644 --- a/usr.sbin/ppp/ppp.8.m4 +++ b/usr.sbin/ppp/ppp.8.m4 @@ -1,4 +1,4 @@ -.\" $Id: ppp.8,v 1.112 1998/07/29 18:21:17 brian Exp $ +.\" $Id: ppp.8,v 1.113 1998/07/31 19:50:24 brian Exp $ .Dd 20 September 1995 .Os FreeBSD .Dt PPP 8 @@ -74,6 +74,10 @@ command via its diagnostic socket. A will force an LCP renegotiation, and a .Dv SIGTERM will force it to exit. +.It Supports client callback. +.Nm Ppp +can use either the standard LCP callback protocol or the Microsoft +CallBack Control Protocol (ftp://ftp.microsoft.com/developr/rfc/cbcp.txt). .It Supports packet aliasing. Packet aliasing (a.k.a. IP masquerading) allows computers on a private, unregistered network to access the Internet. The @@ -161,7 +165,7 @@ is installed as user and group .Dv network , with permissions -.Dv 4550 . +.Dv 4554 . By default, .Nm will not run if the invoking user id is not zero. This may be overridden @@ -278,6 +282,15 @@ lines to the file Refer to the .Xr resolv.conf 5 manual page for details. +.Pp +Alternatively, if the peer supports it, +.Nm +can be configured to ask the peer for the nameserver address(es) and to +update +.Pa /etc/resolv.conf +automatically. Refer to the +.Dq enable dns +command below for details. .El .Sh MANUAL DIALING In the following examples, we assume that your machine name is @@ -477,11 +490,20 @@ portion of the prompt will change to # ppp MyISP ... ppp ON awfulhak> dial -dial OK! -login OK! +Ppp ON awfulhak> +PPp ON awfulhak> PPP ON awfulhak> .Ed .Pp +The Ppp prompt indicates that +.Nm +has entered the authentication phase. The PPp prompt indicates that +.Nm +has entered the network phase. The PPP prompt indicates that +.Nm +has successfully negotiated a network layer protocol and is in +a usable state. +.Pp If the .Pa /etc/ppp/ppp.linkup file is available, its contents are executed @@ -905,7 +927,9 @@ Instead of running over a serial link, it is possible to use a TCP connection instead by specifying a host and port as the device: +.Pp .Dl set device ui-gate:6669 +.Pp Instead of opening a serial device, .Nm will open a TCP connection to the given machine on the given @@ -918,13 +942,17 @@ connection on the receiving machine (ui-gate). This is done by first updating .Pa /etc/services to name the service: +.Pp .Dl ppp-in 6669/tcp # Incoming PPP connections over TCP +.Pp and updating .Pa /etc/inetd.conf to tell .Xr inetd 8 how to deal with incoming connections on that port: +.Pp .Dl ppp-in stream tcp nowait root /usr/sbin/ppp ppp -direct ppp-in +.Pp Don't forget to send a .Dv HUP signal to @@ -986,7 +1014,9 @@ Again, if you're enabling PAP, you'll also need: We're assigning the address of 10.0.4.1 to ui-gate, and the address 10.0.4.2 to awfulhak. To open the connection, just type +.Pp .Dl awfulhak # ppp -background ui-gate +.Pp The result will be an additional "route" on awfulhak to the 10.0.2.0/24 network via the TCP connection, and an additional "route" on ui-gate to the 10.0.1.0/24 network. @@ -1442,7 +1472,10 @@ logging) so that the actual password is not compromised .Ar chat logging is active rather than the actual password. .Pp -Login scripts vary greatly between ISPs. +Login scripts vary greatly between ISPs. If you're setting one up +for the first time, +.Em ENABLE CHAT LOGGING +so that you can see if your script is behaving as you expect. .It Use .Dq set line @@ -1531,6 +1564,20 @@ set authkey MyPassword Both are accepted by default, so .Nm will provide whatever your ISP requires. +.Pp +It should be noted that a login script is rarely (if ever) required +when PAP or CHAP are in use. +.It +Ask your ISP to authenticate your nameserver address(es) with the line +.Bd -literal -offset indent +enable dns +.Ed +Do +.Em NOT +do this if you are running an local DNS, as +.Nm +will simply circumvent its use by entering some nameserver lines in +.Pa /etc/resolv.conf . .El .Pp Please refer to @@ -1540,12 +1587,13 @@ and for some real examples. The pmdemand label should be appropriate for most ISPs. .Sh LOGGING FACILITY -.Nm +.Nm Ppp is able to generate the following log info either via .Xr syslog 3 or directly to the screen: .Bl -column SMMMMMM -offset indent .It Li Async Dump async level packet in hex +.It Li CBCP Generate CBCP (CallBack Control Protocol) logs .It Li CCP Generate a CCP packet trace .It Li Chat Generate Chat script trace log .It Li Command Log commands executed @@ -2571,6 +2619,83 @@ If is zero, this timer is disabled. Because both values default to zero, .Ar demand-dial links will stay active until the bundle idle timer expires. +.It set callback [none|auth|cbcp|E.164 *|number[,number]...]... +If no arguments are given, callback is disabled, otherwise, +.Nm +will request (or in +.Ar direct +mode, will accept) one of the given protocols. If a request is NAK'd +.Nm +will request another, until no options remain at which point +.Nm +will terminate negotiations. +The options are as follows (in this order of preference): +.Pp +.Bl -tag +.It auth +The callee is expected to decide the callback number based on +authentication. If +.Nm +is the callee, the number should be specified as the fifth field of +the peers entry in +.Pa /etc/ppp/ppp.secret . +.It cbcp +Microsofts callback control protocol is used. See +.Dq set cbcp +below. +.It E.164 *|number[,number]... +The caller specifies the +.Ar number . +If +.Nm +is the callee, +.Ar number +should be either a comma seperated list of allowable numbers or a +.Dq \&* , +meaning any number is permitted. If +.Nm +is the caller, only a single number should be specified. +.Pp +Note, this option is very unsafe when used with a +.Dq \&* +as a malicious caller can tell +.Nm +to call any (possibly international) number without first authenticating +themselves. +.It none +If the peer does not wish to do callback at all, +.Nm +will accept the fact and continue without callback rather than terminating +the connection. +.El +.Pp +.It set cbcp Op *|number[,number]... Op delay Op retry +If no arguments are given, CBCP (Microsofts CallBack Control Protocol) +is disabled - ie, configuring CBCP in the +.Dq set callback +command will result in +.Nm +requesting no callback in the CBCP phase. +Otherwise, +.Nm +attempts to use the given phone +.Ar number Ns No (s). +.Pp +In server mode +.Pq Fl direct , +.Nm +will insist that the client uses one of these numbers, unless +.Dq \&* +is used in which case the client is expected to specify the number. +.Pp +In client mode, +.Nm +will attempt to use one of the given numbers (whichever it finds to +be agreeable with the peer), or if +.Dq \&* +is specified, +.Nm +will expect the peer to specify the number. .It set ctsrts|crtscts on|off This sets hardware flow control. Hardware flow control is .Ar on |