[H-GEN] mgetty on RH 7.2

Thu Feb 21 09:06:44 EST 2002

[ Humbug *General* list - semi-serious discussions about Humbug and  ]
[ Unix-related topics.  Please observe the list's charter.           ]
[ Worthwhile understanding: http://www.humbug.org.au/netiquette.html ]

On Thu Feb 21 2002 at 13:30, Scott Pullen wrote:

> Has anyone successfully installed mgetty to use their box as a dialin?

Yes, sure (hand in air :)

> I used the precompiled binary from the RH discs.

It works just fine.  There is very little difference to any other
distro using mgetty.

Nothing here is specific to redhat, except that the installed
/etc/ppp/ip-up is "generic" and should not need editing, it calls
/etc/ppp/ip-up.local if it exists.

(However, what I'm describing here is not done the "redhat way",
which uses /etc/sysconfig/network-scripts/{ifup-post,ifcfg-pppX} ).

> What settings did you use for the pppd call?

I assume that because you are using mgetty, then you have a single
modem hanging off a serial port (or at least, one modem per serial
port).  (In other works, you are not using portslave with radius or
whatever to manage the dialins).

> I have a couple of issues as I also use the box to dial out.

That could be a problem since mgetty is listening on the serial port
and would have it locked.  The easy solution is to use another modem
for dialouts on a second serial port.  (Share the same phone line by
connecting the second modem daisy-chained into the "phone" plug on
the first one -- no need for a second one).

> What routing info did you need to set up, if any?

The short answer is none, it's all done with smoke and mirrors :)

> Any info will be appreciated,
> 
> Cheers,
> 
> Scott.

Below here is a fairly detailed explaination for how to set it all
up.  It isn't too difficult, it's just a matter of knowing what to
do.

  [ options used below can be tweaked to your own liking, see the
    man pages.  And apologies in advance for any duplicate options
    or fpr any small errors in the examples I've given you here, the
    basic principles are ok though.  ]

Ok, first set up mgetty... in /etc/mgetty+sendfax/login.config use
this:

/AutoPPP/ - a_ppp /usr/sbin/pppd

Here I have mgetty calling pppd with no parameters, that's ok
because it will get its options from elsewhere (see below).  (The
default settings use "-chap +pap" parameters to pppd, which are now
depreciated parameters).

You might need to do some tweaking in /etc/mgetty+sendfax/mgetty.config
for the proper serial port speeds, modem-specific settings and so
on.

Oh, and don't forget about setserial if you need to change the
default system settings for your serial port(s).

In /etc/inittab set up mgetty so that it is running as a daemon on
that serial port...

# /dev/ttyS1 is "com2")
S1:35:respawn:/sbin/mgetty -x 1 -D -s 115200 ttyS1
# optional parameters:
# -D = data (no fax), -x = logging level, -s = serial port speed

Now do "init q" to make init re-read /etc/inittab to start mgetty
running as a persistent daemon.

Next turn on forwarding by editing /etc/sysctl.conf...

net.ipv4.ip_forward = 1

Then run "sysctl -p" to actually enable it.  This is like doing
"echo 1 > /proc/sys/net/ipv4/ip_forward", except that it will enable
routing at every bootup by default.  Alternatively, you could turn
routing off and on as required in /etc/ppp/ip-{up,down}.local.

Now to configure pppd.

In /etc/ppp/options there is only one option, "lock" -- which is the
default, you shouldn't need to alter this.  Other options to pppd
are put elsewhere, depending on how you want to use it.

When pppd is called by mgetty, its controlling tty is /dev/ttyS1 (in
this example) so it will want to use /etc/ppp/options.ttyS1 as its
configuration file -- this is where you put the rest of the options
for you pppd server...

# /etc/ppp/options.ttyS1
# PPPD SERVER configuration, mgetty running on ttyS1
# NB: this configuration allocates an IP address that normally belongs
#     to a private network on an ethernet interface, need to use proxyarp
#
115200 crtscts modem
# debug is optional, configure syslog for local2.* to see it.
debug logfile /var/log/pppd.ttyS1
# require login authentication by remote peer, force pap, no chap
auth login require-pap refuse-chap
# for badly configured windows clients who may ask for it...
noipx
# persist for ages, very long idle timeouts
idle 864000
# specify DNS and WINS servers for the client (example IPs used here)
ms-dns	192.168.1.254
ms-wins	192.168.1.11
# network configuration:
# local server IP : remote client IP (example IPs)
192.168.1.254:192.168.1.240
# don't allow a default route via the pppd dialup, use the specified local IP
nodefaultroute noipdefault
# proxyarp tells the dialup server to "answer (arp) for" the box on the
# dialup so that the local network can find it.
proxyarp
# string passed as $6 to /etc/ppp/ip-up to identify that a dialin is being used:
ipparam pppserver
# end

It's up to you if and how you use /etc/ppp/ip-up.local, all sorts of
things can be done in it... like enabling routing and setting
special routes, adding ipchains/iptables rules or whatever.  Same
for /etc/ppp/ip-down.local.  If you do use these scripts (optional),
make sure that both are executable (eg, mode 755).  Be aware that
these scripts are used each time a pppd link goes up and down, so
they needs to be smart enough to cope with both situations.  (This
is where the "ipparam" parameter can be very useful for
differentiating between different pppd runtime configurations).

The following is a cut from the top of my own ip-up.local script:

#!/bin/bash
# /etc/ppp/ip-up.local
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
# standard pppd parameters to /sbin/ip-up
interface="$1" ttydev="$2" speed="$3" localip="$4" remoteip="$5" ipparam="$6"
# ... rest of script ...

I have ip-down.local as a symlink to ip-up.local, with some smarts
in there to do things according to how it was called.

To use pppd as a dialout, put another suitable client-based
configuration into a file in /etc/ppp/peers/ and run pppd like this:
"pppd call isp" (where "isp" is the name of the file in the peers/
directory).  That way you have different pppd options files for
different purposes.

Here is an example of a peers file for use as a ppp client (in this
case using a different serial port):

ttyS0 115200 modem crtscts debug
bsdcomp 15,15 deflate 15,15 predictor1
user tony noauth
connect '/usr/sbin/chat -v -f /etc/ppp/chat.script -T38383838'
defaultroute noipdefault ipcp-accept-local ipcp-accept-remote usepeerdns
ipparam isp

... and the accompanying chat.script (which is fairly generic):

ABORT 'NO DIALTONE'
ABORT RING
ABORT BUSY
ABORT 'NO CARRIER'
ABORT 'NO ANSWER'
ABORT 'DELAY NUMBER WAIT'
REPORT CONNECT
TIMEOUT 60
'' ATZ
OK \dATL1
OK \dATX4W2
OK \dATDT\T
CONNECT

Alternatively, you can use the redhat networking configuration tools
and bring up the ppp interface with "ifup pppX".  One advantage here
is that you can use /etc/sysconfig/static-routes for automatically
setting any special routes for that interface.  (Otherwise call
/etc/sysconfig/network-scripts/ipfup-routes from ip-up.local to
achieve the same result).

Finally, in /etc/ppp/pap-secrets (or chap-secrets if you want to use
that instead, they need to be mode 600), set up username/passwords
for authentication:

# username server passwprd IP
user	*	password	*
tony	*	verysecret	*
# ... others ...

where "user" / "password" is a local user account.  You may specify
multiple dialup users, along with the username/password needed for
your dialout connection.  (It is possible to symlink pap-secrets to
chap-secrets, this cuts down on maintenance as only one file needs
to be edited).

Now it should all be set.  Do some testing with a dialup client, it
should work, perhaps with some minor tweaks.  It certainly  works
for me, I'm using a very similar configuration here on a rh7.2 box.

If you really want to get fancy, it is possible to use *two* (or
more) modems in ppp multilink mode to effectively double the
bandwidth to a multilink-capable peer, but this is another story :)

Hope this helps.

Cheers
Tony
---*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=---
  Tony Nugent <Tony at linuxworks.com.au>
  LinuxWorks - Gold Coast Qld Australia

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.