pppd.8

经典的ppp程序

Set the name of the local system for authentication purposes to
\fIname\fR.  This is a privileged option.  With this option, pppd will
use lines in the secrets files which have \fIname\fR as the second
field when looking for a secret to use in authenticating the peer.  In
addition, unless overridden with the \fIuser\fR option, \fIname\fR
will be used as the name to send to the peer when authenticating the
local system to the peer.  (Note that pppd does not append the domain
name to \fIname\fR.)
.TP
.B netmask \fIn
Set the interface netmask to \fIn\fR, a 32 bit netmask in "decimal dot"
notation (e.g. 255.255.255.0).  If this option is given, the value
specified is ORed with the default netmask.  The default netmask is
chosen based on the negotiated remote IP address; it is the
appropriate network mask for the class of the remote IP address, ORed
with the netmasks for any non point-to-point network interfaces in the
system which are on the same network.  (Note: on some platforms, pppd
will always use 255.255.255.255 for the netmask, if that is the only
appropriate value for a point-to-point interface.)
.TP
.B noaccomp
Disable Address/Control compression in both directions (send and
receive).
.TP
.B noauth
Do not require the peer to authenticate itself.  This option is
privileged.
.TP
.B nobsdcomp
Disables BSD-Compress compression; \fBpppd\fR will not request or
agree to compress packets using the BSD-Compress scheme.
.TP
.B noccp
Disable CCP (Compression Control Protocol) negotiation.  This option
should only be required if the peer is buggy and gets confused by
requests from pppd for CCP negotiation.
.TP
.B nocrtscts
Disable hardware flow control (i.e. RTS/CTS) on the serial port.
If neither the \fIcrtscts\fR nor the \fInocrtscts\fR nor the
\fIcdtrcts\fR nor the \fInocdtrcts\fR option is given, the hardware
flow control setting for the serial port is left unchanged.
.TP
.B nocdtrcts
This option is a synonym for \fInocrtscts\fR. Either of these options will
disable both forms of hardware flow control.
.TP
.B nodefaultroute
Disable the \fIdefaultroute\fR option.  The system administrator who
wishes to prevent users from creating default routes with pppd
can do so by placing this option in the /etc/ppp/options file.
.TP
.B nodeflate
Disables Deflate compression; pppd will not request or agree to
compress packets using the Deflate scheme.
.TP
.B nodetach
Don't detach from the controlling terminal.  Without this option, if a
serial device other than the terminal on the standard input is
specified, pppd will fork to become a background process.
.TP
.B noendpoint
Disables pppd from sending an endpoint discriminator to the peer or
accepting one from the peer (see the MULTILINK section below).  This
option should only be required if the peer is buggy.
.TP
.B noip
Disable IPCP negotiation and IP communication.  This option should
only be required if the peer is buggy and gets confused by requests
from pppd for IPCP negotiation.
.TP
.B noipv6
Disable IPv6CP negotiation and IPv6 communication. This option should
only be required if the peer is buggy and gets confused by requests
from pppd for IPv6CP negotiation.
.TP
.B noipdefault
Disables the default behaviour when no local IP address is specified,
which is to determine (if possible) the local IP address from the
hostname.  With this option, the peer will have to supply the local IP
address during IPCP negotiation (unless it specified explicitly on the
command line or in an options file).
.TP
.B noipx
Disable the IPXCP and IPX protocols.  This option should only be
required if the peer is buggy and gets confused by requests from pppd
for IPXCP negotiation.
.TP
.B noktune
Opposite of the \fIktune\fR option; disables pppd from changing system
settings.
.TP
.B nolog
Do not send log messages to a file or file descriptor.  This option
cancels the \fBlogfd\fR and \fBlogfile\fR options.
.TP
.B nomagic
Disable magic number negotiation.  With this option, pppd cannot
detect a looped-back line.  This option should only be needed if the
peer is buggy.
.TP
.B nomp
Disables the use of PPP multilink.  This option is currently only
available under Linux.
.TP
.B nompshortseq
Disables the use of short (12-bit) sequence numbers in the PPP
multilink protocol, forcing the use of 24-bit sequence numbers.  This
option is currently only available under Linux, and only has any
effect if multilink is enabled.
.TP
.B nomultilink
Disables the use of PPP multilink.  This option is currently only
available under Linux.
.TP
.B nopcomp
Disable protocol field compression negotiation in both the receive and
the transmit direction.
.TP
.B nopersist
Exit once a connection has been made and terminated.  This is the
default unless the \fIpersist\fR or \fIdemand\fR option has been
specified.
.TP
.B nopredictor1
Do not accept or agree to Predictor-1 compression.
.TP
.B noproxyarp
Disable the \fIproxyarp\fR option.  The system administrator who
wishes to prevent users from creating proxy ARP entries with pppd can
do so by placing this option in the /etc/ppp/options file.
.TP
.B notty
Normally, pppd requires a terminal device.  With this option, pppd
will allocate itself a pseudo-tty master/slave pair and use the slave
as its terminal device.  Pppd will create a child process to act as a
`character shunt' to transfer characters between the pseudo-tty master
and its standard input and output.  Thus pppd will transmit characters
on its standard output and receive characters on its standard input
even if they are not terminal devices.  This option increases the
latency and CPU overhead of transferring data over the ppp interface
as all of the characters sent and received must flow through the
character shunt process.  An explicit device name may not be given if
this option is used.
.TP
.B novj
Disable Van Jacobson style TCP/IP header compression in both the
transmit and the receive direction.
.TP
.B novjccomp
Disable the connection-ID compression option in Van Jacobson style
TCP/IP header compression.  With this option, pppd will not omit the
connection-ID byte from Van Jacobson compressed TCP/IP headers, nor
ask the peer to do so.
.TP
.B papcrypt
Indicates that all secrets in the /etc/ppp/pap-secrets file which are
used for checking the identity of the peer are encrypted, and thus
pppd should not accept a password which, before encryption, is
identical to the secret from the /etc/ppp/pap-secrets file.
.TP
.B pap-max-authreq \fIn
Set the maximum number of PAP authenticate-request transmissions to
\fIn\fR (default 10).
.TP
.B pap-restart \fIn
Set the PAP restart interval (retransmission timeout) to \fIn\fR
seconds (default 3).
.TP
.B pap-timeout \fIn
Set the maximum time that pppd will wait for the peer to authenticate
itself with PAP to \fIn\fR seconds (0 means no limit).
.TP
.B pass-filter \fIfilter-expression
Specifies a packet filter to applied to data packets being sent or
received to determine which packets should be allowed to pass.
Packets which are rejected by the filter are silently discarded.  This
option can be used to prevent specific network daemons (such as
routed) using up link bandwidth, or to provide a basic firewall
capability.
The \fIfilter-expression\fR syntax is as described for tcpdump(1),
except that qualifiers which are inappropriate for a PPP link, such as
\fBether\fR and \fBarp\fR, are not permitted.  Generally the filter
expression should be enclosed in single-quotes to prevent whitespace
in the expression from being interpreted by the shell.  Note that it
is possible to apply different constraints to incoming and outgoing
packets using the \fBinbound\fR and \fBoutbound\fR qualifiers. This
option is currently only available under NetBSD, and then only if both
the kernel and pppd were compiled with PPP_FILTER defined.
.TP
.B persist
Do not exit after a connection is terminated; instead try to reopen
the connection.
.TP
.B plugin \fIfilename
Load the shared library object file \fIfilename\fR as a plugin.  This
is a privileged option.
.TP
.B predictor1
Request that the peer compress frames that it sends using Predictor-1
compression, and agree to compress transmitted frames with Predictor-1
if requested.  This option has no effect unless the kernel driver
supports Predictor-1 compression.
.TP
.B privgroup \fIgroup-name
Allows members of group \fIgroup-name\fR to use privileged options.
This is a privileged option.  Use of this option requires care as
there is no guarantee that members of \fIgroup-name\fR cannot use pppd
to become root themselves.  Consider it equivalent to putting the
members of \fIgroup-name\fR in the kmem or disk group.
.TP
.B proxyarp
Add an entry to this system's ARP [Address Resolution Protocol] table
with the IP address of the peer and the Ethernet address of this
system.  This will have the effect of making the peer appear to other
systems to be on the local ethernet.
.TP
.B pty \fIscript
Specifies that the command \fIscript\fR is to be used to communicate
rather than a specific terminal device.  Pppd will allocate itself a
pseudo-tty master/slave pair and use the slave as its terminal
device.  The \fIscript\fR will be run in a child process with the
pseudo-tty master as its standard input and output.  An explicit
device name may not be given if this option is used.  (Note: if the
\fIrecord\fR option is used in conjuction with the \fIpty\fR option,
the child process will have pipes on its standard input and output.)
.TP
.B receive-all
With this option, pppd will accept all control characters from the
peer, including those marked in the receive asyncmap.  Without this
option, pppd will discard those characters as specified in RFC1662.
This option should only be needed if the peer is buggy.
.TP
.B record \fIfilename
Specifies that pppd should record all characters sent and received to
a file named \fIfilename\fR.  This file is opened in append mode,
using the user's user-ID and permissions.  This option is implemented
using a pseudo-tty and a process to transfer characters between the
pseudo-tty and the real serial device, so it will increase the latency
and CPU overhead of transferring data over the ppp interface.  The
characters are stored in a tagged format with timestamps, which can be
displayed in readable form using the pppdump(8) program.
.TP
.B remotename \fIname
Set the assumed name of the remote system for authentication purposes
to \fIname\fR.
.TP
.B refuse-chap
With this option, pppd will not agree to authenticate itself to the
peer using CHAP.
.TP
.B refuse-pap
With this option, pppd will not agree to authenticate itself to the
peer using PAP.
.TP
.B require-chap
Require the peer to authenticate itself using CHAP [Challenge
Handshake Authentication Protocol] authentication.
.TP
.B require-pap
Require the peer to authenticate itself using PAP [Password
Authentication Protocol] authentication.
.TP
.B show-password
When logging the contents of PAP packets, this option causes pppd to
show the password string in the log message.
.TP
.B silent
With this option, pppd will not transmit LCP packets to initiate a
connection until a valid LCP packet is received from the peer (as for
the `passive' option with ancient versions of pppd).
.TP
.B sync
Use synchronous HDLC serial encoding instead of asynchronous.
The device used by pppd with this option must have sync support.
Currently supports Microgate SyncLink adapters
under Linux and FreeBSD 2.2.8 and later.
.TP
.B updetach
With this option, pppd will detach from its controlling terminal once
it has successfully established the ppp connection (to the point where
the first network control protocol, usually the IP control protocol,
has come up).
.TP
.B usehostname
Enforce the use of the hostname (with domain name appended, if given)
as the name of the local system for authentication purposes (overrides
the \fIname\fR option).  This option is not normally needed since the
\fIname\fR option is privileged.
.TP
.B usepeerdns
Ask the peer for up to 2 DNS server addresses.  The addresses supplied
by the peer (if any) are passed to the /etc/ppp/ip-up script in the
environment variables DNS1 and DNS2.  In addition, pppd will create an
/etc/ppp/resolv.conf file containing one or two nameserver lines with
the address(es) supplied by the peer.
.TP
.B user \fIname
Sets the name used for authenticating the local system to the peer to
\fIname\fR.