pppd.8

经典的ppp程序

.IP
ABORT "NO CARRIER"
.br
ABORT "NO DIALTONE"
.br
ABORT "ERROR"
.br
ABORT "NO ANSWER"
.br
ABORT "BUSY"
.br
ABORT "Username/Password Incorrect"
.br
"" "at"
.br
OK "at&d0&c1"
.br
OK "atdt2468135"
.br
"name:" "^Umyuserid"
.br
"word:" "\\qmypassword"
.br
"ispts" "\\q^Uppp"
.br
"~-^Uppp-~"
.LP
See the chat(8) man page for details of chat scripts.
.LP
Pppd can also be used to provide a dial-in ppp service for users.  If
the users already have login accounts, the simplest way to set up the
ppp service is to let the users log in to their accounts and run pppd
(installed setuid-root) with a command such as
.IP
pppd proxyarp
.LP
To allow a user to use the PPP facilities, you need to allocate an IP
address for that user's machine and create an entry in
/etc/ppp/pap-secrets or /etc/ppp/chap-secrets (depending on which
authentication method the PPP implementation on the user's machine
supports), so that the user's
machine can authenticate itself.  For example, if Joe has a machine
called "joespc" which is to be allowed to dial in to the machine
called "server" and use the IP address joespc.my.net, you would add an
entry like this to /etc/ppp/pap-secrets or /etc/ppp/chap-secrets:
.IP
joespc	server	"joe's secret"	joespc.my.net
.LP
Alternatively, you can create a username called (for example) "ppp",
whose login shell is pppd and whose home directory is /etc/ppp.
Options to be used when pppd is run this way can be put in
/etc/ppp/.ppprc.
.LP
If your serial connection is any more complicated than a piece of
wire, you may need to arrange for some control characters to be
escaped.  In particular, it is often useful to escape XON (^Q) and
XOFF (^S), using \fIasyncmap a0000\fR.  If the path includes a telnet,
you probably should escape ^] as well (\fIasyncmap 200a0000\fR).  If
the path includes an rlogin, you will need to use the \fIescape ff\fR
option on the end which is running the rlogin client, since many
rlogin implementations are not transparent; they will remove the
sequence [0xff, 0xff, 0x73, 0x73, followed by any 8 bytes] from the
stream.
.SH DIAGNOSTICS
.LP
Messages are sent to the syslog daemon using facility LOG_DAEMON.
(This can be overriden by recompiling pppd with the macro
LOG_PPP defined as the desired facility.)  In order to see the error
and debug messages, you will need to edit your /etc/syslog.conf file
to direct the messages to the desired output device or file.
.LP
The \fIdebug\fR option causes the contents of all control packets sent
or received to be logged, that is, all LCP, PAP, CHAP or IPCP packets.
This can be useful if the PPP negotiation does not succeed or if
authentication fails.
If debugging is enabled at compile time, the \fIdebug\fR option also
causes other debugging messages to be logged.
.LP
Debugging can also be enabled or disabled by sending a SIGUSR1 signal
to the pppd process.  This signal acts as a toggle.
.SH EXIT STATUS
The exit status of pppd is set to indicate whether any error was
detected, or the reason for the link being terminated.  The values
used are:
.TP
.B 0
Pppd has detached, or otherwise the connection was successfully
established and terminated at the peer's request.
.TP
.B 1
An immediately fatal error of some kind occurred, such as an essential
system call failing, or running out of virtual memory.
.TP
.B 2
An error was detected in processing the options given, such as two
mutually exclusive options being used.
.TP
.B 3
Pppd is not setuid-root and the invoking user is not root.
.TP
.B 4
The kernel does not support PPP, for example, the PPP kernel driver is
not included or cannot be loaded.
.TP
.B 5
Pppd terminated because it was sent a SIGINT, SIGTERM or SIGHUP
signal.
.TP
.B 6
The serial port could not be locked.
.TP
.B 7
The serial port could not be opened.
.TP
.B 8
The connect script failed (returned a non-zero exit status).
.TP
.B 9
The command specified as the argument to the \fIpty\fR option could
not be run.
.TP
.B 10
The PPP negotiation failed, that is, it didn't reach the point where
at least one network protocol (e.g. IP) was running.
.TP
.B 11
The peer system failed (or refused) to authenticate itself.
.TP
.B 12
The link was established successfully and terminated because it was
idle.
.TP
.B 13
The link was established successfully and terminated because the
connect time limit was reached.
.TP
.B 14
Callback was negotiated and an incoming call should arrive shortly.
.TP
.B 15
The link was terminated because the peer is not responding to echo
requests.
.TP
.B 16
The link was terminated by the modem hanging up.
.TP
.B 17
The PPP negotiation failed because serial loopback was detected.
.TP
.B 18
The init script failed (returned a non-zero exit status).
.TP
.B 19
We failed to authenticate ourselves to the peer.
.SH SCRIPTS
Pppd invokes scripts at various stages in its processing which can be
used to perform site-specific ancillary processing.  These scripts are
usually shell scripts, but could be executable code files instead.
Pppd does not wait for the scripts to finish.  The scripts are
executed as root (with the real and effective user-id set to 0), so
that they can do things such as update routing tables or run
privileged daemons.  Be careful that the contents of these scripts do
not compromise your system's security.  Pppd runs the scripts with
standard input, output and error redirected to /dev/null, and with an
environment that is empty except for some environment variables that
give information about the link.  The environment variables that pppd
sets are:
.TP
.B DEVICE
The name of the serial tty device being used.
.TP
.B IFNAME
The name of the network interface being used.
.TP
.B IPLOCAL
The IP address for the local end of the link.  This is only set when
IPCP has come up.
.TP
.B IPREMOTE
The IP address for the remote end of the link.  This is only set when
IPCP has come up.
.TP
.B PEERNAME
The authenticated name of the peer.  This is only set if the peer
authenticates itself.
.TP
.B SPEED
The baud rate of the tty device.
.TP
.B ORIG_UID
The real user-id of the user who invoked pppd.
.TP
.B PPPLOGNAME
The username of the real user-id that invoked pppd. This is always set.
.P
For the ip-down and auth-down scripts, pppd also sets the following
variables giving statistics for the connection:
.TP
.B CONNECT_TIME
The number of seconds from when the PPP negotiation started until the
connection was terminated.
.TP
.B BYTES_SENT
The number of bytes sent (at the level of the serial port) during the
connection.
.TP
.B BYTES_RCVD
The number of bytes received (at the level of the serial port) during
the connection.
.TP
.B LINKNAME
The logical name of the link, set with the \fIlinkname\fR option.
.P
Pppd invokes the following scripts, if they exist.  It is not an error
if they don't exist.
.TP
.B /etc/ppp/auth-up
A program or script which is executed after the remote system
successfully authenticates itself.  It is executed with the parameters
.IP
\fIinterface-name peer-name user-name tty-device speed\fR
.IP
Note that this script is not executed if the peer doesn't authenticate
itself, for example when the \fInoauth\fR option is used.
.TP
.B /etc/ppp/auth-down
A program or script which is executed when the link goes down, if
/etc/ppp/auth-up was previously executed.  It is executed in the same
manner with the same parameters as /etc/ppp/auth-up.
.TP
.B /etc/ppp/ip-up
A program or script which is executed when the link is available for
sending and receiving IP packets (that is, IPCP has come up).  It is
executed with the parameters
.IP
\fIinterface-name tty-device speed local-IP-address
remote-IP-address ipparam\fR
.TP
.B /etc/ppp/ip-down
A program or script which is executed when the link is no longer
available for sending and receiving IP packets.  This script can be
used for undoing the effects of the /etc/ppp/ip-up script.  It is
invoked in the same manner and with the same parameters as the ip-up
script.
.TP
.B /etc/ppp/ipv6-up
Like /etc/ppp/ip-up, except that it is executed when the link is available 
for sending and receiving IPv6 packets. It is executed with the parameters
.IP
\fIinterface-name tty-device speed local-link-local-address
remote-link-local-address ipparam\fR
.TP
.B /etc/ppp/ipv6-down
Similar to /etc/ppp/ip-down, but it is executed when IPv6 packets can no
longer be transmitted on the link. It is executed with the same parameters 
as the ipv6-up script.
.TP
.B /etc/ppp/ipx-up
A program or script which is executed when the link is available for
sending and receiving IPX packets (that is, IPXCP has come up).  It is
executed with the parameters
.IP
\fIinterface-name tty-device speed network-number local-IPX-node-address
remote-IPX-node-address local-IPX-routing-protocol remote-IPX-routing-protocol
local-IPX-router-name remote-IPX-router-name ipparam pppd-pid\fR 
.IP
The local-IPX-routing-protocol and remote-IPX-routing-protocol field
may be one of the following:
.IP
NONE      to indicate that there is no routing protocol
.br
RIP       to indicate that RIP/SAP should be used
.br
NLSP      to indicate that Novell NLSP should be used
.br
RIP NLSP  to indicate that both RIP/SAP and NLSP should be used
.TP
.B /etc/ppp/ipx-down
A program or script which is executed when the link is no longer
available for sending and receiving IPX packets.  This script can be
used for undoing the effects of the /etc/ppp/ipx-up script.  It is
invoked in the same manner and with the same parameters as the ipx-up
script.
.SH FILES
.TP
.B /var/run/ppp\fIn\fB.pid \fR(BSD or Linux), \fB/etc/ppp/ppp\fIn\fB.pid \fR(others)
Process-ID for pppd process on ppp interface unit \fIn\fR.
.TP
.B /var/run/ppp-\fIname\fB.pid \fR(BSD or Linux), \fB/etc/ppp/ppp-\fIname\fB.pid \fR(others)
Process-ID for pppd process for logical link \fIname\fR (see the
\fIlinkname\fR option).
.TP
.B /etc/ppp/pap-secrets
Usernames, passwords and IP addresses for PAP authentication.  This
file should be owned by root and not readable or writable by any other
user.  Pppd will log a warning if this is not the case.
.TP
.