userppp.html

这是很好的学习嵌入式LINUX的文章

<p>Adds a default route to your ISP's gateway. The special word <var
class="LITERAL">HISADDR</var> is replaced with the gateway address specified on line 17.
It is important that this line appears after line 17, otherwise <var
class="LITERAL">HISADDR</var> will not yet be initialized.</p>

<p>If you do not wish to run ppp in <var class="OPTION">-auto</var>, this line should be
moved to the <tt class="FILENAME">ppp.linkup</tt> file.</p>
</dd>
</dl>
</div>

<p>It is not necessary to add an entry to <tt class="FILENAME">ppp.linkup</tt> when you
have a static IP address and are running ppp in <var class="OPTION">-auto</var> mode as
your routing table entries are already correct before you connect. You may however wish
to create an entry to invoke programs after connection. This is explained later with the
sendmail example.</p>

<p>Example configuration files can be found in the <tt
class="FILENAME">/usr/share/examples/ppp/</tt> directory.</p>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="USERPPP-DYNAMICIP" name="USERPPP-DYNAMICIP">21.2.1.3.2 PPP and
Dynamic IP Addresses</a></h4>

<p>If your service provider does not assign static IP addresses, <tt
class="COMMAND">ppp</tt> can be configured to negotiate the local and remote addresses.
This is done by ``guessing'' an IP address and allowing <tt class="COMMAND">ppp</tt> to
set it up correctly using the IP Configuration Protocol (IPCP) after connecting. The <tt
class="FILENAME">ppp.conf</tt> configuration is the same as <a
href="userppp.html#USERPPP-STATICIP">PPP and Static IP Addresses</a>, with the following
change:</p>

<pre class="PROGRAMLISTING">
17      set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255
</pre>

<p>Again, do not include the line number, it is just for reference. Indentation of at
least one space is required.</p>

<div class="VARIABLELIST">
<dl>
<dt>Line 17:</dt>

<dd>
<p>The number after the <var class="LITERAL">/</var> character is the number of bits of
the address that ppp will insist on. You may wish to use IP numbers more appropriate to
your circumstances, but the above example will always work.</p>

<p>The last argument (<var class="LITERAL">0.0.0.0</var>) tells PPP to start negotiations
using address <tt class="HOSTID">0.0.0.0</tt> rather than <tt
class="HOSTID">10.0.0.1</tt> and is necessary for some ISPs. Do not use <var
class="LITERAL">0.0.0.0</var> as the first argument to <tt class="COMMAND">set
ifaddr</tt> as it prevents PPP from setting up an initial route in <var
class="OPTION">-auto</var> mode.</p>
</dd>
</dl>
</div>

<p>If you are not running in <var class="OPTION">-auto</var> mode, you will need to
create an entry in <tt class="FILENAME">/etc/ppp/ppp.linkup</tt>. <tt
class="FILENAME">ppp.linkup</tt> is used after a connection has been established. At this
point, <tt class="COMMAND">ppp</tt> will have assigned the interface addresses and it
will now be possible to add the routing table entries:</p>

<pre class="PROGRAMLISTING">
1     provider:
2      add default HISADDR
</pre>

<div class="VARIABLELIST">
<dl>
<dt>Line 1:</dt>

<dd>
<p>On establishing a connection, <tt class="COMMAND">ppp</tt> will look for an entry in
<tt class="FILENAME">ppp.linkup</tt> according to the following rules: First, try to
match the same label as we used in <tt class="FILENAME">ppp.conf</tt>. If that fails,
look for an entry for the IP address of our gateway. This entry is a four-octet IP style
label. If we still have not found an entry, look for the <var
class="LITERAL">MYADDR</var> entry.</p>
</dd>

<dt>Line 2:</dt>

<dd>
<p>This line tells <tt class="COMMAND">ppp</tt> to add a default route that points to
<var class="LITERAL">HISADDR</var>. <var class="LITERAL">HISADDR</var> will be replaced
with the IP number of the gateway as negotiated by the IPCP.</p>
</dd>
</dl>
</div>

<p>See the <var class="LITERAL">pmdemand</var> entry in the files <tt
class="FILENAME">/usr/share/examples/ppp/ppp.conf.sample</tt> and <tt
class="FILENAME">/usr/share/examples/ppp/ppp.linkup.sample</tt> for a detailed
example.</p>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="AEN30343" name="AEN30343">21.2.1.3.3 Receiving Incoming
Calls</a></h4>

<p>When you configure <b class="APPLICATION">ppp</b> to receive incoming calls on a
machine connected to a LAN, you must decide if you wish to forward packets to the LAN. If
you do, you should allocate the peer an IP number from your LAN's subnet, and use the
command <tt class="COMMAND">enable proxy</tt> in your <tt
class="FILENAME">/etc/ppp/ppp.conf</tt> file. You should also confirm that the <tt
class="FILENAME">/etc/rc.conf</tt> file contains the following:</p>

<pre class="PROGRAMLISTING">
gateway_enable="YES"
</pre>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="AEN30354" name="AEN30354">21.2.1.3.4 Which getty?</a></h4>

<p><a href="dialup.html">Configuring FreeBSD for Dial-up Services</a> provides a good
description on enabling dial-up services using <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=getty&sektion=8"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">getty</span>(8)</span></a>.</p>

<p>An alternative to <tt class="COMMAND">getty</tt> is <a
href="http://www.leo.org/~doering/mgetty/index.html" target="_top">mgetty</a>, a smarter
version of <tt class="COMMAND">getty</tt> designed with dial-up lines in mind.</p>

<p>The advantages of using <tt class="COMMAND">mgetty</tt> is that it actively <span
class="emphasis"><i class="EMPHASIS">talks</i></span> to modems, meaning if port is
turned off in <tt class="FILENAME">/etc/ttys</tt> then your modem will not answer the
phone.</p>

<p>Later versions of <tt class="COMMAND">mgetty</tt> (from 0.99beta onwards) also support
the automatic detection of PPP streams, allowing your clients script-less access to your
server.</p>

<p>Refer to <a href="userppp.html#USERPPP-MGETTY">Mgetty and AutoPPP</a> for more
information on <tt class="COMMAND">mgetty</tt>.</p>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="AEN30374" name="AEN30374">21.2.1.3.5 <b
class="APPLICATION">PPP</b> Permissions</a></h4>

<p>The <tt class="COMMAND">ppp</tt> command must normally be run as the <tt
class="USERNAME">root</tt> user. If however, you wish to allow <tt
class="COMMAND">ppp</tt> to run in server mode as a normal user by executing <tt
class="COMMAND">ppp</tt> as described below, that user must be given permission to run
<tt class="COMMAND">ppp</tt> by adding them to the <tt class="USERNAME">network</tt>
group in <tt class="FILENAME">/etc/group</tt>.</p>

<p>You will also need to give them access to one or more sections of the configuration
file using the <tt class="COMMAND">allow</tt> command:</p>

<pre class="PROGRAMLISTING">
allow users fred mary
</pre>

<p>If this command is used in the <var class="LITERAL">default</var> section, it gives
the specified users access to everything.</p>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="AEN30390" name="AEN30390">21.2.1.3.6 PPP Shells for Dynamic-IP
Users</a></h4>

<p>Create a file called <tt class="FILENAME">/etc/ppp/ppp-shell</tt> containing the
following:</p>

<pre class="PROGRAMLISTING">
#!/bin/sh
IDENT=`echo $0 | sed -e 's/^.*-\(.*\)$/\1/'`
CALLEDAS="$IDENT"
TTY=`tty`

if [ x$IDENT = xdialup ]; then
        IDENT=`basename $TTY`
fi

echo "PPP for $CALLEDAS on $TTY"
echo "Starting PPP for $IDENT"

exec /usr/sbin/ppp -direct $IDENT
</pre>

<p>This script should be executable. Now make a symbolic link called <tt
class="FILENAME">ppp-dialup</tt> to this script using the following commands:</p>

<pre class="SCREEN">
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">ln -s ppp-shell /etc/ppp/ppp-dialup</kbd>
</pre>

<p>You should use this script as the <span class="emphasis"><i
class="EMPHASIS">shell</i></span> for all of your dialup users. This is an example from
<tt class="FILENAME">/etc/password</tt> for a dialup PPP user with username <tt
class="USERNAME">pchilds</tt> (remember do not directly edit the password file, use <tt
class="COMMAND">vipw</tt>).</p>

<pre class="PROGRAMLISTING">
pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialup
</pre>

<p>Create a <tt class="FILENAME">/home/ppp</tt> directory that is world readable
containing the following 0 byte files:</p>

<pre class="SCREEN">
-r--r--r--   1 root     wheel           0 May 27 02:23 .hushlogin
-r--r--r--   1 root     wheel           0 May 27 02:22 .rhosts
</pre>

<p>which prevents <tt class="FILENAME">/etc/motd</tt> from being displayed.</p>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="AEN30413" name="AEN30413">21.2.1.3.7 PPP Shells for Static-IP
Users</a></h4>

<p>Create the <tt class="FILENAME">ppp-shell</tt> file as above, and for each account
with statically assigned IPs create a symbolic link to <tt
class="FILENAME">ppp-shell</tt>.</p>

<p>For example, if you have three dialup customers, <tt class="USERNAME">fred</tt>, <tt
class="USERNAME">sam</tt>, and <tt class="USERNAME">mary</tt>, that you route class C
networks for, you would type the following:</p>

<pre class="SCREEN">
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">ln -s /etc/ppp/ppp-shell /etc/ppp/ppp-fred</kbd>
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">ln -s /etc/ppp/ppp-shell /etc/ppp/ppp-sam</kbd>
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">ln -s /etc/ppp/ppp-shell /etc/ppp/ppp-mary</kbd>
</pre>

<p>Each of these users dialup accounts should have their shell set to the symbolic link
created above (for example, <tt class="USERNAME">mary</tt>'s shell should be <tt
class="FILENAME">/etc/ppp/ppp-mary</tt>).</p>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="AEN30434" name="AEN30434">21.2.1.3.8 Setting Up <tt
class="FILENAME">ppp.conf</tt> for Dynamic-IP Users</a></h4>

<p>The <tt class="FILENAME">/etc/ppp/ppp.conf</tt> file should contain something along
the lines of:</p>

<pre class="PROGRAMLISTING">
default:
  set debug phase lcp chat
  set timeout 0

ttyd0:
  set ifaddr 203.14.100.1 203.14.100.20 255.255.255.255
  enable proxy

ttyd1:
  set ifaddr 203.14.100.1 203.14.100.21 255.255.255.255
  enable proxy
</pre>

<div class="NOTE">
<blockquote class="NOTE">
<p><b>Note:</b> The indenting is important.</p>
</blockquote>
</div>

<p>The <var class="LITERAL">default:</var> section is loaded for each session. For each
dialup line enabled in <tt class="FILENAME">/etc/ttys</tt> create an entry similar to the
one for <var class="LITERAL">ttyd0:</var> above. Each line should get a unique IP address
from your pool of IP addresses for dynamic users.</p>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="AEN30446" name="AEN30446">21.2.1.3.9 Setting Up <tt
class="FILENAME">ppp.conf</tt> for Static-IP Users</a></h4>

<p>Along with the contents of the sample <tt
class="FILENAME">/usr/share/examples/ppp/ppp.conf</tt> above you should add a section for
each of the statically assigned dialup users. We will continue with our <tt
class="USERNAME">fred</tt>, <tt class="USERNAME">sam</tt>, and <tt
class="USERNAME">mary</tt> example.</p>

<pre class="PROGRAMLISTING">
fred:
  set ifaddr 203.14.100.1 203.14.101.1 255.255.255.255

sam:
  set ifaddr 203.14.100.1 203.14.102.1 255.255.255.255

mary:
  set ifaddr 203.14.100.1 203.14.103.1 255.255.255.255
</pre>

<p>The file <tt class="FILENAME">/etc/ppp/ppp.linkup</tt> should also contain routing
information for each static IP user if required. The line below would add a route for the
<tt class="HOSTID">203.14.101.0</tt> class C via the client's ppp link.</p>

<pre class="PROGRAMLISTING">
fred:
  add 203.14.101.0 netmask 255.255.255.0 HISADDR

sam:
  add 203.14.102.0 netmask 255.255.255.0 HISADDR

mary:
  add 203.14.103.0 netmask 255.255.255.0 HISADDR
</pre>
</div>

<div class="SECT4">
<h4 class="SECT4"><a id="USERPPP-MGETTY" name="USERPPP-MGETTY">21.2.1.3.10 <tt
class="COMMAND">mgetty</tt> and AutoPPP</a></h4>

<p>Configuring and compiling <tt class="COMMAND">mgetty</tt> with the <var
class="LITERAL">AUTO_PPP</var> option enabled allows <tt class="COMMAND">mgetty</tt> to
detect the LCP phase of PPP connections and automatically spawn off a ppp shell. However,
since the default login/password sequence does not occur it is necessary to authenticate
users using either PAP or CHAP.</p>

<p>This section assumes the user has successfully configured, compiled, and installed a
version of <tt class="COMMAND">mgetty</tt> with the <var class="LITERAL">AUTO_PPP</var>
option (v0.99beta or later).</p>

<p>Make sure your <tt class="FILENAME">/usr/local/etc/mgetty+sendfax/login.config</tt>
file has the following in it:</p>

<pre class="PROGRAMLISTING">
/AutoPPP/ -     -            /etc/ppp/ppp-pap-dialup
</pre>

<p>This will tell <tt class="COMMAND">mgetty</tt> to run the <tt
class="FILENAME">ppp-pap-dialup</tt> script for detected PPP connections.</p>

<p>Create a file called <tt class="FILENAME">/etc/ppp/ppp-pap-dialup</tt> containing the
following (the file should be executable):</p>

<pre class="PROGRAMLISTING">
#!/bin/sh
exec /usr/sbin/ppp -direct pap$IDENT
</pre>

<p>For each dialup line enabled in <tt class="FILENAME">/etc/ttys</tt>, create a
corresponding entry in <tt class="FILENAME">/etc/ppp/ppp.conf</tt>. This will happily
co-exist with the definitions we created above.</p>

<pre class="PROGRAMLISTING">
pap:
  enable pap          
  set ifaddr 203.14.100.1 203.14.100.20-203.14.100.40
  enable proxy
</pre>

<p>Each user logging in with this method will need to have a username/password in <tt
class="FILENAME">/etc/ppp/ppp.secret</tt> file, or alternatively add the following option
to authenticate users via PAP from <tt class="FILENAME">/etc/password</tt> file.</p>

<pre class="PROGRAMLISTING">
enable passwdauth
</pre>

<p>If you wish to assign some users a static IP number, you can specify the number as the
third argument in <tt class="FILENAME">/etc/ppp/ppp.secret</tt>. See <tt
class="FILENAME">/usr/share/examples/ppp/ppp.secret.sample</tt> for examples.</p>
</div>

<div class="SECT4">